Daniel Veditz wrote:
> [a plain text message]
Just got half a dozen bounces because my plain-text email supposedly
contained "Suspicious I-Frame.a (Malicious Mobile Code) virus". Those of
you behind McAfee GroupShield barriers may not be getting the whole
conversation here if people can't even use
Renaud Lifchitz wrote:
> Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities
We believe this to be a testing error. The problem of loading remote
iframe and css content was fixed prior to the release of Mozilla
Thunderbird 1.0
The testcase included in the advisory contains the i
> Information pertaining to this vulnerability has been posted on Fortinet's
> security advisories web page.
> http://www.fortinet.com/FortiGuardCenter/ftp_vuln.html
On this page, we can read "Fortinet advises that a RECENTLY
discovered vulnerability...".
It was just discovered and announced to
Summary
Software: bttlxeForum
Sowtware's Web Site: http://www.bttlxe.com/
Versions: 2.*
Type: Cross-Site Scripting
Class: Remote
Exploit: Available
Solution: Not Available
Discovered by: runvirus
(worlddefacers.de securitycentra.com)
-Description
Hi guys.
We discussed recursive DNS servers before (servers which allow to query
anything - including what they are not authoritative for, through them).
The attack currently in the wild is a lot bigger and more complicated
than this, but to begin, here is an explanation (by metaphor) of that
Hello,
If you carefully look at the inline attachments, you will find this
(first proof of concept) :
http://www.sysdream.com"; width="100%" height="100%"
frameborder="0" marginheight="0" marginwidth="0">
The information disclosure doesn't come from the first iframe, but from
the second one. Ind
- Advisory: PEHEPE Membership Management System Multiple Vulnerabilities
- Author: Yunus Emre Yilmaz -- mail[at]yunusemreyilmaz(dot)com
- Application: PEHEPE MemberShip Management System
(http://www.pehepe.org/UYELİK3)
- Affected Version : v3 ( maybe older versions..)
- Risk : Critical
-- Detail
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:051
http://www.mandriva.com/security/
___
Vulnerability:
The on-access scanner of McAfee Virex 7.7 for Mac is unreliable and fails the
EICAR test.
Using any webbrowser to download the EICAR testvirus from
http://www.eicar.org/anti_virus_test_file.htm will not trigger the Virex
on-access scanner and will not be noticed in most cases. I
I checked this against my 602v1 also last night, no go
James Garrison wrote:
Not my WG602v2.
[EMAIL PROTECTED] wrote:
Netgear WG602 reportedly contains a default administrative account.
This issue can allow a remote attacker to gain administrative access
to the device.
super_username=Geargu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00601530
Version: 1
HPSBMA02099 SSRT061118 rev.1 - HP System Management Homepage (SMH)
Running on Windows: Remote Unauthorized Access
NOTICE: The information in this Security Bulletin should be
Vulnerable: PHP4, PHP5
with use of sendmail 8.13.4 ><
When safemode disabled and open_basedir restriction in effect, we can pass
extra parameters
to sendmail command in mail function, especially the -C and -X arguments.
-C for alternate configuration file
-X to log all in a file
Can be used to vi
Vulnerability in c-client library (tested with versions 2000,2001,2004),
mail_open
could be used to open stream to local files.
For php and imap module
imap_open allow to bypass safemode and open_basedir restrictions.
Use imap_body or others to view a file and imap_list to recursively list a
di
Software - QwikiWiki
Version - v1.4
Type - XSS Vulnerability
Powered by QwikiWiki v1.4 - www.qwikiwiki.com
Examples:
http://(host)/index.php?page=">
http://(host)/index.php?page=">
Found by Dr^Death of Suicide Scene Internet Security Group 2006
MyBB New SQL Injection
D3vil-0x1 < Devil-00 >
Milw0rm ID :-
http://www.milw0rm.com/auth.php?id=1320
The Inf.File :-
misc.php
Linez :-
[code]
$buddies = $mybb->user['buddylist'];
$namesarray = explode(",",$buddies);
if(is_array($namesarray))
{
- Advisory: EJ3 TOPo Cross Site Scripting Vulnerability
- Author: Yunus Emre Yilmaz || Yns [EMAIL PROTECTED]
- Application: EJ3 TOPo ( http://ej3soft.ej3.net )
- Affected Version : v2.2.178 ( maybe older versions..)
- Risk : Critical
Details : If an attacker access /code/inc_header.php directly
#!/usr/bin/perl
# << HESSAM-X >>
# FarsiNews 2.5Pro Exploi
# Exploit by Hessam-x (www.hessamx.net)
#Iran Hackerz Security Team
#WebSite: www.hackerz.ir
#
# Summery
# Name: FarsiNews [www.farsinewsteam.com]
# version : 2.5Pro
##
-
Fedora Legacy Update Advisory
Synopsis: Updated gnutls packages fix a security issue
Advisory ID: FLSA:181014
Issue date:2006-02-27
Product: Fedora Core
Keywords: Bugfix
C
Abstract:
-
The ExpressPay stored-value card system used by FedEx Kinko's is
vulnerable to attack. An attacker who gains the ability to alter the
data stored on the card can use FedEx Kinko's services fraudulently
and anonymously, and can even obtain cash from the store.
Description:
---
Not my WG602v2.
[EMAIL PROTECTED] wrote:
Netgear WG602 reportedly contains a default administrative account. This issue
can allow a remote attacker to gain administrative access to the device.
super_username=Gearguy
super_passwd=Geardog
-
Fedora Legacy Update Advisory
Synopsis: Updated udev packages fix a security issue
Advisory ID: FLSA:175818
Issue date:2006-02-27
Product: Fedora Core
Keywords: Bugfix
CVE
/*
---
[N]eo [S]ecurity [T]eam [NST]® WordPress 2.0.1 Multiple Vulnerabilities
---
Program : WordPress 2.0
Homepage: http://www.wordpress.org
Vulnerable Versions: WordPress 2.0.1
-
Fedora Legacy Update Advisory
Synopsis: Updated PostgreSQL packages fix security issues
Advisory ID: FLSA:157366
Issue date:2006-02-27
Product: Red Hat Linux, Fedora Core
Keywords:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 983-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
February 28th, 2006
-
Fedora Legacy Update Advisory
Synopsis: Updated auth_ldap package fixes security issue
Advisory ID: FLSA:177694
Issue date:2006-02-27
Product: Red Hat Linux
Keywords: Bugf
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2005:050
http://www.mandriva.com/security/
___
-
Fedora Legacy Update Advisory
Synopsis: Updated mod_auth_pgsql package fixes security issue
Advisory ID: FLSA:177326
Issue date:2006-02-27
Product: Fedora Core
Keywords: B
27 matches
Mail list logo