CSS Vulnerability in Bajie HTTP JServer
==========================

Even though the cross-site-scripting vulnerability published under BID 7344
was fixed with
Built 0.95zxe1, the current version of Bajie HTTP Jserver is still
vulnerable to
cross-site-scripting attacks.

Vulnerable versions:
=====

[ more ]  [ reply ]

From Microsoft Security Bulletin MS03-047:

A cross-site scripting (XSS) vulnerability results due to the way that
Outlook Web Access (OWA) performs HTML encoding in the Compose New
Message form.

An attacker could seek to exploit this vulnerability by having a user
run script on the attacker's

[ more ]  [ reply ]

NGSSoftware Insight Security Research Advisory

Name: Microsoft PCHealth Buffer Overflow Vulnerability
Systems Affected: Windows 2003 and XP
Severity: Critical Risk
Vendor URL: http://www.microsoft.com/
Author: David Litchfield [ david (at) ngssoftware (dot) com [email concealed] ]

Date Vendor Notified: 23rd July 2003
Date

[ more ]  [ reply ]

----------
NOTE ABOUT COLDFUSION XSS ATTACKS
_______
Vendor: Macromedia
Versions: MX ( 6.0 ) tested , older ?
_______

PROBLEM:
When you access to an error page of sql you can insert xss code to be shown
in the error uotput of the sql backend.
example:
http://[target]/article.cfm?id=1'<script>alert

[ more ]  [ reply ]

The new Security Bulletin is available at :

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/bulletin/winoct03.asp

In this last security bulletin Microsoft has patched 4
remote buffer overflow.

Microsoft Security Bulletin MS03-041 - Vulnerability
in Authenticode Verific

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

New CERT Coordination Center (CERT/CC) PGP Key

The CERT/CC has generated a new PGP key. We use this key to sign all
outgoing email, including documents sent to this list. Effective
immediately, this new key is available and will be valid until Monday,
November

[ more ]  [ reply ]

It has come to my attention that people have actually used this example
code for a gaim plugin:

AIM::register("Festival TTS", "0.0.1", "goodbye", "");
AIM::print("Perl Says", "Loaded Festival TTS");
AIM::command("idle", "60000") if ($pro ne "Offline");
AIM::add_event_handler("event_im_recv", "synth

[ more ]  [ reply ]

Dear,

SpAmC0der //PRiZM published information about buffer overflow
vulnerability in Microsoft Word 2000 macro processing. Vulnerability
is triggered regardless of macro security settings. Office XP is not
vulnerable. Original message (in Russian) and translation (may be

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : glibc
SUMMARY : Fix for a local vulnerability

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 395-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
October 15th, 2003

[ more ]  [ reply ]

DigitalPranksters Security Advisory
http://www.DigitalPranksters.com

LinkSys EtherFast Router Denial of Service Attack

Risk: Low

Product: Linksys EtherFast Cable/DSL Firewall Router BEFSX41 (Firmware
1.44.3)

Product URL: http://www.linksys.com/products/product.asp?prid=433

Vendor Contacted: Se

[ more ]  [ reply ]

Microsoft Hotmail Vulnerability

Release Date:
October 15, 2003

Severity:
Critical (Potential Hotmail worm)

Systems Affected:
Internet Explorer and any software application used for reading Hotmail messages.

Status:
Microsoft has already patched the Hotmail system.

Description:
Finjan Software d

[ more ]  [ reply ]

> From: Richard M. Smith [mailto:rms (at) computerbytesman (dot) com [email concealed]]
> Sent: Monday, October 13, 2003 5:18 PM
> To: BUGTRAQ@SECURITYFOCUS. COM
> Subject: What software breaks because of this DNS feature?
>
>
> Hi,
>
> According to RFC1034, "cnn.com" and "cnn.com." should be the
> same domain names. Howe

[ more ]  [ reply ]

Hi,

According to RFC1034, "cnn.com" and "cnn.com." should be the same domain
names. However, it doesn't appear that programmers always understand that
trailing dots can be added to domain names.

For example, these two URLs both go to the CNN Web site in Internet
Explorer:

http://www.cnn.com

[ more ]  [ reply ]

Network Penetration

NetworkPenetration.com

Copyright (c) 2003 Ste Jones

root (at) networkpenetration (dot) com [email concealed]

UK's Internet Infrastructure Open to Prying Eyes

DNS Zone Transfers Allowed from First and Second Level Domains

Index

1. Introduction

2. What was tested

3. Example zone transfe

[ more ]  [ reply ]

We are pleased to announce the immediate availability of Xprobe2 v0.2,
which has been officially released at the Blackhat Federal 2003.

Xprobe2 is a remote active operating system fingerprinting tool with a
different approach to operating system fingerprinting. Information on
Xprobe2?s techno

[ more ]  [ reply ]

Attached is a remote root, chroot-breaking brute-force exploit for the \n
processing bug in ProFTPd 1.2.7 - 1.2.9rc2. It has been tested successfully
on SuSE 8.0/8.1 & RedHat 7.2 and 8.0.

Note: it is noisy and leaves a lot of mess (ie, bad uploaded text files) on
the target server. It is left

[ more ]  [ reply ]

Informations :
°°°°°°°°°°°°°
Language : PHP
Version : 10192000 Build 1 Beta
Website : http://myphpcalendar.sourceforge.net/
Problems :
- Informations Disclosure
- File Include

PHP Code/Location :
°°°°°°°°°°°°°°°°°°°

admin.php, contacts.php, convert-date.php :

------------------------
include ("g

[ more ]  [ reply ]

A buffer overflow bug allowing to crash the server has been
discovered. It is exploitable only by local users and affects
all versions of IRCnet IRCD from 2.10 series, up to 2.10.3p3.

New release has been made, irc2.10.3p4, and is available from
ftp://ftp.irc.org/irc/server/irc2.10.3p4.tgz

Alter

[ more ]  [ reply ]

I have also seen a significant rise in smb login failures with the snort
signature:

alert tcp any 445 -> any any (sid:10000216; msg:"SMB Login Failure";
flow:from_server,established; content:"|FF|SMB|73 6d 00 00 c0|"; offset:4
; depth:9;)

The login failures are from systems running XP and would l

[ more ]  [ reply ]

In-Reply-To: <1155962754.20031010184852 (at) SECURITY.NNOV (dot) RU [email concealed]>

as confirmed by 3APA3A and security labs, it seems that the public exploit *works* even if the patch MS03-039 is *installed*

This is a highly critical vulnerability - users MUST block vulnerable ports !

Regards.

K-OTik Staff /\\/

[ more ]  [ reply ]

The code from the realphx.com appears to put av.exe in C:\ which has a
"COMPANY" value of www.digitalmatter.net. When going to
www.digitalmatter.net you are informed that the site has no affiliation with
www.realphx.com and that if you are infected you should be disinfected
momentarily.

So.. if yo

[ more ]  [ reply ]