// CuteNews 1.4.1 = Cross Site Scripting //
-
[~] Advisory by: LoK-Crew ~ Snake_23
[-] Exploit:
http://www.example.com/index.php?mod=editnewsaction=editnewsid=1145397112source=[XSS]
[-] Googledork: Powered by CuteNews 1.4.1
[+]
SQL Injection in package SYS.DBMS_LOGMNR_SESSION
NameSQL Injection in package SYS.DBMS_LOGMNR_SESSION
Systems AffectedOracle Database
SeverityMedium Risk
CategorySQL Injection (DB06)
Vendor URL http://www.oracle.com/
Author Alexander Kornbrust (ak at
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-06:14.fpuSecurity Advisory
The FreeBSD Project
Topic:
[MajorSecurity]ActualAnalyzer - Remote File Include Vulnerability
---
Software: ActualAnalyzer
Type: Remote File Include Vulnerability
Date: April, 19th 2006
Vendor: ActualScripts
Page: http://actualscripts.com
Risc: High
Credits:
/*
* Fucking NON-0 day($) exploit for Oracle 10g 10.2.0.2.0
*
* Patch your database now!
*
* by N1V1Hd $3c41r3
*
*/
CREATE OR REPLACE
PACKAGE MYBADPACKAGE AUTHID CURRENT_USER
IS
FUNCTION ODCIIndexGetMetadata (oindexinfo SYS.odciindexinfo,P3
VARCHAR2,p4 VARCHAR2,env SYS.odcienv)
RETURN
[This document is best seen with Font: Verdana Size: 9pt]
Advisory Name
===
XSS Vulnerability in Guest-book script powered by Community Architect
Vulnerable Systems
==
Sites providing web-hosting service powered by Community Architect.
Found By
===
Susam Pal
Found On
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Cisco IOS XR MPLS Vulnerabilities
Advisory ID: cisco-sa-20060419-xr
http://www.cisco.com/warp/public/707/cisco-sa-20060419-xr.shtml
Revision 1.0
For Public Release 2006 April 19 1500 UTC (GMT
These issues were brought to my attention, and I have patched the page= issue.
I welcome any other friendly prodding of my system. Please notify me if you
find more vulnerabilities.
This issue was addressed in the Joomla! 1.0.8 release:
http://forum.joomla.org/index.php/topic,55808.msg298644.html#msg298644
http://www.joomla.org/content/view/940/74/
Rey Gigataras
-
Joomla! Core Developer
Stability Team Leader
www.joomla.org
/200604-cisco.txt
Cisco advisory note:
http://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml
Cisco security response:
http://www.cisco.com/warp/public/707/cisco-sr-20060419-priv.shtml
Credit:
Adam Pointon of Assurance.com.au
http://www.assurance.com.au/
Disclosure timeline:
30
--
- GroundZero Security Research and Software Development 2006
-
--
-
Discovered by: Qex
Date: 19 April 2006
/showtopic.php?threadid=1pagenum=[SQL]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in the WLSE
Appliance
Advisory ID: cisco-sa-20060419-wlse
http://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml
Revision 1.0
For Public Release 2006 April 19 1500 UTC (GMT
On which version of phpBB was this tested?
On Sat, 15 Apr 2006, Thor (Hammer of God) wrote:
It's a simple method to bypass malicious host file modification. Probably
in response to malware like MyDoom, which specifically altered the hosts
file to keep clients from accessing AV sites ( go.microsoft.com was also
specifically included in
I just came across such kind of code (php) written by a colegue:
//header.inc
if($_SESSION['UN']!='hardcoded_UN' or $_SESSION['UN']!='hardcoded_PW')
header(Location: ./login.html);
//missing else to mitigate the problem!!
//HTML stuff here...
code structure of all the other supposed to
After reading your scary message, went to verify your points and confirmed all.
Whilst, as I've been running a real software firewall (Sunbelt Kerio Personal
Firewall is for free) on top of a router firewall, I've been able to block or
force a request as I see fit for each of these sites. On
The XP DNS client has other problems as well. It caches DNS failiures
(arguably out of spec with the RFC, BTW), screwing up VPNs if you're VPNed into
an internet network that has local domains which need to resolve to RFC1918
addresses. The cached failed lookups get prefered to forced entries
[code]// --- WWWThread RC 3 MultBugs --- //
* D3vil-0x1 | Devil-00
* www.securitygurus.net
* Gr33tz
- HACKERS PAL | n0m3rcy | -
All Others i forgot them :))
//-//
Fortinet28 box does not resist has small synflood on smtp port!
ips protection is not effective because there is not enough syn!
hping -i u10 -p 25 -S mail.fortinet.com
Concerned about your privacy? Instantly send FREE secure email, no account
required
http://www.hushmail.com/send?l=480
Get
Obnoxious, sure, but not hard to beat. (Assuming for some insane reason you are
actually still using Windows for anything other than playing games)
You just add an entry in your DNS server with a zone matching the hostname that
you want to override. And if they have the IP addresses of
these vulnerabilites are dealt with for the next release candidate (RC6)
As written in: http://security.pass.pl/adv/160406_XSS_tlen_pl.txt
::File: 060416_XSS_tlen_pl
::Date: 16 Feb 2006
::Author: Tomasz Koperski [EMAIL PROTECTED]
::URL: http://security.pass.pl
::1::Overview::
Tlen.PL e-mail system is affected to cross-site scripting vulnerability, not
validating
Just take a binary editor to dnsapi.dll and change the strings to .ccc instead
of .com
That should fix it, until the next update cycle.
On Mon, 17 Apr 2006, Felix von Leitner wrote:
I wrote a small library of functions to do typical range checks as they
are needed in code that handles incoming packets or messages from
untrusted sources. My impetus was SMB code, in case you want to know.
Here is one of my functions:
static
I agree that there should have been better documentation of this, but I
think the noted objections are a bit hyperbolic.
While I don't disagree with what you said, I think there are some things you
didn't consider.
First, why is anything besides what is required for windows update being
ISA Server is an application that is installed on top of the base OS. Are
you suggesting that the application should actually prevent the local
administrator of the host machine from installing and configuring what
protocols are bound to what adapters?
To me, *that* is the borderline. There is
Well - the patch is out - here is the exploit.
Hey - German hosters - if you call yourself serverkompetenz.de -
why don't you fix your servers?
sincerly
defa
BOF
#!/usr/bin/perl
#
Website : www.wingnut.net.ms
Author : Botan
Credits : B3g0k,Nistiman,flot,Netqurd
Original Advisory :
http://advisory.patriotichackers.com/index.php?itemid=5
Description : EasyGallery is a simple web-photogallery with a maximum of
user-friendlyness. All you have to do is to upload your photos
Dear 3APA3A,
Microsoft ISA Server can't filter events from Microsoft Mouse, but
Apples and peas?
Microsoft Mouse can be bound to computer. It's security risk, but I know
how to secure mouse without ISA and I accept this risk.
Nice, that you do. If I manage by any means to
New eVuln Advisory:
MD News Authentication Bypass and SQL Injection Vulnerabilities
http://evuln.com/vulns/120/summary.html
Summary
eVuln ID: EV0120
Software: MD News
Sowtware's Web Site: http://www.matthewdingley.co.uk/
Versions: 1
Critical Level: Moderate
On 14/04/06, Brandon S. Allbery KF8NH [EMAIL PROTECTED] wrote:
On Apr 13, 2006, at 1:29 , Dave Korn wrote:
Hey, guess what I just found out: Microsoft have deliberately
sabotaged
their DNS client's hosts table lookup functionality.
I thought this was part of avoiding malware attempts
On Sat, 15 Apr 2006, Thor (Hammer of God) wrote:
ISA Server is an application that is installed on top of the base OS. Are
you suggesting that the application should actually prevent the local
administrator of the host machine from installing and configuring what
protocols are bound to what
Vulnerable Page: http://www.incredibleindia.org/newsite/cms_Page.asp
Found By: Susam Pal
Found On: 29th March, 2006, Wednesday
Vulnerability Type: SQL Injection
Action Taken: Reported to [EMAIL PROTECTED]
Description:
www.incredibleindia.org is a tourism website. The site is prone to SQL
New eVuln Advisory:
N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities
http://evuln.com/vulns/121/summary.html
Summary
eVuln ID: EV0121
CVE: CVE-2006-1657 CVE-2006-1658
Vendor: Chucky A. Ivey
Software: N.T.
Sowtware's Web Site: http://www.v-gfx.net/
#!/usr/bin/php -q -d short_open_tag=on
?
echo PCPIN Chat = 5.0.4 \login/language\ remote cmmnds xctn\r\n;
echo by rgod [EMAIL PROTECTED];
echo site: http://retrogod.altervista.org\r\n\r\n;;
echo - works with magic_quotes_gpc = Off\r\n;
echo dork: \powered by PCPIN.com\\r\n\r\n;
if ($argc4) {
echo
I'm sure that most folks with hosts that expose an OpenSSH daemon
to the Internet have been getting the usual probes and password
guessing attempts and have been taking appropriate actions (e.g.
setting AllowUsers and using strong passwords) to protect
yourselves. But today, on one of my
37 matches
Mail list logo