Le 1/12/12 23:42, Jeffrey Walton a écrit :
On Sat, Dec 1, 2012 at 5:07 PM, Aris Adamantiadis a...@0xbadc0de.be wrote:
Hi Kcope
You're late on this one:
http://seclists.org/fulldisclosure/2010/Aug/132
It seems there is a disconnect or it appears they got the analysis wrong:
Your request
When you look into the heap and stack overrun the first obstacle to
exploit the bugs is that MySQL does not allow all plain 0 to 255
characters, this means the exploiter would have to use unicode
translation in order to exploit the bugs (therefore these are PoCs
only by now). If the exploiter
Hello Kurt,
thanks for catching up and coordinating the CVEs.
It has to be mentioned that the MySQL on Windows RCE applies to the
default install
of the Windows MySQL installer package. If the default options are set
the server is vulnerable out of the box.
Greetings,
Kingcope
2012/12/2 Kurt
Summary
The web browser which comes as part of the RIM BlackBerry PlayBook OS can be
tricked into disclosing the contents of local files through the
planting of a malicious HTML file through the standard download mechanism.
It should be noted that in order to exploit this issue, user
HTTPCS Advisory : HTTPCS112
Product : OurWebFTP
Version : 5.3.5
Page : /index.php
Variables : mwb_control2=Entermwa_control2=op:loginftp_host=[VulnHTTPCS]
Type : XSS
Method : POST
Description : A vulnerability has been discovered in OurWebFTP, which can be
exploited by malicious people to
Dear all, I'd like to inform you that this exploit is vulnerable to a *
critical* XSS attack that can be used against users of the exploit.
Vendor did not respond to inquiries regarding this *severe* vulnerability.
Regards,
Hot Acid security research team.
Greetz 2:
Mustlive
Vulnerability Lab
--
REDACTED REDACTED REDACTED REDACTED REDACTED REDACTED REDACTED
REDACTED REDACTED REDACTED REDACTED
ADVISORY ADVISORY ADVISORY ADVISORY ADVISORY ADVISORY ADVISORY
ADVISORY ADVISORY ADVISORY ADVISORY
--
REDACTED REDACTED REDACTED REDACTED REDACTED REDACTED REDACTED
REDACTED REDACTED REDACTED REDACTED
ADVISORY ADVISORY ADVISORY ADVISORY ADVISORY ADVISORY ADVISORY
ADVISORY ADVISORY ADVISORY ADVISORY
Follow-Up to http://seclists.org/fulldisclosure/2012/Nov/7
EasyPHP 12.1 - Remote code execution of any php/js on local PC
Product:
EasyPHP installs a complete WAMP environment for PHP developers in
Windows including PHP, Apache, MySQL, PhpMyAdmin, Xdebug... -
http://www.easyphp.org/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-2577-1 secur...@debian.org
http://www.debian.org/security/ Yves-Alexis Perez
December 01, 2012
Thanks for the response! We are working on a better automatic scoring
bound to the risk system vector calculation of our db. Its all bound and
normally a moderator check the content but after a ddos last week we
missed to checkthe issue again. We are only human and mistakes happen
can ... thanks.
Title:
==
FortiGate FortiDB 2kB 1kC 400B - Cross Site Vulnerability
Date:
=
2012-11-29
References:
===
http://www.vulnerability-lab.com/get_content.php?id=558
VL-ID:
=
558
Common Vulnerability Scoring System:
2.5
Introduction:
Title:
==
FortiWeb 4kC,3kC,1kC VA - Cross Site Vulnerabilities
Date:
=
2012-12-01
References:
===
http://www.vulnerability-lab.com/get_content.php?id=702
VL-ID:
=
702
Common Vulnerability Scoring System:
2.1
Introduction:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/2012 02:26 PM, king cope wrote:
(see attachment)
Cheerio, Kingcope
So normally for MySQL issues Oracle would assign the CVE #. However in
this case we have a bit of a time constraint (it's a weekend and this
is blowing up quickly) and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/2012 02:26 PM, king cope wrote:
(see attachment)
Cheerio,
Kingcope
So normally for MySQL issues Oracle would assign the CVE #. However in
this case we have a bit of a time constraint (it's a weekend and this
is blowing up quickly)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/2012 02:26 PM, king cope wrote:
(see attachment)
Cheerio,
Kingcope
So normally for MySQL issues Oracle would assign the CVE #. However in
this case we have a bit of a time constraint (it's a weekend and this
is blowing up quickly)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/2012 02:26 PM, king cope wrote:
(see attachment)
Kingcope
So normally for MySQL issues Oracle would assign the CVE #. However in
this case we have a bit of a time constraint (it's a weekend and this
is blowing up quickly) and the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/2012 02:26 PM, king cope wrote:
(see attachment)
Cheerio,
Kingcope
So normally for MySQL issues Oracle would assign the CVE #. However in
this case we have a bit of a time constraint (it's a weekend and this
is blowing up quickly)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/2012 11:41 AM, king cope wrote:
*** FARLiGHT ELiTE HACKERS LEGACY R3L3ASE ***
Attached is the MySQL Windows Remote Exploit (post-auth, udf
technique) including the previously released mass scanner. The
exploit is mirrored at the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/2012 02:26 PM, king cope wrote:
(see attachment)
Cheerio,
Kingcope
So normally for MySQL issues Oracle would assign the CVE #. However in
this case we have a bit of a time constraint (it's a weekend and this
is blowing up quickly)
Hi, Kurt!
This is CVE-2012-5579 that we've been discussing recently.
A test case it different, but it triggers exactly the same code.
MariaDB is not vulnerable as of 5.1.66, 5.2.13, 5.3.11, 5.5.28a.
Latest released MySQL versions are still affected, but Oracle knows
about this issue, so next
On 12/02/2012 11:30 AM, Kurt Seifried wrote:
So normally for MySQL issues Oracle would assign the CVE #. However in
this case we have a bit of a time constraint (it's a weekend and this
is blowing up quickly) and the impacts are potentially quite severe.
So I've spoken with some other Red Hat
Thanks, Kurt!
2012/12/2 Kurt Seifried kseifr...@redhat.com:
*** FARLiGHT ELiTE HACKERS LEGACY R3L3ASE ***
Attached is the MySQL Windows Remote Exploit (post-auth, udf
technique) including the previously released mass scanner. The
exploit is mirrored at the farlight website
HTTPCS Advisory : HTTPCS116
Product : phpMyNewsletter
Version : v0.8
Page : /admin/?page=subscribers
Variables : page=[VulnHTTPCS]
Type : XSS
Method : POST
Description : A vulnerability has been discovered in phpMyNewsletter, which can
be exploited by malicious people to conduct cross-site
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2580-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
December 02, 2012
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2012:176
http://www.mandriva.com/security/
On Sun, Dec 2, 2012 at 10:40 AM, king cope
isowarez.isowarez.isowa...@googlemail.com wrote:
When you look into the heap and stack overrun the first obstacle to
exploit the bugs is that MySQL does not allow all plain 0 to 255
characters, this means the exploiter would have to use unicode
27 matches
Mail list logo
