Hi and happy new year. This is a email digest with security fails recently published by Kernelpanik Labs (http://www.kernelpanik.org)
Apache suEXEC Bypass -------------------- Small document about how bypass isolating procedures, i.e. suEXEC, in Apache WebServer. English document: http://www.kernelpanik.org/docs/kernelpanik/suexec.en.pdf Spanish document: http://www.kernelpanik.org/docs/kernelpanik/suexec.es.pdf Author: frame at kernelpanik.org Amphora Gate StandAlone ----------------------- Security fails in this captive portal Spanish document: http://www.kernelpanik.org/docs/kernelpanik/amphora.pdf Author: madj0ker at kernelpanik.org Virtual Hosting Control System v2.2 ----------------------------------- Remote code execution in this control panel Spanish document: http://www.kernelpanik.org/docs/kernelpanik/vhcs22.txt English document: http://www.kernelpanik.org/docs/kernelpanik/vhcs22.en.txt Author: frame at kernelpanik.org GreyMatter 1.3 -------------- Some security fails: race condition and XSS's Spanish document: http://www.kernelpanik.org/docs/kernelpanik/greym13.txt English document: http://www.kernelpanik.org/docs/kernelpanik/greym13.en.txt Author: frame at kernelpanik.org That's is all. PD1: MaDj0kEr won't translate his stuff to shakespeare language 'cause don't think anyone there uses amphora. PD2: If you learn spanish, you'll avoid our scary translations and enjoy more our jokes. PD3: Dunno why people in securityfocus block our email... so from now, we'll send advisories to both lists. -- Kernelpanik Labs - [EMAIL PROTECTED] http://www.kernelpanik.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
