BugTraq Mode:
(Page 1672 of 1748)  < Prev  1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677  Next >
Re: Exploit for PopPToP PPTP server - Working version 2003-04-25
blightninjas hushmail com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Attached is a working copy of the poptop exploit.
This has been tested, and verified working.

This and other editions available at www.freewebs.com/blightninjas/

- --blightninjas
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signat

[ more ]  [ reply ]
Path disclosure and file access on WebAdmin 2003-04-25
David A. Pérez (david kamborio net)
WebAdmin is a web application to administer MDaemon and RelayFax. It can be
run on its own or as an ISAPI application under Microsoft Internet
Information Services (IIS). MDaemon is an e-mail server for Microsoft
Windows. RelayFax is a fax server also for Microsoft Windows. Both
applications have be

[ more ]  [ reply ]
Multiple Vulnerabilities in BSD LPR Subsystem on IRIX update 2003-04-25
SGI Security Coordinator (agent99 sgi com)
-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______
SGI Security Advisory

Title : Multiple Vulnerabilities in BSD LPR Subsystem
Number : 20030406-02-P
Date : April 25, 2003
Reference: CERT VU#39001
Ref

[ more ]  [ reply ]
XOOPS MyTextSanitizer CSS 1.3x & 2.x 2003-04-25
magistrat (magistrat blocus-zone com)


Author: Doxical & Magistrat

http://www.blocus-zone.com

Date: 25/04/2003

Object: XOOPS MyTextSanitizer Filtering Bug Allows Remote Users to Conduct

Cross-Site Scripting Attacks in many modules: News, newbb, private

messages, signatures etc...

Impact: Disclosure of authentication informati

[ more ]  [ reply ]
Multiple SQL injection on OpenBB forums 2003-04-25
Albert Puigsech Galicia (ripe 7a69ezine org)
/-----------------------------------------------------------------------
------| 7 A 6 9 - A d v C: 008
|-----------------------------------------------------------------------
------|
|
| [ SQL injection on OpenBB forums ]
|
\--

[ more ]  [ reply ]
Unauthorized reading files on phpSysInfo 2003-04-25
Albert Puigsech Galicia (ripe 7a69ezine org)
/-----------------------------------------------------------------------
------| 7 A 6 9 - A d v C: 007
|-----------------------------------------------------------------------
------|
|
| [ Unauthorized reading files on phpSysInfo ]
|

[ more ]  [ reply ]
SonicWall Pro DoS? 2003-04-24
Greg Smith (gsmith cybercrews com)


Came across an apparent problem on a SonicWall Pro running firmware

version 6.4.0.1 ROM version 5.0.1.0 during a vulnerability assessment and

couldn't find any other postings on this problem so fwiw.. the problem

occurs when sending a large HTTP POST to the inside interface - may affect

ot

[ more ]  [ reply ]
[BUGZILLA] Security Advisory - XSS, insecure temporary filenames 2003-04-25
David Miller (justdave syndicomm com)
Bugzilla Security Advisory

April 24, 2003

Summary
=======

All Bugzilla installations are advised to upgrade to the latest stable
version of Bugzilla, 2.16.3, which was released today.

Development snapshots prior to version 2.17.4 are also affected, so if you
are using a development snapshot, yo

[ more ]  [ reply ]
Windows Server 2003 Security Guide available 2003-04-25
Michael Howard (mikehow microsoft com)
Microsoft Security Solutions is happy to announce the release of the
_Windows Server 2003 Security Guide_ and its companion guide, _Threats
and Countermeasures: Security Settings in Windows Server 2003 and
Windows XP_.

The new guides provide detailed security guidance on Microsoft Windows
Server 2

[ more ]  [ reply ]
MDKSA-2003:051 - Updated ethereal packages fix remote vulnerability 2003-04-25
Mandrake Linux Security Team (security linux-mandrake com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name: ethereal
Advisory ID:

[ more ]  [ reply ]
RE: Nokia IPSO Vulnerability 2003-04-24
Iain King nokia com
Hi,
This is similar in effect to a previous so called vulnerability in IPSO.
The previous case was a buffer overflow on voyager -requiring- an authenticated
user.
It is true that master.passwd on other systems is (and should be in IPSO) mode 600.
In effect however, it is that you require authe

[ more ]  [ reply ]
RE: Nokia IPSO Vulnerability 2003-04-24
Miller, Rick (Rick Miller CWUSA COM)
> Can anybody else confirm the permissions required to read the
> file? Can
> anybody else confirm that the /etc/master.passwd file is a+r?

I have few Nokia IP330s running IPSO 3.3-FCS3 and 3.4FCS4A, all of them have master.passwd perms being a+r

---
Rick Miller
Unix System Administrator
Cable &

[ more ]  [ reply ]
[RHSA-2003:118-01] Updated mICQ packages fix vulnerability 2003-04-24
bugzilla redhat com
---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated mICQ packages fix vulnerability
Advisory ID: RHSA-2003:118-01
Issue date: 2003-04-24
Updated on: 2003-04-24
Product: Red Hat Li

[ more ]  [ reply ]
PHP-Nuke 6.5 FINAL Cross Site Scripting 2003-04-24
Frog Man (leseulfrog hotmail com)


Informations :
°°°°°°°°°°°°°°

Language : PHP
Website : http://www.phpnuke.org
Tested Version : 6.5 FINAL
Problem : Cross Site Scripting

Exploit :
°°°°°°°°°
In the website or the email of the profil :
- http://" onclick="[SCRIPT]
(onclick can be replaced by ondblclick, onhelp, onmouseout, onmous

[ more ]  [ reply ]
address for postini security 2003-04-24
Hamby, Charles D. (pfcdh1 matsu alaska edu)


Does anyone have an e-mail address or other contact info for the people
that you'd report a possible security problem / bug to at Postini.com?
I've searched their website and can't seem to find any reference to it
and their customer service people are no help at all. Thanks.

-CDH

[ more ]  [ reply ]
SRT2003-04-24-1532 - Options Parsing Tool library buffer overflows. 2003-04-24
KF (dotslash snosoft com)


[ more ]  [ reply ]
[RHSA-2003:142-01] Updated LPRng packages fix psbanner vulnerability 2003-04-24
bugzilla redhat com
---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated LPRng packages fix psbanner vulnerability
Advisory ID: RHSA-2003:142-01
Issue date: 2003-04-24
Updated on: 2003-04-24
Product:

[ more ]  [ reply ]
RE: Cracking preshared keys 2003-04-24
Rager, Anton (Anton) (arager avaya com)

It's amazing how many folks think that IPSec VPNs are not susceptible to password cracking. I've run into many folks that just don't think about it -- They get distracted by the strength of DH, 3DES, and SHA1, but forget that the weakest link is the password. As Cisco and David Wagner point out, t

[ more ]  [ reply ]
[RHSA-2003:112-01] Updated squirrelmail packages fix cross-site scripting vulnerabilities 2003-04-24
bugzilla redhat com
---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated squirrelmail packages fix cross-site scripting vulnerabilities
Advisory ID: RHSA-2003:112-01
Issue date: 2003-04-24
Updated on: 2003-04-2

[ more ]  [ reply ]
(Page 1672 of 1748)  < Prev  1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus