prev · 12.05.2008 · next 
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 | |
Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
( 100 days 19 hours ago)
It is not apache issue. You recrive 403 status, so charset is set in Header. Charset should not be in meta tags. Issue exist, when apache send response without charset in header AND meta tags. Probably you are using old browser without standard settings. Best Regards, Maksymilian Arciemowicz securityreason.com
Mandriva: Updated perl packages fix denial of service
( 100 days 21 hours ago)
LinuxSecurity.com: A double free vulnerability in Perl 5.8.8 and earlier versions, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. The updated packages have been patched to prevent this.
Fedora 7 Update: sipp-3.1-1.fc7
( 100 days 21 hours ago)
LinuxSecurity.com: .Bug #444728 - CVE-2008-1959 SIPp stack based buffer overflow in get_remote_video_port_media() https://bugzilla.redhat.com/show_bug.cgi?id=444728
Mandriva: Updated drakxtools package fixes various bugs
( 100 days 21 hours ago)
LinuxSecurity.com: This update fixes several minor issues: - some GUIes (eg: rpmdrake) would crash on clicking on the close button while they load (bug #35230) - draksec was crashing if the administrator refused to install (bug #38911) - localdrake: After changing the localization language from drakconf in a high security level, the permissions of /etc/sysconfig/i18n were changed such that the file was only readable by root. This caused graphical login via kdm to fail (bug #39027)
Hackers hijack a half-million sites in latest attack
( 101 days 1 hour ago)
Over half a million Web sites have been hit by a mass-scale attack in which domains were hacked in order to infect unsuspecting users' PCs with a variety of malware, according to a Trend Micro security researcher.
[security bulletin] HPSBUX02334 SSRT071403 rev.1 - HP-UX Running ftp, Remote Denial of Service (DoS)
( 101 days 3 hours ago)
SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01446326 Version: 1 HPSBUX02334 SSRT071403 rev.1 - HP-UX Running ftp, Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2008-05-12 Last Updated: 2008-05-12 ...
Re: Exploiting Google MX servers as Open SMTP Relays
( 101 days 3 hours ago)
I was getting backscatter SPAM from google and enabled SPF rules in my DNS domain along with installing Vbounce in SpamAssassin and it has basically all stopped. SPF specifically addresses the Google bounce issue, since Google implements SPF. When a spammer sends a message to google with a forged ...
[SECURITY] [DSA 1574-1] New icedove packages fix several vulnerabilities
( 101 days 3 hours ago)
- Debian Security Advisory DSA-1574-1 securityatdebian.org Moritz Muehlenhoff May 12, 2008 - Package : icedove Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237 Several remote vulnerabilities have been discovered in the Icedove mail ...
Re: Re: Exploiting Google MX servers as Open SMTP Relays
( 101 days 3 hours ago)
Hi, We are not talking about backscattering. Our attack uses Google's MX servers like open SMTP relays. Messages are delivered as sent, and not as a delivery failure notification. ...
[SECURITY] [DSA 1573-1] New php5 packages fix several vulnerabilities
( 101 days 3 hours ago)
- Debian Security Advisory DSA-1573-1 securityatdebian.org Thijs Kinkhorst May 11, 2008 - Package : rdesktop Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-1801 CVE-2008-1802 CVE-2008-1803 Debian Bug : 480133 480134 480135 Several remote vulnerabilities have been discovered in rdesktop, a ...
Confirmed Program for SyScan'08 Hong Kong
( 101 days 3 hours ago)
dear all the program for SyScan'08 Hong Kong is confirmed. date: May 29th and 30th, 2008 venue: Langham Place Hotel, Hong Kong Program: Attacking Telco Core Network - Philippe Langlois (TSTF) Real World Kernel Pool Exploitation - Kostya Kortchinsky (Immunity) ...
[SECURITY] [DSA 1572-1] New php5 packages fix several vulnerabilities
( 101 days 3 hours ago)
- Debian Security Advisory DSA-1572-1 securityatdebian.org Thijs Kinkhorst May 11, 2008 - Package : php5 Vulnerability : several Problem type : local/remote Debian-specific: no CVE Id(s) : CVE-2007-3806 CVE-2008-1384 CVE-2008-2050 CVE-2008-2051 Debian Bug : 479723 Several vulnerabilities have been discovered in PHP, a server-side, ...
[ GLSA 200805-10 ] Pngcrush: User-assisted execution of arbitrary code
( 101 days 3 hours ago)
- Gentoo Linux Security Advisory GLSA 200805-10 - - Severity: Normal Title: Pngcrush: User-assisted execution of arbitrary code Date: May 11, 2008 Bugs: #219033 ID: 200805-10 - Synopsis A vulnerability in Pngcrush might result in user-assisted execution of arbitrary code. ...
Re: Exploiting Google MX servers as Open SMTP Relays
( 101 days 3 hours ago)
On Sat, May 10, 2008 at 8:04 PM, Todd T. Fries wrote: > Yes this is very frustrating. > > The details are not so hard to guess. Unless this post is different, > anyone can send an email to a nonexistent user at a google service and ...
Re: Exploiting Google MX servers as Open SMTP Relays
( 101 days 3 hours ago)
On Sat, May 10, 2008 at 01:04:42PM -0500, Todd T. Fries wrote: > Yes this is very frustrating. > > The details are not so hard to guess. Unless this post is different, > anyone can send an email to a nonexistent user at a google service and ...
Joomla Component xsstream-dm 0.01 Beta SQL Injection
( 101 days 3 hours ago)
#!/usr/bin/perl -w # Joomla Component xsstream-dm 0.01 Beta Remote SQL Injection# # download : #[*] Founded by : Houssamix From H-T Team #[*] H-T Team [ HouSSaMix ToXiC350 ] from MoroCCo #[*] Dork inurl:"index.php?option=comxsstream-dm" #[*] Greetz : CoNaN & HaCkeREgY & All friends & All muslims HaCkeRs :) ...
[ MDVSA-2008:100 ] - Updated perl packages fix denial of service vulnerability
( 101 days 3 hours ago)
Mandriva Linux Security Advisory MDVSA-2008:100 Package : perl Date : May 11, 2008 Affected: 2007.1, 2008.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 Problem Description: A double free vulnerability in Perl 5.8.8 and earlier versions, ...
[SECURITY] [DSA 1573-1] New rdesktop packages fix several vulnerabilities
( 101 days 3 hours ago)
- Debian Security Advisory DSA-1573-1 securityatdebian.org Thijs Kinkhorst May 11, 2008 - Package : rdesktop Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-1801 CVE-2008-1802 CVE-2008-1803 Debian Bug : 480133 480134 480135 Several remote vulnerabilities have been discovered in rdesktop, a ...
Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
( 101 days 3 hours ago)
Content type is set in Response header but not in the HTML meta tag - for example there is no definition like !!! That is the reason why it is still a vulnerability and was tested hundred times and still works. ...
[ GLSA 200805-09 ] MoinMoin: Privilege escalation
( 101 days 3 hours ago)
- Gentoo Linux Security Advisory GLSA 200805-09 - - Severity: Normal Title: MoinMoin: Privilege escalation Date: May 11, 2008 Bugs: #218752 ID: 200805-09 - Synopsis A vulnerability in MoinMoin may allow a remote attacker to elevate his privileges. Background ...
prev · 12.05.2008 · next
