-----------------------------------------------------------------------
Immunix Secured OS Security Advisory

Packages updated: LPRng
Affected products: Immunix OS 7+
Bugs fixed: CAN-2003-0136
Date: Wed Jun 4 2003
Advisory ID: IMNX-2003-7+-013-01
Author: Seth Arnold <sarnold (at) immunix (dot) com [email concealed]>
---

[ more ]  [ reply ]

    /----------------------------
            Pimp industries.
-----------------------------/
           
 ImageFolio All Versions  : admin.cgi Directory transversal and file
delete exploit.
 Company: www.imagefolio.com
 
Background
-------------
ImageFolio is a multi-platform, server-based, s

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title:
~~~~~~~~~~~~~~~~~
Microsoft Internet Explorer %USERPROFILE% Folder Disclosure Vulnerability
[http://www.geocities.co.jp/SiliconValley/1667/advisory07e.html]

Date:
~~~~~~~~~~~~~~~~~
5 June 2003

Author:
~~~~~~~~~~~~~~~~~
Eiji James Yoshida [ptr

[ more ]  [ reply ]

AdSubtract Proxy ACL Bypass Vulnerability

URL
http://www.lurhq.com/advisory20030604.html

Release Date
June 4, 2003

Author
Joe Stewart

About AdSubtract
AdSubtract is one of the leading products in the banner-ad blocking
software market. It is frequently bundled with modems from several
leading m

[ more ]  [ reply ]

http://www.secnetops.biz/research

[ more ]  [ reply ]

Internet Explorer Object Type Property Overflow

Release Date:
June 4, 2003

Severity:
High (Remote Code Execution)

Systems Affected:
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 6.0 for Windows Server 2003

Descriptio

[ more ]  [ reply ]

Hello,

There is possible remote buffer overflow in atftpd. It has to do with length
of filename which client sends to atftpd server. If you send filename over
~253 bytes, it crashes with segfault. When I attach to process with gdb I
can see it trying to run instruction from EIP 0x41414141. That can

[ more ]  [ reply ]

was looking at the source code to man, and came upon this. newer (g)

libc's will stop this from happening. but, still worth noting/effective

bypass with older (g)libc's (explained in exploit header)

Vade79 -> fakehalo.deadpig.org -> fakehalo.

-- xmanfmt.c: start --

/* (linux)man[v1.5

[ more ]  [ reply ]

PHP XSS exploit in phpinfo() by Silent Needle

A: BACKGROUND(from php.net)

int phpinfo ( [int what])

Outputs a large amount of information about the current state of PHP. This

includes information about PHP compilation options and extensions, the PHP

version, server information and environ

[ more ]  [ reply ]

/------------------------
Pimp industries.
--------------------------/

Xpressions Software : Multiple SQL Injection Attacks To
Manage WebStore(s).

BackGround
-------------

When your suppliers and trading partners can interact with your
organization as a seamless extension of your internal

[ more ]  [ reply ]

The Organization for Internet Safety is pleased to announce the
beginning of the public comment period for the Draft Security
Vulnerability Reporting and Responding Process. This draft process is
the result of a lengthy collaboration between leading security
researchers and software vendors. We h

[ more ]  [ reply ]

Description

-----------------------------------------------------------

Megabrowser is a free standalone program that enables you to host

websites and FTP sites by utilizing its powerful advanced peer-to-peer

features. You can now host websites and FTP sites without paying any

hosting fees.

[ more ]  [ reply ]

-----------------------------------------------------------------------
Immunix Secured OS Security Advisory

Packages updated: wget
Affected products: ImmunixOS 7+
Bugs fixed: CAN-2002-1344
Date: Tue Jun 3 2003
Advisory ID: IMNX-2003-7+-011-01
Author: Seth Arnold <sarnold (at) immunix (dot) com [email concealed]>
-----

[ more ]  [ reply ]

-----------------------------------------------------------------------
Immunix Secured OS Security Advisory

Packages updated: file
Affected products: Immunix OS 7+
Bugs fixed: CAN-2003-0102
Date: Tue Jun 3 2003
Advisory ID: IMNX-2003-7+-012-01
Author: Seth Arnold <sarnold (at) wirex (dot) com [email concealed]>
------

[ more ]  [ reply ]

List,

The following can also be found at:

http://www.kufumo.com/releases/ca-passwordrecover.txt

Thanks,

Tor Houghton

;

$Id: ca-passwordrecover.txt,v 1.3 2003/05/20 10:46:51 torh Exp $

Computer Associates "Asset Manager" Password Recovery Tool

(c) 2003 Tor Houghton (th

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______
SGI Security Advisory

Title : Updated SGI Apache Version Available
Number : 20021105-02-I
Date : June 3, 2003
Reference : SGI Security Adviso

[ more ]  [ reply ]

I look kon2 source and -Console arg is the problem,

so here go the PoC.

----cut here--------

#!/usr/bin/perl

########################################################################
############

#Priv8security.com kon2 version 0.3.9b-16 and < local root exploit.

#

# Tested on Redhat

[ more ]  [ reply ]

Plaintext Password Vulnerability

------------------------------------

User info is stored in users.dat in plaintext. If the

anonymous account is present (it is by default) the

entire FTP server can be compromised

ftp://somewhere/program files/pablo's ftp service/users.dat

Default Anony

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

CERT Summary CS-2003-02

June 3, 2003

Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT
Summary to draw attention to the types of attacks reported to our
incident response team, as well as other noteworthy incident and

[ more ]  [ reply ]

---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated 2.4 kernel fixes vulnerabilities and driver bugs
Advisory ID: RHSA-2003:187-01
Issue date: 2003-05-22
Updated on: 2003-06-03
Product:

[ more ]  [ reply ]

------------------------------------------------------------------
- EXPL-A-2003-002 exploitlabs.com Advisory 002
------------------------------------------------------------------
-=- IRCXpro 1.0 -=-

Vunerability(s):
----------------
1.local clear passwords
2.r

[ more ]  [ reply ]

---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated kon2 packages fix buffer overflow
Advisory ID: RHSA-2003:047-01
Issue date: 2003-06-03
Updated on: 2003-06-03
Product: Red Hat

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]

Tripbit Advisory TA-2003-05 Buffer Overflow Vulnerability in Pi3 Web
Server v2.0.2 Beta 1
========================================================================
=================

PROGRAM: Pi3 Web Server
HOMEPAGE: http://pi3web.sourceforge.net/pi3web/
VULNERABLE VERSIONS: v2.0.2 Beta 1
RISK: M

[ more ]  [ reply ]

Products: b2 cafelog 0.6.1 with ljupdate
b2 cafelog 0.6.2 and prior
Author: FraMe ( frame at kernelpanik.org )
URL: http://www.kernelpanik.org

CONTENTS

1. Overview
2. Description.
3. Details.
4. Vendor Response

1. Overview.

b2 is a news/weblog tool written in php. b2 uses My

[ more ]  [ reply ]