Posted by jmoss on Nov 18p p pHello Bug Traq Readers, here are some updates on upcoming Black Hat br / briefings as well as ways to get involved. br / pBLACK HAT FREE WEBINAR Nov 20th br / https://www.blackhat.com/html/webinars/clickjacking.html br / pBlack Hat Webcast #5 is scheduled for Thursday, November 20 at 1pm PST. br / The topic this...

Posted by send9_at_chiseclabs.com on Nov 18p ('binary' encoding is not supported, stored as-is) For whatever reason, the file:// exploit isn't working on the version of Opera I have on this machine, but it worked on my XP SP2 machine back home. I can't get it to crash with https:// either. Both have Opera 9.62. Perhaps there's been a silent...

Posted by jplopezy_at_gmail.com on Nov 18p ('binary' encoding is not supported, stored as-is) mmm sorry.. br / pdon't works this... br / p:( br / pJuan Pablo Lopez Yacubian br / Received on Nov 18 2008

Posted by security-alert_at_hp.com on Nov 18p p pSUPPORT COMMUNICATION - SECURITY BULLETIN br / pDocument ID: c01606691 br / Version: 1 br / pHPSBST02386 SSRT080164 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-067 to MS08-069 br / pNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. br / p...

Posted by Stefan Kanthak on Nov 18p p The quot;Deutsche Telekomquot; resp. their quot;T-Onlinequot; branch offer their br / own home banking software for Windows under br / lt;ftp://software.t-online.de/pub/service/banking/banking70.exegt; br / The current release is version 7.00.0004 from 2008-03-17. br / ppThis software is but insecure; it...

Posted by Digital Security Research Group on Nov 18p p Hello, bugtraq. br / pDigital Security Research Group [DSecRG] Advisory #DSECRG-08-039 br / ppApplication: Pluck CMS br / Versions Affected: 4.5.3 br / Vendor URL: http://www.pluck-cms.org/ br / Bug: Local File Include br / Exploits:...

Posted by security_at_mandriva.com on Nov 17p p pnbsp;_______________________________________________________________________ br / pnbsp;Mandriva Linux Security Advisory MDVSA-2008:230 br / nbsp;http://www.mandriva.com/security/ br / nbsp;_______________________________________________________________________ br / pnbsp;Package :...

Posted by Moritz Muehlenhoff on Nov 18p p p------------------------------------------------------------------------ br / Debian Security Advisory DSA-1666-1 security_at_debian#46;org br / http://www.debian.org/security/ Moritz Muehlenhoff br / November 17, 2008 ...

Posted by Kees Cook on Nov 17p p =========================================================== br / Ubuntu Security Notice USN-672-1 November 17, 2008 br / clamav vulnerability br / CVE-2008-5050 br / =========================================================== br / pA security issue affects the following Ubuntu releases: br / pUbuntu 8.10 br / pThis...

Posted by Jamie Strandboge on Nov 17p p =========================================================== br / Ubuntu Security Notice USN-667-1 November 17, 2008 br / firefox, firefox-3.0, xulrunner-1.9 vulnerabilities br / CVE-2008-0017, CVE-2008-4582, CVE-2008-5012, CVE-2008-5013, br / CVE-2008-5014, CVE-2008-5015, CVE-2008-5016, CVE-2008-5017, br /...

Posted by security_at_mandriva.com on Nov 17p p pnbsp;_______________________________________________________________________ br / pnbsp;Mandriva Linux Security Advisory MDVSA-2008:227-1 br / nbsp;http://www.mandriva.com/security/ br / nbsp;_______________________________________________________________________ br / pnbsp;Package :...

Posted by jplopezy_at_gmail.com on Nov 17p ('binary' encoding is not supported, stored as-is) hi br / pis very curious vulnerability... br / pI think I found a variant of this vulnerability, if using another protocol (eg: https ://). br / pI am sure that is an variant because providing other protocolos (eg: http://) does not work, nor the exceptions...

Posted by rPath Update Announcements on Nov 17p p rPath Security Advisory: 2008-0322-1 br / Published: 2008-11-17 br / Products: br / nbsp;nbsp;nbsp;nbsp;rPath Linux 2 br / pRating: Minor br / Exposure Level Classification: br / nbsp;nbsp;nbsp;nbsp;Indirect User Deterministic Weakness br / Updated Versions: br /...

Posted by md.r00t.defacer_at_gmail.com on Nov 17p ('binary' encoding is not supported, stored as-is) nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;######################################################################## br /...

Posted by Marc Deslauriers on Nov 17p p =========================================================== br / Ubuntu Security Notice USN-671-1 November 17, 2008 br / mysql-dfsg-5.0 vulnerabilities br / CVE-2008-2079, CVE-2008-3963, CVE-2008-4097, CVE-2008-4098 br / =========================================================== br / pA security issue...

Posted by come2waraxe_at_yahoo.com on Nov 17p ('binary' encoding is not supported, stored as-is) [waraxe-2008-SA#069] - Multiple Sql Injection in vBulletin 3.7.4 br / =============================================================================== br / pAuthor: Janek Vind quot;waraxequot; br / Date: 17. November 2008 br / Location: Estonia, Tartu br / Web: ...

Posted by Pyrokinesis_at_nospam.it on Nov 17p ('binary' encoding is not supported, stored as-is) -------------------------------------------------------------------------------- br / Exodus v0.10 uri handler arbitrary parameter injection br / by Nine:Situations:Group::strawdog br / tested against IE8b/xpsp3 br / may not work against non-English systems...

Posted by send9_at_chiseclabs.com on Nov 17p ('binary' encoding is not supported, stored as-is) Hello all - br / pI don't have time for a fancy advisory format, but I did want to disclose an issue. br / pSometime in early October (late September?), around the time Opera 9.6 was released, I noticed that you could get it to crash after supplying the...

Posted by Castigliola Angelo on Nov 17p p I verified that OWA 2007 is not vulnerable to the redirection attacks br / described below. br / pAngelo Castigliola III br / EISRM - Application Security Architecture br / Unum br / Telephone: 207-575-3820 br / Mobile: 207-590-3630 br / acastigliola_at_unum#46;com br / pp-----Original Message----- br / From: Piergiorgio Venuti...

Posted by rPath Update Announcements on Nov 17p p rPath Security Advisory: 2008-0321-1 br / Published: 2008-11-17 br / Products: br / nbsp;nbsp;nbsp;nbsp;rPath Linux 1 br / nbsp;nbsp;nbsp;nbsp;rPath Linux 2 br / pRating: Minor br / Exposure Level Classification: br / nbsp;nbsp;nbsp;nbsp;Indirect User Deterministic Unauthorized Access br / Updated Versions: br /...