It has been brought to my attention that the issues reported in
http://exploitlabs.com/files/advisories/EXPL-A-2003-002-ircxpro.txt
have been fixed as of the latest release, and all notices should be updated
reflecting this resolve.

------------------------------
From: IRCXpro Support
To: Donnie W

[ more ]  [ reply ]

In-Reply-To: <1059078080.10973.171.camel (at) tyohn.sys.alabanza (dot) com [email concealed]>

The db_dump code is protected against non-logged in users as are all

admin functions. If a registered member with full admin permissions (not

any admin, it -has- to be the main site admin who installed e107 in the

first place) i

[ more ]  [ reply ]

Friday, July 25, 2003

Active Scripting and HTML in a plain text mail message:

MIME-Version: 1.0
Content-Type: text/plain;
Content-Transfer-Encoding: 7bit
X-Source: 25.07.03 http://www.malware.com

<img dynsrc=javascript:alert()><font color=red>foo

The above is a legitimate RFC822 mail message

[ more ]  [ reply ]

Sec-Tec Advisory - Multiple XSS in e107

The most up to date version of this advisory can always be found at:
www.sec-tec.co.uk/vulnerability/e107xss.html

Advisory creation date: 14th July 2003
Product: e107 blog/portal system
Tested version: 0.554
Vulnerability: Multiple XSS
Discoverd by: Pet

[ more ]  [ reply ]

>Microsoft has issued a bulletin and a patch. More information
>is available at:

>http://www.microsoft.com/technet/security/bulletin/MS03-029.asp

>Recommendation:

>Java developers should identify all occurances and perform data
>validation where java.io.getCanonicalPath is used.

>NT 4.0 Admin

[ more ]  [ reply ]

Hi all,

After installing MS03-029 / Q823803 on a number of our NT4 servers and
workstations (via Windows Update) yesterday, we found that RAS failed to
start on all machines on which it was installed.

Specifically, the Remote Access Connection Manager service fails to start,
due to an error loadin

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated stunnel packages fix signal vulnerability
Advisory ID: RHSA-2003:221-01
Issue date: 2003-07-25

[ more ]  [ reply ]

PBLang is a web forum written by PHP language. A security vulnerability in

the product allows posting of HTML code and JavaScript into existing web

pages thus causing it to be executed on the client end (a Cross-Site

Scripting vuln).

|--------------------------------------------|

Vulne

[ more ]  [ reply ]

I recently installed Red Hat Linux 9 and noticed on the first boot a
message about generating ssh host keys. Isn't that a dangerous thing
to do on the first boot? Where is the installation going to get
enough good entropy so early in its life?

Maybe the paranoid thing to do is, as part of configu

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name: kernel
Advisory ID:

[ more ]  [ reply ]

////////////////////////////////////////////////////////////////////////
////////

//

// exp for Microsoft SQL Server DoS(MS03-031)

//

// By : refdom

// Email : refdom (at) xfocus (dot) org [email concealed]

// Home Page : http://www.xfocus.org

// http://www.xfocus.org/exploits/200307/expMS0331.cpp

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______
SGI Security Advisory

Title : Emulex FibreChannel Hub Vulnerable to SNMP DoS Attack
Number : 20030703-01-I
Date : July 25, 2003
Reference

[ more ]  [ reply ]

The Analysis of LSD's Buffer Overrun in Windows RPC Interface

Author:Flashsky

site:www.xfocus.org WWW.VENUSTECH.COM.CN WWW.SHOPSKY.COM

Email:flashsky (at) xfocus (dot) org [email concealed]

Translator:Benjurry

Email:Benjurry (at) xfocus (dot) org [email concealed]

Code by Flashsky and Benjurry

http://www.xfocus.org/documents/200307/2.html

[ more ]  [ reply ]

NGSSoftware Insight Security Research Advisory

Name: Oracle Extproc Buffer Overflow
Systems Affected: Most OS platforms; Oracle9i Database Release 2 and 1, 8i
Severity: High Risk
Vendor URL: http://www.oracle.com
Authors: David Litchfield (david (at) ngssoftware (dot) com [email concealed])
Chris Anley (chris (at) ngssoftware (dot) com [email concealed])

[ more ]  [ reply ]

bugtraq

The Analysis of LSD's Buffer Overrun in Windows RPC Interface
Author:Flashsky
site:www.xfocus.org WWW.VENUSTECH.COM.CN WWW.SHOPSKY.COM
Email:flashsky (at) xfocus (dot) org [email concealed]
Translator:benjurry
Email:benjurry (at) xfocus (dot) org [email concealed]

Foreword
Jul 16th, 2003,LSD published that they had discovered a critical secur

[ more ]  [ reply ]

Yes, of course the subject line is silly... but in fact, the vulnerable
combination actually occurs quite often. Still, I'm posting it here not
because it's a very serious flaw, but because I find it amusing and
unique. It's a CPU/BIOS/OS vulnerability, of sorts, and nobody's at fault,
of course.

[ more ]  [ reply ]

Heh, I every site that i've come across running the e107 portal seems to ask
for admin login before you could use this exploit...Are you sure all
versions are vulnerable? Doesn't even work on my own system without asking
for login.

----------------------------------------------------------------

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : apache
SUMMARY : Denial of service vulnerabil

[ more ]  [ reply ]

Informations :

Advisory Name: e107 website system Vulnerability

Author: hiruvim <artoor (at) exfloyt (dot) com [email concealed]>

Discover by: hiruvim <artoor (at) exfloyt (dot) com [email concealed]>

Website vendor : http://e107.org

Affected System(s): All versions

Severity: High

Platform(s): Windows and Unix

Issue: Security holes enable attacker

[ more ]  [ reply ]

I can positively confirm this vulnerability on both WMP 7 and 8 on Windows
98, ME, 2000, XP and 2003. The default Enhanced Security Configuration of IE
on Windows 2003 does nothing to prevent automatically opening certain media
types.

The ASF file can be automatically opened through an IFRAME, both

[ more ]  [ reply ]

hola,

paFileDB 3.1 (http://www.phparena.net) allows arbitrary file-upload and os-command execution.

(security report attached)

nice day,
mEi

--
WebSec.org / Martin Eiszner
Gurkgasse 49/Top14
1140 Vienna
Austria / EUROPE

mei (at) websec (dot) org [email concealed]
http://www.websec.org
tel: 0043 699 121772 37

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name: xpdf
Advisory ID:

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name: mpg123
Advisory ID:

[ more ]  [ reply ]