|
|
Colapse all |
Post message
IE chromeless window vulnerabilities 2003-07-13 Andrew Clover (and-bugtraq doxdesk com) Title: IE chromeless window vulnerabilities Affects: Internet Explorer 5.5 and later Risk: Medium Introduction ------------ A window without a frame, title bar, toolbars or scroll bars is known as a 'chromeless' window. If a chromeless window can be opened on top of other windows, it is possible [ more ] [ reply ] Linux nfs-utils xlog() off-by-one bug 2003-07-14 Janusz Niewiadomski (funkysh isec pl) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Synopsis: Linux nfs-utils xlog() off-by-one bug Product: nfs-utils Version: <= 1.0.3 Vendor: http://sourceforge.net/projects/nfs/ URL: http://isec.pl/vulnerabilities/ CVE: CAN-2003-0252 Author: Janusz Niewiadomski <funkysh (at) isec (dot) pl [email concealed]> Date: July 14 [ more ] [ reply ] Netscape 7.02 Client Detection Tool plug-in buffer overrun 2003-07-14 martin rakhmanoff (jimmers yandex ru) [RHSA-2003:206-01] Updated nfs-utils packages fix denial of service vulnerability 2003-07-14 bugzilla redhat com [CLA-2003:694] Conectiva Security Announcement - gnupg 2003-07-11 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : gnupg SUMMARY : GnuPG key validity vulnerabil [ more ] [ reply ] Samba Remote Exploit with connect back method and bruteforce mode 2003-07-12 XNUXER RESEARCH (xnuxer hackermail com) DOCUMENT XNUXER RESEARCH: ========================= May, 12st 2003 Organization : XNUXER RESEARCH Location : Indonesia Official Site : http://infosekuriti.com (donation by fans) Contact Email : xnuxer (at) yahoo (dot) com [email concealed], xnuxer (at) hackermail (dot) com [email concealed] Description : Samba Remote Root exploit wi [ more ] [ reply ] Announcement: New Security Vulnerability List 2003-07-11 support sintelli com SINTRAQ, is a security mailing list which informs subscribers about the latest security vulnerabilities 24x7x365. Subscription to SINTRAQ is completely free. Sintelli collates and consolidates information from hundreds of sources, providing users with a single source for all security vul [ more ] [ reply ] ZH2003-4SA (security advisory): ASP-DEV Discussion Forum V2.0 2003-07-12 G00db0y (G00db0y zone-h org) ZH2003-4SA (security advisory): ASP-DEV Discussion Forum V2.0 Published: 12/07/2003 Released: 12/07/2003 Name: ASP-DEV Discussion Forum V2.0 Affected Systems: All versions Issue: Remote attackers can obtain users information (including passwords) Author: G00db0y (at) zone-h (dot) org [email concealed] Des [ more ] [ reply ] ZH2003-3SA (security advisory): Storefront sql injection: users info disclosure 2003-07-12 G00db0y (G00db0y zone-h org) cross site scripting htmltonuke 2003-07-12 jocanor jocanor (jocanor2002 hotmail com) I find a bug in some versions of htmltonuke. servers with php-nuke installed are not vulnerables some versions of htmltonuke only have permisions to acces to html files, but if you tipe the script before a invalid html file, the script are executed. exploit: http://www.example.com/ [ more ] [ reply ] MSIE:patched&undisclosed XSS vuln 2003-07-12 Liu Die Yu (liudieyuinchina yahoo com cn) MSIE:patched&undisclosed XSS vuln ("that's all" is end of file if you are in a hurry) [tested] OS:Windows XP Professional Browser: MS Internet Explorer 6.0.2600.0000.xpclient.01087-1148 (without any patch) (note: it doesn't work on the patched MSIE) [demo] at http://www.safecenter. [ more ] [ reply ] Re: Red Hat 9: free tickets 2003-07-11 Jon Hart (warchild spoofed org) On Sun, Jul 06, 2003 at 12:30:34PM -0700, Stephen Samuel wrote: > The way it works is: > > ln -s /var/run/sudo/mylogin/0:root /tmp/likely_tmp_name > > Then you wait for or cause some setuid progrem to attempt to > (insecurely) write to /tmp/likely_tmp_name . When that happens, > /var/run/sudo/my [ more ] [ reply ] UMN gopherd[2.x.x/3.x.x]: ftp gateway, and GSisText() buffer overflow exploits. 2003-07-12 Vade 79 (v9 fakehalo deadpig org) bordom/fun audit time... been awhile since i did an audit of UMN(University of Minnesota) gopherd+ daemon. figured i would check out the newer v3.0.x series, which has cleaned up the past security issues... while the old issues are resolved, still a few leftovers. two exploits follow... [ more ] [ reply ] Shattering SEH 2003-07-12 Brett Moore (brett moore security-assessment com) ======================================================================== = = Shattering SEH = = brett.moore (at) security-assessment (dot) com [email concealed] = http://www.security-assessment.com = = Originally posted: July 11, 2003 ======================================================================== = == Background == Si [ more ] [ reply ] iDEFENSE Security Advisory 07.11.03: Win32 Message Vulnerabilities Redux 2003-07-11 iDEFENSE Labs (labs idefense com) (2 replies) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 07.11.03: http://www.idefense.com/advisory/07.11.03.txt Win32 Message Vulnerabilities Redux July 11, 2003 About one year ago, Chris Paget published a pair of papers that described fundamental flaws in the way the Microsoft Co [ more ] [ reply ] Re: iDEFENSE Security Advisory 07.11.03: Win32 Message Vulnerabilities Redux 2003-07-11 David A. Pérez (david kamborio net) Re: iDEFENSE Security Advisory 07.11.03: Win32 Message Vulnerabilities Redux 2003-07-11 Chris Paget (chrisp ngssoftware com) New trojan turns home PCs into porno Web site hosts 2003-07-11 Richard M. Smith (rms computerbytesman com) (1 replies) Hi, Some individual appears to have hijacked more than a 1,000 home computers starting in late June or early July and has been installing a new trojan horse program on them. The trojan allows this person to run a number of small Web sites on the hijacked home computers. These Web sites consists of [ more ] [ reply ] RE: New trojan turns home PCs into porno Web site hosts 2003-07-12 ge (ge egotistical reprehensible net) Re: ServU FTP Service (Win32) is able to relay email 2003-07-10 Hal Flynn (flynn securityfocus com) (1 replies) > ServU FTP Server for Win32 has a Bug that makes it possible to relay > email messages anonymously. As described in the RFC documents for FTP > (959, 1579, 2228) its not recommendet for the service to accept PORT > commands containing target ports above 1024/tcp. Example: Nice. I'd like to point [ more ] [ reply ] Re: ServU FTP Service (Win32) is able to relay email 2003-07-11 Nick FitzGerald (nick virus-l demon co uk) [CLA-2003:693] Conectiva Security Announcement - pam 2003-07-10 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : pam SUMMARY : Local vulnerability in the pam_ [ more ] [ reply ] PHP-Include-Hack-Possibility in phpforum 2 RC-1 2003-07-10 theblacksheep (theblacksheep fastmail fm) ================================================ <------------------------------------------------> <------------#www.bright-shadows.net#------------> <------------------------------------------------> <--------------#theblacksheep&erik#--------------> <--------------------------------------------- [ more ] [ reply ] |
|
Privacy Statement |
/* tac0tac0.c - pay no attention to the name, long
story...
*
* Author: Maceo
* Modified to take advantage of CAN-2003-0496 Named
Pipe Filename
* Local Privilege Escalation Found by @stake. Use with
their Advisory.
* -wirepair (at) sh0dan (dot) org [email concealed] http://sh0dan.
[ more ] [ reply ]