News

Bugtraq

The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!

Re: Re: IIS5.1 Directory Authentication Bypass by using ?:$I30:$Index_Allocation?

Posted by steve . povolny on Sep 03
There's not a lot in the way of information about IIS settings required to exploit this. What I've gleaned so far is
IIS 5.1, and a request to a directory using the :$i30:$INDEX_ALLOCATION in the request...Can't seem to replicate this
though. Are there any other settings that you are aware of for IIS? Basic auth required? I'd like to find a way to
replicate this in our environment. Thanks!
VUPEN Security Research - Google Chrome Focus Processing Memory Corruption Vulnerability (VUPEN-SR-2010-249)

Posted by VUPEN Security Research on Sep 03
VUPEN Security Research - Google Chrome Focus Processing Memory Corruption
Vulnerability (VUPEN-SR-2010-249)

http://www.vupen.com/english/research.php

I. BACKGROUND
---------------------

"Google Chrome is a browser that combines a minimal design with
sophisticated technology to make the web faster, safer, and easier."

II. DESCRIPTION
---------------------

VUPEN Vulnerability Research Team discovered a high risk vulnerability...
[ MDVSA-2010:170 ] wget

Posted by security on Sep 03
_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:170
http://www.mandriva.com/security/
_______________________________________________________________________

Package : wget
Date : September 2, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0,
Enterprise Server 5.0...
[SECURITY] [DSA-2102-1] New barnowl packages fix arbitrary code execution

Posted by Sebastien Delafond on Sep 03
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2102-1 security () debian org
http://www.debian.org/security/ Sébastien Delafond
Sep 3, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : barnowl
Vulnerability : unchecked return value
Problem...
nullcon Goa dwitiya (2.0) Call For Papers

Posted by nullcon on Sep 03
nullcon Dwitiya (2.0)
The Jugaad(hacking) Conference

nullcon is an initiative by null - The open security community.

Website:
http://nullcon.net

Calling all Jugaadus(hackers)
It's the time of the year when we welcome research done by the
community as paper submissions for nullcon.
So, sip your coffee, dust your debuggers, fire your tools, challenge
your grey cells and shoot us an email.

Tracks:
---------------
- Bakkar: 1 Hr Talks
-...
[ GLSA 201009-01 ] wxGTK: User-assisted execution of arbitrary code

Posted by Alex Legler on Sep 03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201009-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: wxGTK: User-assisted execution of arbitrary code...
[security bulletin] HPSBMA02572 SSRT100082 rev.1 - HP Operations Agent Running on Windows, Local Elevation of Privileges and Remote Execution of Arbitrary Code

Posted by security-alert on Sep 03
SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02497800
Version: 1

HPSBMA02572 SSRT100082 rev.1 - HP Operations Agent Running on Windows, Local Elevation of Privileges and Remote
Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2010-09-02
Last Updated: 2010-09-02

Potential Security Impact: Local elevation of privileges and remote execution of...
Rooted CON 2011 - Call for Papers

Posted by Román Ramírez on Sep 03
Rooted CON 2011 - Call for Papers

-=] About Rooted CON

Rooted CON is a security congress which will be held in Madrid (Spain)
from 3 to 5 March 2011, whose spectrum of participants ranging from
students to state forces and secret services, through professionals of
the security market, lawyers, or even technology enthusiasts (and others).

-=] Type of Presentations

The congress accepts two kinds of presentations:

- Fast talks: 20 minutes.
-...
Vulnerabilities in CMS WebManager-Pro

Posted by MustLive on Sep 02
Hello Bugtraq!

I want to warn you about SQL Injection and Redirector (URL Redirector Abuse)
vulnerabilities in CMS WebManager-Pro (SecurityVulns ID:11108). It's
Ukrainian commercial CMS.

SQL Injection:

http://site/c.php?id=1%20and%20version()=5

Redirector:

http://site/c.php?id=1&url=http://websecurity.com.ua

Affected products: both systems CMS WebManager-Pro from two developers.
Vulnerable are versions CMS WebManager-Pro up to 8.1...
{PRL} Novell Netware OpenSSH Remote Stack Overflow

Posted by Francis Provencher on Sep 02
#####################################################################################

Application: Novell Netware OpenSSH Remote Stack Overflow

Platforms: Netware 6.5

Exploitation: Remote code execution

CVE Number:

Novell TID: 7006756

ZeroDayInitiative: ZDI-10-169

Author: Francis Provencher (Protek Research Lab's)

Blog: http://www.protekresearchlab.com/...
Moovida Media Player version 2.0.0.15 Insecure DLL Hijacking Vulnerability (libc.dll,quserex.dll)

Posted by YGN Ethical Hacker Group on Sep 02
1. OVERVIEW

The Moovida Media Player application is vulnerable to Insecure DLL
Hijacking Vulnerability. Similar terms that describe this
vulnerability
have been come up with Remote Binary Planting, Unsafe Library Loading,
and Insecure DLL Loading/Injection/Hijacking/Preloading.

2. PRODUCT DESCRIPTION

Moovida Media Player is a free and open source media center that
allows you to enjoy all of your music, video and pictures
in an awsome...
[ MDVSA-2010:168 ] openssl

Posted by security on Sep 02
_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:168
http://www.mandriva.com/security/
_______________________________________________________________________

Package : openssl
Date : September 1, 2010
Affected: 2010.1
_______________________________________________________________________

Problem Description:

A vulnerability has been found...
[ MDVSA-2010:169 ] mozilla-thunderbird

Posted by security on Sep 02
_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:169
http://www.mandriva.com/security/
_______________________________________________________________________

Package : mozilla-thunderbird
Date : September 2, 2010
Affected: 2008.0, 2009.0, 2010.0, 2010.1
_______________________________________________________________________

Problem...
[USN-982-1] Wget vulnerability

Posted by Marc Deslauriers on Sep 02
===========================================================
Ubuntu Security Notice USN-982-1 September 02, 2010
wget vulnerability
CVE-2010-2252
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 9.04
Ubuntu 9.10
Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem...
XSS vulnerability in ArtGK CMS

Posted by advisory on Sep 01
Vulnerability ID: HTB22588
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_artgk_cms_1.html
Product: ArtGK CMS
Vendor: ArtGK ( http://artgk-cms.ru/ )
Vulnerable Version: 2009-08-28 16:00:00 and Probably Prior Versions
Vendor Notification: 18 August 2010
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA - Ethical Hacking &...

Sections

Documents