Re: DotClear Full Path Disclosure Vulnerability

Le lundi 12 février 2007 à 22:51 +0100, Raphaël HUCK a écrit : They should check that a certain variable is defined for example, and if not, do not display anything... even if the hosted website is configured to display errors, and you cannot change this. Exactly my point: you may not have

iDefense Security Advisory 02.13.07: Hewlett-Packard HP-UX SLSd Arbitrary File Creation Vulnerability

Hewlett-Packard HP-UX SLSd Arbitrary File Creation Vulnerability iDefense Security Advisory 02.13.07 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 13, 2007 I. BACKGROUND Hewlett-Packard's HP-UX introduced Single Logical Screen (SLS) in 1995 to facilitate using multiple graphics

Jupiter CMS 1.1.5 Multiple Vulnerabilities

Title:Jupiter CMS 1.1.5 Multiple Vulnerabilities Advisory ID:12070214 Risk level:High Author:DarkFig [EMAIL PROTECTED] URL:http://www.acid-root.new.fr/advisories/12070214.txt .: [ OVERVIEW ] Jupiter CMS 1.1.5 is a powerful user-friendly Community

Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and ASA Appliances

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and ASA Appliances Advisory ID: cisco-sa-20070214-pix http://www.cisco.com/warp/public/707/cisco-sa-20070214-pix.shtml Revision 1.0 For Public Release 2007 February 14 1600 UTC (GMT

Secunia Research: MailEnable Web Mail Client Multiple Vulnerabilities

== Secunia Research 14/02/2007 - MailEnable Web Mail Client Multiple Vulnerabilities - == Table of Contents Affected

[security bulletin] HPSBUX02192 SSRT061233 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00863839 Version: 1 HPSBUX02192 SSRT061233 rev.1 - HP-UX Running ARPA Transport, Local Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon

Argument injection issues

In a Solaris telnet vulnerability thread, Casper Dik said: It's not still in Solaris; it's the first time it occurred in Solaris; it is stupid it did but it's a typical programming error: passing unchecked arguments to a program without escaping special characters. The emerging terminology for

Re: DotClear Full Path Disclosure Vulnerability

Of course, there are multiple ways to secure software after their setup, provided you know a minimum about computer security. But I think many people just do the default setup the easy way via the setup wizard. That's why I believe the developers should take great care securing their

WebTester 5.0.2 sql injection and XSS vulnerabilities

Application: WebTester Web Site: http://www.webtester.us/ Versions: 5.0.20060927 and below Platform: linux, windows, freebsd, sun Bug: Cross Site Scripting and SQL Injection Severity: high Fix Available: No --- 1) Introduction 2) Bug 3) The Code

Re: Jupiter CMS 1.1.5 Multiple Vulnerabilities

Little error for the file upload vulnerability. Updated, see http://www.acid-root.new.fr/advisories/12070214.txt. Sorry for the inconvenience :(. An attacker can access to this script, simply by sending a request which not contains the is_guest and is_user variables.

Re: Solaris telnet vulnberability - how many on your network?

The simplest possible fix on such short notice: http://cvs.opensolaris.org/source/diff/onnv/onnv-gate/usr/src/cmd/cmd-inet/usr.sbin/in.telnetd.c ?r2=3629r1=2923 Casper How about just uncommenting the following from /etc/default/login # If CONSOLE is set, root can only login on that

[ GLSA 200702-04 ] RAR, UnRAR: Buffer overflow

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200702-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

Re: Solaris telnet vulnberability - how many on your network?

[EMAIL PROTECTED] wrote: On Tue, 13 Feb 2007 [EMAIL PROTECTED] wrote: On Tue, 13 Feb 2007 [EMAIL PROTECTED] wrote: Am I missing something? This vulnerability is close to 10 years old. It was in one of the first versions of Solaris after Sun moved off of the SunOS BSD platform and over to

Solaris telnet vuln solutions digest and network risks

A couple of updates and a summary digest of useful information shared from all around on this vulnerability, for those of us trying to make sense of what it means to our networks: 1. Sun released a patch (although it is not a final one). It can be found on their site (

RE: Re[2]: Solaris telnet vulnberability - how many on your network?

Spectulation over whether Microsoft, Sun, or any other vendor intentionally put in backdoors just makes our industry seem unprofessional. The likelihood that either vendor did is near zero. Could be, but most likely not. Unless you find a hard coded password, code comments indicating a built-in

RE: [BLACKLIST] [Full-disclosure] Solaris telnet vulnberability - how many on yournetwork?

On Tue, 13 Feb 2007, Michael Wojcik wrote: From: Thierry Zoller [mailto:[EMAIL PROTECTED] Sent: Monday, 12 February, 2007 07:52 GE telnet -l -froot [hostname] Should we really consider this a BUG ? With all due respect, this reads, smells and probably tastes like a backdoor

Re: Solaris telnet vulnberability - how many on your network?

On Monday 12 February 2007 07:00, Gadi Evron wrote: Update from HD Moore: but this bug isnt -froot, its -fanythingbutroot =P Confirmed. If the server permits logins from outside (maybe via SSH only - protection provided by a local or network) and has telnetd enabled any user can login as

Cisco Security Advisory: Multiple Vulnerabilities in Firewall Services Module

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Firewall Services Module Advisory ID: cisco-sa-20070214-fwsm http://www.cisco.com/warp/public/707/cisco-sa-20070214-fwsm.shtml Revision 1.0 For Public Release 2007 February 14 1600 UTC (GMT