Security and Penetration Testing Portal | Bugtraq | ArcaneSecurity.net

Login

Donate

Hosting, research and development cost money. Help us keep this portal alive.

Donate:

Monthly

Twitter Status

Follow On Twitter

available files

3G Security Overview
File Icon

GPRS Security Issues and Solutions
File Icon

The WebSite Attack Guide
File Icon

Ettercap Guide
File Icon

Headlines

Featured Videos

History Of Hacking

development by joommaster team.

Bugtraq

Posted by vds_s_at_yahoo.com on Jan 21

('binary' encoding is not supported, stored as-is) Joomla component beamospetition 1.0.12 Sql Injection / Xss
Author : vds_s
Dork : "Powered by beamospetition 1.0.12"
Dl : http://joomlacode.org/gf/project/beamospetition/
Xss :...

Posted by Cisco Systems Product Security Incident Response Team on Jan 21

Cisco Security Advisory: Cisco Security Manager Vulnerability

Advisory ID: cisco-sa-20090121-csm

http://www.cisco.com/warp/public/707/cisco-sa-20090121-csm.shtml

Revision 1.0

For Public Release 2009 January 21 1600 UTC (GMT)

...

Posted by Digital Security Research Group on Jan 21

Digital Security Research Group [DSecRG] Advisory #DSECRG-09-004
AXIS 70U Network Document Server - Privilege Escalation and XSS

http://dsecrg.com/pages/vul/show.php?id=60

Application: AXIS 70U Network Document Server (Web Interface)
Versions Affected:...

Posted by Thijs Kinkhorst on Jan 21

------------------------------------------------------------------------
Debian Security Advisory DSA-1693-2 security_at_debian.org
http://www.debian.org/security/ Thijs Kinkhorst
January 21, 2009 ...

Posted by Thijs Kinkhorst on Jan 21

------------------------------------------------------------------------
Debian Security Advisory DSA-1709-1 security_at_debian.org
http://www.debian.org/security/ Thijs Kinkhorst
January 21, 2009 ...

Posted by Christopher Kruegel on Jan 20

======================================================================
Call for Papers:
16th ACM Conference on Computer and Communications Security (CCS) 2009

Nov 9 - 13, 2009: Hyatt Regency Chicago, IL, USA
http://sigsac.org/ccs/CCS2009
...

Posted by Praburaajan on Jan 21

The videos from HITBSecConf2008 - Malaysia are now available for download!

Day 1
=====

http://thepiratebay.org/torrent/4654588/HITBSecConf2008_-_Malaysia_Videos___Day_1

Keynote Address 1: The Art of Click-Jacking - Jeremiah Grossman
Keynote...

Posted by Pierre-Yves Rofes on Jan 20

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200901-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

Posted by rPath Update Announcements on Jan 20

rPath Security Advisory: 2009-0014-1
Published: 2009-01-20
Products:
rPath Linux 2

Rating: Minor
Exposure Level Classification:
Local Root Deterministic Privilege Escalation
Updated Versions:
...

Posted by rPath Update Announcements on Jan 20

rPath Security Advisory: 2009-0011-1
Published: 2009-01-20
Products:
    rPath Appliance Platform Linux Service 1
    rPath Appliance Platform Linux Service 2
    rPath Linux 1
    rPath Linux 2

Rating: Minor
...

Posted by rPath Update Announcements on Jan 20

rPath Security Advisory: 2009-0010-1
Published: 2009-01-20
Products:
    rPath Appliance Platform Linux Service 1
    rPath Appliance Platform Linux Service 2
    rPath Linux 1
    rPath Linux 2

Rating: Severe
...

Posted by rPath Update Announcements on Jan 20

rPath Security Advisory: 2009-0009-1
Published: 2009-01-20
Products:
rPath Linux 1
rPath Linux 2

Rating: Severe
Exposure Level Classification:
Indirect Deterministic Vulnerability
Updated Versions:
...

Posted by rPath Update Announcements on Jan 20

rPath Security Advisory: 2009-0008-1
Published: 2009-01-20
Products:
    rPath Appliance Platform Linux Service 1
    rPath Appliance Platform Linux Service 2
    rPath Linux 1
    rPath Linux 2

Rating: Severe
...

Posted by swhite_at_securestate.com on Jan 20

('binary' encoding is not supported, stored as-is) MoinMoin Wiki Engine Cross-Site Scripting

Discovered by: SecureState R&D Team (sasquatch)

Website: www.securestate.com

Discovered: 01-08-09

Vendor Notified: 01-08-09

Vendor Fix Issued: 01-11-09 (...

Posted by Secunia Research on Jan 20

======================================================================

Secunia Research 20/01/2009

- OpenSG Radiance...

Posted by Secunia Research on Jan 20

======================================================================

Secunia Research 20/01/2009

...

Posted by security-alert_at_hp.com on Jan 20

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01646081
Version: 1

HPSBMA02400 SSRT080144 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date:...

Posted by Russell L. Smoak on Jan 20

Good morning,

Look in the 'Impact' section of the advisory. We break out the
probable impact into a separate section.

In that section, we clearly state that arbitrary code execution is
possible. We also included the access vector in the bug scoring
(Remote, no authentication required).

...

Posted by Secunia Research on Jan 20

======================================================================

Secunia Research 20/01/2009

- Trend Micro Network Security...

Posted by Jukka Zitting on Jan 20

The Apache Jackrabbit community is pleased to announce the release of
Apache Jackrabbit version 1.5.2. The release is available for download
at:

http://jackrabbit.apache.org/downloads.html

See the full release notes below for details about this release.

Release Notes...

Posted by security curmudgeon on Jan 20

(Note the date, late reply I know..)

On Tue, 29 Jul 2008, Andy Davis wrote:

: The IOS FTP server vulnerabilities were published in an advisory by
: Cisco in May 2007. The FTP server does not run by default, it is not
: widely used and has since been removed from new versions of IOS.
:...

Posted by Eduardo Vela on Jan 19

Server Version Info: Oracle-Application-Server-10g/10.1.3.1.0 Oracle-HTTP-Server
PoC: http://OC4J/web-app/foobar/%c0%ae%c0%ae/WEB-INF/web.xml
Related: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938
Explaination: The "%c0%ae%c0%ae" is interpreted as: ".."...

Posted by security_at_soqor.net on Jan 20

('binary' encoding is not supported, stored as-is) Hello

Cybershade CMS Remote File include vulnerability

Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security_at_soqor.net

Remote File Including
core/includes.php?CMS_ROOT=...

Posted by alberto.morenot_at_gmail.com on Jan 19

('binary' encoding is not supported, stored as-is) Title: Microsoft Bluetooth Stack OBEX Directory Traversal
Author: Alberto Moreno Tablado
Vendor: Microsoft
Product: Windows Mobile 6 Professional (Probably Windows Mobile 5.0 for Pocket PC and Windows Mobile 5.0 for Pocket PC Phone Edition)
...

Posted by Florian Weimer on Jan 19

------------------------------------------------------------------------
Debian Security Advisory DSA-1708-1 security_at_debian.org
http://www.debian.org/security/ Florian Weimer
January 19, 2009 ...

Posted by security_at_mandriva.com on Jan 19

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:019
http://www.mandriva.com/security/
_______________________________________________________________________

Package :...

Posted by Ofer Shezaf on Jan 19

The incidents reported on WHID (the web hacking incidents database) last
week where:

* WHID 2009-3: Google Trends Falls Victim to a Stunt
(http://whid.xiom.com/whid-2009-3)
A very good example of why insufficient anti-automation is becoming
a...

Posted by Aditya K Sood on Jan 18

Version Affected:
Oracle E-Business Suite Release 12, version 12.0.6
Oracle E-Business Suite Release 11i, version 11.5.10.2

CVE:
2008-5446

Description:
The oracle E Business including applications like I-Recruitment etc is
vulnerable to flaw which leads
to sensitive information disclosure...

Posted by sohrab_behroozian_at_yahoo.com on Jan 17

('binary' encoding is not supported, stored as-is) by : Matrix (S.B)

Ok it is not the first time, but they had fixed them all. It will probably be the third or fourth time they try to address this damn cgi! Here is the XSS that Matrix submitted to Securityfocus (works only in Internet Explorer):...

Posted by security_at_mandriva.com on Jan 16

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:018
http://www.mandriva.com/security/
_______________________________________________________________________

Package :...

Posted by security_at_mandriva.com on Jan 16

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:017
http://www.mandriva.com/security/
_______________________________________________________________________

Package :...

Posted by alphanix00_at_gmail.com on Jan 16

('binary' encoding is not supported, stored as-is) #!/usr/bin/perl
# By ALpHaNiX
# NullArea.Net
# THanks

use HTTP::Request;
use HTTP::Headers;
use LWP::UserAgent;

if (@ARGV != 1) { &help; exit(); }
if ($ARGV[0] =~ /http:/// ) { $ip = $ARGV[0]."/"; } else { $ip =...

Posted by alphanix00_at_gmail.com on Jan 16

('binary' encoding is not supported, stored as-is) <html>
<title>Excel Viewer OCX 3.1/3.2 Denial of Service PoC</title>
<br> Excel Viewer OCX 3.1/3.2 Denial of Service PoC</br>
<br> By ALpHaNiX </br>
<br> NullArea.Net</br>
...

Posted by security_at_mandriva.com on Jan 16

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:016
http://www.mandriva.com/security/
_______________________________________________________________________

Package : xen...

Posted by pouya.s3rver_at_gmail.com on Jan 16

('binary' encoding is not supported, stored as-is) #########################################################
---------------------------------------------------------
Portal Name: Active Bids
Vendor : http://www.activewebsoftwares.com/P84_ActiveBids.aspx?Tabopen=1
Author : Pouya_Server ,...

Posted by pouya.s3rver_at_gmail.com on Jan 16

('binary' encoding is not supported, stored as-is) #########################################################
---------------------------------------------------------
Portal Name: DMXReady Blog Manager (SQL/XSS)
Vendor : http://www.galaxyscripts.com
Author : Pouya_Server ,...

Posted by Amon Ott on Jan 16

Rule Set Based Access Control (RSBAC) 1.4.0 has been released for both
Linux kernels 2.4.37 and 2.6.27.10
You can download the new version from http://www.rsbac.org

RSBAC is one of the leading access control systems for the Linux
kernel with a good selection of access control models, see
...

Posted by security_at_mandriva.com on Jan 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:015
http://www.mandriva.com/security/
_______________________________________________________________________

Package :...

Posted by security_at_mandriva.com on Jan 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:014
http://www.mandriva.com/security/
_______________________________________________________________________

Package :...

Posted by security_at_mandriva.com on Jan 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:013
http://www.mandriva.com/security/
_______________________________________________________________________

Package :...

Posted by vuln_research_at_princeofnigeria.org on Jan 15

('binary' encoding is not supported, stored as-is) [--Vulnerability Summary--]

Title: Syslserve 1.058 Denial of Service Vulnerability
Product: Syslserve 1.058

Discovered: December 1, 2008
Discovered by: Rob Kraus, princeofnigeria (PoN)

Vendor: Syslserve
Vendor URL: http://www.syslserve.com/...

Posted by Kees Cook on Jan 15

===========================================================
Ubuntu Security Notice USN-700-2 January 15, 2009
perl regression
https://launchpad.net/bugs/315991
===========================================================

A security issue affects the following Ubuntu releases:

...

Posted by Moritz Muehlenhoff on Jan 15

------------------------------------------------------------------------
Debian Security Advisory DSA-1706-1 security_at_debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
January 15, 2009 ...

More Articles...

<< Start < Prev 1 2 3 Next > End >>

Page 1 of 3

RocketTheme Joomla Templates