- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
#=
#NewsLetter v3.5 = (NL_PATH) Remote File Inclusion Exploit
#
#|
#Critical Level : Dangerous
Kurdish Security
newsReporter v1.0 Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Script : newsReporter
Site : http://www.knusperleicht.at
Code :
require
Kurdish Security
Guestbook v3.5 Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Script : MoSpray
Site : http://www.knusperleicht.at
Code :
define('FILE_POSTS',GB_PATH.db/posts.dat);
Kurdish Security
FAQ Script v1.0 Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Script : FAQ Script
Site : http://www.knusperleicht.at
Code :
//if the script is includet you have
Kurdish Security
FileManager Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Script : FileManager
Site : http://www.knusperleicht.at
Code :
$dwl_download_path = downloads;
Kurdish Security
Quickie Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Script : Kurdish Security
FileManager Remote Command Execution
Freedom For Ocalan
Contact :
Kurdish Security
ShoutBox Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Script : ShoutBox
Site : http://www.knusperleicht.at
Code :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1130-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
July 30th, 2006
Title : WoW Roster = 1.5.x Remote File Include (hsList.php)
###
Discovered By AG-Spider
-
Class : Remote file include
Rish : Danger
On 7/31/06, Early Warning Team [EMAIL PROTECTED] wrote:
We tried the Proof of Concept on our test machines and couldn't reproduce the
reported exceptional behavior. The scenarios we tested were:
- Windows XP Service Pack 2, img tag in Internet Explorer 6
- Windows XP Service Pack 2, Insert
[vuln.sg] Vulnerability Research Advisory
Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability
by Tan Chew Keong
Release Date: 2006-07-31
Summary
---
A vulnerability has been found in Lhaplus. When exploited, the vulnerability
allows execution of arbitrary code when the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:135
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- ---
VMware Security Advisory
Advisory ID: VMSA-2006-0004
Synopsis: Cross site scripting vulnerability and other fixes
Knowledge base
===
Ubuntu Security Notice USN-327-2August 01, 2006
firefox regression
https://bugzilla.mozilla.org/show_bug.cgi?id=346167
===
A security issue affects the following Ubuntu
BlackICE does not protect pamversion.dll in its installation directory. And
also because its component
protection fails to protect BlackICE processes this can be misused to inject
fake DLL into BlackICE service.
The whole advisory with more details and source code is available here
Title : WoW Roster = 1.5.x Remote File Include (hsList.php)
###
Discovered By AG-Spider
-
Class : Remote file include
Rish : Danger
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1132-1[EMAIL PROTECTED]
http://www.debian.org/security/ Steve Kemp
Aug 1st, 2005
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1131-1[EMAIL PROTECTED]
http://www.debian.org/security/ Steve Kemp
Aug 1st, 2006
-BEGIN PGP SIGNED MESSAGE-
__
SUSE Security Announcement
Package:freetype2
Announcement ID:SUSE-SA:2006:045
Date: Tue,
-BEGIN PGP SIGNED MESSAGE-
__
SUSE Security Announcement
Package:libtiff
Announcement ID:SUSE-SA:2006:044
Date: Tue, 01
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:136
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Symantec has posted a Security Advisory for Symantec On-Demand Protection.
PLease see the advisory for complete information:
http://www.symantec.com/avcenter/security/Content/2006.08.01a.html
-BEGIN PGP SIGNATURE-
Version: PGP
* email message logs (but not the content of the messages)
* version information of both spam/antivirus definitions and system firmware
version
Used in conjunction with the vulnerability Barracuda Arbitrary File
Disclosure (NNL-20060801-02), the integrity of the system can be compromised
the Barracuda Hardcoded Password Vulnerability
(NNL-20060801-01) guest password vulnerability this restriction can easily be
overcome.
This particular problem is amplified by the fact that it is possible to
download the full configuration file for the barracuda. The configuration file
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:137
http://www.mandriva.com/security/
DMA[2006-0801a] - 'Apple OSX fetchmail buffer overflow'
Author: Kevin Finisterre
Vendor: http://www.apple.com/
Product: 'Mac OSX =10.4.7'
References:
http://www.digitalmunition.com/DMA[2006-0801a].txt
http://www.digitalmunition.com/getpwnedmail-x86.pl
Am Dienstag, den 01.08.2006, 17:24 +0200 schrieb giacomo collini:
On 7/31/06, Early Warning Team [EMAIL PROTECTED] wrote:
We tried the Proof of Concept on our test machines and couldn't reproduce
the reported exceptional behavior. The scenarios we tested were:
- Windows XP Service Pack 2,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1133-1[EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
August 1st, 2006
Inspired by SPI Dynamics - tiny JavaScript port scanner
http://www.gnucitizen.org/projects/javascript-port-scanner/
--
pdp (architect)
http://www.gnucitizen.org
30 matches
Mail list logo