Exploiting Google MX servers as Open SMTP Relays

 ( 91 days 22 hours ago)

Vulnerability Report: ...

Re: Microsot DID DISCLOSE potential Backdoor

 ( 91 days 22 hours ago)

On Tue, 06 May 2008, Ken Schaefer wrote: > I'm not sure the facts in evidence support the conclusions reached here (sorry, not posting inline as I don't want to address each conclusion built upon some other shaky conclusion. > > > > ...

RE: Microsot DID DISCLOSE potential Backdoor

 ( 91 days 22 hours ago)

>From the April 2008 MSRT EULA (which is the latest I have): " However, Microsoft may collect and publish aggregated data about the use of the software." ...

Re: Microsot DID DISCLOSE potential Backdoor

 ( 91 days 22 hours ago)

On Wed, 07 May 2008, Ken Schaefer wrote: ...

VBZooM <=V1.11 "reply.php" SQL Injection Vulnerability

 ( 91 days 22 hours ago)

Discovered By: CrAzY CrAcKeR Email: Cr4zY.CrAcKeR(at)hotmail(dot)com Script : VBZooM V1.11 Search: POWERED BY: VBZooM V1.11 =[SQL] I want to thank my friend:- rageh - Lover Hacker - Breeeeh - Sw33t h4ck3r WebSite :

Vulnerability in Multiple Web Application

 ( 91 days 22 hours ago)

I found a link about some web applications vulnerability. 1. Chicomos CMS Configuration File Disclosoure 2. Zomplog 3.8.2 Blog Engine Arbitrary Files Download/Disclosoure 3. Wheatlog Blog Engine Auto Create User See below

Re: QTOFileManager V 1.0<== Remote File Upload Vulnerability

 ( 91 days 22 hours ago)

Script name : QTOFileManager v1.0 not Sava's Simple Upload Version: Final

Multiple XSS In TuxCMS All Version

 ( 91 days 22 hours ago)

Author : Hadi Kiamarsi Discovered by : Hadi Kiamarsi Exploited By : Hadi Kiamarsi E-Mail : hadikiamarsi[at]hotmail.com WebSite : Our Team : ircrash IRCRASH Team Members : Dr.Crash Or Khashayar Fereidani - Hadi Kiamarsi - Malc0de - R3d.w0rm - Rasool Nasr CMS: tuxcms-0.1 CMS ( All Version Vulnerable ) ...

[ GLSA 200805-03 ] Multiple X11 terminals: Local privilege escalation

 ( 91 days 22 hours ago)

- - Gentoo Linux Security Advisory GLSA 200805-03 - - - - Severity: Normal Title: Multiple X11 terminals: Local privilege escalation Date: May 07, 2008 Bugs: #216833, #217819, #219746, #219750, #219754, #219760, #219762 ID: 200805-03 - - Synopsis ...

[USN-610-1] LTSP vulnerability

 ( 91 days 22 hours ago)

Ubuntu Security Notice USN-610-1 May 06, 2008 ltsp vulnerability CVE-2008-1293 A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. ...

[USN-609-1] OpenOffice.org vulnerabilities

 ( 91 days 22 hours ago)

Ubuntu Security Notice USN-609-1 May 06, 2008 hsqldb, openoffice.org/-amd64 vulnerabilities CVE-2007-4575, CVE-2007-5745, CVE-2007-5746, CVE-2007-5747, CVE-2008-0320 A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. ...

0day treasure hunt: researcher hides IE attack on Web

 ( 92 days 3 hours ago)

Security researcher Aviv Raff has a strange way of marking Israel's 60th birthday -- he's published a zero-day vulnerability targeting Internet Explorer, hiding it on the Web and declaring it the object of a "treasure hunt." He revealed the vuln to Microsoft the day before going public.

rPSA-2008-0162-1 kernel

 ( 92 days 4 hours ago)

rPath Security Advisory: 2008-0162-1 Published: 2008-05-07 Products: rPath Linux 1 rPath Appliance Platform Linux Service 1 Rating: Severe Exposure Level Classification: Local User Deterministic Privilege Escalation Updated Versions: kernel=conary.rpath.comatrpl:1-vmware/2.6.24.7-0.1-1 kernel=conary.rpath.comatrpl:1-xen/2.6.16.33-0.4-1 kernel=conary.rpath.comatrpl:1/2.6.24.7-0.1-1 kernel=rap.rpath.comatrpath:linux-1/2.6.24.7-1-1 rPath Issue Tracking System: References: Description: ...

Adobe Acrobat Professional Javascript For PDF Security Feature Bypass and Memory Corruption Vulnerabilities

 ( 92 days 4 hours ago)

Adobe Acrobat Professional Javascript For PDF Security Feature Bypass and Memory Corruption Vulnerabilities by cocoruder(frankruderathotmail.com) Summary: Two critical vulnerabilities exist in the javascript API of Adobe Acrobat Professional 7. A remote attacker who successfully exploits these vulnerabilities can execute restricted functions and arbitrary ...

[Advisory Update]Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability

 ( 92 days 4 hours ago)

[UPDATE]Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability by cocoruder(frankruderathotmail.com) , updated on 2008.05.06 Summary: A design error vulnerability exists in Adobe Reader and Adobe Acrobat Professional. A remote attacker who successfully exploit this vulnerability can control the printer without user's permission. Affected Software Versions: ...

rPSA-2008-0157-1 kernel

 ( 92 days 8 hours ago)

rPath Security Advisory: 2008-0157-1 Published: 2008-05-02 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Local User Deterministic Privilege Escalation Updated Versions: kernel=conary.rpath.comatrpl:1-vmware/2.6.24.6-0.1-1 kernel=conary.rpath.comatrpl:1-xen/2.6.16.33-0.3-1 kernel=conary.rpath.comatrpl:1/2.6.24.6-0.1-1 rPath Issue Tracking System: References: Description: Previous versions of the kernel package have multiple vulnerabilities ...

[ MDVSA-2008:098 ] - Updated openssh packages fix vulnerability

 ( 92 days 8 hours ago)

Mandriva Linux Security Advisory MDVSA-2008:098 Package : openssh Date : May 6, 2008 Affected: 2007.1, 2008.0, 2008.1 Problem Description: A vulnerability in OpenSSH 4.4 through 4.8 allowed local attackers to bypass intended security restrictions enabling them to execute ...

[ MDVSA-2008:096 ] - Updated emacs packages fix vulnerability in vcdiff

 ( 92 days 8 hours ago)

Mandriva Linux Security Advisory MDVSA-2008:096 Package : emacs Date : May 6, 2008 Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0 Problem Description: Steve Grubb found that the vcdiff script in Emacs create temporary ...

[ MDVSA-2008:097 ] - Updated kdelibs packages fix vulnerability in start_kdeinit

 ( 92 days 8 hours ago)

Mandriva Linux Security Advisory MDVSA-2008:097 Package : kdelibs Date : May 6, 2008 Affected: 2008.0, 2008.1 Problem Description: A vulnerability was found in startkdeinit in KDE 3.5.5 through 3.5.9 where, if it was installed setuid root, it could allow local ...

RedHat: Important: kernel security and bug fix update

 ( 92 days 9 hours ago)

LinuxSecurity.com: Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

RedHat: Important: kernel security and bug fix update

 ( 92 days 9 hours ago)

LinuxSecurity.com: Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team.

RedHat: Important: kernel security and bug fix update

 ( 92 days 9 hours ago)

LinuxSecurity.com: Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team.

Ubuntu: LTSP vulnerability

 ( 92 days 9 hours ago)

LinuxSecurity.com: Christian Herzog discovered that it was possible to connect to any LTSP client's X session over the network. A remote attacker could eavesdrop on X events, read window contents, and record keystrokes, possibly gaining access to private information.

Ubuntu: OpenOffice.org vulnerabilities

 ( 92 days 9 hours ago)

LinuxSecurity.com: It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOffice.org. If a user were tricked into running a specially crafted query, a remote attacker could execute arbitrary Java with user privileges. (CVE-2007-4575)

Mandriva: Updated openssh packages fix vulnerability

 ( 92 days 9 hours ago)

LinuxSecurity.com: A vulnerability in OpenSSH 4.4 through 4.8 allowed local attackers to bypass intended security restrictions enabling them to execute commands other than those specified by the ForceCommand directive, provided they are able to modify to ~/.ssh/rc (CVE-2008-1657). The updated packages have been patched to correct this issue.