mAlbum v0.3 local file inclusion

25/11/06 @@ Produit Vulnrable : mAlbum v0.3 Site officiel du produit : http://satz.free.fr/ Vulnrabilitiezz : 1 Local file inclusion : http://127.0.0.1/malbum/index.php?gal=../../../../../../BOOT.INI00 Screen capturzz : http://anas.maslouhy.net/03.JPG Tux25 - tux025atgmailpointcom :...

malbum03.txt

20/11/06 Produit Vulnérable : mAlbum v0.3 Site officiel du produit : http://satz.free.fr/ Vulnérabilitiezz : 1 Multiple Full path disclosure : http://localhost/malbum/index.php?gal=" 2Directory traversal :http://localhost/malbum/index.php?gal=../../../ Screen capturzz :...

CVE-2006-5335

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2 have unknown impact and remote authenticated attack vectors related to 1 Vuln DB04 and sys.dbmscdcimpdp in the a Change Data Capture CDC component; 2 Vuln DB07, 3 DB08, and 4 DB16 in sys.dbmscdcisubscribe in CDC; and 5...

CVE-2006-5336

Multiple unspecified vulnerabilities in the Change Data Capture CDC component in Oracle Database 9.2.0.7, 10.1.0.5, and have unknown impact and remote authenticated attack vectors related to 1 sys.dbmscdcipublish Vuln DB05 and 2 sys.dbmscdcisubscribe DB06. NOTE: as of 20061023, Oracle has not...

CVE-2006-5336

Technical details for CVE-2006-5336 are not publicly provided in the connected documents; no affected products, versions, or fixes are specified here. Monitor for updates.

Debian DSA-1049-1 : ethereal - several vulnerabilities

Gerald Combs reported several vulnerabilities in ethereal, a popular network traffic analyser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-1932 The OID printing routine is susceptible to an off-by-one error. - CVE-2006-1933 The UMA and BER...

Learning More about SmartView Tracker Logs: InterSpect NGX Packets Capture

Packet streams that have triggered a SmartDefense or Web Intelligence protection can be stored in the form of raw data. The captured packet can be examined using an internal packet viewer or any protocol analyzer, such as Ethereal, Snoop or tcpdump.Packet capture is available for all protections ...

orkutShortcut.txt

------=Part14069116107831.1157619933640 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi All, I have found url redirection vulnerability on www.orkut.com. If a user clicks on a malicious link he/she will redirect to an...

OZJournal v1.5 - XSS

OZJournal v1.5 Homepage: http://ozjournals.awardspace.com/index.php Affected files: search input box index.php viewing archives show comment page ---------------------------------------- XSS vulnerability via search input box: Data isn't properly sanatized before being displayed. For a PoC in the...

Governs the granting of leave true when True also false-the“real”IP security risks-vulnerability warning-the black bar safety net

Let us look at the ASP code first: Function getIP Dim strIPAddr as string If Request. ServerVariables"HTTPXFORWARDEDFOR" = "" OR InStrRequest. ServerVariables"HTTPXFORWARDEDFOR", "unknown" 0 Then strIPAddr = Request. ServerVariables"REMOTEADDR" ElseIf InStrRequest...

CVE-2006-3698

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln 1 DB01 for Change Data Capture CDC component and 2 DB03 for Data Pump Metadata API. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable researcher that DB01 is...

Forged Cookies online movies free to watch-vulnerability warning-the black bar safety net

Today, the network of movie sites a lot, but many are for a fee, rarely there will be a free“lunch”waiting for everyone to go enjoy. But now many movie sites registered ordinary members, if not renewed, the remaining money will be for $ 0, This is simply not be able to watch movies, even if you a...

security flaw

Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service crash from null dereference via the 1 Sniffer capture or 2 SMB PIPE dissector...

Fedora Core 5 : ethereal-0.99.0-fc5.1 (2006-456)

Many security vulnerabilities have been fixed since the previous release. - The H.248 dissector could crash. Versions affected: 0.10.14. CVE: CVE-2006-1937 - The UMA dissector could go into an infinite loop. Versions affected: 0.10.12 - 0.10.14. CVE: CVE-2006-1933 - The X.509if dissector could...

CVE-2006-1938

Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service crash from null dereference via the 1 Sniffer capture or 2 SMB PIPE dissector...

Ethereal 0.99.0 Release Notes

Ethereal 0.99.0 Release Notes Table of Contents What is Ethereal? What's New Bug Fixes New and Updated Features New Protocol Support Updated Protocol Support New and Updated Capture File Support Getting Ethereal Microsoft Windows Sun Solaris Source Code Vendor-supplied Packages File Locations Kno...

PT-2006-2922 · Ethereal · Ethereal

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.8.x through 0.10.14 Description: The issue allows remote attackers to cause a denial of service, resulting in a crash due to a null dereference. This can be achieved via the Sniffer capture or the SMB PIPE dissector...

Buffer overflow

Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unknown impact and attack vectors, as identified by Vuln 1 APPS03 in a iProcurement; 2 APPS04 in b Oracle Application Object Library; 3 APPS06, 4 APPS07, and 5 APPS08 in c Oracle Applications Technology...

CVE-2006-1882

Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unknown impact and attack vectors, as identified by Vuln 1 APPS03 in a iProcurement; 2 APPS04 in b Oracle Application Object Library; 3 APPS06, 4 APPS07, and 5 APPS08 in c Oracle Applications Technology...

CVE-2006-1882

CVE-2006-1882 affects Oracle E-Business Suite and Applications 11.5.10. The vulnerabilities span multiple areas: (1) APPS03 in iProcurement; (2) APPS04 in Oracle Application Object Library; (3) APPS06, APPS07, APPS08 in Oracle Applications Technology Stack; and (6) APPS11 in Oracle Order Capture....