-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1949-1 secur...@debian.org
http://www.debian.org/security/ Raphael Geissert
December 12, 2009
Hacktics Research Group Security Advisory
http://www.hacktics.com/#details=;view=Resources%7CAdvisory
By Shay Chen, Hacktics.
14-Dec-2009
===
I. Overview
===
During a penetration test performed by Hacktics' experts, certain
vulnerabilities were identified in the Oracle eBusiness
###
# WX Guest Book 1.1.208 Vulns #
# By xxHackerXzX hacker from nepal #
# ad...@ekin0x.comm #
###
Product name: WX Guestbook 1.1.208
Product vendor:
From Wikipedia : Zabbix is a network management system application
[...] designed to monitor and track the status of various network
services, servers, and other network hardware.
[Zabbix Server : Remote command execution]
Impacted software : Zabbix Server
Zabbix reference :
Miniweb 2.0 Full Path Disclosure
Name Miniweb 2.0
Vendorhttp://www.miniweb2.com
AuthorSalvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatorefresta [at] gmail [dot] com
Date 2009-12-12
###
# WX Guest Book 1.1.208 Vulns #
# By xxHackerXzX hacker from nepal #
# ad...@ekin0x.comm #
###
Product name: WX Guestbook 1.1.208
Product vendor:
Previously discovered:
http://packetstormsecurity.org/0812-exploits/estore-sql.txt
856a5dc9cba52e892cbb54bd2e1a0a82 getaphpsite e-store suffers from a remote SQL
injection vulnerability in SearchResults.php. Authored By a
href=mailto:trt-turk[at]hotmail.com;ZoRLu/a
On Fri, Dec 11, 2009 at
Hello Bugtraq and Xacker!
As I mentioned at my site (http://websecurity.com.ua/3762/), where I posted
about this XSS vulnerability in Invision Power Board, the fix offered by
Xacker is not effective. And better to use another method of fixing offered
by me.
Author of this advisory said, that in
From Wikipedia : Zabbix is a network management system application
[...] designed to monitor and track the status of various network
services, servers, and other network hardware.
[Zabbix Agent : Bypass of EnableRemoteCommands=0]
Impacted software : Zabbix Agent (FreeBSD and Solaris
B2C Booking Centre Systems - SQL Injection Vulnerability
Name B2D Booking Centre Systems
Vendorhttp://www.bookingcentre.eu
AuthorSalvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatorefresta [at] gmail
Hello Bugtraq!
I want to warn you about new vulnerabilities in Invision Power Board.
These are Cross-Site Scripting vulnerabilities. Attack is going via
attachment (at click on the attachment in the post at forum or on the link
to this attachment). These are persistent XSS vulnerabilities.
## Securitylab.ir
# Application Info:
# Name: EEGshop
# Version: 1.2
#
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
# Contacts: i...@securitylab[dot]ir ,
census ID: census-2009-0004
URL:http://census-labs.com/news/2009/12/14/monkey-httpd/
CVE ID: Pending
Affected Products: Monkey web server versions ≤ 0.9.2.
Class: Improper Input Validation (CWE-20), Incorrect
Calculation
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1950 secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
December 12, 2009
yes, another year has gone by and some of the survivors will be
gathering together to swap tales of horror and/or triumph and to soothe
our wounds with liberal applications of alcohol...
all are welcome to join us, and as it's just a social, there is no
pressure to perform! unless, of course,
Manager (VRTSodm), Local Escalation of Privilege
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01674733
Version: 3
HPSBUX02409 SSRT080171 rev.3 - HP-UX Running VERITAS File System (VRTSvxfs) or
VERITAS Oracle Disk
Manager (VRTSodm),
-
More info
http://reversemode.com/index.php?option=com_contenttask=viewid=65Itemid=1
-
1st PART HMS HICP Protocol
AFAIK there is no public documentation about this protocol, if not so
please let me know and I'll repeatedly hit myself with a sharpened
stick.All the information presented
17 matches
Mail list logo