[Index]
::Home:: ::Login:: ::Register:: ::Contact:: ::About::
[Google Search]
[Sites]
::Void.ru:: ::IT-Networks:: ::U.C.O:: ::[BCVG] Networks:: ::Hackerthreads.org:: ::Doxi Security:: ::Proxy Mania:: ::Astalavista.NET:: ::L.O.C:: ::Hack-Box:: ::El Nino Security Labs:: ::Euyulio.org::
[Linux Open Source]
::Linux Today:: ::Linux Planet ::Linux Start:: ::Linuxnewbie.org:: ::All Linux Devices:: ::Apache Today:: ::Enterprise Linux:: ::Linux Central:: ::BSDToday:: ::BSDCentral::
Online Documentation
LDP (Linux Documentation Project) Linux archive Woven Goods for Linux Linux Tips and Tricks links and documentation around Linux IBM Linux zone Documentaion and news how to write scripts
News N Focus
Microsoft Windows XP Wireless LAN AP Information Disclosure Vulnerability, 12/09/2002 11:01 AM An information disclosure vulnerability has been reported for Microsoft Windows XP systems using a wireless LAN setup. An attacker can exploit this vulnerability to set up an access point (AP) with the same SSID of an AP configured for use with an XP system. When the vulnerable system recognizes this malicious AP, it will then begin transmission of data. This can be exploited by an attacker to intercept and decrypt any transmissions received from a vulnerable system. Information obtained in this manner may be used to launch further, destructive attacks against a vulnerable system. >> more info
Microsoft Outlook 2002 Email Header Processing Denial of Service Vulnerability, 12/09/2002 10:59 AM Microsoft Outlook 2002 is vulnerable to a denial of service. If an email message with particularly malformed headers was received by an Outlook 2002 client, the client would fail. The email message would have to be deleted through some other means since Outlook will continue to fail as long as the message is in the user\'s Inbox. >> more info
Multiple Microsoft Internet Explorer Cached Objects Zone Bypass Vulnerability, 12/09/2002 10:55 AM The vulnerabilities are due to how Internet Explorer handles cached objects. This vulnerability may allow remote attackers to execute script code in the context of other domains and security zones. A malicious webmaster may exploit this vulnerability by creating a reference to several methods of the target child window. The attacker may then have the child window open a website in a different domain/Zone and obtain control of the newly created window to execute malicious code. Exploitation of this vulnerability may allow for theft of cookie information, website impersonation or disclosure and manipulation of local files. >> more info
McAfee VirusScan WebScanX Code Execution Vulnerability, 12/07/2002 09:23 AM McAfee VirusScan\'s WebScanX component hooks into explorer.exe on Microsoft Windows systems. When explorer is used to browse directories (local or network), and the user\'s home directory is located on a network share, WebScanX calls several .dll files from the user\'s home directory. If one of these called .dll files contained attacker-supplied code, it would be executed by WebScanX in the local System context. >> more info
SquirrelMail read_body.php Cross Site Scripting Vulnerability, 12/07/2002 09:22 AM A vulnerability has been discovered in SquirrelMail. The read_body.php script fails to adequately sanitize user-supplied parameters, making it prone to cross site scripting attacks. An attacker may be able to exploit this vulnerability to execute embedded script code in an HTML email that is read by a vulnerable client. It should be noted that this issue is known to affect SquirrelMail 1.2.9. It has not yet been determined if other versions are affected. >> more info
Microsoft Internet Explorer Dialog Style Same Origin Policy Bypass Vulnerability, 12/07/2002 09:21 AM Microsoft Internet Explorer includes support for dialog windows through script calls to the two functions showModalDialog and showModelessDialog. These functions accept a URL location for the dialog content, and an option argument parameter to allow data to be passed to the dialog from the calling page. Additionally, various styles can be applied to the dialog from the calling page. A check is done to ensure that data is only passed to dialogs located in the same domain as the calling page. This prevents a malicious party from injecting content into arbitrary dialogs. However, if script code is injected into the style parameters of the dialog, it is not subject to this check. Exploitation may allow malicious content to be inserted into sensitive dialogs. Execution of arbitrary script within the Local Computer Zone has been demonstrated. >> more info
[My Links]
::Yahoo:: ::Hotmail:: ::MySQL:: ::PHP Net:: ::Lycos:: ::4D:: ::OSK188.com:: ::Chess Games:: ::Ref Color::
[Date]
Copyright ?2001, 2002 Simka.cc, All Rights Reserved. Content Management System by Simka. Design by Simka.
