Bugtraq

There are lost of xss vul in PHPWind v6.0 !

Fri, 19 Mar 2010 15:03:02 GMT

Posted by lis cker on Mar 19

I found the PHPWind v6.0 just filter the xss code when the visitors login in, but it doesnt do it when login off.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the
context of the affected site.

This flaw makes its all the parameters in all the pages have the xss flaws when we login off!

Like "hack.php" "search.php" "read.php"...

CA20100318-01: Security Notice for CA ARCserve Backup

Fri, 19 Mar 2010 14:51:10 GMT

Posted by Kotas, Kevin J on Mar 19

CA20100318-01: Security Notice for CA ARCserve Backup

Issued: March 18, 2010

CA's support is alerting customers to security risks with CA ARCserve
Backup. The version of JRE shipped with ARCserve Backup is
potentially susceptible to multiple vulnerabilities and has also
reached end of life. Support is providing JRE 1.6 upgrades as
remediation.

Risk Rating

High

Platform

Windows

Affected Products

CA ARCserve Backup r12.5
CA ARCserve Backup...

CORE-2010-0311 - eFront-learning PHP file inclusion vulnerability

Wed, 17 Mar 2010 20:40:25 GMT

Posted by CORE Security Technologies Advisories on Mar 17

eFront-learning PHP file inclusion vulnerability

1. *Advisory Information*

Title: eFront-learning PHP file inclusion vulnerability
Advisory Id: CORE-2010-0311
Advisory URL:
http://www.coresecurity.com/content/efront-php-file-inclusion
Date published: 2010-03-16
Date of last update: 2010-03-16
Vendors contacted: Vendor name
Release mode: Coordinated release

2. *Vulnerability Information*

Class: PHP file inclusion [CWE-98]
Impact: Code...

Sahana 0.6.2.2 Authentication Bypass

Wed, 17 Mar 2010 19:37:35 GMT

Posted by Christopher on Mar 17

Ability to completely disable authentication via stream.php and commented
out module authentication code within it.

http://victim/<sahana_path>/index.php?mod=admin&act=acl_enable_acl
Authenticates correctly.

http://victim/<sahana_path>/stream.php?mod=admin&act=acl_enable_acl
Does not.

Secunia Research: Quicksilver Forums "mysqldump" Password Disclosure

Wed, 17 Mar 2010 19:24:45 GMT

Posted by Secunia Research on Mar 17

======================================================================

Secunia Research 17/03/2010

- Quicksilver Forums "mysqldump" Password Disclosure -

======================================================================
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Vendor's Description...

Secunia Research: Quicksilver Forums Cross-Site Request Forgery Vulnerability

Wed, 17 Mar 2010 19:09:15 GMT

Posted by Secunia Research on Mar 17

======================================================================

Secunia Research 17/03/2010

- Quicksilver Forums Cross-Site Request Forgery Vulnerability -

======================================================================
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Vendor's Description of...

Secunia Research: Quicksilver Forums Backup Information Disclosure

Wed, 17 Mar 2010 18:57:07 GMT

Posted by Secunia Research on Mar 17

======================================================================

Secunia Research 17/03/2010

- Quicksilver Forums Backup Information Disclosure -

======================================================================
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Vendor's Description of...

CORE-2009-0803: Virtual PC Hypervisor Memory Protection Vulnerability

Wed, 17 Mar 2010 18:24:26 GMT

Posted by CORE Security Technologies Advisories on Mar 17

Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/

Virtual PC Hypervisor Memory Protection Vulnerability

1. *Advisory Information*

Title: Virtual PC Hypervisor Memory Protection Vulnerability
Advisory Id: CORE-2009-0803
Advisory URL:
http://www.coresecurity.com/content/virtual-pc-2007-hypervisor-memory-protection-bug
Date published: 2010-03-16
Date of last update: 2010-03-16
Vendors...

Miranda IM silent TLS failure

Wed, 17 Mar 2010 16:53:31 GMT

Posted by Jan Schejbal on Mar 17

Summary:
Under certain conditions, Miranda ignores the "Use TLS" setting in
Jabber accounts and uses an unencrypted connection.

Affected: Miranda IM (instant messenger), at least versions 0.8.16,
0.9.0 alpha build #6 Unicode and SVN rev. 11383

Description:
If the following conditions are met:
- "Use TLS" is enabled in the jabber account settings (Network -
Jabber - Account),

- "Validate SSL certificates" is...

Vulnerabilities in VXDate for Joomla

Wed, 17 Mar 2010 16:33:11 GMT

Posted by MustLive on Mar 17

Hello Bugtraq!

I want to warn you about vulnerabilities in component VXDate for Joomla.

-----------------------------
Advisory: Vulnerabilities in VXDate for Joomla
-----------------------------
URL: http://websecurity.com.ua/3849/
-----------------------------
Timeline:

10.05.2009 - found the vulnerabilities.
12.01.2010 - announced at my site.
18.01.2010 - informed developers.
13.03.2010 - disclosed at my site.
-----------------------------...

[CORELAN-10-13] - Windisc Local Stack BOF

Wed, 17 Mar 2010 16:09:50 GMT

Posted by Security on Mar 17

http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-013-windisc-buffer-overflow-bnz

|------------------------------------------------------------------|
| __ __ |
| _________ ________ / /___ _____ / /____ ____ _____ ___ |
| / ___/ __ \/ ___/ _ \/ / __ `/ __ \ / __/ _ \/ __ `/ __ `__ \ |
| / /__/ /_/ / / / __/ / /_/ / / / / / /_/ __/ /_/ / / / / / /...

[security bulletin] HPSBGN02511 SSRT100022 rev.2 - HP Small Form Factor or Microtower PC with Broadcom Integrated NIC Firmware, Remote Execution of Arbitrary Code

Wed, 17 Mar 2010 15:48:19 GMT

Posted by security-alert on Mar 17

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02048471
Version: 2

HPSBGN02511 SSRT100022 rev.2 - HP Small Form Factor or Microtower PC with Broadcom Integrated NIC Firmware, Remote
Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2010-03-15
Last Updated: 2010-03-16

Potential Security Impact: Remote execution of arbitrary code

Source:...

[USN-913-1] libpng vulnerabilities

Wed, 17 Mar 2010 04:34:28 GMT

Posted by Marc Deslauriers on Mar 16

===========================================================
Ubuntu Security Notice USN-913-1 March 16, 2010
libpng vulnerabilities
CVE-2009-2042, CVE-2010-0205
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu....

Last Call for Papers, CONFidence 2010, 25-26May, Last Call for Papers

Wed, 17 Mar 2010 03:29:19 GMT

Posted by Andrzej Targosz on Mar 16

CONFidence 2010 Last Call for Papers
####################################

Calling all practitioners in the field of IT security! The 7th edition
of CONFidence 2010, is taking place in Krakow on May 25/26, 2010.
http://2010.confidence.org.pl

We invite all to send the proposed topic and abstracts of presentation
till the 25th of March. Please, remember that CONFidence is an open,
international conference and all presentations should be given in...

ZDI-10-032: SAP MaxDB Malformed Handshake Request Remote Code Execution Vulnerability

Tue, 16 Mar 2010 19:30:19 GMT

Posted by ZDI Disclosures on Mar 16

ZDI-10-032: SAP MaxDB Malformed Handshake Request Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-032
March 16, 2010

-- Affected Vendors:
SAP

-- Affected Products:
SAP MaxDB

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 9403.
For further product information on the TippingPoint IPS, visit:...