HolidayBuyer's Guide

Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - September 16, 2008

by Marianna Schmudlach / September 16, 2008 12:59 AM PDT

NetBSD IPsec-Tools racoon Phase 1 Handler Denial of Service

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: DoS

Where: From remote
Solution Status: Vendor Patch


OS: NetBSD 4.0


Description:
A vulnerability has been reported in NetBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).

Note: This only affects kernels compiled with "options IPSEC".

Solution:
Fixed in the CVS repository. See vendor advisory for details.

Original Advisory:
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-012.txt.asc

Other References:
SA31478:
http://secunia.com/advisories/31478/

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - September 16, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - September 16, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
LANDesk Multiple Products Buffer Overflow Vulnerability
by Marianna Schmudlach / September 16, 2008 1:01 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: System access

Where: From local network
Solution Status: Vendor Patch


Software: LANDesk Management Suite 8.x
LANDesk Security Suite 8.x
LANDesk Server Manager 8.x

Description:
A vulnerability has been reported in multiple LANDesk products, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error within the QIP service (qipsrvr.exe), when processing "heal" requests. This can be exploited to cause a stack or a heap-based buffer overflow via a specially crafted packet sent to port 12175/TCP.

Successful exploitation allows execution of arbitrary code.

This vulnerability is reported in LANDesk Management Suite, LANDesk Security Suite, and LANDesk Server Manager version 8.8 and earlier.

Solution:
Apply patches.

Version 8.7:
http://community.landesk.com/downloads/patch/SWD-1620987.5.zip

Version 8.8:
http://community.landesk.com/downloads/patch/SWD-1620988.2.zip

Provided and/or discovered by:
Aaron Portnoy, TippingPoint DVLabs

Original Advisory:
LANDesk:
http://community.landesk.com/support/docs/DOC-3276

TippingPoint DVLabs:
http://dvlabs.tippingpoint.com/advisory/TPTI-08-06

Collapse -
phpMyAdmin "sort_by" PHP Code Execution
by Marianna Schmudlach / September 16, 2008 1:02 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: System access

Where: From remote
Solution Status: Vendor Patch


Software: phpMyAdmin 2.x


Description:
Norman Hippert has reported a vulnerability in phpMyAdmin, which can be exploited by malicious users to compromise a vulnerable system.

Input passed to the "sort_by" parameter in server_databases.php is not properly sanitised before being used. This can be exploited to execute arbitrary PHP code.

Successful exploitation requires valid user credentials.

The vulnerability is reported in all versions prior to 2.11.9.1.

Solution:
Update to version 2.11.9.1.

Provided and/or discovered by:
Norman Hippert

Original Advisory:
PMASA-2008-7:
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-7

Norman Hippert:
http://fd.the-wildcat.de/pma_e36a091q11.php

Collapse -
Apple Mac OS X Security Update Fixes Multiple Vulnerabilitie
by Marianna Schmudlach / September 16, 2008 1:04 AM PDT

Release Date: 2008-09-16

Critical:
Highly critical
Impact: Security Bypass
Cross Site Scripting
Spoofing
Manipulation of data
Exposure of system information
Exposure of sensitive information
DoS
System access

Where: From remote
Solution Status: Vendor Patch


OS: Apple Macintosh OS X

Description:
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.

Solution:
Update to Mac OS X 10.5.5 or apply Security Update 2008-006.

Provided and/or discovered by:
1) The vendor credits Chris Ries, Carnegie Mellon University Computing Services.
3) The vendor credits IT Department of the West Seneca Central School District
5) The vendor credits Michel Colman.
6) The vendor credits Yuxuan Wang, Sogou.
Cool The vendor credits Robert Swiecki, Google Security Team.
11) The vendor credits Nevin Liber, Thomas Pelaia of Oak Ridge National Lab, Thomas Tempelmann, and Ram Kolli.
12) Dan Kaminsky, IOActive
14) The vendor credits Christopher A. Grande, Middlesex Community College
15) The vendor credits an anonymous person via iDefense VCP.
19) The vendor credits Hernan Ochoa of Core Security Technologies, Tore Halset of pvv.org, and Matt Johnston of the University Computer Club.
20) The vendor credits Edwin McKenzie.
22) The vendor credits Leon von Tippelskirch and Matthias Wieczorek of the Chair for Applied Software Engineering, TU Munich

Original Advisory:
Apple:
http://support.apple.com/kb/HT3137

Other References:
SA29000:
http://secunia.com/advisories/29000/

SA29522:
http://secunia.com/advisories/29522/

SA29602:
http://secunia.com/advisories/29602/

SA29792:
http://secunia.com/advisories/29792/

SA30657:
http://secunia.com/advisories/30657/

SA30924:
http://secunia.com/advisories/30924/

SA31610:
http://secunia.com/advisories/31610/

SA31821:
http://secunia.com/advisories/31821/


http://secunia.com/advisories/31882/

Collapse -
OSADS Unspecified Security Issue
by Marianna Schmudlach / September 16, 2008 1:05 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: Unknown

Where: From remote
Solution Status: Vendor Patch


Software: OSADS 1.x
OSADS 2.x

Description:
A security issue with an unknown impact has been reported in OSADS.

The security issue is caused due to an unspecified error. No further information is currently available.

The security issue is reported in version prior to 2.1.

Solution:
Update to version 2.1.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sourceforge.net/project/shownotes.php?release_id=625654

Collapse -
Pre Real Estate Listings "c" SQL Injection Vulnerability
by Marianna Schmudlach / September 16, 2008 1:06 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: Manipulation of data
Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: Pre Real Estate Listings

Pre Real Estate Listings "c" SQL Injection Vulnerability
Secunia Advisory: SA31873 Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2008-09-16
Popularity: 111 views


Critical:
Moderately critical
Impact: Manipulation of data
Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: Pre Real Estate Listings



Subscribe: Instant alerts on relevant vulnerabilities



Description:
JosS has reported a vulnerability in Pre Real Estate Listings, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "c" parameter in search.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
JosS

Original Advisory:
http://milw0rm.com/exploits/6465

Collapse -
iBoutique "cat" SQL Injection Vulnerability
by Marianna Schmudlach / September 16, 2008 1:07 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: Manipulation of data
Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: iBoutique 4.x

Description:
r45c4l and h4x0r have reported a vulnerability in iBoutique, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "cat" parameter in index.php (when "mod" is set to "products") is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

This vulnerability is reported in version 4.0. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
r45c4l and h4x0r

Original Advisory:
http://milw0rm.com/exploits/6444

Collapse -
Red Hat update for bzip2
by Marianna Schmudlach / September 16, 2008 1:09 AM PDT

Release Date: 2008-09-16

Critical:
Less critical
Impact: DoS

Where: From remote
Solution Status: Vendor Patch


OS: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop Workstation (v. 5 client)
RedHat Enterprise Linux AS 2.1
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 4
RedHat Linux Advanced Workstation 2.1 for Itanium

Description:
Red Hat has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Updated packages are available via Red Hat Network.
http://rhn.redhat.com

Original Advisory:
RHSA-2008-0893:
http://rhn.redhat.com/errata/RHSA-2008-0893.html

Other References:
SA29410:
http://secunia.com/advisories/29410/

Collapse -
cPanel Fantastico De Luxe "fantasticopath" Local File Inclus
by Marianna Schmudlach / September 16, 2008 1:10 AM PDT

Release Date: 2008-09-16

Critical:
Less critical
Impact: Exposure of system information
Exposure of sensitive information

Where: From remote
Solution Status: Vendor Patch


Software: Fantastico De Luxe 2.x (module for cPanel)



Description:
joker_1 has reported a vulnerability in the Fantastico De Luxe module for cPanel, which can be exploited by malicious users to disclose sensitive information.

Input passed to the "fantasticopath" parameter in includes/xml.php is not properly verified before being used to include files. This can be exploited to include files from local resources.

Successful exploitation requires valid user credentials and that "cPanel PHP Register Globals" in WHM's Tweak Settings is enabled.

The vulnerability is reported in all versions prior to 2.10.4 r19.

Solution:
Update to version 2.10.4 r19.

Provided and/or discovered by:
joker_1

Original Advisory:
Fantastico De Luxe:
http://www.netenberg.com/forum/index.php?topic=6768.0

joker_1:
http://milw0rm.com/exploits/6461

Collapse -
NooMS Two Cross-Site Scripting Vulnerabilities
by Marianna Schmudlach / September 16, 2008 1:11 AM PDT

Release Date: 2008-09-16

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Unpatched


Software: NooMS 1.x

Description:
Khashayar Fereidani has discovered two vulnerabilities in NooMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "page_id" parameter in smileys.php and "q" in search.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are confirmed in version 1.1. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Khashayar Fereidani a.k.a. Dr.Crash

Collapse -
Link Bid Two SQL Injection Vulnerabilities
by Marianna Schmudlach / September 16, 2008 1:12 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: Link Bid 1.x

Description:
SirGod has discovered two vulnerabilities in Link Bid, which can be exploited by malicious people or users to conduct SQL injection attacks.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
SirGod

Original Advisory:
http://milw0rm.com/exploits/6466

Collapse -
Free PHP VX Guestbook Security Bypass Vulnerabilities
by Marianna Schmudlach / September 16, 2008 1:14 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: Security Bypass
Exposure of sensitive information

Where: From remote
Solution Status: Vendor Patch


Software: Free PHP VX Guestbook 1.x

Description:
Two vulnerabilities have been reported in Free PHP VX Guestbook, which can be exploited by malicious people to bypass certain security restrictions.

Solution:
Update to version 1.07.

Provided and/or discovered by:
1) SirGod
2) Stack

Original Advisory:
1) http://milw0rm.com/exploits/6456
2) http://milw0rm.com/exploits/6457

Collapse -
pdnsd DNS Cache Poisoning and Denial of Service
by Marianna Schmudlach / September 16, 2008 1:15 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: DoS

Where: From remote
Solution Status: Vendor Patch


Software: pdnsd 1.x

Description:
Some vulnerabilities have been reported in pdnsd, which can be exploited by malicious people to poison the DNS cache and cause a DoS (Denial of Service).

Solution:
Update to version 1.2.7-par.

Provided and/or discovered by:
1) Dan Kaminsky, IOActive.
2) Reported by the vendor.

Original Advisory:
http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog

Other References:
US-CERT VU#800113:
http://www.kb.cert.org/vuls/id/800113

Collapse -
Sun Management Center PRM Module Denial of Service
by Marianna Schmudlach / September 16, 2008 1:16 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: DoS

Where: From remote
Solution Status: Vendor Patch


Software: Sun Management Center (SunMC) 3.x
Sun Management Center (SunMC) 4.x

Description:
A vulnerability has been reported in Sun Management Center (SunMC), which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error in the PRM module, which can be exploited to consume system memory and cause a DoS.

The vulnerability is reported in SunMC version 3.6.1 for Solaris 8, 9, and 10 and version 4.0 for Solaris 10 on the SPARC platform, and SunMC version 4.0 for Solaris 10 on the x86 platform.

Solution:
Apply patches.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-241686-1


http://secunia.com/advisories/31841/

Collapse -
Patches for Sun Management Center
by halcyonms / September 24, 2008 3:13 PM PDT

The Sun Management Center (Sun MC) server is where the PRM addon lives and usually this is a dedicated system for running just the server. There has been cases where the PRM addon causes the Sun MC server to perform much slower than normal. However a patch has already been released to resolve this.

All the latest SunMC 4.0 patches have been posted on Halcyon's forum:
http://forums.halcyoninc.com/showthread.php?t=104

The Sun MC 3.6.1 patches can be found on Halcyon's FAQ:
http://www.halcyoninc.com/support/faq-sunmc3.x.php#Q102

bobby
http://www.HalcyonInc.com

Collapse -
PHPortfolio "id" SQL Injection Vulnerability
by Marianna Schmudlach / September 16, 2008 1:17 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: PHPortfolio 1.x

Description:
Beenu has discovered a vulnerability in PHPortfolio, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "id" parameter in photo.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is confirmed in version 1.3. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Beenu

Collapse -
Downline Goldmine Builder "id" SQL Injection
by Marianna Schmudlach / September 16, 2008 1:18 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: Downline Goldmine Builder


Description:
Hussin X has reported a vulnerability in Downline Goldmine Builder and related scripts, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "id" parameter in tr.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is reported in Downline Goldmine Builder, New Addon, Downline Builder Pro, and Special Category Addon.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Hussin X

Original Advisory:
http://packetstorm.linuxsecurity.com/0809-exploits/downline-sql.txt
http://packetstorm.linuxsecurity.com/0809-exploits/newdownline-sql.txt
http://packetstorm.linuxsecurity.com/0809-exploits/categoryaddon-sql.txt

http://secunia.com/advisories/31812/

Collapse -
Vastal I-Tech Dating Zone "fage" SQL Injection Vulnerability
by Marianna Schmudlach / September 16, 2008 1:19 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: Manipulation of data
Exposure of system information
Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: Vastal I-Tech Dating Zone

Description:
ZoRLu has reported a vulnerability in Vastal I-Tech Dating Zone, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "fage" parameter in advanced_search_results.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
ZoRLu

Original Advisory:
http://z0rlu.blogspot.com/2008/09/vastal-i-tech-dating-zone-fage-sql.html

Collapse -
RazorCommerce Shopping Cart "id" SQL Injection Vulnerability
by Marianna Schmudlach / September 16, 2008 1:20 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: RazorCommerce Shopping Cart

RazorCommerce Shopping Cart "id" SQL Injection Vulnerability
Secunia Advisory: SA31733 Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2008-09-16
Popularity: 233 views


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: RazorCommerce Shopping Cart



Subscribe: Instant alerts on relevant vulnerabilities



Description:
rsauron and P47r1ck have reported a vulnerability in RazorCommerce Shopping Cart, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "id" parameter in category_search.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Filter malicious characters and character sequences using a proxy.

Provided and/or discovered by:
rsauron and P47r1ck

Original Advisory:
http://packetstorm.linuxsecurity.com/0809-exploits/razorcommerce-sql.txt

Collapse -
Vastal I-Tech Freelance Zone "coder_id" SQL Injection Vulner
by Marianna Schmudlach / September 16, 2008 1:21 AM PDT

Release Date: 2008-09-16

Critical:
Moderately critical
Impact: Manipulation of data
Exposure of system information
Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: Vastal I-Tech Freelance Zone

Description:
Stack has reported a vulnerability in Vastal I-Tech Freelance Zone, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "coder_id" parameter in freelance/view_cresume.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Stack

Original Advisory:
http://milw0rm.com/exploits/6381

Collapse -
Microsoft Windows WRITE_ANDX SMB Command Handling Kernel DoS
by Marianna Schmudlach / September 16, 2008 1:23 AM PDT

16 Sep. 2008

Summary
Microsoft Windows is prone to a remote Kernel Denial of Service due to the way srv.sys handles malformed WRITE_ANDX SMB packets.

Remote attackers could exploit this issue without having valid credentials on the target machine. In order to achieve a successful exploitation, the attacker needs enough privileges to remotely send WRITE_ANDX packets to an interface that uses a Named Pipe as endpoint. Those interfaces that allow NULL Sessions vary between Windows versions, in Vista the reliability of a preauth attack through the "\LSARPC" has been successfully demonstrated.

Credit:
The information has been provided by Javier Vicente Vallejo.
The original article can be found at: http://www.vallejo.cc

http://www.securiteam.com/windowsntfocus/5HP0C1PPFC.html

Collapse -
Cross-Site Scripting Filter Evasion in Various Frameworks /
by Marianna Schmudlach / September 16, 2008 1:24 AM PDT

Cross-Site Scripting Filter Evasion in Various Frameworks / Applications

16 Sep. 2008

Summary
The Horde project relies on code similar to Popoon's externalinput.php to filter out potential XSS attacks on user-supplied input. Other projects are using the same code base. Therefore this vulnerability affects also the popular Cake-PHP framework. Hence, all users that rely on the externalinput sanitization functionality are affected by this vulnerability, as in addition to many other unrelated, open source projects.

Credit:
The information has been provided by n.runs AG.

http://www.securiteam.com/unixfocus/5LP0G1PPFY.html

Collapse -
Landesk QIP Server Service Heal Packet Buffer OverflowVulner
by Marianna Schmudlach / September 16, 2008 1:25 AM PDT
Collapse -
Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerabil
by Marianna Schmudlach / September 16, 2008 1:26 AM PDT
Collapse -
Windows GDI+ GIF Memory Corruption (MS08-052)
by Marianna Schmudlach / September 16, 2008 1:27 AM PDT
Collapse -
Apple QuickTime MDAT Frame Parsing Memory Corruption Vulnera
by Marianna Schmudlach / September 16, 2008 1:28 AM PDT
Collapse -
Apple QuickTime Player H.264 Parsing Heap Corruption Vulnera
by Marianna Schmudlach / September 16, 2008 1:29 AM PDT
Collapse -
MySQL Charset Truncation Vulnerability
by Marianna Schmudlach / September 16, 2008 1:30 AM PDT

16 Sep. 2008

Summary
A vulnerability in web applications that utilize MySQL allows attackers to use invalid characters (UTF-8/GBK) or white spaces which are truncated to bypass different web application mechanisms, mainly those used for authentication. The following describes why this happens.

Credit:
The information has been provided by Web Sec.

http://www.securiteam.com/unixfocus/5KP0F1PPFK.html

Collapse -
Pro2col StingRay FTS Login Username Cross Site Scripting
by Marianna Schmudlach / September 16, 2008 1:31 AM PDT
Collapse -
Opera Browser Vulnerable To UTF-8 Whitespace Characters
by Marianna Schmudlach / September 16, 2008 1:32 AM PDT

16 Sep. 2008

Summary
Opera released version 9.52 of their flagship browser about a month ago to address an issue in the way certain Unicode characters were being interpreted as white space. This behavior enabled cross-site scripting (XSS) attacks which might not otherwise be possible. Perhaps exploiting this issue would also be useful to evade HTML filters, AV's, WAFs, or other detection systems which try to prevent XSS attacks.

Credit:
The information has been provided by Chris Weber.
The original article can be found at: http://lookout.net/2008/08/26/advisory-attack-of-the-mongolian-space-evaders-and-other-medieval-xss-vectors/


http://www.securiteam.com/securitynews/5JP0E1PPFW.html

Collapse -
Apple Releases Security Updates for Multiple Vulnerabilities
by Marianna Schmudlach / September 16, 2008 1:54 AM PDT

added September 16, 2008 at 08:02 am

Apple has released Security Update 2008-006 and Mac OS X v10.5.5 to address multiple vulnerabilities in Mac OS X and related products. The impacts of these vulnerabilities include arbitrary code execution, information disclosure, denial of service, privilege escalation, or DNS cache poisoning.

US-CERT encourages users to review Apple article HT3137 and apply the appropriate updates as soon as possible.

US-CERT will provide additional details as the they become available.

http://www.us-cert.gov/current/current_activity.html#apple_releases_security_updates_for1

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

The Samsung RF23M8090SG

One of the best French door fridges we've tested

A good-looking fridge with useful features like an auto-filling water pitcher and a temperature-adjustable "FlexZone" drawer. It was a near-flawless performer in our cooling tests.