SecurityFocus

bug in Invision Power Board 2003-08-09
Boy Bear (eyal067 walla co il)

I found possibility to run Script (java Script, VBScript) on the system

Invision Power Board...

It's possible to do if it much {many} things like a withdrawal of cookie,

advertising ....

For example:

http://forums.invisionpower.com/admin.php?adsess='><script>window.
open

(window

[ more ] [ reply ]

[SECURITY] [DSA-367-1] New xtokkaetama packages fix buffer overflow 2003-08-08
Matt Zimmerman (mdz debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 367-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
August 8th, 2003

[ more ] [ reply ]

Re: DoS Vulnerabilities in Crob FTP Server 2.60.1 2003-08-07
Zero_X www.lobnan.de Team (zero-x linuxmail org)

In-Reply-To: <20030806082354.23305.qmail (at) www.securityfocus (dot) com [email concealed]>

%n crash the server like %s%s%s%s

[ more ] [ reply ]

[RHSA-2003:255-01] up2date improperly checks GPG signature of packages 2003-08-08
bugzilla redhat com

[SECURITY] [DSA-364-2] New man-db packages fix problem with DSA-364-1 2003-08-08
Matt Zimmerman (mdz debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 364-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
August 8th, 2003

[ more ] [ reply ]

Xprobe2 0.2rc1 release, white paper release, and Blackhat presentation availability 2003-08-07
Ofir Arkin (ofir sys-security com)

We are pleased to announce the immediate availability of Xprobe2 v0.2
rc1, which has been officially released at the Blackhat briefings USA
2003.

Xprobe2 is a remote active operating system fingerprinting tool with a
different approach to operating system fingerprinting. Information on
Xpro

[ more ] [ reply ]

[SECURITY] [DSA-368-1] New xpcd packages fix buffer overflow 2003-08-08
Matt Zimmerman (mdz debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 368-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
August 8th, 2003

[ more ] [ reply ]

ZH2003-16SA (security advisory): C-Cart Shopping Cart Path Disclosure 2003-08-08
G00db0y (G00db0y zone-h org)

ZH2003-16SA (security advisory): C-Cart Shopping Cart Path Disclosure

Published: 8 august 2003

Released: 8 august 2003

Name: C-Cart

Affected Systems: 1.0

Issue: Remote attackers can know the path of the site

Author: G00db0y (at) zone-h (dot) org [email concealed]

Vendor: http://www.polyspaston.com

D

[ more ] [ reply ]

ZH2003-15SA (security advisory): IdealBB XSS Vulnerability 2003-08-08
G00db0y (G00db0y zone-h org)

ZH2003-15SA (security advisory): IdealBB XSS Vulnerability

Published: 7 august 2003

Released: 7 august 2003

Name: IdealBB

Affected Systems: 1.4.9 beta

Issue: Remote attackers can inject XSS script

Author: G00db0y (at) zone-h (dot) org [email concealed]

Vendor: http://www.idealbb.com

Description

*

[ more ] [ reply ]

Directory Traversal in Sun iPlanet Administration Server 5.1 2003-08-08
Brewis, Mark (mark brewis eds com)

Text of original posting to Sun:

>>Originator: EDS Information Assurance Group - Jim Hardisty, Mark Brewis

>>Date of Contact: 22nd April 2003

>>Issue:During a recent Penetration Test, a member of the team, Jim
Hardisty, identified an issue with an installation of >>iPlanet
Administration Express.

[ more ] [ reply ]

Sustworks Unauthorized Network Monitoring and tcpflow format string attack 2003-08-07
@stake Advisories (advisories atstake com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

@stake, Inc.
www.atstake.com

Security Advisory

Advisory Name: Sustworks Unauthorized Network Monitoring and
tcpflow format string attack
Rele

[ more ] [ reply ]

VMware Workstation 4.0.1 (for Linux systems) vulnerability 2003-08-07
VMware Security Alert (vmware-security-alert vmware com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Description

- -----------

The following products have a vulnerability that can allow a non-root user of

the host system to delete files.

VMware Workstation 4.0.1 (for Linux systems) build 5289 and earlier releases

Details/Impact

- -----

[ more ] [ reply ]

Cisco CSS 11000 Series DoS 2003-08-07
S21SEC (vul-serv s21seccom s21sec com)

###############################################################
ID: S21SEC-025-en
Title: Cisco CSS 11000 Series DoS
Date: 04/07/2003
Status: Solution available
Scope: Interruption of service, high CPU load.
Platforms: All/Chassis CS800.
Author: ecruz, egarcia, jandre
Location: http://www.s21sec.com/

[ more ] [ reply ]

TSLSA-2003-0029 - postfix 2003-08-07
Trustix Secure Linux Advisor (tsl trustix com)

TSLSA-2003-0030 - stunnel 2003-08-07
Trustix Secure Linux Advisor (tsl trustix com)

defeating Lotus Sametime "encryption" 2003-08-07
Mycelium (mycelium hushmail com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

.-=( Short version )=-.
Normal Lotus SameTime login credential encryption with 1.5 and 3.0 Windows
clients use RC2 (very improperly) to encrypt the password, and even send
the key along with the login packet allowing an attacker to decrypt the
creden

[ more ] [ reply ]

Immunix Secured OS 7+ wu-ftpd update 2003-08-07
Immunix Security Team (security immunix com)

[Please do not set your mail system to send out-of-office autoreplies on
public mail lists. It is inconsiderate. Whichever mail list you received
this mail from should include headers that you can use to select whether
vacation(1) or procmail(1) should respond. procmail users, please see
procmailex(

[ more ] [ reply ]

Re: [sec-labs] Zone Alarm Device Driver vulnerability 2003-08-07
Corey Bridges (cbridges zonelabs com)

In-Reply-To: <20030804214610.5a04e2e8.noreply (at) sec-labs.hack (dot) pl [email concealed]>

Following is the official Zone Labs response to this report by Lord YuP.

Corey Bridges

Chief Editor of E-Communities

Zone Labs, Inc.

(v) 415.341.8355

(f) 415.341.8299

***

Zone Labs response to Device Driver Attack

[ more ] [ reply ]

D-Link 704p Broadband Router Remote / Local DoS 2003-08-06
chris (chris cr-secure net)

02 August 2003

Hardware: D-Link 704p

Vulnerability: Multiple Local/Remote (see below)

Warning Level: Moderate

Description:

This small advisory is on the D-Link 704p router with firmware version

2.70. The router is a small 4 port DSL/CABLE router. Earlier this year I

made a small pos

[ more ] [ reply ]

mod_dosevasive v1.6: Apache DoS Evasive Maneuvers Module 2003-08-06
Jonathan A. Zdziarski (jonathan networkdweebs com)

Date: 8/6/2003 @ 17:30
Version: 1.6

Website URL: http://www.networkdweebs.com/stuff/security.html
Download URL: http://www.networkdweebs.com/stuff/mod_dosevasive.tar.gz

Description:

mod_dosevasive is a module for Apache 1.3 giving Apache the ability to
detect and fend off request-based DoS/DDoS a

[ more ] [ reply ]

Computer Co-location Facility Vulnerabilities 2003-08-06
Jonathan A. Zdziarski (jonathan networkdweebs com)

FYI A paper discussing the various social engineering vulnerabilities of
many co-location facilities.

http://www.networkdweebs.com/colo.html

[ more ] [ reply ]

DoS Vulnerabilities in Crob FTP Server 2.60.1 2003-08-06
Zero_X www.lobnan.de Team (zero-x linuxmail org)

DoS Vulnerabilities in Crob FTP Server 2.60.1

Tested on Windows 98

Crash the Server with "con":

Rename a file to "con" and the server will crash.

Crash the Server with "%s":

Login with %s%s%s%s%s%s

Send FTP commands with %s%s%s%s%s

(like dir %s%s%s%s%s%s)

Zero X, member o

[ more ] [ reply ]

[OpenPKG-SA-2003.036] OpenPKG Security Advisory (perl-www) 2003-08-06
OpenPKG (openpkg openpkg org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ] [ reply ]

[OpenPKG-SA-2003.035] OpenPKG Security Advisory (openssh) 2003-08-06
OpenPKG (openpkg openpkg org)

man-db[v2.4.1-]: open_cat_stream() privileged call exploit. 2003-08-06
Vade 79 (v9 fakehalo deadpig org) (1 replies)

#!/bin/bash

# xmandb.sh: shell command file.

#

# man-db[v2.4.1-]: local uid=man exploit.

# by: vade79/v9 v9 (at) fakehalo.deadpig (dot) org [email concealed] (fakehalo)

#

# open_cat_stream() privileged call exploit.

#

# i've been conversing with the new man-db maintainer, and after the

# initial post sent to bugtraq(

[ more ] [ reply ]

Re: man-db[v2.4.1-]: open_cat_stream() privileged call exploit. 2003-08-08
Colin Watson (cjwatson debian org)

[SECURITY] [DSA-365-1] New phpgroupware package fix several vulnerabilities 2003-08-06
Matt Zimmerman (mdz debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 365-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
August 5th, 2003

[ more ] [ reply ]

[SECURITY] [DSA-366-1] New eroaster packages fix insecure temporary file creation 2003-08-06
Matt Zimmerman (mdz debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 366-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
August 5th, 2003

[ more ] [ reply ]