Vulnerable : PHPMyNewsLetter 0.6.11
Vulnerability : Unauthorised file access
Product URL : http://gregory.kokanosky.free.fr/phpmynewsletter/
Contacted : 4.2.2003

Advisory by Eclipse at packx.net, visit www.packx.net.

Description
===========
PHPSecure.org's "fix" broke the functionality

[ more ]  [ reply ]

Going back to exe image files and rebasing. Surely they can be rebased even
without a .reloc section? All I need to do is edit the image base in the PE
header then parse the assembly looking for absolute addresses such as
function addresses, static variables etc and modify these addresses, too.

For

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name: kernel
Advisory ID:

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : mcrypt
SUMMARY : Buffer overflow and memory l

[ more ]  [ reply ]

---------------------------------------------------------------------
Red Hat, Inc. Red Hat Security Advisory

Synopsis: Updated PHP packages available
Advisory ID: RHSA-2003:017-06
Issue date: 2003-01-21
Updated on: 2003-02-04
Product: Red H

[ more ]  [ reply ]

FYI:
Opera 7.01 is out already, fixing the vulnerabilities GreyMagic reported
yesterday. I've verified that the GreyMagic sample exploits fail.
Downloadable from opera.com.

Regards,

:) Bjørnar

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200302-04
- - --------------------------------------------------------------------

PACKAGE : bladeenc
SUMMARY : arbitrary code execution
DATE

[ more ]  [ reply ]

After almost 3 months, I have finally decided to release the huge
advisory/paper about bugs founded in the Unreal engine and all the relative
code for the vulnerabilities exploitation (plus some tools that I have
written during the reversing of the engine).

The link for get the english advisory i

[ more ]  [ reply ]

Immunity, Inc. is proud to announce both a new paper on SPIKE and
related fuzzing technology, and the release of SPIKE 2.8. Both are
available from http://www.immunitysec.com/spike.html . SPIKE is a
full-featured network protocol analysis toolkit, written in C, and
released under the GNU Public Lice

[ more ]  [ reply ]

Hello,

The Quake3 Engine's feature for automatically downloading modifications from
the server to the client bears great potential of abuse and could even lead
to execution of arbitrary code. Because this is quake3 engine related many
games aside from quake3 suffer from the same problem as well.

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

From: Eric Vollmer
| Does anyone know if this effects the Mail::SpamAssassin
| perl libraries when used with amavisd-new?

The bug described in
http://marc.theaimsgroup.com/?l=bugtraq&m=104342896818777&w=2
is in the C code of the spamc program.
It is not in the

[ more ]  [ reply ]

+ Poduct:
TOPo.

TOPo is a free TOP system written in PHP that works without MySQL database.
TOPo is specially designed for web sites hosted in web servers that not
offer a quality MySQL support.

More
info:
http://ej3scripts.loadedweb.com/modules.php?name=Info_Scripts&file=index
&func=topo

+ Web Si

[ more ]  [ reply ]

First of all, thank a lot for your comments and (dis)encouragements. I will
not trumpet my "brand-new" old idea here.

Anyway, I would like to briefly discuss the my further analysis of the SQL
Sapphire Worm.

Code Offset Functionality
; 000-060 ---- Buffer Buster
; 061-064 ---- Critical Jumping

[ more ]  [ reply ]