Ubuntu 5.04 : mozilla-firefox bug fix (USN-124-2)

USN-124-1 fixed several vulnerabilities of Firefox. After that update, several users experienced XML errors on various actions like adding bookmarks see https://bugzilla.ubuntu.com/showbug.cgi?id=10643. After installing these new packages and restarting the browser, these problems should be fixed...

CVE-2005-4856

The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051110 does not properly handle authorization errors, which allows remote attackers to obtain sensitive information and see the admin pagelayout and associated templates via a request with 1...

BZFlag 2.0.4 - undelimited string Denial of Service

/ by Luigi Auriemma / include include include include include ifdef WIN32 include / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include include void stderrvoid char error; switchWSAGetLastError case 10004: error =...

CVE-2005-2829

Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by 1 overlaying a malicious new window above a file download box, then 2 using a keyboard shortcut and delaying the display of the file download box until the user hits a...

CVE-2005-2829

CVE-2005-2829 corresponds to a File Download Dialog Box Manipulation vulnerability in Microsoft Internet Explorer 5.01/5.5/6 that could allow remote code execution via attacker‑supplied content and user interaction. Exploitation involves overlaying a malicious dialog and delaying the Run/Open act...

DSA-919-2 curl - buffer overflow

Bulletin has no description...

CVE-2005-4077

Multiple off-by-one errors in the cURL library libcurl 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that 1 are malformed in a way that prevents a terminating null byte from being added to...

GLSA-200512-01 : Perl: Format string errors can lead to code execution

The remote host is affected by the vulnerability described in GLSA-200512-01 Perl: Format string errors can lead to code execution Jack Louis discovered a new way to exploit format string errors in Perl that could lead to the execution of arbitrary code. This is perfomed by causing an integer wra...

[SA17748] Sun Java JRE Sandbox Security Bypass Vulnerabilities

TITLE: Sun Java JRE Sandbox Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA17748 VERIFY ADVISORY: http://secunia.com/advisories/17748/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Sun Java SDK 1.4.x http://secunia.com/product/1661/ Sun Java SDK 1.3.x...

Remote attacks learn ABC—from SATAN to start the vulnerability gathering-vulnerability warning-the black bar safety net

My statement of finishing this article in mind not to encourage more people to engage in destruction, just want to note one thing. If you think this article can teach you anything, then you are also wrong, because often ittechnologydepending on your experience, and the experience of which somethi...

[SECURITY] [DSA 899-1] New egroupware packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 899-1 [email protected] http://www.debian.org/security/ Martin Schulze November 17th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 898-1] New phpgroupware packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 898-1 [email protected] http://www.debian.org/security/ Martin Schulze November 17th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 898-1] New phpgroupware packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 898-1 [email protected] http://www.debian.org/security/ Martin Schulze November 17th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 897-1] New phpsysinfo packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 897-1 [email protected] http://www.debian.org/security/ Martin Schulze November 15th, 2005 http://www.debian.org/security/faq -...

Walla TeleSite Multiple Vulnerabilities

Application: Walla TeleSite Vendors: http://www.walla.co.il Versions: 3.0 and perior Platforms: Windows ISAPI, a few vulnerabilities apply Linux too Bug: Multiple Vulnerabilities Exploitation: Remote with browser Date: 13 Nov 2005 Author: Rafi Nahum, Pokerface e-mail: [email protected] web: N...

DSA-897-1 phpsysinfo - programming errors

Bulletin has no description...

PHP3 Physical Path Disclosure Vulnerability

PHP3 will reveal the physical path of the webroot when asked for a non-existent PHP3 file if it is incorrectly configured. SPDX-FileCopyrightText: 2001 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Glider collectn kill <= 1.0.0.0 Buffer Overflow (PoC)

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h include time.h ifdef WIN32 include winsock.h / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include string.h...

GO-Global Windows Clients <= 3.1.0.3270 Buffer Overflow (PoC)

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h ifdef WIN32 include winsock.h / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include string.h include errno.h...

FlatFrag <= 0.3 Buffer Overflow / Denial of Service Exploit

Exploit for unknown platform in category dos / poc =========================================================== FlatFrag include include include ifdef WIN32 include / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include...