BugTraq Mode:
(Page 1661 of 1748)  < Prev  1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666  Next >
Buffer Overflow? Local Malformed URL attack on D-Link 704p router 2003-05-26
Chris R (admin securityindex net)


My home network uses a small 4 port broadband Dlink router (704p) The

firmware was updated a week ago.

The following malformed URL's cause odd behavior in the router. Pointing

your browser (like most routers) to the gateways internal IP address you

get a web interface for administering yo

[ more ]  [ reply ]
Re: bazarr CALL POLICE 2003-05-26
Michael Nelson (michaelnel earthlink net)
In-Reply-To: <OLMKEND4EMILNTB1EFEDJQGOGFJSGGMCD0KPPWEK (at) ziplip (dot) com [email concealed]>

This issue has been addressed by an SGI Security Advisory:

ftp://patches.sgi.com/support/free/security/advisories/20020602-02-I

[ more ]  [ reply ]
S21SEC-024 - Vignette TCL Injection 2003-05-26
S21SEC (vul-serv s21sec com)
###############################################################
ID: S21SEC-024-en
Title: Vignette TCL Injection
Date: 03/04/2003
Status: Vendor contacted and solution available
Scope: TCL code Execution, Remote command execution
Platforms: All
Author: rpinuaga
Location: http://www.s21sec.com/es/avis

[ more ]  [ reply ]
S21SEC-020 - Vignette user enumeration 2003-05-26
S21SEC (vul-serv s21sec com)
###############################################################
ID: S21SEC-020-en
Title: Vignette user enumeration
Date: 15/03/2003
Status: Vendor contacted and solution available
Scope: Enumeration of user status
Platforms: All
Author: rpinuaga
Location: http://www.s21sec.com/es/avisos/s21sec-020-e

[ more ]  [ reply ]
S21SEC-017 - Vignette /vgn/legacy/save SQL access 2003-05-26
S21SEC (vul-serv s21sec com)
###############################################################
ID: S21SEC-017-en
Title: Vignette /vgn/legacy/save SQL access
Date: 15/03/2003
Status: Vendor contacted and solution available
Scope: Execution of SQL SELECT calls
Platforms: All
Author: rpinuaga
Location: http://www.s21sec.com/es/aviso

[ more ]  [ reply ]
BRS WebWeaver: POST and HEAD Overflaws 2003-05-27
euronymous (just-a-user yandex ru)
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=
topic: BRS WebWeaver: POST and HEAD Overflaws
product: BRS WebWeaver v1.04 and prior [ i guess ]
vendor: www.brswebweaver.com
risk: high
date: 05/25/2k3
tested platform: Windows 98 Second Edition
discovered by: euronymous /F0KP
advisory urls: http:

[ more ]  [ reply ]
[CLA-2003:655] Conectiva Security Announcement - BitchX 2003-05-26
Conectiva Updates (secure conectiva com br)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : BitchX
SUMMARY : Remote vulnerabilities
DATE

[ more ]  [ reply ]
S21SEC-019 - Vignette /vgn/style internal information leak 2003-05-26
S21SEC (vul-serv s21sec com)
###############################################################
ID: S21SEC-019-en
Title: Vignette /vgn/style internal information leak
Date: 15/03/2003
Status: Vendor contacted and solution available
Scope: Revelation of internal variables
Platforms: All
Author: rpinuaga
Location: http://www.s21sec.

[ more ]  [ reply ]
S21SEC-021 - Vignette License access and modification 2003-05-26
S21SEC (vul-serv s21sec com)
###############################################################
ID: S21SEC-021-en
Title: Vignette License access and modification
Date: 15/03/2003
Status: Vendor contacted and solution available
Scope: Unauthenticated access to the License management template
Platforms: All
Author: rpinuaga
Location

[ more ]  [ reply ]
SuSE Security Announcement: glibc (SuSE-SA:2003:027) 2003-05-27
Thomas Biege (thomas suse de)
-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______

SuSE Security Announcement

Package: glibc
Announcement-ID: SuSE-SA:2003:027
Date: Monday, May 2

[ more ]  [ reply ]
S21SEC-016 - Vignette SSI Injection 2003-05-26
S21SEC (vul-serv s21sec com)
###############################################################
ID: S21SEC-016-en
Title: Vignette SSI Injection
Date: 15/03/2003
Status: Vendor contacted and solution available
Scope: SSI Execution, In some cases Remote command execution
Platforms: All
Author: rpinuaga
Location: http://www.s21sec.co

[ more ]  [ reply ]
The PACKET 0' DEATH FastTrack network vulnerability 2003-05-26
random nut (random_nut yahoo com)

The PACKET 0' DEATH FastTrack network vulnerability
===================================================

Vulnerability Overview
----------------------
There exists a vulnerability in the FastTrack network
core that can be used by an attacker to take control
of all FastTrack network supernodes. The

[ more ]  [ reply ]
PalmVNC 1.40 Insecure Records 2003-05-26
flur (flur flurnet org)
Flurnet Security
----------------

Application: PalmVNC 1.40
Developer(s): Harkan Software (http://www.harakan.btinternet.co.uk/PalmVNC/)
Vladimir Minenko (http://www.wind-networks.de/PalmVNC/)
Scope: VNC passwords saved in plaintext with backup bit.
Tested on: Pa

[ more ]  [ reply ]
[Priv8security Advisory] Batalla Naval remote overflow 2003-05-26
wsxz (wsxz terra com br)
Priv8security advisory: 1

-----------------------------------------------------------------------

Product: Gnome Batalla Naval

Version: 1.0.4 (and probably earlier versions)

Vendor: http://batnav.sourceforge.net/

Problem: Remote Buffer overflow

Author: Wsxz (wsxz (at) priv8security (dot) com [email concealed])

----------

[ more ]  [ reply ]
Re: Eudora 5.2.1 attachment spoof 2003-05-27
psz maths usyd edu au (Paul Szabo)
Building on my Eudora attachment spoof

http://www.securityfocus.com/archive/1/322286

I have now found better games to play:

From: me
To: you

Ensure victim has both attachments 'calc' and 'calc.exe' (sent in
this, or previous, email). Then the following shows 'windows' icon
and runs

[ more ]  [ reply ]
NuxAcid#002 - Buffer Overflow in UpClient 2003-05-27
Gino Thomas (g thomas nux-acid org)
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
+=
NUX-ACID ADVISORY #002

Advisory name : Local Buffer Overflow in upclient
Risk : Medium (exploit grants kmem rights)
Date : 27.05.2003
Application : upclient
Versio

[ more ]  [ reply ]
[RHSA-2003:171-01] Updated CUPS packages fix denial of service attack 2003-05-27
bugzilla redhat com
---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated CUPS packages fix denial of service attack
Advisory ID: RHSA-2003:171-01
Issue date: 2003-05-27
Updated on: 2003-05-27
Product:

[ more ]  [ reply ]
Re: uml_net bug 2003-05-26
3APA3A (3APA3A SECURITY NNOV RU)
Dear Ktha,

The problem is different: uml_net shouldn't be suid.

http://rhn.redhat.com/errata/RHSA-2003-056.html

Details:

An updated kernel-utils package is available that removes the setuid bits
incorrectly assigned to the uml_net binary.

--Saturday, May 24, 2003, 5:10:07 AM, you wrote to bug

[ more ]  [ reply ]
ATM on linux Exploit(les,local) 2003-05-25
axis ph4nt0m (axis ph4nt0m net)


/* ATM on linux Exploit

*** vulnerability discovered by Angelo Rosiello

*** sorry for my poor english.

*** i wrote this exploit just for fun.

*** i can't get a rootshell on my linux :(

*** tested on redhat7.3 ,other linux maybe OK,too.

*** atm package:linux-atm-2.4.0-1.i386.rpm

*** http://

[ more ]  [ reply ]
Possible XSS on iPlanet Messaging Server 2003-05-27
Hugo Vázquez Caramés (overclocking_a_la_abuela hotmail com)


While playing around with the webmail server (Iplanet Messaging) of my old

ISP (Terra Networks) I noticed something really strange that I could not

believe in: it was possible to do a XSS through an html attachment. In

fact, with Iplanet Messaging you can open an html attachments "online", s

[ more ]  [ reply ]
Re: BEA WebLogic 2003-05-25
Helmut Springer (delta lug-s org)
Hi,

On 14 May 2003 at 12:06 +0200, K-Otik.com wrote:
> ------------------------------------------------------------
> BEA WebLogic Server and Express 7.x Passwords Disclosure
> ------------------------------------------------------------

http://dev2dev.bea.com/resourcelibrary/advisoriesnotifica

[ more ]  [ reply ]
PHP source code injection in BLNews 2003-05-22
Over_G (overg mail ru)
Product: BLNews
Version: 2.1.3
OffSite: http://www.blnews.de/
Problem: PHP source code injection
--------------------------------------------

Vulnerability:

------------admin/objects.inc.php4------------

if ($itheme!="blubb")
{ include("$Server[path]/admin/tools.inc.php4"); }
include("$Server[pat

[ more ]  [ reply ]
TextPortal Default Password Vulnerability 2003-05-23
bugtracklist.fm (bugtracklist freemail hu)
TextPortal Default Password Vulnerability

Advisory ID: B$H-2003:001
Advisory URL: http://www.tar.hu/bsh/reports/bsh-2003-001.txt
Date: 2003.05.22.
Original Advisory Date: 2003.05.10.
Discovery date: 2003.05.10.
Type:

[ more ]  [ reply ]
Some problems in Privatefirewall 3.0 2003-05-24
UkR security team? (cuctema ok ru)
UkR security team presents:
Some problems in Privatefirewall 3.0
////////////////////////////////////////////////////////////////////////
///////////////////
Product: Privatefirewall
version: 3.0
Vendor : Privacyware (http://www.privacyware.com)
Author : UkR-XblP (cuctema (at) ok (dot) ru [email concealed]) - the chief specialis

[ more ]  [ reply ]
UPB: Discussion Board/Web-Site Takeover 2003-05-24
euronymous (just-a-user yandex ru)
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=
topic: UPB: Discussion Board/Web-Site Takeover
product: Ultimate PHP Board v1.9 [ latest ]
vendor: www.myupb.com
risk: high
date: 05/24/2k3
discovered by: euronymous /F0KP
advisory urls: http://f0kp.iplus.ru/bz/024.en.txt
http://f0kp

[ more ]  [ reply ]
Re: Demarc Puresecure v1.6 - Plaintext password issue - 2003-05-24
Kurt Seifried (kurt seifried org)
>"Ryan Purita" <ryan (at) totally-connected (dot) com [email concealed]> wrote:

>The file psd.conf should be owned by root and its mode 600. Only if a
person gets root access in that box, she could read the password. Lots of
applications relay on that, for instance, snort, which is used by Demarc
PureSecure, stores the SQL pas

[ more ]  [ reply ]
PHP source code injection in BLNews 2003-05-24
Over_G (overg mail ru)
Product: BLNews
Version: 2.1.3
OffSite: http://www.blnews.de/
Problem: PHP source code injection
--------------------------------------------

Vulnerability:

------------admin/objects.inc.php4------------

if ($itheme!="blubb")
{ include("$Server[path]/admin/tools.inc.php4"); }
include("$Server[pat

[ more ]  [ reply ]
uml_net bug 2003-05-24
Ktha (ktha hushmail com)


There is a vulnerability in uml_net. The latest version is vulnerable too.

The problem is the lack of bounds checking in uml_net.c from uml_utilities,

A possible attack could lead to root compromise on some systems since for

example uml_net comes suided root in RH 8.0 by default.

Let's look

[ more ]  [ reply ]
ST FTP Service v3.0: directory traversal 2003-05-24
D4rkGr3y (grey_1999 mail ru)
-----BEGIN PGP SIGNED MESSAGE-----

################################################################*
# Damage Hacking Group security advisory
# www.dhgroup.org
################################################################*
#Product: ST FTP Service v3.0
#Authors: [sts

[ more ]  [ reply ]
Re: QuickTime/Darwin Streaming Server security issues 2003-05-23
Joe Testa (Joe_Testa rapid7 com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Greetings.

I'm having trouble reproducing this vulnerability as well. See below:

[jdog@wonderland jdog]$ cat /etc/redhat-release
jdog's Super Tricked-out Red Hat Linux release 8.0 (Psyche)
[jdog@wonderland jdog]$ echo -ne "OPTIONS * RTSP/1.0\nCs

[ more ]  [ reply ]
(Page 1661 of 1748)  < Prev  1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus