bugtraq at insecure.org

Re: Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome

lcamtuf@NOSPAMcoredump.cx (Michal Zalewski) — Fri, 3 Jul 2009 10:07:20 -0700

> refresh: 0; URL=javascript:alert(document.cookie) > The code will work in context of this site. ...which happens to be covered here for half a year or so: I can't see how this could be a vulnerability per se, although changing the behavior offers an additional, if small, degree of ...

Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome

mustlive@NOSPAMwebsecurity.com.ua (MustLive) — Fri, 3 Jul 2009 01:21:57 +0300

Hello SecurityFocus! I want to warn you about Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome. I wrote about it at my site this Monday (29.06.2009) and also informed corresponding browsers developers about this vulnerability. At 21.04.2009 there was fixed vulnerability in Firefox 3.0.9 (), which ...

[oCERT-2009-007] FCKeditor input sanitization errors

lcars@NOSPAMocert.org (Andrea Barisani) — Fri, 3 Jul 2009 16:45:21 +0100

#2009-007 FCKeditor input sanitization errors Description: FCKeditor, a web based open source HTML text editor, suffers from a remote file upload vulnerability. The input of several connector modules is not properly verified before being used, this leads to exposure of the contents of arbitrary directories on the ...

[SECURITY] [DSA 1825-1] New nagios2/nagios3 packages fix arbitrary code execution

nion@NOSPAMdebian.org (Nico Golde) — Fri, 3 Jul 2009 17:46:14 +0200

- Debian Security Advisory DSA-1825-1 securityatdebian.org Nico Golde July 3rd, 2009 - Package : nagios2, nagios3 Vulnerability : insufficient input validation Problem type : remote Debian-specific: no CVE ID : CVE-2009-2288 It was discovered that the statuswml.cgi script of nagios, a monitoring ...

One Click Ownage [White Paper and Scripts]

ferruh@NOSPAMmavituna.com (Ferruh Mavituna) — Fri, 3 Jul 2009 11:50:17 +0100

This is a different and more practical approach to get a reverse shell or code execution in SQL Injections (particularly in MSSQL). The idea is simple. Getting a reverse shell from an SQL Injection with one HTTP request without using�an extra channel such as TFTP, FTP to upload the ...

Multiple Flaws in Axesstel MV 410R

filip.palian@NOSPAMpjwstk.edu.pl (filip.palian_at_pjwstk.edu.pl) — Thu, 2 Jul 2009 14:49:08 -0600

Multiple Flaws in Axesstel MV 410R by Filip Palian

[ GLSA 200907-02 ] ModSecurity: Denial of Service

a3li@NOSPAMgentoo.org (Alex Legler) — Thu, 02 Jul 2009 21:38:32 +0200

- - Gentoo Linux Security Advisory GLSA 200907-02 - - - - Severity: Normal Title: ModSecurity: Denial of Service Date: July 02, 2009 Bugs: #262302 ID: 200907-02 - - Synopsis Two vulnerabilities in ModSecurity might lead to a Denial of Service. ...

[ GLSA 200907-01 ] libwmf: User-assisted execution of arbitrary code

a3li@NOSPAMgentoo.org (Alex Legler) — Thu, 02 Jul 2009 21:36:57 +0200

- - Gentoo Linux Security Advisory GLSA 200907-01 - - - - Severity: Normal Title: libwmf: User-assisted execution of arbitrary code Date: July 02, 2009 Bugs: #268161 ID: 200907-01 - - Synopsis libwmf bundles an old GD version which contains a "use-after-free" ...

[USN-795-1] Nagios vulnerability

marc.deslauriers@NOSPAMcanonical.com (Marc Deslauriers) — Thu, 02 Jul 2009 14:29:06 -0400

Ubuntu Security Notice USN-795-1 July 02, 2009 nagios2, nagios3 vulnerability CVE-2009-2288 A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. ...

[USN-794-1] Perl vulnerability

marc.deslauriers@NOSPAMcanonical.com (Marc Deslauriers) — Thu, 02 Jul 2009 14:27:30 -0400

Ubuntu Security Notice USN-794-1 July 02, 2009 libcompress-raw-zlib-perl, perl vulnerability CVE-2009-1391 A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. ...

[ISecAuditors Security Advisories] Joomla! < 1.5.12 Multiple XSS vulnerabilities in HTTP Headers

advisories@NOSPAMisecauditors.com (ISecAuditors Security Advisories) — Thu, 02 Jul 2009 17:13:50 +0200

INTERNET SECURITY AUDITORS ALERT 2009-007 - Original release date: June 30th, 2009 - Last revised: July 2nd, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.8/10 (CVSS Base Score) I. VULNERABILITY Joomla! < 1.5.12 Multiple XSS vulnerabilities in HTTP Headers II. BACKGROUND ...

[oCERT-2009-009] CamlImages integer overflows

lcars@NOSPAMocert.org (Andrea Barisani) — Thu, 2 Jul 2009 14:01:24 +0100

#2009-009 CamlImages integer overflows Description: CamlImages, an open source image processing library, suffers from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by PNG image parsing, the readpngfile and ...

eAccelerator encoder files backup Vulnerability

linuxrootkit2008@NOSPAMgmail.com (linuxrootkit2008_at_gmail.com) — 2 Jul 2009 03:19:03 -0000

eAccelerator encoder files backup Vulnerability 1.Description ...

Sourcefire 3D Sensor and DC, privilege escalation vulnerability

c3rb3r@NOSPAMvideotron.ca (c3rb3r_at_videotron.ca) — Wed, 1 Jul 2009 14:44:41 -0600

Affected product Sourcefire 3D Sensor and Defense Center 4.8.x Tested on 4.8.0.3 and 4.8.0.4, 3D Sensor 2500 & DC 1000 All 4.8.x releases, up to and including 4.8.1, confirmed vulnerable by sourcefire. Vulnerability details ...

[security bulletin] HPSBUX02431 SSRT090085 rev.1 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Execution of Arbitrary Code

security-alert@NOSPAMhp.com (security-alert_at_hp.com) — Wed, 01 Jul 2009 10:59:01 -0700

SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01756421 Version: 1 HPSBUX02431 SSRT090085 rev.1 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. ...