[SECURITY] [DSA 1715-1] New moin packages fix insufficient input sanitising

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1715secur...@debian.org http://www.debian.org/security/ Steffen Joeris January 29, 2009

[security bulletin] HPSBMA02403 SSRT090007 rev.1 - HP Select Access Running on HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01658614 Version: 1 HPSBMA02403 SSRT090007 rev.1 - HP Select Access Running on HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) NOTICE: The information in this Security

dBpowerAMP Audio Player v2 ( .pls file) LoCaL BufferOverFlow Exploit

# dBpowerAMP Audio Player v2 ( .pls file) LoCaL BufferOverFlow Exploit # Exploited By AlpHaNiX # From NullArea.Net # Thanks Stack For The PoC system(cls) ; print \n\n\n[+] dBpowerAMP Audio Player v2 ( .pls file) LoCaL BufferOverFlow Exploit ; my $blah= \x41 x 600; my $nop = \x90 x 52 ; my

[security bulletin] HPSBMP02404 SSRT090014 rev.1 - MPE/iX Running BIND/iX, Remote DNS Cache Poisoning

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01660723 Version: 1 HPSBMP02404 SSRT090014 rev.1 - MPE/iX Running BIND/iX, Remote DNS Cache Poisoning NOTICE: The information in this Security Bulletin should be acted upon as soon as

Re: Internet explorer 7.0 stack overflow

According to MS, is stack exhaustion and not overflow. http://blogs.technet.com/swi/archive/2009/01/28/stack-overflow-stack-exhaustion-not-the-same-as-stack-buffer-overflow.aspx

Oracle Forms Cross site Scripting in (iFcgi60.exe / f60servlet)

Oracle Forms Cross site Scripting in (iFcgi60.exe / f60servlet) About: Oracle Forms is a tool (somewhat like Visual Basic in appearance, but the code inside is PL/SQL) which allows a developer to quickly create user-interface applications which access an Oracle database in a very efficient

Oracle Application Server 10g Cross Site Scripting Vulnerability

Oracle AS Portal is a Web-based application for building and deploying portals. It provides a secure, manageable environment for accessing and interacting with enterprise software services and information resources. A vulnerability has been identified in Oracle Application Server 10g, This

Re: Secunia Research: OpenX Multiple Vulnerabilities

OpenX has fixed all of the vulnerabilities, and will release new versions of v2.4 and v2.6, after the QA cycle, in the next 24-48 hours. Scott Switzer OpenX Community Leader

Motorola Wimax Modem CPEi300 Multiple Vulnerabilities

Regards ! # # # Name: Motorola Wimax modem CPEi300 Multiple Vulnerabilities # Author : Usman Saeed # Company : Xc0re Security Reasearch Group # Homepage : http://www.xc0re.net #

rPSA-2009-0021-1 sudo

rPath Security Advisory: 2009-0021-1 Published: 2009-01-29 Products: rPath Linux 2 Rating: Major Exposure Level Classification: Local Root Deterministic Privilege Escalation Updated Versions: sudo=conary.rpath@rpl:2/1.6.9p12-3.1-1 rPath Issue Tracking System:

[SECURITY] [DSA 1704-2] Updated netatalk packages fix denial of service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1704-2secur...@debian.org http://www.debian.org/security/ Nico Golde January 30th, 2009

PerlSoft Guestbook v1.7b Bruteforcer + RCE!

Typ: Bruter RCE Name: PerlSoft GB Pwner Affected Software: PerlSoft Gästebuch Version: 1.7b Coder/Bugfounder: Perforin -- the RCE is only once possible, do not waste your command! STEP1: Use my script to bruteforce the admin login from the guestbook. STEP2: If we gain access, you can

Re: XSS vulnerabilty in ASP.Net [with details]

Good work. But is it resolved in ASP.NET 2.0 ??? I think this vilnerability still exists. thanks