-BEGIN PGP SIGNED MESSAGE-
NetBSD Security Advisory 2002-023
=
Topic: sendmail smrsh bypass vulnerability
Version:NetBSD-current: source prior to October 4, 2002
NetBSD 1.6: affected
-BEGIN PGP SIGNED MESSAGE-
NetBSD Security Advisory 2002-015
=
Topic: (another) buffer overrun in libc/libresolv DNS resolver
Version:NetBSD-current: source prior to August 28, 2002
-BEGIN PGP SIGNED MESSAGE-
NetBSD Security Advisory 2002-022
=
Topic: buffer overrun in pic(1)
Version:NetBSD-current: source prior to September 28, 2002
NetBSD 1.6: affected
From: Russell Harding [mailto:[EMAIL PROTECTED]]
Is there another way to exploit this which I am not
seeing? Or does MSN actually have their act together
(in this particular case...)?
-Russell
P.S. Well, I suppose the real question may be this:
Is there a way to concatenate
Informations :
°°
Product : SSGbook
Langage : ASP
Tested version : 1
Website : http://www.script-shed.com
Problem : Cross Site Scripting
PHP Code / location :
°
- config.asp --
fString = doCode(fString, [img],[/img],img src=,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 169-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
September 25th, 2002
A lot can happen for sure, but i tried one myself, to redirect the request to some
other webpage.
One can make a fake hotmail page asking for password storing it locally in a text file
and then again redirect to the original hotmail page.
Usint this method one could steal passwords of
Name:VBZoom
Version Affected: tested on v1.01 maybe other version vulnerable also
Severity: Critical
Category: Password reset
Vendor URL: http://www.vbzoom.com
Author: hish_hish [EMAIL PROTECTED]
Date: discloused on 28th August 2002
Published at 8th oct 2002
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 171-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
October 7th, 2002
-BEGIN PGP SIGNED MESSAGE-
NetBSD Security Advisory 2002-019
=
Topic: Buffer overrun in talkd
Version:NetBSD-current: source prior to September 20, 2002
NetBSD 1.6: affected
If you can't get spaces in, escape them:
eval(unescape(alert('spaces%20wherever%20you%20want');));
You can encode any character you want this way.
I have some papers on XSS bugs and their implications and some tips, tricks
and tools online at my website. Might be interresting for all you wannabe
Hello, comments below:
On Mon, 7 Oct 2002, Thor Larholm wrote:
It's very simple, you can inject arbitrary scripting to be executed by the
user in the context of hotmail. This means that you can e.g. steal his
cookies or, if he's logged in, write emails from his account, delete his
mails and
Overview
In a default installation, some personal firewall software will work
with auto-block function on, and this time if you fake a high level
dangerous attack packet with spoof address target these pc, these
firewall will immediately block the spoofed ip address without any
further judgement.
David Mirza Ahmad
Symantec
KeyID: 0x26005712
Fingerprint: 8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12
---BeginMessage---
-BEGIN PGP SIGNED MESSAGE-
CERT Advisory CA-2002-28 Trojan Horse Sendmail Distribution
Original release date: October 08, 2002
Last
-BEGIN PGP SIGNED MESSAGE-
NetBSD Security Advisory 2002-021
=
Topic: rogue vulnerability
Version:NetBSD-current: source prior to October 2, 2002
NetBSD 1.6: affected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
++
| EnGarde Secure Linux Security AdvisoryOctober 07, 2002 |
| http://www.engardelinux.org/ ESA-20021007-024 |
|
16 matches
Mail list logo