|
|
Colapse all |
Post message
Some problems in Privatefirewall 3.0 2003-05-24 UkR security team? (cuctema ok ru) UkR security team presents: Some problems in Privatefirewall 3.0 //////////////////////////////////////////////////////////////////////// /////////////////// Product: Privatefirewall version: 3.0 Vendor : Privacyware (http://www.privacyware.com) Author : UkR-XblP (cuctema (at) ok (dot) ru [email concealed]) - the chief specialis [ more ] [ reply ] UPB: Discussion Board/Web-Site Takeover 2003-05-24 euronymous (just-a-user yandex ru) =:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: UPB: Discussion Board/Web-Site Takeover product: Ultimate PHP Board v1.9 [ latest ] vendor: www.myupb.com risk: high date: 05/24/2k3 discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/024.en.txt http://f0kp [ more ] [ reply ] PHP source code injection in BLNews 2003-05-24 Over_G (overg mail ru) Product: BLNews Version: 2.1.3 OffSite: http://www.blnews.de/ Problem: PHP source code injection -------------------------------------------- Vulnerability: ------------admin/objects.inc.php4------------ if ($itheme!="blubb") { include("$Server[path]/admin/tools.inc.php4"); } include("$Server[pat [ more ] [ reply ] uml_net bug 2003-05-24 Ktha (ktha hushmail com) There is a vulnerability in uml_net. The latest version is vulnerable too. The problem is the lack of bounds checking in uml_net.c from uml_utilities, A possible attack could lead to root compromise on some systems since for example uml_net comes suided root in RH 8.0 by default. Let's look [ more ] [ reply ] Re: QuickTime/Darwin Streaming Server security issues 2003-05-23 Joe Testa (Joe_Testa rapid7 com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings. I'm having trouble reproducing this vulnerability as well. See below: [jdog@wonderland jdog]$ cat /etc/redhat-release jdog's Super Tricked-out Red Hat Linux release 8.0 (Psyche) [jdog@wonderland jdog]$ echo -ne "OPTIONS * RTSP/1.0\nCs [ more ] [ reply ] RE: Outlook Web Access authentication bypass 2003-05-23 Chris Robertson (Chris Robertson instill com) Please disregard this. A configuration change had been unknowingly made on the Exchange server (making the test account an Exchange Admin). I sincerly apologize for any confusion this may have caused. Chris Robertson -----Original Message----- From: Chris Robertson [mailto:Chris.Robertson@instil [ more ] [ reply ] Re: Options Parsing Tool library buffer overflows. 2003-05-23 Julien Lanthea (contact jlanthea net) In-Reply-To: <3EA85B02.7080000 (at) snosoft (dot) com [email concealed]> As the Secure Network Operations, Inc. (http://www.secnetops.com) told on Bugtraq (Apr 24 2003), the function opt_atoi() from the subroutine library opt-3.18 and prior is vulnerable to buffer overflow attacks. Here is a sample showing how to exploit [ more ] [ reply ] Eudora 5.2.1 buffer overflow DoS 2003-05-23 psz maths usyd edu au (Paul Szabo) Building on my Eudora attachment spoof http://www.securityfocus.com/archive/1/322286 I notice that sending a filename with many dots crashes Eudora, e.g. From: me To: you Attachment Converted<CR>: "\B.A.A.A ... .A.A.A" (with 122 repetitions of ".A") make it crash, writing an Exception [ more ] [ reply ] Outlook Web Access authentication bypass 2003-05-23 Chris Robertson (Chris Robertson instill com) This exploit exhibits the same symptoms as CAN-2002-0507 however I have found it is possible on an Exchange 5.5 (patches current to within ~3 months) single system Outlook Web Access install (IIS and Exchange on the same server) to access any mailbox once the client has been successfully authenticat [ more ] [ reply ] nessus NASL scripting engine security issues 2003-05-23 Sir Mordred (mordred s-mail com) // @(#)Security advisory: Nessus NASL scripting engine security issues Release date: May 23, 2003 Name: Nessus NASL scripting engine security issues Author: Sir Mordred <mordred (at) s-mail (dot) com [email concealed]> I. DESCRIPTION The "Nessus" Project aims to provide to the internet community a free, powerful, up [ more ] [ reply ] MDKSA-2003:061 - Updated gnupg packages fix validation bug 2003-05-22 Mandrake Linux Security Team (security linux-mandrake com) Compaq Insight Manager - related to Bugtraq ID 2500 2003-05-21 Brewis, Mark (mark brewis eds com) Another one out of the back catalogue, seen again today. Version: Compaq Insight Manager Version 5.0 or below Issue: The Proxy vulnerability identified in Bugtraq ID 2500, and the patch produced by Compaq for that vuln. does not prevent ftp proxying. On a host denying http proxying, it is possi [ more ] [ reply ] MDKSA-2003:060 - Updated LPRng packages fix insecure temporary file vulnerability 2003-05-21 Mandrake Linux Security Team (security linux-mandrake com) [slackware-security] REVISED quotacheck security fix in rc.M (SSA:2003-141-06a) 2003-05-22 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] REVISED quotacheck security fix in rc.M (SSA:2003-141-06a) NOTE: The original advisory quotes a section of the Slackware ChangeLog which had inadvertently reversed the options to quotacheck. The correct option to use is 'm'. A [ more ] [ reply ] XMB 1.8 Partagium cross site scripting vulnerability 2003-05-22 Marc Ruef (marc ruef computec ch) Hi! Lotek, a friend of mine, informed me about a cross site scripting bug[1] in my XMBforum 1.8.x[2]: http://www.website.org/xmbforum/member.php?action=viewpro&member=%3Cdiv% 3E%3Cfont%20color=%22red%22%3EMarc%3C/font%3E%3Cscript%3Ealert(%22Ruef%2 2);%3C/script%3E%3C/div%3E I sent this information [ more ] [ reply ] Potential security vulnerability in Nessus 2003-05-22 je sekure net See below, /jonas ---------- Forwarded message ---------- Date: Thu, 22 May 2003 17:16:05 -0400 From: Renaud Deraison <deraison (at) nessus (dot) org [email concealed]> To: nessus-announce (at) list.nessus (dot) org [email concealed] Subject: Nessus 2.0.6 has been released Nessus 2.0.6 has been released. It fixes a potential security vulnerability in [ more ] [ reply ] Eudora 5.2.1 attachment spoof 2003-05-22 psz maths usyd edu au (Paul Szabo) Qualcomm Eudora 5.2.1 has been released recently. Quoting from http://www.eudora.com/download/eudora/windows/5.2.1/RelNotes.txt : > Improved guarding against spoofed Attachment Converted: lines. Attachments can still be spoofed by including a CR (ctrl-M, x0d, ASCII 13) character anywhere within th [ more ] [ reply ] |
|
Privacy Statement |
Version: 2.1.3
OffSite: http://www.blnews.de/
Problem: PHP source code injection
--------------------------------------------
Vulnerability:
------------admin/objects.inc.php4------------
if ($itheme!="blubb")
{ include("$Server[path]/admin/tools.inc.php4"); }
include("$Server[pat
[ more ] [ reply ]