Title: Beehive/SendFile.NET - Secure File Transfer Appliance Hardcoded
Credentials
Vendor: Beehive Software
Vendor URL: http://www.thebeehive.com/
Affected File: http://host/sfcommon/SendFile.jar
Vendor Contact Date: 7/26/2007
Vendor Response: None
Workaround:
The simplest way to
Hello
PHPMyTourney Remote file include Vulnerability
Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : [EMAIL PROTECTED]
home page : http://phpmytourney.sourceforge.net
Script : PHPMyTourney
vulnerable file :
oc photon wrote:
n Thu, Feb 28, 2008 at 1:56 PM, Jacob Appelbaum [EMAIL PROTECTED] wrote:
Moin moin Bugtraq readers,
Bill Paul and I have discovered that LoginWindow.app doesn't clear
credentials after a user is authenticated.
This has already been discovered in 2004. While the author only
n Thu, Feb 28, 2008 at 1:56 PM, Jacob Appelbaum [EMAIL PROTECTED] wrote:
Moin moin Bugtraq readers,
Bill Paul and I have discovered that LoginWindow.app doesn't clear
credentials after a user is authenticated.
This has already been discovered in 2004. While the author only looks
at swap
On Thu, Feb 28, 2008 at 06:28:51PM -0800, Jacob Appelbaum wrote:
oc photon wrote:
n Thu, Feb 28, 2008 at 1:56 PM, Jacob Appelbaum [EMAIL PROTECTED] wrote:
Moin moin Bugtraq readers,
Bill Paul and I have discovered that LoginWindow.app doesn't clear
credentials after a user is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2008:055
http://www.mandriva.com/security/
Hi,
Buffer overflow in Ghostscript. A useful attack vector because a lot
of UNIX workstations will put PS files on the web through Ghostscript.
The problem is a stack-based buffer overflow in the zseticcspace()
function in zicc.c. The issue is over-trust of the length of a
postscript array which
[+] Info:
[~] Software: Centreon = 1.4.2.3
[~] HomePage: http://www.centreon.com
[~] Exploit: Remote File Disclosure [High]
[~] Where: include/doc/index.php
[~] Bug Found By: Jose Luis Góngora Fernández|JosS
[~] Contact: sys-project[at]hotmail.com
[~] Web: http://www.spanish-hackers.com
netOffice Dwins 1.3 Remote code execution.
Product: netOffice Dwins
Version: 1.3 p2
Vendor: http://netofficedwins.sourceforge.net/
Date:02/29/08
- Introduction
netOffice Dwins is a free web based time tracking, timesheet, and
project
rPath Security Advisory: 2008-0091-1
Published: 2008-02-29
Products:
rPath Linux 1
Rating: Severe
Exposure Level Classification:
Remote Deterministic Denial of Service
Updated Versions:
[EMAIL PROTECTED]:1/1.1.23-14.6-1
rPath Issue Tracking System:
rPath Security Advisory: 2008-0092-1
Published: 2008-02-29
Products:
rPath Linux 1
Rating: Major
Exposure Level Classification:
Indirect User Deterministic Denial of Service
Updated Versions:
[EMAIL PROTECTED]:1/0.99.8-0.1-1
[EMAIL PROTECTED]:1/0.99.8-0.1-1
rPath Issue Tracking
rPath Security Advisory: 2008-0094-1
Published: 2008-02-29
Products:
rPath Linux 1
rPath Appliance Platform Linux Service 1
Rating: Major
Exposure Level Classification:
Local User Deterministic Denial of Service
Updated Versions:
[EMAIL PROTECTED]:1-vmware/2.6.22.19-0.1-1
SOURCE CODE:
http://oss.coresecurity.com/pshtoolkit/release/1.3/pshtoolkit_v1.3-src.tgz
BINARIES:
http://oss.coresecurity.com/pshtoolkit/release/1.3/pshtoolkit_v1.3.tgz
DOCUMENTATION:
http://oss.coresecurity.com/projects/pshtoolkit.htm
http://oss.coresecurity.com/pshtoolkit/doc/index.html
rPath Security Advisory: 2008-0093-1
Published: 2008-02-29
Products:
rPath Linux 1
Rating: Major
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
[EMAIL PROTECTED]:1/2.0.0.12-0.1-1
rPath Issue Tracking System:
14 matches
Mail list logo