|
|
Colapse all |
Post message
Re: [Full-Disclosure] Re: I have fixes for the Geeklog vulnerabilities 2003-10-08 Chris Kulish us ing com Re: [Full-Disclosure] Re: I have fixes for the Geeklog vulnerabilities 2003-10-08 jelmer (jkuperus planet nl) Dirk, Ok let me get this straight, basicly what your saying is, He's correct on one point the xss issue, and the others might possibly affect mysql 4.1" (it does) and then you go about and tell him how he wasted everybodys time So if it affects only 1% of your userbase its not an issue and you shou [ more ] [ reply ] Microsoft Windows Server 2003 "Shell Folders" Directory Traversal Vulnerability 2003-10-08 Eiji James Yoshida (ptrs-ejy bp iij4u or jp) Title: ~~~~~~~~~~~~~~~~~~~~~~~ Microsoft Windows Server 2003 "Shell Folders" Directory Traversal Vulnerability [http://www.geocities.co.jp/SiliconValley/1667/advisory08e.html] Date: ~~~~~~~~~~~~~~~~~~~~~~~ 8 October 2003 Author: ~~~~~~~~~~~~~~~~~~~~~~~ Eiji James Yoshida [ptrs-ejy (at) bp.iij4u.or (dot) jp [email concealed] [ more ] [ reply ] HPUX dtprintinfo buffer overflow vulnerability 2003-10-08 Davide Del Vecchio (dante alighieri org) ======================================================= HPUX dtprintinfo buffer overflow vulnerability ======================================================= Davide Del Vecchio Adv#7 Discovered in: 14/07/2003 Date: 08/10/2003 Tested on HP-UX B.11.00 Description: The Print Viewer program [ more ] [ reply ] PHP-Nuke SQL Injection 2003-10-08 mod (rottyfig12 hotmail com) Version: PHP-Nuke 6.6 Language: PHP Web site: phpnuke.org Status: Vendor has been notified There's an SQL injection hole in modules.php. http://phpnuke.org/modules.php?name=Downloads&d_op=viewdownload&cid=59%2 0or%20cid=2 This is from not filtering 'cid', it should be checked that it is [ more ] [ reply ] ZH2003-28SA (security advisory): file inclusion vulnerability in PayPal Store Front 2003-10-08 Astharot (secfoc email it) ZH2003-28SA (security advisory): file inclusion vulnerability in PayPal Store Front Published: 08 October 2003 Name: PayPal Store Front Affected Versions: 3.0 (and other versions?) Vendor: http://www.muziqpakistan.net/~taz/ Issue: file inclusion vulnerability Author: Astharot (at Zone-H.org) Descr [ more ] [ reply ] Betr.: IE 6 XML Patch Bypass 2003-10-08 Philip Wagenaar (p wagenaar accon nl) I tried tried the proof of concept and indeed it looks like your 'hack' was succesful. I have WinXP with all patches from WindowsUpdate and run Sophos AV. However, you might want to put up a warning that running the proof of concept will change a on your harddisk. Met vriendelijke groet, Philip W [ more ] [ reply ] Re: The joys of impurity (was: MOSDEF, InlineEgg) 2003-10-07 dave immunitysec com In-Reply-To: <20031006210520.GA3033 (at) gmx (dot) net [email concealed]> Well, MOSDEF is fairly far along, but the C compiler is not quite done, so no, you can't compile nmap and send it over for execution. Of course, that's not even an intended application. MOSDEF doesn't attach stdin and stdout to anything in particular [ more ] [ reply ] Medieval Total War <= 1.1 broadcast Connection expired 2003-10-07 Luigi Auriemma (aluigi altervista org) Adobe SVG Viewer Local and Remote File Reading (GM#003-MC) 2003-10-07 GreyMagic Software (security greymagic com) GreyMagic Security Advisory GM#003-MC ===================================== By GreyMagic Software, Israel. 07 Oct 2003. Available in HTML format at http://security.greymagic.com/adv/gm003-mc/. Topic: Adobe SVG Viewer Local and Remote File Reading. Discovery date: 07 Sep 2003. Affected applicati [ more ] [ reply ] IE 6 XML Patch Bypass 2003-10-07 Mindwarper * (mindwarper linuxmail org) (1 replies) IE 6 XML Patch Bypass I have recently been playing around with the xml+windows media player exploit, and it seems that even with the new Microsoft patch applied, the vulnerability works. I have tried it on 7 different people, on win2k and xp, and it worked everytime. The 8th person was using DAP [ more ] [ reply ] Adobe SVG Viewer Cross Domain and Zone Access (GM#004-MC) 2003-10-07 GreyMagic Software (security greymagic com) GreyMagic Security Advisory GM#004-MC ===================================== By GreyMagic Software, Israel. 07 Oct 2003. Available in HTML format at http://security.greymagic.com/adv/gm004-mc/. Topic: Adobe SVG Viewer Cross Domain and Zone Access. Discovery date: 07 Sep 2003. Affected applicatio [ more ] [ reply ] ZH2003-3SP (security patch): multiple vulnerabilities in mod_gzip 1.3.x debug mode 2003-10-06 Astharot (secfoc email it) ZH2003-3SP (security patch): multiple vulnerabilities in mod_gzip 1.3.x debug mode Released: 7 October 2003 Name: mod_gzip Affected versions: all versions (debug mode) Issue: stack overflow, format string and insecure file creation Author: Astharot (at Zone-H.org) Vendor: http://sourceforge.net/pro [ more ] [ reply ] Adobe SVG Viewer Active Scripting Bypass (GM#002-MC) 2003-10-07 GreyMagic Software (security greymagic com) GreyMagic Security Advisory GM#002-MC ===================================== By GreyMagic Software, Israel. 07 Oct 2003. Available in HTML format at http://security.greymagic.com/adv/gm002-mc/. Topic: Adobe SVG Viewer Active Scripting Bypass. Discovery date: 19 Aug 2003. Affected applications: = [ more ] [ reply ] The joys of impurity (was: MOSDEF, InlineEgg) 2003-10-06 Alexander E. Cuttergo (cuttergo gmx net) Hi, I enclose the impurity-1.0 release. The README follows. I would like to hear some comparisons with MOSDEF and InlineEgg; can you guys implement nmap in your shellcode ;) ? peace, algo Impurity-1.0 by Alexander E. Cuttergo <cuttergo (at) gmx (dot) net [email concealed]> Concept Impurity is a set of scripts which make [ more ] [ reply ] Update JBoss 308 & 321: Remote Command Injection 2003-10-06 Marc Schoenefeld (schonef uni-muenster de) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Adam, thanks for the question, here is the answer: just downloaded the 3.0.8 from Jboss.org and changed the port of the exploit code from 1701 to 1476, which is the HSQL port in Version 3.0.8 of JBoss. I can confirm that JBOSS 3.0.8 is als [ more ] [ reply ] Access Runner DSL Console vulnerability update 2003-10-05 Chris Norton (kicktd hotmail com) (1 replies) While doing some more testing I have found that some Access Runner's are actually "immune" to this type of attack. I do not know just yet why some are immune and some are not. Still trying to get in contact with Conexant on this but have yet to find any contact info. Please do take note that t [ more ] [ reply ] JS/HTML code injection in File-Sharing for NET v1.5 and Forums Web Server v1.5 2003-10-06 "nimber" (nimber mail ru) |
|
Privacy Statement |
Let me start off by saying that I am NOT a geeklog developer. I would also
like to mention, like any project, alot of this code was inherited by the
developers and they have been working hard to squash security bugs when
notified properly. Give the developers a chance to keep their users
secure.
[ more ] [ reply ]