Mac OS X Multiple Vulnerabilities (Security Update 2005-003)

The remote host is missing Security Update 2005-003. This security update contains security fixes for the following applications : - AFP Server - Bluetooth Setup Assistant - Core Foundation - Cyrus IMAP - Cyrus SASL - Folder Permissions - Mailman - Safari These programs have multiple...

Microsoft Windows Drag-and-Drop vulnerability

It's possible to trick user to drag-n-drop malicious file into special for example autostart folder...

7a69Adv#19 - ZipGenius unpack path disclosure

------------------------------------------------------------------ 7a69ezine Advisories 7a69Adv19 - ------------------------------------------------------------------ http://www.7a69ezine.org 02/02/2005 - ------------------------------------------------------------------ Title: ZipGenius unpack...

Advisore: UeBIMIAU <= 2.7.2 Multiples Vulnerabilities

ADVISORE 01 15/01/2005 INTRUDERS TIGER TEAM SECURITY - SECURITY ADVISORE http://www.intruders.com.br/ http://www.intruders.org.br/ ADVISORE/0105 - UEBIMIAU 2.7.2 MULTIPLES VULNERABILITIES PRIORITY: HIGH I - INTRODUCTION: ---------------- From http://www.uebimiau.org/ "UebiMiau is a simple, yet...

Simple PHP Blog directory traversal vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Simple PHP Blog directory traversal vulnerability Vulnerability discovery: Madelman madelman AT iname.com Date: 02/01/2005 Severity: Moderate Summary: - -------- I started this project because I wanted a dead-simple blog. Something that didn't...

[Full-Disclosure] Simple PHP Blog directory traversal vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Simple PHP Blog directory traversal vulnerability Vulnerability discovery: Madelman madelman AT iname.com Date: 02/01/2005 Severity: Moderate Summary: - -------- I started this project because I wanted a dead-simple blog. Something that didn't...

CVE-2004-2584

frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte "%00". NOTE: it is not clear whether this issue poses a vulnerability...

CVE-2004-2290

Microsoft Windows XP Explorer allows attackers to execute arbitrary code via a HTML and script in a self-executing folder that references an executable file within the folder, which is automatically executed when a user accesses the folder...

SharePoint information leak

During installation text file with cleartext password is created in world readable folder...

Security bug in .NET Forms Authentication

Hi We believe we have discovered a serious flaw in .NET forms authentication when used to secure sub folders. A standard forms authentication setup requires the presence of "web.config" to set the authentication method and login procedure. The presence of this file prevents access to certain file...

GlobalSCAPE - CuteFTP macros (*.mcr) Local Vulnerability

No description provided by source. Application: GlobalSCAPE CuteFTP V6.0 http://www.globalscape.com/ Risk: Medium / e-mail: [email protected] web: http://www.prohack.net / --The bug: Atacker can create a crafted CuteFTP macro .mcr, and when its loaded in the target computer, it can download the...

CVE-2001-0837

DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in 1 temp.html, 2 the log folder, and 3 the PhoneBook folder...

Elm Alternative Folder Buffer Overflow Vulnerability

Binary data 1300.prm...

wpquiz.txt

Ok so here is what I found Authors website wireplastik.com currently down php script I found exploit in wpquiz version 2.60b8 also tested on 2.60b 1-7 Exploit: by default wpquiz comes with a folder called extras. This folder is not password protected nor does it require any sort of authentication...

WpQuiz Gain Admin Rightd Exploit found

Ok so here is what I found Authors website wireplastik.com currently down php script I found exploit in wpquiz version 2.60b8 also tested on 2.60b 1-7 Exploit: by default wpquiz comes with a folder called extras. This folder is not password protected nor does it require any sort of authentication...

FTP Glide cleartext passwords

Passwords are stored in puvlic folder in cleartext...

OUTLOOK 2003: OuchLook

Sunday, May 09, 2004 Outlook 2003 the premier mail client from the company called 'Microsoft' certainly appears to have a lot of security features built into it. Curosry examination shows excellent thought into 'spam' containment, 'security' consideration and many other little 'things'. However...

Explorer / Internet Explorer buffer overflow

Buffer overflow on connection to network folder with oversized share name...

Vcard 2.8 uninstall script problem

Informations : °°°°°°°°°°°°°° Procduct: Vcard Version : 2.9 may other VER Problems : File uninstall & delete the table PHP Code/Location : °°°°°°°°°°°°°°°°°°° /admin/uninstall.php : ------------------------------------------------------------------------ ... ? $step = $HTTPGETVARS'step'; if...

Windows XP .folder files code execution

It's possible to create .folder file launching executable fail on open...