SecurityFocus

Re: Flooding Internet Explorer 6.0.2800 (6.x?) security zones ! - UPDATED 2003-05-15
http-equiv (at) excite (dot) com [email concealed] (1 malware com)

Marek,

Further to my confirmation of seeing this in the past as detailed
below, I am today delighted to inform you that I can reconfirm that
it functions precisely as you describe:

1. Definitely processor related as after 10 minutes of bogging down
the machine, BANG ! it automatically opened

[ more ] [ reply ]

Cisco Security Advisory: Cisco IOS Software Processing of SAA Packets 2003-05-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)

OneOrZero Security Problems (PHP) 2003-05-15
Frog Man (leseulfrog hotmail com)

Informations :
°°°°°°°°°°°°°°
Website : http://www.oneorzero.com
Version : 1.4 rc4
Problems :
- SQL Injection
- Admin Access

PHP Code/Location :
°°°°°°°°°°°°°°°°°°°

supporter/tupdate.php :

------------------------------------------------------------------------
--
if($groupid == 'change'){
$sql =

[ more ] [ reply ]

MDKSA-2003:056 - Updated xinetd packages fix DoS vulnerability 2003-05-14
Mandrake Linux Security Team (security linux-mandrake com)

RE : Memory leak in 3COM DSL routers 2003-05-14
David F. Madrid (conde0 telefonica net)

3COM 1.1.9 firmware is affected as well . 2.0 version couldn't be tested
as I think 128bits cryptographic hardware isn´t exported outside US .

--
Regards ,

David F. Madrid
Madrid , Spain

[ more ] [ reply ]

MDKSA-2003:057 - Updated MySQL packages fix vulnerability 2003-05-14
Mandrake Linux Security Team (security linux-mandrake com)

[ESA-20030515-015] 'sudo' heap corruption vulnerability 2003-05-15
EnGarde Secure Linux (security guardiandigital com)

[ESA-20030515-017] 'kernel' several bug and security-related fixes. 2003-05-15
EnGarde Secure Linux (security guardiandigital com)

[ESA-20030515-016] 'gnupg' key validation bug. 2003-05-15
EnGarde Secure Linux (security guardiandigital com)

[RHSA-2003:174-01] Updated tcpdump packages fix privilege dropping error 2003-05-15
bugzilla redhat com

---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated tcpdump packages fix privilege dropping error
Advisory ID: RHSA-2003:174-01
Issue date: 2003-05-15
Updated on: 2003-05-15
Product:

[ more ] [ reply ]

Multiple Security Vulnerabilities in OpenSSL on IRIX 6.5.19 2003-05-14
SGI Security Coordinator (agent99 sgi com)

RE: [VULNERABILITY] PHP 'poster version.two' 2003-05-14
Peter Winter-Smith (peter4020 hotmail com)

Hi,

I made a slight error in the typing of my contact information.

My AIM screen name is: 'GenericCoder', not 'GenericCode'.

Thank-you,

-Peter Winter-Smith

[ more ] [ reply ]

[VULNERABILITY] PHP 'poster version.two' 2003-05-14
Peter Winter-Smith (peter4020 hotmail com)

Hi Guys,

This is my first time posting a vulnerability since most of my private

research has been done on very small projects, many of which were

never released.

Anyways, down to the vulnerability:

Poster version.two privilege escalation:

========================================

[ more ] [ reply ]

Cisco ACL bug when using VPN crypto engine accelerator, PPPoE dialer or ip route-cache 2003-05-14
Olivier (itsce networkservices pmintl ch) (2 replies)

Platform Cisco 1760 dual Ethernet

IOS 12.2.xT IP/ADSL/FW/IDS PLUS IPSEC 3DES

Environment: Site to site VPN for small offices.

ACL are not properly parsed as soon as you enable:

crypto engine accelerator

PPPoE dialer

Ip route-cache

Without the feature mentioned above, y

[ more ] [ reply ]

Re: Cisco ACL bug when using VPN crypto engine accelerator, PPPoE dialer or ip route-cache 2003-05-15
Ilker Temir (itemir cisco com)

Re: Cisco ACL bug when using VPN crypto engine accelerator (NOT A BUG) 2003-05-15
Jan Bervar (jan nil si)

Flooding Internet Explorer 6.0.2800 (6.x?) security zones ! - UPDATED 2003-05-13
Marek Bialoglowy (mb systemintegra com)

# UPDATED ADVISORY

Systems Affected : Internet Explorer 6.0.2800 (6.x?)
Remotely exploitable: Yes
Author: Marek Bialoglowy (System Integra - mb (at) systemintegra (dot) com [email concealed])
Attached files: dmz5-win2k.zip

NOTE: Attached file dmz5-win2k.html can crash you IE, be careful with that !

# INTRODUCTION

Some peopl

[ more ] [ reply ]

[CLA-2003:648] Conectiva Security Announcement - evolution 2003-05-14
Conectiva Updates (secure conectiva com br)

[RHSA-2003:172-00] Updated 2.4 kernel fixes security vulnerabilities and various bugs 2003-05-14
bugzilla redhat com

---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated 2.4 kernel fixes security vulnerabilities and various bugs
Advisory ID: RHSA-2003:172-00
Issue date: 2003-05-14
Updated on: 2003-05-14
Pr

[ more ] [ reply ]

Buffer overflows in multiple IMAP clients 2003-05-14
Timo Sirainen (tss iki fi)

There's two common vulnerabilities in IMAP clients written with C and C++:

1. Handling huge literal sizes. Many clients do malloc(literal_size+1) and
then read the literal into it. Problem is that if literal_size is
UINT_MAX-1, the +1 overflows it into malloc(0) but server is still allowed
to write

[ more ] [ reply ]

Re: VBulletin Preview Message - XSS Vuln 2003-05-14
Kier Darby (kier vbulletin com)

In-Reply-To: <004b01c319f8$c76cdc90$0b6aaec3@SS>

>Message-ID: <004b01c319f8$c76cdc90$0b6aaec3@SS>

>From: "Ferruh Mavituna" <ferruh (at) mavituna (dot) com [email concealed]>

>To: <bugtraq (at) securityfocus (dot) com [email concealed]>

>Subject: VBulletin Preview Message - XSS Vuln

>Date: Wed, 14 May 2003 12:11:11 +0300

>---------------------------

[ more ] [ reply ]

php-proxima Remote File Access Vulnerability 2003-05-14
Mind Warper (mindwarper linuxmail org)

php-proxima Remote File Access Vulnerability

----------------------
Vendor Information:
----------------------

Homepage : http://www.php-proxima.com
Vendor : informed
Mailed advisory: 14/05/03
Vender Response : None

----------------------
Affected Versions:
----------------------

php-pr

[ more ] [ reply ]

PalmOS ICMP flood DoS. 2003-05-14
Shaun Moore (shaunige yahoo co uk)

-[BACKGROUND]-:

PalmOS is vulnerable to an ICMP DoS attack, when an
attacker continuously sends ICMP_ECHO packets to the
device. This attack causes 100% CPU usage, and the
device therefore comes to a total lockup. The Pilot
is almost instantly rendered unusable, until the
attacker stops sending p

[ more ] [ reply ]

VBulletin Preview Message - XSS Vuln 2003-05-14
Ferruh Mavituna (ferruh mavituna com)

------------------------------------------------------
VBulletin Private Message "Preview Message" XSS Vulnerability
------------------------------------------------------
Any kind of XSS attacks possibility.

------------------------------------------------------
About VBulletin;
------------------

[ more ] [ reply ]

Inktomi Traffic-Server XSS: man-in-the-middle XSS ! 2003-05-14
Hugo Vázquez Caramés (overclocking_a_la_abuela hotmail com)

Please we would like that credits of this vulnerability go to INFOHACKING

(Hugo Vázquez Caramés and Toni Cortés Martinez). Actually we work

at "Secdor R&D". The vulnerabily was found, once again, during a pen-test.

######################################################################

IN

[ more ] [ reply ]

BEA WebLogic Server and Express 7.x Passwords Disclosure 2003-05-14
K-Otik.com (contrib K-Otik com)

------------------------------------------------------------

BEA WebLogic Server and Express 7.x Passwords Disclosure

------------------------------------------------------------

Affected Versions

-----------------

BEA WebLogic Server 7.x

BEA WebLogic Express 7.x

ADVISORY

-----

[ more ] [ reply ]