It's a simple method to bypass malicious host file modification. Probably
in response to malware like MyDoom, which specifically altered the hosts
file to keep clients from accessing AV sites ( go.microsoft.com was also
specifically included in MyDoom as well.)
I agree that there should have
Special thanks to rgod for his help!!!
Full path disclosure
http://www.site.com/DbbS/topics.php?fcategoryid='
http://www.site.com/DbbS/script.php?unavariabile[]=
http://www.site.com/DbbS/script.php?GLOBALS[]=
http://www.site.com/DbbS/script.php?_SERVER[]=
MD5 Password
Dnia sobota, 15 kwietnia 2006 07:26, [EMAIL PROTECTED] napisał:
ORIGINAL ADVISORY:
http://myimei.com/security/2006-04-14/copperminephotogallery144-plugininclu
sionsystemindexphp-remotefileinclusion-attack.html -Summary-
Software: CPG Coppermine Photo Gallery
Sowtwares Web Site:
App: FlexBB v0.5.5 BETA
Advistory by: p0w3r - curse-crew.de
SQL Inj:
magic_quotes_gpc = off
/index.php?page=showprofileid=1'[SQL]/*
/index.php?page=forumsforumid=1'[SQL]/*
/index.php?page=viewthreadthreadid=1'[SQL]/*
/index.php?page=editpostthreadid=1'[SQL]/*
Login bypass:
magic_quotes_gpc =
Website : http://www.calendarix.com
Vulnerable :
if (!isset($_GET['ycyear']))
$ycyear = $y ;
else
$ycyear = $_GET['ycyear'];
http://www.site.com/[path]/yearcal.php?ycyear=scriptalert(document.cookie)/script
There is also sql injections when magic quotes are off. Maybe you tested with
them on .
Example:
view.php?gallery_id=83'
Result:
View Images in:
A database error has occured.
mySQL said: You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for
Website : http://mywebland.com/
Script : MyEvent
Version : 1.2
Risk : High
Class : Remote
Credits : b3g0k,Nistiman,flot,Netqurd etc.. my forget other friends
Google look for :) = MyEvent 1.2 or /calendar/myevent.php
I. Remote Code Execution
This is script to very big high it bug being found.
//- Advisory
Program : BetaBoard
Homepage : http://gonzo.uni-weimar.de/~scheffl2/betaboard/
Tested version : 0.1
Found by : Simon MOREL philemon at thehackademy dot net
This advisory: Simon MOREL philemon at thehackademy dot net
Discovery date : 2006/04/16
Summary
===
phpWebFTP enables connections to FTP servers, even behind a firewall not
allowing traffic. phpWebFTP bypasses the firewall by making a FTP connection
from your webserver to the FTP server and transfering the files to your
webclient over
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1036-1[EMAIL PROTECTED]
http://www.debian.org/security/ Steve Kemp
April 17th, 2006
- PHPGraphy = 0.9.11 editwelcome unauthorized access / cross site scripting -
software site: http://phpgraphy.sourceforge.net/
description: Full featured photo gallery PHP script - Light, fast and easy to
install
vulnerable code index.php near line
Discovered by: Qex
Date: 16 April 2006
Write a message:
Name: [XSS]
Location: (optional)
Website: (optional)
Comments: [XSS]
Discovered by: Qex
Date: 17 April 2006
Add comment :-
name: [XSS]
e-mail:
website: [XSS]
New eVuln Advisory:
CzarNews XSS and Multiple SQL Injection Vulnerabilities
http://evuln.com/vulns/118/summary.html
Summary
eVuln ID: EV0118
CVE: CVE-2006-1640 CVE-2006-1641
Software: CzarNews
Sowtware's Web Site: http://www.czaries.net/scripts/
Versions: 1.14
~ Summery :
--
Name : Tiny PHP forum v3.6
Software : http://sourceforge.net/projects/tinyphpforum/
Discovered by : Hessam-x (Hessam M.Salehi) - www.hessamx.net
~ Vulnerabilities :
--
I. Cross-site Scripting
A.Input code to the
Discovered by: Qex
Date: 17 April 2006
index.php?cat=[XSS]
ZDI-06-009: Mozilla Firefox Tag Parsing Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-06-009.html
April 14, 2006
-- CVE ID:
CVE-2006-0749
-- Affected Vendor:
Mozilla
-- Affected Products:
Firefox 1.0 through 1.0.7
Thunderbird 1.5 through 1.5.0.1
Thunderbird 1.0
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200604-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
#!/usr/bin/perl -w
# FlexBB = 0.5.5 (/inc/start.php _COOKIE) Remote SQL ByPass Exploit , Perl C0d3
#
# Milw0rm ID :-
#http://www.milw0rm.com/auth.php?id=1539
# D3vil-0x1 | Devil-00 BlackHat :)
#
# DONT FORGET TO DO YOUR CONFIG !!
# DONT FORGET TO DO YOUR CONFIG !!
# DONT
Author: Stefan Lochbihler
Date: 17.04.2006
Affected Software: Neon Responder for Windows
Software5.4
Softwarehttp://www.neon.com/NRwin.shtml
Attack: Dos
Hi.
I just got a targeted phishing attack to one of my
Yahoo email accounts, what it´s insteresting it's that
the attack exploits a Yahoo! webmail 0day XSS
vulnerability.
I'm trying to contact Yahoo right now but in the
meantime I thought it will be good to provide some
bits because the
I wrote a small library of functions to do typical range checks as they
are needed in code that handles incoming packets or messages from
untrusted sources. My impetus was SMB code, in case you want to know.
Here is one of my functions:
static inline int range_ptrinbuf(const void* buf,unsigned
I'm proud to introduce an example of return into libc exploit which works
though grsecurity patch protection.
Please read source carefully and change some lines cause default version
probably wont work on your machine.
- This is example, remember it. ;)
/*
* Grsecurity bypass tryout -
23 matches
Mail list logo