Entries Categorized as 'Exploits and Bugs'

PHP vulnerabilities

Date July 19, 2007

Ubuntu Security Notice USN-485-1 July 17, 2007
php5 vulnerabilities
CVE-2007-1864, CVE-2007-2728
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package [...]

Posted in Exploits and Bugs Comments No Comments »

Dovecot vulnerability

Date July 19, 2007

Ubuntu Security Notice USN-487-1 July 17, 2007
dovecot vulnerability
CVE-2007-2231
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

Posted in Exploits and Bugs Comments No Comments »

Bugs and Exploits 03-dec

Date December 4, 2005

Zen-Cart

Posted in Exploits and Bugs Comments No Comments »

A flaw in Google’s G-Mail system allowed anyone access to any mailbox

Date December 3, 2005

This bug has already been corrected, that’s why it’s been published.
In this manual you will see step by step how to exploit Gmail’s
vulnerability, that gave you access to any account, reported by
Anelkaos, colaborator of elhacker.net’s forum and patched by Google by
October 18. Due to the bug’s gravity (that allowed in a few simple steps
to login [...]

Posted in Email Systems Comments 2 Comments »

Google Talk cleartext credentials in process memory

Date December 1, 2005

Title: Google Talk Beta Messenger cleartext credentials in process memory
Affected versions: 1.0.0.64 (this version is believed to be the first one released to the public)
Vendor contacted: 25/08/05
Patched version released: 29/08/05
Advisory released: 28/11/05
Author: pagvac (Adrian Pastor)
Homepage: www.ikwt.com – In Knowledge We Trust
Advisory URL: www.adrianpv.com/projects/google-talk-cleartext-credentials-in-process-memory.txt
Description
Google Talk stores all user credentials (username and password) in clear-text in the [...]

Posted in Exploits and Bugs Comments No Comments »

Exploits

Date November 25, 2005

freeFTPd 1.0.10 (Dos,Exploit)
freeFTPd is a FTP/FTPS/SFTP server that enables user to
access remote files over TCP/IP network such as Internet.
Unlike FTP, FTPS and SFTP protocols provide security and
strong encryption of data – great for insecure network.
VHCS 2.x HTTP Error Cross Site Scripting
phpSysInfo: Multiple vulnerabilities
Google Talk Denial of Service – BenjiBug
eix: Insecure temporary file creation

Posted in Exploits and Bugs Comments No Comments »

« Previous Entries