# Tested on Windows 7 and Winamp v5.571(x86)
# This bug is informed to Nullsoft and was fixed long back.
# The status can be found at
http://forums.winamp.com/showthread.php?s=threadid=316000
# This code works on Python 3.0. To make it work on 3.0 remove braces in print
print(\n***Winamp
From: paul.sz...@sydney.edu.au [mailto:paul.sz...@sydney.edu.au]
Sent: Sunday, 30 May, 2010 06:50
I also see no -P- and no absolute paths for the ps files mentioned in
many gs scripts e.g. /usr/bin/pdf2dsc or /usr/bin/ps2ascii . Also,
crappy coding for GS_EXECUTABLE=gs. Am not sure if these
Hi Mustlive,
I'm not sure if there's a need to discuss or clarify this any further.
Please refer to my earlier posts, and for the sake of saving some of our
time efforts, avoid drawing tangents about scripts and noscripts (I've
clarified both earlier) weasel words (security vulnerability and
Looks like this affected Windows only, and was fixed a while ago.
Changes with nginx 0.7.6501 Feb 2010
*) Security: now nginx/Windows ignores trailing spaces in URI.
Thanks to Dan Crowley, Core Security Technologies.
-Original Message-
Does not work on 0.7.65.
On Mon, May 31, 2010 at 11:00 AM, abc12...@hushmail.com wrote:
what about the stable branch? Versions 0.7.65 and earlier?
[Bkis-02-2010] Multiple Vulnerabilities in CMS Made Simple
1. General information
CMS Made Simple is a free content management system (CMS) written in PHP,
available at www.cmsmadesimple.org. In March, 2010, Bkis Security discovered
some XSS and CSRF vulnerabilities in CMS Made Simple 1.7.1.
Hello Bugtraq!
I want to warn you about Denial of Service vulnerability in Internet
Explorer. Which I already disclosed at my site in 2008 (at 29.09.2008). But
recently I made new tests concerning this vulnerability, so I decided to
remind you about it.
I know this vulnerability for a long time
Vulnerability ID: HTB22390
Reference:
http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_ecomat_cms.html
Product: Ecomat CMS
Vendor: Codefabrik GmbH
Vulnerable Version: 5.0 and Probably Prior Versions
Vendor Notification: 18 May 2010
Vulnerability Type: SQL Injection
Status: Not
Vulnerability ID: HTB22391
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_ecomat_cms.html
Product: Ecomat CMS
Vendor: Codefabrik GmbH
Vulnerable Version: 5.0 and Probably Prior Versions
Vendor Notification: 18 May 2010
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not
Couldn't this also be thwarted by having a MOTD? It generally displays
before the bashrc if I'm not mistaken.
--
Rob Fuller | Mubix
Room362.com | Hak5.org
On Mon, May 31, 2010 at 8:47 PM, Jan Schejbal
jan.mailinglis...@googlemail.com wrote:
PuTTY, a SSH client for Windows, requests the
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear colleague,
We are proud to announce the release of Onapsis Bizploit, the first opensource
ERP Penetration Testing framework.
Presented at the renowned HITB Dubai security conference, Bizploit is expected
to provide the security community with
PuTTY, a SSH client for Windows, requests the passphrase to the ssh key
in the console window used for the connection. This could allow a
malicious server to gain access to a user's passphrase by spoofing that
prompt.
We assume that the user is using key-bases ssh auth with ssh and
connects
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
On Jun 1, 2010, at 2:47 AM, Jan Schejbal wrote:
PuTTY, a SSH client for Windows, requests the passphrase to the ssh key in
the console window used for the connection. This could allow a malicious
server to gain access to a user's passphrase by spoofing that prompt.
We assume that the
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
ZDI-10-090: Novell ZENworks Configuration Management Preboot Service Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-090
June 1, 2010
-- Affected Vendors:
Novell
-- Affected Products:
Novell Zenworks
-- TippingPoint(TM) IPS Customer Protection:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Vul in stable versions now isn't work.
Original Advisory:
http://blog.pouya.info/userfiles/vul/NginX.rar
Applicure dotDefender 4.0 administrative interface cross site scripting
An advisory by EnableSecurity.
ID: ES-20100601
Advisory URL:
http
25 matches
Mail list logo