|
|
Prev week |
Colapse all |
Post message
Xpressions Software: Multiple SQL Injection Attacks To Manage WebStore 2003-06-04 Paul Craig (pimp brainwave net nz) /------------------------ Pimp industries. --------------------------/ Xpressions Software : Multiple SQL Injection Attacks To Manage WebStore(s). BackGround ------------- When your suppliers and trading partners can interact with your organization as a seamless extension of your internal [ more ] [ reply ] public comment period for the Draft Security Vulnerability Reporting and Responding Process (OISAFETY) 2003-06-04 Craig Ozancin (cozancin symantec com) The Organization for Internet Safety is pleased to announce the beginning of the public comment period for the Draft Security Vulnerability Reporting and Responding Process. This draft process is the result of a lengthy collaboration between leading security researchers and software vendors. We h [ more ] [ reply ] MegaBrowser HTTP and FTP Vulnerabilities 2003-06-04 JeiAr (jeiar kmfms com) Description ----------------------------------------------------------- Megabrowser is a free standalone program that enables you to host websites and FTP sites by utilizing its powerful advanced peer-to-peer features. You can now host websites and FTP sites without paying any hosting fees. [ more ] [ reply ] Immunix Secured OS 7+ wget update 2003-06-04 Immunix Security Team (security immunix com) ----------------------------------------------------------------------- Immunix Secured OS Security Advisory Packages updated: wget Affected products: ImmunixOS 7+ Bugs fixed: CAN-2002-1344 Date: Tue Jun 3 2003 Advisory ID: IMNX-2003-7+-011-01 Author: Seth Arnold <sarnold (at) immunix (dot) com [email concealed]> ----- [ more ] [ reply ] Immunix Secured OS 7+ file update 2003-06-04 Immunix Security Team (security immunix com) ----------------------------------------------------------------------- Immunix Secured OS Security Advisory Packages updated: file Affected products: Immunix OS 7+ Bugs fixed: CAN-2003-0102 Date: Tue Jun 3 2003 Advisory ID: IMNX-2003-7+-012-01 Author: Seth Arnold <sarnold (at) wirex (dot) com [email concealed]> ------ [ more ] [ reply ] kon2 exploit!! 2003-06-03 wsxz (wsxz terra com br) I look kon2 source and -Console arg is the problem, so here go the PoC. ----cut here-------- #!/usr/bin/perl ######################################################################## ############ #Priv8security.com kon2 version 0.3.9b-16 and < local root exploit. # # Tested on Redhat [ more ] [ reply ] Vulnerabilities In Pablo Software Solutions FTP Service 1.2 2003-06-03 JeiAr (jeiar kmfms com) Plaintext Password Vulnerability ------------------------------------ User info is stored in users.dat in plaintext. If the anonymous account is present (it is by default) the entire FTP server can be compromised ftp://somewhere/program files/pablo's ftp service/users.dat Default Anony [ more ] [ reply ] [RHSA-2003:187-01] Updated 2.4 kernel fixes vulnerabilities and driver bugs 2003-06-03 bugzilla redhat com IRCXpro 1.0 - Clear local and default remote admin passwords 2003-06-03 morning_wood (se_cur_ity hotmail com) Re: Tornado www-server v1.2: directory traversal, buffer overflow 2003-06-02 Berend-Jan Wever (SkyLined edup tudelft nl) I've done a quick debugging session: The overflow does not seem exploitable other then a DoS. What happens is that there is not enough heap to hold the long strings so it writes past the heap to a location where no memory is allocated. This will cause an unhandled exception. Kind regards, Berend-J [ more ] [ reply ] [OpenPKG-SA-2003.030] OpenPKG Security Advisory (ghostscript) 2003-06-03 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] Tripbit Advisory TA-2003-05 Buffer Overflow Vulnerability in Pi3 Web Server v2.0.2 Beta 1 2003-06-02 Rushjo (at) tripbit (dot) org [email concealed] (rushjo tripbit org) Tripbit Advisory TA-2003-05 Buffer Overflow Vulnerability in Pi3 Web Server v2.0.2 Beta 1 ======================================================================== ================= PROGRAM: Pi3 Web Server HOMEPAGE: http://pi3web.sourceforge.net/pi3web/ VULNERABLE VERSIONS: v2.0.2 Beta 1 RISK: M [ more ] [ reply ] b2 cafelog: remote command execution, sql injection and another flaw. 2003-06-02 FraMe (frame hispalab com) Re: b2 cafelog 0.6.1 remote command execution. 2003-06-02 Cheng-Jih Chen (cjc cjc org) On Fri, 30 May 2003, mike little wrote: > Secondly, has anyone tried this? The fact is that b2config.php defines > $b2inc with no test before hand. So that, whilst for the duration of the > parsing of b2config.php, $b2inc could indeed be set to some value from > the outside world. It is immediat [ more ] [ reply ] Re: URLScan detection 2003-06-02 M. Burnett (mb xato net) One problem with using UseFastPathReject, as Microsoft recommends, is that it too can be used to identify URLScan. UseFastPathReject just sends back a generic 404 message. However, If a site normally uses a custom 404 message, but rejects attacks with a generic message, it will be pretty easy to [ more ] [ reply ] [Windows XP] ntdll.dll Buffer Overflow Vulnerability - Yet Another MS03-007 2003-06-01 :: Operash :: (nesumin softhome net) IIS WebDav Denial of Service attacks - Update to SPI Dynamics 2003-06-02 Mark Litchfield (mark ngssoftware com) In SPI Dynamics own advisory it mentions that IIS will restart itself - whilst this is true, by supplying a specific number of bytes, we can terminate all the threads, but leaving INETINFO still alive. Despite INETINFO not dying, the process will no longer serve any requests. This provides a more [ more ] [ reply ] Mod_gzip Debug Mode Vulnerabilities 2003-06-01 Matthew Murphy (mattmurphy kc rr com) Multiple Vulnerabilities in mod_gzip Debugging Routines I. Synopsis Affected Systems: mod_gzip 1.3.26.1a and prior Risk: * Development: High * Production: Minimal Developer URL: http://www.sourceforge.net/projects/mod-gzip Status: Vendor is not supporting project at this time. II. Product [ more ] [ reply ] [ PHP-Nuke :] Multiple vulnerabilities in SPChat 2.0 for PHP-Nuke & SPChat 0.8.0 2003-05-31 Rynho Zeros Web (hackargentino gmx net) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Topic: Multiple vulnerabilities in SPChat 2.0 for PHP-Nuke & SPChat 0.8.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Systems Affected: Web Chat 2.0 for PHP-Nuke & SPChat 0.8.0 Vendor URL: http://www.saarport.net Vuln Type: [ more ] [ reply ] Yahoo! Security Advisory: Yahoo! Voice Chat 2003-05-30 Yahoo!Security Contact (security yahoo-inc com) Internet Explorer URL spoofing threat 2003-05-30 M. Burnett (mb xato net) Recently I advised Microsoft of a vulnerability in Internet Explorer that would cause the browser to browse to one web site but display a completely different URL in the address bar. Due to inconsistent handling of authentication credentials in a URL, IE will parse the URL one way when browsing and [ more ] [ reply ] |
|
Privacy Statement |
PHP XSS exploit in phpinfo() by Silent Needle
A: BACKGROUND(from php.net)
int phpinfo ( [int what])
Outputs a large amount of information about the current state of PHP. This
includes information about PHP compilation options and extensions, the PHP
version, server information and environ
[ more ] [ reply ]