SecurityFocus

Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software 2002-11-27
Stuart Moore (smoore bugtraq securityglobal net)

[Alert URL]

http://www.securitytracker.com/alerts/2002/Nov/1005681.html

[Date]

November 27, 2002

[Title]

Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software

[Vendor]

BizDesign

[Product]

ImageFolio

[URL]

http://www.imagefolio.com/

[Description]

An

[ more ] [ reply ]

[ESA-20021127-032] 'pine' version upgrade, security fixes. 2002-11-27
EnGarde Secure Linux (security guardiandigital com)

Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C. 2002-11-27
dong-h0un U (xploit hackermail com)

========================================
INetCop Security Advisory #2002-0x82-007
========================================

* Title: Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C.

0x01. Description

A simple mode of develop CGI in language C.
The libcgi package is a

[ more ] [ reply ]

XSS vulnerability in Bugzilla if upgraded from 2.10 or earlier 2002-11-26
David Miller (justdave syndicomm com)

Bugzilla Security Advisory

November 26th, 2002

Severity: Minor

Summary
=======

The Bugzilla team recently discovered a cross-site scripting vulnerability.
The vulnerability, present in Bugzilla's 'quips' feature, affects all
installations who originally installed Bugzilla 2.10 or earlier and whi

[ more ] [ reply ]

AIM Bug 2002-11-25
Dave B. (bzerob bellatlantic net)

Major AIM Bug Courtesy Of Infested Nexus --- AIM: Infested Nexus. I have =
uncovered a bug in America Online's AIM service, which can allow a =
normal user to be able to transfer any file onto another users computer =
without consent. This works using the 'get file' feature. If a user has =
the opti

[ more ] [ reply ]

[Security bulletin] SSRT2266 HP Tru64 UNIX IGMP Potential (DoS) Security Vulnerability (fwd) 2002-11-26
Dave Ahmad (da securityfocus com)

FreeNews & News Evolution (PHP) 2002-11-26
Frog Man (leseulfrog hotmail com)

Informations :
°°°°°°°°°°°°°°
Problem : Include files
a) -------------------
Product : Freenews
Version : 2.1
Website : http://www.prologin.fr
----------------------

b) -------------------
Product : News Evolution
Versions : 1.0, 2.0
Website : http://www.phpevolution.net
----------------------

P

[ more ] [ reply ]

File reading vulnerable in PHP and MySQL (Local Exploit) 2002-11-26
Hai Nam Luke (hainamluke hotmail com)

Attacker can use PHP and mySQL to read some local file following this way:

# Create a database (mySQL) and upload this file to your server

PHP Code: viewfile.php (programmed by Luke)

======================================================

<?

// config this data

$dbhost = "";

$dbuser = ""

[ more ] [ reply ]

Netscape 4 Java buffer overflow 2002-11-26
Jouko Pynnonen (jouko solutions fi)

The Java implementation of Netscape 4 contains a buffer overflow
vulnerability. Arbitrary code may be run on a Netscape user's system
when a web page containing a malicious applet is viewed.

The buffer overflow happens in the method canConvert() of the class
sun.awt.windows.WDefaultFontCharset

[ more ] [ reply ]

Cracking OpenVMS passwords with John the Ripper 2002-11-26
Jean-loup Gailly (jloup gailly net)

I have written a patch for John the Ripper http://www.openwall.com/john/
to allow cracking OpenVMS (Vax and Alpha) passwords. The patch is based on
code from Shawn Clifford, Davide Casale and Mario Ambrogetti.

The sources are in http://jl.gailly.net/security/john-VMS-patch.tar.gz
A README file is

[ more ] [ reply ]

Linksys not fixed 2002-11-26
Will (wreyor attbi com)

Nessus security scanner generated the following security report when
scanning the internal address of the linksys befsr11 firmware version
1.43.3, Nov 15 2002.

William Reyor
Topsight.net

NESSUS SECURITY SCAN REPORT

Created 25.11.2002 Sorted by vulnerabilities

Session Name : Session1
Start Time

[ more ] [ reply ]

Oracle TNS SEH Exploit 2002-11-26
benjurry xfocus org

/*Oracle TNS SEH Exploit By Benjurry.

Oracle Remote Vulnerability discoveried by COVERT Labs

Code by benjurry,benjurry (at) xfocus (dot) org [email concealed]

Welcome to http://www.xfocus.net & http://www.xfocus.org

Thank my friends:Batman,xq and Yuange.

Thank members of Xfocus.

This Exploit only test on Win2k Chinese +

[ more ] [ reply ]

MDKSA-2002:081 - Updated samba packages fix potential root compromise 2002-11-26
Mandrake Linux Security Team (security linux-mandrake com)

MDKSA-2002:082 - Updated python packages fix local arbitrary code execution vulnerability 2002-11-26
Mandrake Linux Security Team (security linux-mandrake com)

[security bulletin] SSRT2385 OSIS V5.4 LDAP Module for System Authentication Potential Security Vulnerability (fwd) 2002-11-26
Dave Ahmad (da securityfocus com)

[security bulletin] SSRT2301 - HP Tru64 UNIX uudecode Potential Security Vulnerability (fwd) 2002-11-26
Dave Ahmad (da securityfocus com)

Netscape Problems. 2002-11-26
zen-parse (zen-parse gmx net) (1 replies)

In a message on Bugtraq, Last Stage of Delirium wrote:
(http://msgs.securepoint.com/cgi-bin/get/bugtraq0211/255.html)

> We can understand why there was no response from Netscape since the
> three[1][3][4] vulnerabilities affecting Netscape web browser were
> submitted to the Netscape Bug Bounty pro

[ more ] [ reply ]

Re: Netscape Problems. 2002-11-26
Dave Aitel (dave immunitysec com)

Predictable TCP Initial Sequence Numbers 2002-11-25
NetScreen Security Response Team (security-alert netscreen com)

Title: NetScreen Security Alert 51897

Date: 25 November 2002

Description: Predictable TCP Initial Sequence Numbers

Impact: Circumvention of Defined Security Policies

Affected Products: All firewall/VPN appliances and systems

Affected Software Releases: ScreenOS 1.7, 2.6, 2.8, 3.0, 3.1, 4.0

Sum

[ more ] [ reply ]

vBulletin XSS Injection Vulnerability 2002-11-23
Sp.IC (SpeedICNet Hotmail Com)

.:: vBulletin XSS Injection Vulnerability

vBulletin is a powerful and widely used bulletin board system, based on

PHP language and MySQL database. I discovered lately a Cross-Site

Scripting issue that would allow attackers to inject maleficent codes

into the pages and execute it on the cl

[ more ] [ reply ]

Potential H.323 Denial of Service 2002-11-25
NetScreen Security Response Team (security-alert netscreen com)

Title: NetScreen Security Alert 52020

Date: 25 November 2002

Description: Potential H.323 Denial of Service

Impact: Complete Denial of Service

Affected Products: All firewall/VPN appliances and systems

Affected Software Releases: ScreenOS 2.8, 3.0, 3.1, 4.0

Summary:

A vulnerability has been r

[ more ] [ reply ]

CAIS-ALERT: Vulnerability in the sending requests control of BIND 2002-11-25
Vagner Sacramento (vagner natalnet br)

-----------------------------------------------------------------------
@ Copyright CAIS - Brazilian Research Network CSIRT
Security Incidents Response Center (CAIS/RNP)

Subject : Vulnerability in the sending requests control of BIND
versions 4 and 8 allows DNS spoofing

[ more ] [ reply ]

[RHSA-2002:264-05] New kernel 2.2 packages fix local denial of service issue 2002-11-25
bugzilla redhat com

---------------------------------------------------------------------
Red Hat, Inc. Red Hat Security Advisory

Synopsis: New kernel 2.2 packages fix local denial of service issue
Advisory ID: RHSA-2002:264-05
Issue date: 2002-09-23
Updated on: 2002-11-

[ more ] [ reply ]

'Malicious-URL' Feature may be Circumvented Using IP Fragmentation 2002-11-25
NetScreen Security Response Team (security-alert netscreen com)

Title: NetScreen Security Alert 51929

Date: 25 November 2002

Impact: 'Malicious-URL' Feature may be Circumvented Using IP Fragmentation

Affected Products: All firewall/VPN appliances and systems

Affected Software Releases: ScreenOS 2.7.1, 2.8, 3.0, 3.1, 4.0

Max Risk: Low

Summary:

In response

[ more ] [ reply ]

LibHTTPD Vulnerability and fix 2002-11-25
David J. Hughes (bambi Hughes com au)

The SecuriTeam.com web site is running an article that is
attributed to "dong-h0un U" regarding a buffer overflow
vulnerability that exists in releases of LibHTTPD up to
and including the 1.2 release. The article includes full
details of the vulnerability, a patch, and an exploit. See
http://www.s

[ more ] [ reply ]

BadBlue XSS/Information Disclosure Vulnerabilities 2002-11-24
Matthew Murphy (mattmurphy kc rr com)

BadBlue is a P2P/Web server offered for Microsoft Windows operating systems
by Working Resources. It has a bad security record -- file disclosure,
remote administration, denials of service, buffer overflows, directory
traversals, and more cross-site scripting flaws than I care to count. We
can add

[ more ] [ reply ]

SFAD02-002: Calisto Internet Talker Remote DOS 2002-11-25
subversive (subversive linuxmail org)

[=================================================================]
[...............:[ S e c u r i t y F r e a k s ]:...............]
[.................:[ www.securityfreaks.com ]:..................]
[=================================================================]

Title

[ more ] [ reply ]

Immobilier 1 (PHP) 2002-11-25
Frog Man (leseulfrog hotmail com)

Informations :
°°°°°°°°°°°°°°
Version, Website : ?
Problems :
- phpinfo()
- SQL Injection

PHP Code/Location :
°°°°°°°°°°°°°°°°°°°
agentadmin.php :
--------------------------------------------------------------
[...]
} elseif ($agentname != "" OR $current_user != "")
{
$sql = "SELECT id FRO

[ more ] [ reply ]