Posted by David Berlind @ 11:16 am
Source: ZdNet.com
In light of the way Bruce Schneier has published Sony’s DRM Rootkit: The real story — a story that recounts how quickly things have gone from bad to worse for Sony, I thought it would only be fitting to publish the untold story (does our industry have the [...]
Exploit code for a new flaw in Internet Explorer could put systems at risk of remote attack, security experts warned Monday.
The exploit code, made public Monday, aims to take advantage of the “extremely critical” vulnerabilities in IE 5.5 and IE 6 running on XP Service Pack 2 (SP2), and IE 6 running on Windows [...]
Updated Epiphany packages to match Mozilla security update
30 Jul
Posted by Exploitx as Exploits and Bugs
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
epiphany-browser
The problem can be corrected by upgrading the affected package to
version 1.4.4-0ubuntu2.1. After a standard system upgrade you need to
restart Epiphany to effect the necessary changes.
Details follow:
USN-155-1 fixed some security vulnerabilities of the Mozilla suite.
Unfortunately this update caused regressions in [...]
Security Notice: Anonymous Web Attacks via Dedicated Mobile Services
Security Risk: UNKNOWN
Publish Data: 2005 July 16
Security Researcher: Petko Petkov
Contact Information: ppetkov@gnucitizen.org
PGP Key: http://pdp.gnucitizen.org/ppetkov.asc
Synopsis
- ———
Various Mobile Services provide malicious users with an intermediate
point to anonymously browse Web Resources and execute attacks against
them.
Affected Applications
- ———————-
* Google’s WMLProxy
* IYHY
Background
- ————
WAP stands for Wireless Application Protocol, a communication [...]
Vulnerabilities
—————
1) admin/media/browse.php
The “dir” parameter is vulnerable to xss. Also the script blocks ../ but if a non-existant
directory is chosen the script tries to read it and the error gives path disclosure.
2) 25 accounts of path disclosure when a file is directly accessed. There is too many too list so
I will just leave them out.
3) In [...]
Author: Jose Antonio Coret (Joxean Koret)
Date: 2005
Location: Basque Country
—————————————————————————
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
GForge - 4.5 (Current)
GForge has tools to help your team collaborate, like message forums and
mailing lists; tools to create and control access to Source Code
Management
repositories like CVS and Subversion. GForge automatically creates a
repository
and controls access to it depending on the role settings of the project.
Web [...]
Categories
Meta
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Jun | ||||||
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 | |
Security Products
