|
|
Colapse all |
Post message
Unrealircd & Anope services - join segmentation fault in operserv.c 2003-07-08 Lethalman (lethalman libero it) Re: Trillian Remote DoS 2003-07-08 Erik Jacobson (uhlume hotmail com) Did you even bother notifying the vendor? Or crediting the person who originally discovered this? Unless you happen to be him, although it doesn't appear so from your site. Anyway, this bug has been known about for a while, and is fixed in the next version. Unfortunately they aren't releasing [ more ] [ reply ] WDAV exploit without netcat and with pretty magic number 2003-07-08 XNUXER RESEARCH (xnuxer hackermail com) Just modified WDAV exploit without netcat or telnet and with pretty magic number as RET ;P. Create on May, 2003. Sample action picture from this exploit can check in this link: http://www.infosekuriti.com/artikel/artikel25_files/image002.jpg /* * IIS 5.0 WebDAV Exploit versi Xnuxer Lab * By Schi [ more ] [ reply ] Adobe Acrobat and PDF security: no improvements for 2 years 2003-07-08 Vladimir Katalov (info elcomsoft com) -----BEGIN PGP SIGNED MESSAGE----- Hash: MD5 Adobe Acrobat and PDF security: no improvements for 2 years. Software released in 2003 contains vulnerabilities disclosured in 2001 July 8, 2003 SUMMARY ====================================================================== In early 2001, we have dis [ more ] [ reply ] Re: Contact information for Microsoft Security Response Center [tf] 2003-07-04 keepitsecret hush com Why do you people insist on using such an unobvious address? Do you have a catch-all in place? secure (at) microsoft (dot) com [email concealed] is a whimsical address almost as silly as designating "abuse (at) microsoft (dot) com [email concealed]" to "badstuff (at) microsoft (dot) com [email concealed]". If check where those people you heard saying they tried to contact you trie [ more ] [ reply ] Re: [Full-Disclosure] MacOSX - crash screensaver locked with password and get the desktop back 2003-07-04 jamie rishaw (jamie arpa com) *Not* confirmed (tried various between 500-60000 chars) on Dual Powermac G4 1.2 10.2.6 On Fri, Jul 04, 2003 at 09:42:41PM +0000, petard wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > how? - you ask. > > i don't know the exact amount of characters, only that if you leave a > > key [ more ] [ reply ] ICQ 2003a Password Bypass 2003-07-05 Cauã Moura Prado (mouraprado infoguerra com br) Software: ICQ 2003a Threat: Login password can be bypassed locally I have found a vulnerability in ICQ Pro 2003a that allows anyone to connect to ICQ server using any account registered locally regardless the 'save password' option is checked or not. High level security password is als [ more ] [ reply ] Re: Another ProductCart SQL Injection Vulnerability 2003-07-05 Massimo Arrigoni (support earlyimpact com) In-Reply-To: <1057289439.3f04f4dfaf159 (at) webmail.bosen (dot) net [email concealed]> Instructions on how to address this security issue: ------------------------------------------------------------------- User of ProductCart v1.5 and before: Please contact Early Impact ASAP to update to a later version of ProductC [ more ] [ reply ] Re: Script Injection to Custom HTTP Errors in Local Zone (GM#014-IE) 2003-07-05 Marek Blahus (marek blahus cz) Here are some comments on the MSIE custom HTTP errors script injection vulnerability posted by GreyMagic back on June 17th: I had been playing with the custom HTTP errors as well, it's some two years ago, but it still works pretty much the same. Here is my version of the URL I figured out that time [ more ] [ reply ] [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php) 2003-07-07 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] [SECURITY] [DSA-339-1] New semi, wemi packages fix insecure temporary file creation 2003-07-07 Matt Zimmerman (mdz debian org) cPanel Malicious HTML Tags Injection Vulnerability 2003-07-06 Ory Segal (ory segal sanctuminc com) ------------------------------------------------------------------------ ------- -----[ cPanel Malicious HTML Tags Injection Vulnerability ------------------------------------------------------------------------ ------- --[ Author: Ory Segal, Sanctum inc. http://www.SanctumInc.com --[ Discovery Date: [ more ] [ reply ] XSS in OWA allows stealing windows domain user credentials 2003-07-05 Hugo Vázquez Caramés (overclocking_a_la_abuela hotmail com) -2 vulnerabilities in OWA. -Vendor contacted Microsoft Outlook Web Access comes with a feature that allows script filtering on HTML formatted mail attachments.It is possible for an attacker to make a request in a particular way so that OWA does not filter the attachment causing the script [ more ] [ reply ] [SECURITY] [DSA-337-1] New semi, wemi packages fix insecure temporary file creation 2003-07-07 Matt Zimmerman (mdz debian org) Vulneralbility in aplication Billing Explorer 2003-07-07 XNUXER RESEARCH (xnuxer hackermail com) XNUXER RESEARCH SECURITY REPORT: ================================================================ Aplication Name: Billing Explorer Vendor Site : http://www.billingexplorer.com Vendor Email : info_008 (at) yahoo (dot) com [email concealed] Security : High Risk Vulnerable : String command and Client Handle without [ more ] [ reply ] [SECURITY] [DSA-338-1] New x-face-el packages fix insecure temporary file creation 2003-07-07 Matt Zimmerman (mdz debian org) Remote DoS on Canon GP300 2003-07-07 DOUHINE Davy (DDOUHINE fininfo fr) Affected: Canon GP300 using WebSpooler v4.5.062 (fr), other versions ? Risk: High Remote: Yes Description: A simple http request can crash the whole print server. Request is "GET /" on tcp/80 After sending "GET /" a reboot is needed to print again or to take hand on the print server. The web serve [ more ] [ reply ] [CLA-2003:685] Conectiva Security Announcement - openldap 2003-07-04 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : openldap SUMMARY : Denial of Service and othe [ more ] [ reply ] [CLA-2003:675] Conectiva Security Announcement - ml85p 2003-07-04 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : ml85p SUMMARY : Insecure temporary file creat [ more ] [ reply ] Re: [Full-Disclosure] MacOSX - crash screensaver locked with password and get the desktop back 2003-07-04 Brent J. Nordquist (b-nordquist bethel edu) On 4 Jul 2003, Delfim Machado <bipbip (at) xpto (dot) org [email concealed]> wrote: > i don't know the exact amount of characters, only that if you leave a > key pressed for 5 minutes or more and then hit the enter key, you crash > the screensaver and gain access to the desktop. Confirmed; Mac OS X 10.2.6 on iBook (600MHz Pow [ more ] [ reply ] |
|
Privacy Statement |
If an admin say this command: '/msg operserv raw
:nickserv join #chan' NickServ join in that chan, ok.
If the command was: '/msg operserv raw : join #chan'
ircd go to SEGFAULT. Why?
Case 1: operserv ordine to a nick (NickServ) to join #chan
Case 2: operserv ordine to server to join #chan
Irc
[ more ] [ reply ]