Security Advisory
IS-2010-006 - D-Link DAP-1160 formFilter buffer overflow
Advisory Information
Published:
2010-07-14
Updated:
2010-07-14
Manufacturer: D-Link
Model: DAP-1160
Firmware version: 1.20b06
1.30b10
1.31b01
Vulnerability Details
Hello participants of Full-Disclosure!
Last month I told you about my article Using of the sites for attacks on
other sites
(http://lists.grok.org.uk/pipermail/full-disclosure/2010-June/075384.html).
In which I wrote particularly about creating of botnet from zombie-servers
(which is a new type
On Jul 14, 2010, at 6:28 PM, MustLive wrote:
In which I wrote particularly about creating of botnet from zombie-servers
(which is a new type of botnets).
A more appropriate name for this sort of attack might be an 'application
reflection attack', as it's similar in concept to making use of
come on what's funny about encoding a url? you don't see this as a vuln?
REALLY geez peace...
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Marshall
Whittaker
Sent: 13 July 2010 21:17
To:
PR09-16: Juniper Secure Access series (Juniper IVE) XSS
Vulnerability found: 12th October 2009
Severity: Medium (Script injection)
Description:
There is a Cross-site Scripting vulnerability on Juniper, IVE web interface.
Procheckup has found by making a malformed request to the IVE Web
did you actually try the link? cause it worked for me...
On Wed, Jul 14, 2010 at 12:14 PM, McGhee, Eddie eddie.mcg...@ncr.comwrote:
come on what's funny about encoding a url? you don't see this as
a vuln? REALLY geez peace...
--
*From:*
In fact, open redirect is considered a vulnerability commonly involved in
phishing attacks.
http://www.owasp.org/index.php/Open_redirect
On Wed, Jul 14, 2010 at 6:03 PM, Mario Vilas mvi...@gmail.com wrote:
did you actually try the link? cause it worked for me...
On Wed, Jul 14, 2010 at 12:14
On Wed, Jul 14, 2010 at 10:19 AM, Juan Galiana jgali...@gmail.com wrote:
In fact, open redirect is considered a vulnerability commonly involved in
phishing attacks.
by people who have a cursory but non-thorough understanding of security.
http://scarybeastsecurity.blogspot.com/
To be
On Wed, Jul 14, 2010 at 10:32 AM, Chris Evans scarybea...@gmail.com wrote:
On Wed, Jul 14, 2010 at 10:19 AM, Juan Galiana jgali...@gmail.com wrote:
In fact, open redirect is considered a vulnerability commonly involved in
phishing attacks.
by people who have a cursory but non-thorough
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:132
http://www.mandriva.com/security/
Outlook PR_ATTACH_METHOD file execution vulnerability
Yorick Koster, October 2009
sure you've probably all already worked this out, but if not *
search?q=%79%61%68%6F%6F* searches for yahoo and *
btnI=I%26%2339;%69%6D%2B%46%65%65%6C%69%6E%67%2B%4C%75%63%6B%79* tells
google you're feeling lucky.
safe.
On Wed, Jul 14, 2010 at 10:14 AM, McGhee, Eddie eddie.mcg...@ncr.comwrote:
The Pwnie Awards ceremony will return for the fourth consecutive year to the
BlackHat USA conference in Las Vegas. The award ceremony will take place
during the BlackHat reception on Thr, July 29, 2010.
The Pwnie Awards is an annual awards ceremony celebrating the achievements and
failures of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2070-1 secur...@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 14, 2010
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2071-1 secur...@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 14, 2010
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OG Menu 6.x-2.0 XSS Vulnerability
CVE-2010-1747
This disclosure has also been posted at http://madirish.net/?article=467
Description of Vulnerability:
- -
Drupal (http://drupal.org) is a robust content management system
Is the affected product Secure Backup accidentally missing from the subject
line and the advisory title,
i.e. the correct title is Oracle Secure Backup Administration selector Command
Injection Remote Code Execution Vulnerability?
Juha-Matti
ZDI Disclosures [zdi-disclosu...@tippingpoint.com]
17 matches
Mail list logo