Advisory 12/2004: PHP strip_tags() bypass vulnerability
Grok Headline matches for Advisory 12/2004: PHP strip_tags() bypass vulnerability
[SNS Advisory No.75] Webmin/Usermin
Account Lockout Bypass Vulnerability
[SNS Advisory No.75] Webmin/Usermin
Account Lockout Bypass Vulnerability
06/16/2004 03:36 AMsnsadv (Jun 11 2004)
[SNS Advisory No.74] Webmin Access
Control Rule Bypass Vulnerability
[SNS Advisory No.74] Webmin Access
Control Rule Bypass Vulnerability
06/11/2004 12:51 PMsnsadv (Jun 11 2004)
STG Security Advisory: [SSA-20041224-21]
File extensions restriction bypass
vulnerability in GNUBoard
STG Security Advisory: [SSA-20041224-21]
File extensions restriction bypass
vulnerability in GNUBoard
01/03/2005 02:17 PMadvisory_at_stgsecurity.com (Jan 02 2005)
[Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability
[Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability
05/30/2004 01:49 AMidlabs-advisories_at_idefense.com (May 27 2004)
Re: [Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability
Re: [Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability
05/28/2004 12:24 PMSeth Alan Woolley (May 27 2004)
Cisco Security Advisory: Cisco Personal
Assistant User Password Bypass
Vulnerability
Cisco Security Advisory: Cisco Personal
Assistant User Password Bypass
Vulnerability
01/08/2004 08:28 PMCisco Systems Product Security Incident Response Team (Jan 08 2004)
Advisory 07/2004: CVS remote
vulnerability
Advisory 07/2004: CVS remote
vulnerability
05/19/2004 01:33 PMStefan Esser (May 18 2004)
Advisory 11/2004: PHP memory_limit
remote vulnerability
Advisory 11/2004: PHP memory_limit
remote vulnerability
07/14/2004 12:03 PMStefan Esser (Jul 13 2004)
Advisory 08/2004: Subversion remote
vulnerability
Advisory 08/2004: Subversion remote
vulnerability
05/19/2004 01:33 PMStefan Esser (May 18 2004)
Advisory 10/2004: Chora CVS/SVN Viewer
remote vulnerability
Advisory 10/2004: Chora CVS/SVN Viewer
remote vulnerability
06/14/2004 11:52 AMStefan Esser (Jun 13 2004)
Advisory 06/2004: libneon date parsing
vulnerability
Advisory 06/2004: libneon date parsing
vulnerability
05/19/2004 01:33 PMStefan Esser (May 18 2004)
NetBSD Security Advisory 2004-008: CVS
server vulnerability
NetBSD Security Advisory 2004-008: CVS
server vulnerability
06/03/2004 04:52 PMNetBSD Security-Officer (Jun 03 2004)
NetBSD Security Advisory 2004-006: TCP
protocol and implementation
vulnerability
NetBSD Security Advisory 2004-006: TCP
protocol and implementation
vulnerability
04/21/2004 07:53 PMNetBSD Security-Officer (Apr 21 2004)
NetBSD Security Advisory 2004-003:
OpenSSL 0.9.6 ASN.1 parser vulnerability
NetBSD Security Advisory 2004-003:
OpenSSL 0.9.6 ASN.1 parser vulnerability
02/19/2004 06:15 PMNetBSD Security-Officer (Feb 19 2004)
Advisory 05/2004: phpMyFAQ local file
inclusion vulnerability
Advisory 05/2004: phpMyFAQ local file
inclusion vulnerability
05/18/2004 11:52 AMStefan Esser (May 18 2004)
[SNS Advisory No.72] Symantec Norton
AntiVirus 2004 ActiveX Control
Vulnerability
[SNS Advisory No.72] Symantec Norton
AntiVirus 2004 ActiveX Control
Vulnerability
05/21/2004 01:00 PMsnsadv (May 20 2004)
Re: NISCC Vulnerability Advisory 236929:
Vulnerability Issues in TCP
Re: NISCC Vulnerability Advisory 236929:
Vulnerability Issues in TCP
05/11/2004 06:04 PMFlorian Weimer (May 11 2004)
NISCC Vulnerability Advisory 236929:
Vulnerability Issues in TCP
NISCC Vulnerability Advisory 236929:
Vulnerability Issues in TCP
04/20/2004 02:16 PMDavid Ahmad (Apr 20 2004)
NetObserve Security Bypass Vulnerability
NetObserve Security Bypass Vulnerability
12/30/2003 02:58 PMPeter Winter-Smith (Dec 29 2003)
LinPHA User Authentication Bypass
Vulnerability
LinPHA User Authentication Bypass
Vulnerability
08/01/2004 11:45 AMDirect and Related Links
for 'LinPHA User Authentication Bypass Vulnerability'
“Description: Fernando Quintero has reported a vulnerability
in LinPHA, which can be exploited by malicious people to conduct SQL
injection attacks….The vulnerability has been reported in
version 0.9.4. Other versions may also be affected. Solution: A fix is
available in the CVS repository.”…
Mailworks User Authentication Bypass
Vulnerability
Mailworks User Authentication Bypass
Vulnerability
09/07/2004 01:32 AMDirect and Related
Links for 'Mailworks User Authentication Bypass Vulnerability'
“CRITICAL: Moderately critical IMPACT: Security Bypass WHERE:
From remote Paul Craig has reported a vulnerability in Mailworks,
which can be exploited by malicious people to bypass the user
authentication. The problem is that the application doesn’t
verify if a user is logged on. It merely checks if a cookie with the
appropriate “uId” and “auth” parameters is
set. Successful exploitation allows a malicious person to log on as
any user. SOLUTION: The vendor has reportedly…
ZoneAlarm Pro 'Mobile Code' Bypass
Vulnerability
ZoneAlarm Pro 'Mobile Code' Bypass
Vulnerability
06/21/2004 10:12 PMKurczaba Associates advisories (Jun 20 2004)
Internet Scanner 7 Restriction Bypass
Vulnerability
Internet Scanner 7 Restriction Bypass
Vulnerability
06/19/2004 04:55 PMChris Hurley (Jun 19 2004)
Multiple Firewall Products Bypass
Vulnerability
Multiple Firewall Products Bypass
Vulnerability
01/03/2005 08:03 PMFerruh Mavituna (Jan 03 2005)
BugTraq: Internet Scanner 7 Restriction
Bypass Vulnerability
BugTraq: Internet Scanner 7 Restriction
Bypass Vulnerability
06/19/2004 07:47 PMSecurityFocus Jun 19 2004 11:18PM GMT
DansGuardian Banned Extension Filter
Bypass Vulnerability
DansGuardian Banned Extension Filter
Bypass Vulnerability
08/01/2004 10:04 AMDirect and
Related Links for 'DansGuardian Banned Extension Filter Bypass
Vulnerability'
“Ruben Molina has reported a vulnerability in DansGuardian,
which can be exploited by malicious people to bypass certain security
restrictions….The vulnerability has been reported in version
2.8.0 and prior. Solution: Update to version 2.8.0.1 or
later.”…
GeoHttpServer Authentification Bypass
Vulnerability & D.O.S (Denial Of
Service)
GeoHttpServer Authentification Bypass
Vulnerability & D.O.S (Denial Of
Service)
01/22/2004 05:08 PMRafel Ivgi, The-Insider (Jan 22 2004)
[Overflow.pl] Libsafe - Safety Check
Bypass Vulnerability
[Overflow.pl] Libsafe - Safety Check
Bypass Vulnerability
04/15/2005 05:51 PMPosted by Overflow.pl, Apr 15 2005
Internet Explorer Code Execution Bypass
Vulnerability
Internet Explorer Code Execution Bypass
Vulnerability
12/19/2004 03:48 PMaikon none (Dec 17 2004)
[securemac] Local vulnerability: MacOSX
Screensaver locking bypass.
[securemac] Local vulnerability: MacOSX
Screensaver locking bypass.
10/28/2003 11:06 PMkang (Oct 28 2003)
DansGuardian Hex Encoding URL Banned
Extension Filter Bypass Vulnerability
DansGuardian Hex Encoding URL Banned
Extension Filter Bypass Vulnerability
07/29/2004 05:19 PMRubén Molina (Jul 29 2004)
Vulns: Microsoft Internet Explorer ITS
Protocol Zone Bypass Vulnerability
Vulns: Microsoft Internet Explorer ITS
Protocol Zone Bypass Vulnerability
04/11/2004 06:24 PMSecurityFocus Apr 11 2004 11:18PM GMT
[ GLSA 200405-09 ] ProFTPD Access
Control List bypass vulnerability
[ GLSA 200405-09 ] ProFTPD Access
Control List bypass vulnerability
05/19/2004 11:45 AMKurt Lieber (May 19 2004)
Vulns: Microsoft Windows SMTP Service
Authorization Bypass Vulnerability
Vulns: Microsoft Windows SMTP Service
Authorization Bypass Vulnerability
04/16/2004 11:40 PMSecurityFocus Apr 17 2004 2:51AM GMT
Zone Labs response to "ZoneAlarm Pro
'Mobile Code' Bypass Vulnerability"
Zone Labs response to "ZoneAlarm Pro
'Mobile Code' Bypass Vulnerability"
06/25/2004 10:09 AMZone Labs Product Security (Jun 22 2004)
Sygate Personal Firewall Fail-Safe
Mechanism Bypass Vulnerability
Sygate Personal Firewall Fail-Safe
Mechanism Bypass Vulnerability
06/21/2004 10:37 AM“Chew Keong TAN has reported a vulnerability in Sygate Personal
Firewall Pro, which can be exploited by malicious, local users to
bypass certain security restrictions. The firewall service
(“smc.exe”) can reportedly be crashed by an unprivileged
application by sending a specially crafted message to the ListView
control in the GUI.”
Vulns: Microsoft Internet Explorer
Non-FQDN URI Address Zone Bypass
Vulnerability
Vulns: Microsoft Internet Explorer
Non-FQDN URI Address Zone Bypass
Vulnerability
06/27/2004 04:18 PMSecurityFocus Jun 27 2004 8:14PM GMT
Vulns: Motorola WR850G Wireless Router
Remote Authentication Bypass
Vulnerability
Vulns: Motorola WR850G Wireless Router
Remote Authentication Bypass
Vulnerability
09/26/2004 05:11 PMSecurityFocus Sep 26 2004 8:09PM GMT
"NISCC Vulnerability Advisory 236929"
"NISCC Vulnerability Advisory 236929"
04/23/2004 10:59 AMGrok Description matches for Advisory 12/2004: PHP strip_tags() bypass vulnerability
GrokA matches for Advisory 12/2004: PHP strip_tags() bypass vulnerability
FAT32 directory auth bypass on Linux
Abyssws < 1.2
FAT32 directory auth bypass on Linux
Abyssws < 1.2
12/08/2003 02:13 PMLuigi Auriemma (Dec 08 2003)
Serv-U MySQL Auth
Serv-U MySQL Auth
01/06/2004 01:07 PMProject Initiated
Re: OSX - trojan apps can bypass
authentication controls and gain root
privilages
Re: OSX - trojan apps can bypass
authentication controls and gain root
privilages
04/06/2005 05:45 PMPosted by KF (lists), Apr 06 2005
MySQL Authentication Bypass
MySQL Authentication Bypass
07/05/2004 02:38 PMNGSSoftware Insight Security Research (Jul 05 2004)
[waraxe-2004-SA#017 - User-level
authentication bypass in phpnuke
6.x-7.2]
[waraxe-2004-SA#017 - User-level
authentication bypass in phpnuke
6.x-7.2]
04/12/2004 04:55 PMJanek Vind (Apr 12 2004)
MySQL User Conference 2005
MySQL User Conference 2005
06/05/2005 11:32 PMI'm in Santa Clara for the MySQL conference. The hotel is
approximately in the middle of nowhere. Vani was supposed to be here
too, but we're not quite ready to board the crazy new dog yet. (Must
post pictures soon). There are at least 4 apple stores within 15
miles, but they are all ~$25-30 cab fare away. I forgot to bring an
Airport Express, but I don't miss it that much. I got here yesterday
after all the sessions...
MySQL: Building User Interfaces
MySQL: Building User Interfaces
02/10/2004 02:45 AMAt MySQL User Conference Today
At MySQL User Conference Today
04/19/2005 11:39 AMAs previously noted, I'll be at the MySQL User Conference in Santa
Clara today. I'm looking forward to several of the talks on the
schedule: LiveJournal's Backend: A History of Scaling Flagship
Features in MySQL 5.0 Replication and Cluster Overview Who knows...
maybe I'll see you there....
Making User Logins with PHP/MySQL
Making User Logins with PHP/MySQL
08/19/2002 08:48 AMphpAdsNew Review, and MySQL User
Permissions
phpAdsNew Review, and MySQL User
Permissions
05/23/2002 10:39 PMCall for Participation: MySQL User
Conference 2004
Call for Participation: MySQL User
Conference 2004
12/12/2003 07:54 AMThe Call for Participation for the 2004 MySQL User Conference is now
open. MySQL is looking for sessions that speak to your peers:
practical, pragmatic and clueful presentations that focus on how you
solved problems in a demanding or unique technical environment.
Additionally, the conference is looking for solid proposals for
Bird-of-a-Feather (BoF) sessions and Lightning Talks. The call for
papers closes on January 14th. The call for BoFs and lightning talks
closes on February 14th. The conference will take place on April 14th
to 16th in Orlando, Florida, USA.
[ GLSA 200409-18 ] cdrtools: Local root
vulnerability in cdrecord if set SUID
root
[ GLSA 200409-18 ] cdrtools: Local root
vulnerability in cdrecord if set SUID
root
09/14/2004 10:12 PMSune Kloppenborg Jeppesen (Sep 14 2004)
EnGarde Secure Linux Advisory: MySQL,
MySQL-client, MySQL-shared, mod_php, php
EnGarde Secure Linux Advisory: MySQL,
MySQL-client, MySQL-shared, mod_php, php
12/16/2002 04:17 PM"Stefan Esser from the PHP.net project discovered two vulnerabilities
in MySQL which range from crashing the server to executing arbitrary
code as the user under which the MySQL daemon runs (mysql)..."
Reader reports: OS X 10.2.4 workarounds
Reader reports: OS X 10.2.4 workarounds
02/26/2003 07:50 PMSubsequent Google queries led me to more information, (where this was
discussed for a bit), but I would love to hear from someone who did it
'the right way'.". ...
Tiger Incompatibilities and Workarounds
Tiger Incompatibilities and Workarounds
06/05/2005 11:11 PMAatrix Top Pay, DivX QT Codec, FontAgent Pro, Minolta Dimage Scan
Elite, Poser, ScanWizard, Word, and Xupport
Notes and Tips: Comcast Workarounds
Notes and Tips: Comcast Workarounds
08/19/2004 11:30 AMStick a router between your Macs and the Comcast cable model to
resolve connection problems.
Notes and Tips: Java Workarounds
Notes and Tips: Java Workarounds
08/11/2004 10:29 AMHere's how to work around various problems installing Java updates on
Mac OS X.
10.3: Workarounds for faulty sleep with
multiple users
10.3: Workarounds for faulty sleep with
multiple users
11/10/2003 11:18 PMWhen the Security prefs pane is set up to require passwords upon wake,
and multiple users are logged in, a user performing the "Switch User"
function in the wake from sleep password dialog box experiences a
faulty sleep event...
Online News Sites registration
workarounds
Online News Sites registration
workarounds
07/20/2004 04:06 PMI know what I do when I encounter a news site that requires
registration I go elsewhere. Why do I want to entrust a news company
with my personal demographic information when I can read the same
story on a news site that does not require registration. Wired takes a
look at sites offering ways to bypass site registration and Techdirt
offers commentary on the sheer stupidity of news sites that hide their
content from behind a login. [Wired] [Techdirt]
Notes and Tips: Security Flaw
Workarounds
Notes and Tips: Security Flaw
Workarounds
05/18/2004 04:19 PMHere are two workarounds to ameliorate the Help security flaw in Mac
OS X.
DansGuardian 2.7.5 (Unstable)
DansGuardian 2.7.5 (Unstable)
11/19/2003 09:21 AMA Web filter with multiple page content analysis mechanisms.
DansGuardian 2.7.7-6 (Unstable)
DansGuardian 2.7.7-6 (Unstable)
04/14/2004 07:55 PMA Web filter with multiple page content analysis mechanisms.
DansGuardian 2.7.6-2 (Unstable)
DansGuardian 2.7.6-2 (Unstable)
12/03/2003 10:59 PMA Web filter with multiple page content analysis mechanisms.
DansGuardian 2.7.6-3 (Unstable)
DansGuardian 2.7.6-3 (Unstable)
12/04/2003 03:36 PMA Web filter with multiple page content analysis mechanisms.
DansGuardian 2.6.1-13 (Stable)
DansGuardian 2.6.1-13 (Stable)
04/14/2004 07:55 PMA Web filter with multiple page content analysis mechanisms.
Advisory 12/2004: PHP strip_tags() bypass vulnerability
