Bugtraq | Bugtraq

Bugtraq | Bugtraq Mailing List Archive by Gossamer Threads http://www.gossamer-threads.com/lists/bugtraq/bugtraq/ en-us (c) Gossamer Threads Inc. All rights reserved. 25 Nov 2009 01:56:57 -0800 120 Gossamer Threads | Bugtraq | Bugtraq 75 23 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/ http://www.gossamer-threads.com/images/lists/rss_logo.jpg rPSA-2008-0018-1 mysql mysql-bench mysql-server rPath Security Advisory: 2008-0018-1 Published: 2008-01-17 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Local Determi 17 Jan 2008 07:32:21 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26774 [SECURITY] [DSA 1465-1] New apt-listchanges packages fix arbitrary code execution -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA 17 Jan 2008 06:38:45 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26771 [security bulletin] HPSBMA02133 SSRT061201 rev.7 - HP Oracle for OpenView (OfO) Critical Patch Update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00727143 Version: 7 HPSBMA02133 SSRT061201 re 17 Jan 2008 05:30:57 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26770 Clever Copy <=3.0 Multiple Remote Vulnerabilities #################################################################### # # # 17 Jan 2008 00:54:46 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26777 PHPEchoCMS Multible remote vulnerabilitis Hello,, PHPEchoCMS Multible remote vulnerabilitis Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address 16 Jan 2008 21:07:58 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26773 JoomlaFlash Component Multiple Remote File Inclusion Autore: Smasher Sito: http://warwolfz.altervista.org Tipo: Remote File Inclusion Rischio: Alto A remote attacker can gain access to your website thro 16 Jan 2008 16:06:03 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26772 [ MDVSA-2008:016 ] - Updated apache 2.2.x packages fix multiple vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 16 Jan 2008 15:30:09 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26775 [USN-570-1] boost vulnerabilities =========================================================== Ubuntu Security Notice USN-570-1 January 16, 2008 boost vulnerabilities CVE-200 16 Jan 2008 14:45:38 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26768 Re: [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples Hello, I inputed the example string from IE and Firefox, but it doesn't work. The Tomcat version is 5.5.23. It just displayed what I typed. ... Req 16 Jan 2008 14:40:29 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26776 [ MDVSA-2008:015 ] - Updated apache 2.0.x packages fix multiple vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 16 Jan 2008 14:29:34 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26769 [ MDVSA-2008:014 ] - Updated apache 1.3.x packages fix multiple vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Adv 16 Jan 2008 14:16:50 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26767 Gradman <= 0.1.3 (agregar_info.php?tabla=) Local File Inclusion Exploit [+] Info: [~] Software: Gradman <= 0.1.3 [~] HomePage: http://gradman.xe1ido.com.mx/ [~] Exploit: Local File Inclusion [High] [~] Where: agregar_info 16 Jan 2008 13:11:31 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26766 SQL scalar function to convert big int to dot notation For those of you logging ISA (or whatever) to SQL, you'll have no doubt noted that the source and destination IP's are logged as long integers, and no 16 Jan 2008 12:20:15 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26764 [waraxe-2008-SA#062] - Multiple Sql Injections in MyBB 1.2.10 [waraxe-2008-SA#062] - Multiple Sql Injections in MyBB 1.2.10 =============================================================================== Author: 16 Jan 2008 12:19:44 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26762 [waraxe-2008-SA#061] - Remote Code Execution in MyBB 1.2.10 [waraxe-2008-SA#061] - Remote Code Execution in MyBB 1.2.10 =============================================================================== Author: J 16 Jan 2008 12:18:40 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26765 TPTI-08-02: Cisco Call Manager CTLProvider Heap Overflow Vulnerability TPTI-08-02: Cisco Call Manager CTLProvider Heap Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-08-02 January 16, 2008 -- CVE ID: 16 Jan 2008 12:12:32 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26763 Country by Country Computer Sets now available for ISA 2004 I've updated the HoG site to include Country-by-country sets for ISA 2004 for those still using that version of the product. http://hammerofgod.com/d 16 Jan 2008 12:00:25 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26761 Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5 ####################################################################### Luigi Auriemma Applications: BitTorrent and uTo 16 Jan 2008 10:47:28 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26760 mcGuestbook v1.2 Remote File Inc. Author: BLaSTER a.K.a Gokhan Title: mcGuestbook v1.2 Remote File Inc. Download: http://www.hotscripts.com/jump.php?listing_id=13439&jump_type=1 Contac 16 Jan 2008 10:44:01 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26759 Cisco Security Advisory: Cisco Unified Communications Manager CTL Provider Heap Overflow -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Unified Communications Manager CTL Provider Heap Overflow Document ID: 16 Jan 2008 08:15:00 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26758 RichStrong CMS (showproduct.asp?cat=) Remote SQL Injection Exploit [+] Info: [~] Software: RichStrong CMS [~] HomePage: http://www.hzrich.cn [~] Exploit: Remote Sql Injection [High] [~] Where: showproduct.asp?cat= [~ 16 Jan 2008 03:36:08 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26748 [DSECRG-08-003] blogcms 4.2.1b Multiple Security Vulnerabilities Digital Security Research Group [DSecRG] Advisory #DSECRG-08-003 Application: Blogcms Versions Affected: Blogc 16 Jan 2008 03:02:40 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26747 [DSECRG-08-002] Local File Include in arias 0.99-6 Digital Security Research Group [DSecRG] Advisory #DSECRG-08-002 Application: aria-0.99-6 (Web based ERP) Versions Affected 16 Jan 2008 02:37:35 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26753 Re: what is this? Just to add to what has already passed, Security Focus has put up this article regarding this issue. http://www.securityfocus.com/news/11501 ys On 1 16 Jan 2008 00:57:44 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26745 cPanel Hosting Manager (dohtaccess.html) Aria-Security Team http://Aria-Security.Net ----------------------------------- Vendor: http://cPanel.com cPanel Hosting Manager (dohtaccess.html) Cro 15 Jan 2008 20:09:29 -0800 http://www.gossamer-threads.com/lists/bugtraq/bugtraq/26750