DSA-1776-1 slurm-llnl - privilege escalation

Bulletin has no description...

Senate bill proposes sweeping changes to U.S. cybersecurity

By Joby Warrick and Walter Pincus, Washington Post Federal legislators are working on a bill that would make major changes to the way that both government and private networks are protected. The Washington Post reports that the legislation not only will include more enforcement for regulations, b...

Countdown to Conficker's April 1st climax

By Byron Acohido, LastWatchdog.com Two schools of thought exist about what the Conficker worm will do come the wee hours of April 1, 2009, GMT. Some experts, like WinPatrol creator Bill Pytlovany, are sensing that the worm’s controllers will run circles lastwatchdog.com around the Microsoft-led...

Issue security based on workflow status

I would be great if permission types could be associated with workflow status. What we would like to do is limit the ability to edit an issue by the reporter to a specific workflow status. Using the issue security scheme is not possible since the reporter should always be allowed to view the issu...

USN-722-1: sudo vulnerability

Harald Koenig discovered that sudo did not correctly handle certain privilege changes when handling groups. If a local attacker belonged to a group included in a "RunAs" list in the /etc/sudoers file, that user could gain root privileges. This was not an issue for the default sudoers file shipped...

[SECURITY] Fedora 10 Update: squidGuard-1.2.1-2.fc10

squidGuard can be used to - limit the web access for some users to a list of accepted/well known web servers and/or URLs only. - block access to some listed or blacklisted web servers and/or URLs for some users. - block access to URLs matching a list of regular expressions or words for some users...

[SECURITY] Fedora 9 Update: squidGuard-1.2.1-2.fc9

squidGuard can be used to - limit the web access for some users to a list of accepted/well known web servers and/or URLs only. - block access to some listed or blacklisted web servers and/or URLs for some users. - block access to URLs matching a list of regular expressions or words for some users...

Fedora Core 10 FEDORA-2009-1074 (sudo)

The remote host is missing an update to sudo announced via advisory FEDORA-2009-1074. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

PT-2009-1078 · Sudo +1 · Sudo +1

Name of the Vulnerable Software and Affected Versions: sudo versions 1.6.9p17 through 1.6.9p19 Description: The issue concerns the improper interpretation of a system group in the sudoers file during authorization decisions for users belonging to that group. This allows local users to leverage an...

Umer Inc Songs Portal Script - id SQL Injection

Umer Inc Songs Portal Script - id SQL Injection || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

Umer Inc Songs Portal Script - 'id' SQL Injection

|| || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

smb-enum-users NSE Script

Attempts to enumerate the users on a remote Windows system, with as much information as possible, through two different techniques both over MSRPC, which uses port 445 or 139; see smb.lua. The goal of this script is to discover all user accounts that exist on a remote system. This can be helpful...

PT-2008-6149 · Postfix · Postfix

Name of the Vulnerable Software and Affected Versions: Postfix version 2.5.2 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on the /tmp/postfix groups.stdout, /tmp/postfix groups.stderr, and /tmp/postfix groups.message temporary files. The vendor...

Unfixed XSS vulnerability at www.learning2008.com

Security researcher xylitol, has submitted on 26/10/2008 a cross-site-scripting XSS vulnerability affecting www.learning2008.com, which at the time of submission ranked 11844287 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 03/07/2009. It is...

Sql injection

SQL injection vulnerability in pickusers.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the unamesearch parameter. NOTE: some of these details are obtained from third party information...

dovecot -- ACL plugin bypass vulnerabilities

Timo Sirainen reports in dovecot 1.1.4 release notes: ACL plugin fixes: Negative rights were actually treated as positive rights. 'k' right didn't prevent creating parent/child/child mailbox. ACL groups weren't working...

Restrict access to page history to certain users (or groups)

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-13247. panel A customer requested for a new feature to restrict access to page history only to a particular group or certain...

Restrict access to page history to certain users (or groups)

A customer requested for a new feature to restrict access to page history only to a particular group or certain users...

ajhyipacmereadarticle-sql.txt

|| || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

Brim 2.0.0 (SQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...