[Bkis-01-2010] Multiple Vulnerabilities in BigAce - Bkis

[Bkis-01-2010] Multiple Vulnerabilities in BigAce 1. General Information BigAce is a free content management software (CMS) written in PHP, and is available at http://www.bigace.de. In April 2010, Bkis Security discovered an XSS and CSRF vulnerability in BigAce 2.7.1. Taking advantage of

[SECURITY] [DSA 2049-1] New barnowl packages fix arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2049-1 secur...@debian.org http://www.debian.org/security/ Steffen Joeris May 23, 2010

[SECURITY] [DSA 2048-1] New dvipng packages fix arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2048-1 secur...@debian.org http://www.debian.org/security/ Sébastien Delafond May 22, 2010

Re: Microsoft Outlook Web Access (OWA) v8.2.254.0 id parameter Information Disclosure Vulnerability

Not working at my environment: Tested on Firefox 3.6.3 (Linux). OWA version: 8.2.254.0 Exception type: Microsoft.Exchange.Data.Storage.CorruptDataException. OWA uses System.Convert.FromBase64String(String s) for parsing the address, so even when you try to put the representation there, you

[SECURITY] [DSA 2050-1] New kdegraphics packages fix several vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2050-1 secur...@debian.org http://www.debian.org/security/ Moritz Muehlenhoff May 24, 2010

Re: IBM Lotus 6.x names.nsf Cross Site Scripting Vulnerability

Seriously? This was reported in Jul 2001 by Hiromitsu Takagi, and assigned CVE-2001-1161. http://seclists.org/bugtraq/2001/Jul/22 Would you please: a) check to see if a vulnerability has been published b) test current software c) include the full name of the product you are testing IBM

[ MDVSA-2010:105 ] openoffice.org

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:105 http://www.mandriva.com/security/

[SECURITY] [DSA 2051-1] New postgresql-8.3 packages fix several vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2051-1 secur...@debian.org http://www.debian.org/security/ Moritz Muehlenhoff May 24, 2010

CompleteFTP Server v 4.x PORT command Remote DOS exploit

CompleteFTP Server v 4.x PORT command Remote DOS exploit 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _

[ MDVSA-2010:106 ] aria2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:106 http://www.mandriva.com/security/

Secunia Research: Ziproxy Two Integer Overflow Vulnerabilities

== Secunia Research 24/05/2010 - Ziproxy Two Integer Overflow Vulnerabilities - == Table of Contents Affected

[SECURITY] [DSA 2052-1] New krb5 packages fix denial of service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2052-1 secur...@debian.org http://www.debian.org/security/ Sebastien Delafond May 24, 2010

Denial of Dervice vulnerability in Helix Mobile Server (RealNetworks) (14.0.0.348) with long string to PluginDirectory in rmserver.cfg file

Reproducing the Issue: In configuration file rmserver.cfg located at C:\Program Files\Real\Helix Server give below string as path Var PluginDirectory=A * 5000/ Versioning information of Softwares: Microsoft XP Professional SP2 with Helix Mobile Server (RealNetworks) (14.0.0.348) (Build

[SECURITY] [DSA 2052-1] New krb5 packages fix denial of service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2052-1 secur...@debian.org http://www.debian.org/security/ Sebastien Delafond May 24, 2010

[SECURITY] [DSA 2053-1] New Linux 2.6.26 packages fix several issues

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA-2053-1secur...@debian.org http://www.debian.org/security/ dann frazier May 25, 2010

Scientific Atlanta DPC2100 WebSTAR Cable Modem vulnerabilities

=== Scientific Atlanta DPC2100 Cable Modem Cross-Site Request Forgery and Insufficient Authentication May 24, 2010 CVE-2010-2025, CVE-2010-2026 === ==Description== Scientific

Webby Webserver v1.01 - Buffer overflow vulnerability with overwritten structured exception handler (SEH)

- Webby Webserver v1.01 - Buffer overflow vulnerability with overwritten structured exception handler (SEH) Date: 25.05.2010 - - Description Webby is a small webserver for the windows operating

Sun Solaris 10 libc/*convert (*cvt) buffer overflow

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [ Sun Solaris 10 libc/*convert (*cvt) buffer overflow ] Author: Maksymilian Arciemowicz http://SecurityReason.com Date: - - Dis.: 15.04.2010 - - Pub.: 21.05.2010 Affected Software: - - Sun Solaris 10 10/9 Original URL:

Ghostscript 8.64 executes random code at startup

Ghostscript_8.64 on openSuSE_11.2 executes all files matching ./Encoding/* on startup. This search is relative to the current directory so it is easy to poison Ghostscript and cause it to execute arbitrary PostScript code without user action or knowledge. Details:

Sun Solaris 10 filesystem rm(1),find(1),etc, Denial-of-service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [ Sun Solaris 10 filesystem rm(1),find(1),etc, Denial-of-service ] Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 17.04.2010 - - Pub.: 21.05.2010 Affected Software: - - Sun Solaris 10 10/09 Original URL:

Sun Solaris 10 ftpd Cross-site request forgery

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [ Sun Solaris 10 ftpd Cross-site request forgery ] Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 24.02.2010 - - Pub.: 21.05.2010 Affected Software: - - Sun Solaris 10 10/09 - - OpenSoalris 2009.06 Original URL:

Hustoj is HUST ACM OnlineJudge fckeditor file upload security issue

Description A security issue has been discovered in Hustoj is HUST ACM OnlineJudge, which can be exploited by malicious people to bypass certain security restrictions. Access to the enabled FCKeditor component is not properly restricted, which can be exploited to e.g upload files of certain

Kingsoft WebShield KAVSafe.sys = 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability

Kingsoft WebShield KAVSafe.sys = 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 (2010.5.23) Signature Date: 2010-5-23 2:33:54 And KAVSafe.sys = 2010.4.14.609 Signature Date#65306;2010-4-14 13:42:26

JV2 Folder Gallery 3.1.1 (popup_slideshow.php) Multiple Vulnerability

--- JV2 Folder Gallery 3.1.1 (popup_slideshow.php) Multiple Vulnerability ---

New vulnerabilities in plugin DS-Syndicate for Joomla

Hello Bugtraq! I want to warn you about new security vulnerabilities in plugin DS-Syndicate for Joomla. It's my second advisory for DS-Syndicate. - Advisory: New vulnerabilities in DS-Syndicate for Joomla - URL:

rPSA-2010-0039-1 openssl openssl-scripts

rPath Security Advisory: 2010-0039-1 Published: 2010-05-23 Products: rPath Appliance Platform Linux Service 1 rPath Appliance Platform Linux Service 2 rPath Linux 1 rPath Linux 2 Rating: Minor Exposure Level Classification: Remote User Deterministic Weakness Updated Versions:

Re: Microsoft Outlook Web Access (OWA) v8.2.254.0 id parameter Information Disclosure Vulnerability

Not working , Tested on : XpSp2 , IE6

London DEFCON May meet - DC4420 - Wed 26th May 2010

wow, doesn't time fly when planes don't? :P if, like me, you've been stuck in the UK, admiring the ash cloud and listening to the chants of the soon to be unemployed trolley dollies, you'll be glad of the distraction of a couple of pints, a decent pie and some evil hax0r learning hammered

Kingsoft WebShield KAVSafe.sys = 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability

Kingsoft WebShield KAVSafe.sys = 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 (2010.5.23) Signature Date: 2010-5-23 2:33:54 And KAVSafe.sys = 2010.4.14.609 Signature Date#65306;2010-4-14 13:42:26

OSSTMM 3 STAR Released!

Hi, We have just released the updated STAR, Attack Surface Metrics calculation sheets, and the rav formula! As part of certain requirements towards compliance, more and more Euro companies (so far in France, Germany, Italy, and Switzerland) have begun getting their infrastructure's attack

Arbitrary UNC file read in IE 8

Internet Explorer is vulnerable to a drive-by arbitrary UNC file read, with the usual consequences (local account password disclosure, etc.) as in IE6 before SP1. It is in ICMFilter, which is accessible via the CSS filter property. Sample exploit code: div

SQL injection vulnerability in Zabbix = 1.8.1

Product: Zabbix Vendor: Zabbix SIA References: http://www.securityfocus.com/bid/39752 http://secunia.com/advisories/39119 Software Link: http://www.zabbix.com/ Vulnerable Version: = 1.8.1 Vulnerability Type: SQL Injection Status: Fixed in version 1.8.2 Risk level: Medium Author: David skys