Hi Dave,
It wasn't Microsoft this time, it seems they are not the only ones that
call 'buffer overrun' to 'buffer overflow' :)
About the 0days thing, I think that time to time people has to report
some stuff and you well know that there are so many 0days out there,
more 0days than reported
There's only one company in the whole world that says buffer overrun and
that's Microsoft. Everyone else says buffer overflow which is more
correct. I blame the Kiwi on Microsoft's insistence on using the wrong word
here. But regardless, unmask.py has a field day on that sort of thing. :
===
Ubuntu Security Notice USN-457-1 May 07, 2007
elinks vulnerability
CVE-2007-2027
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu
On 5/6/07, security curmudgeon [EMAIL PROTECTED] wrote:
: VENDOR :http://nucleuscms.org/
: BY : s3rv3r_hack3r (hackerz.ir admin)
: bug:
: nucleus3.22/nucleus/plugins/skinfiles/index.php = include($DIR_LIBS .
'PLUGINADMIN.php');
: Exloit:
:
Hi folks,
Some months back I seem to remember people hypothesizing as to the
real purpose behind some of these particularly lame fake PHP exploits.
You know the ones I mean; they're mostly remote file includes, they
often are decorated with some simple ASCII art, and the thanks and
greetz
Sun Microsystems Solaris ACE_SETACL Integer Signedness DoS Vulnerability
iDefense Security Advisory 05.07.07
http://labs.idefense.com/intelligence/vulnerabilities/
May 07, 2007
I. BACKGROUND
Solaris is a UNIX operating system developed by Sun Microsystems. More
information can be found via the
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200705-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200705-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-024.html
May 7, 2007
-- CVE ID:
CVE-2007-2508
-- Affected Vendor:
Trend Micro
-- Affected Products:
ServerProtect v5.58
-- TippingPoint(TM) IPS Customer
ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-025.html
May 7, 2007
-- CVE ID:
CVE-2007-2508
-- Affected Vendor:
Trend Micro
-- Affected Products:
ServerProtect v5.58
-- TippingPoint(TM) IPS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
- ---
VMware Security Advisory
Advisory ID: VMSA-2007-0004
Synopsis: Multiple Denial-of-Service issues fixed
Issue date:2007-05-04
Updated on:
netVigilance Security Advisory #12
Advanced Guestbook version 2.4.2 Multiple XSS Attack Vulnerabilities
Description:
Advanced Guestbook is a PHP-based guestbook script. It includes many useful
features such as preview, templates, e-mail notification, picture upload, page
spanning , html tags
netVigilance Security Advisory #11
Advanced Guestbook version 2.4.2 Multiple Error Information Leak
Vulnerabilities
Description:
Advanced Guestbook is a PHP-based guestbook script. It includes many useful
features such as preview, templates, e-mail notification, picture upload, page
spanning
netVigilance Security Advisory #13
Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability
Description:
Advanced Guestbook is a PHP-based guestbook script. It includes many useful
features such as preview, templates, e-mail notification, picture upload, page
spanning , html tags
## [EMAIL PROTECTED] ~El8 rUI|\|@t1o|\| p0r+phoLi0 ##
####
##:'::':'##'###:::##
##'## ##:'##: ##.:: ##:::'##
15 matches
Mail list logo