Full Disclosure List Rises From the Ashes For Fresh Start

When the Full Disclosure mailing list closed down last week, many in the security community wondered what, if anything, would fill the void. As it turns out, Full Disclosure will fill that void. John Cartwright, one of the creators of the list, announced on March 19 that he was shutting it down...

Open Forum Server 2.2 b005 Arbitrary File Write

============================================================================================================ //\ /\ /\ /\ /\ /\ ///\ //\ /\ /\///\ // \ // //\ \ / //\ \ / // //\ \ /\\ \ \ \ / / / / // \ \ // // // // \ // //\ \\ \ // /// \ \ / \ / // / // / / / / / \ \ / / / ...

OpenForum 2.2 b005 - 'saveAsAttachment()' Method Arbitrary File Creation

source: https://www.securityfocus.com/bid/40364/info OpenForum is prone to a vulnerability that may allow remote attackers to create arbitrary files on a vulnerable system. Successful exploits will allow an attacker to create arbitrary files, which may then be executed to perform unauthorized...

Open Forum Server 2.2 b005 Directory Traversal

============================================================================================================ //\ /\ /\ /\ /\ /\ ///\ //\ /\ /\///\ // \ // //\ \ / //\ \ / // //\ \ /\\ \ \ \ / / / / // \ \ // // // // \ // //\ \\ \ // /// \ \ / \ / // / // / / / / / \ \ / / / ...

ultimatedisclose.txt

Update: 12:15 AM 5/14/2005 Subject: " Ultimate Forum Password Database Vulnerability " Vulnerable version: Ultimate Forum 1.0 Description: Ultimate forum is an Open forum i.e. no logon restrictions or private areas. Forum is a text file based. Each forum is multithreaded and stored in a separate...