ハッカージャパンを予約しとかな …_〆(゚▽゚*)
Hacker Japan (ハッカー ジャパン) 2008年 07月号 ¥1,800 (Amazon.co.jp)
RHEL5 Update 2 がりりーすされますた …_〆(゚▽゚*)
Updated kernel packages for Red Hat Enterprise Linux 5.2 (rhn.redhat.com)
そろそろいい加減 RHEL5 に移行しましょうか。 ( ゚Д゚)マンドクセー
Red Hat Security Advisory
- [RHSA-2008:0485-02] Low: compiz security update (RHEL5)
- [RHSA-2008:0389-02] Low: nss_ldap security and bug fix update (RHEL5)
- [RHSA-2008:0364-01] Low: mysql security and bug fix update (RHEL5)
- [RHSA-2008:0300-02] Moderate: bind security, bug fix, and enhancement update (RHEL5)
- [RHSA-2008:0297-02] Low: dovecot security and bug fix update (RHEL5)
- [RHSA-2008:0295-01] Low: vsftpd security and bug fix update (RHEL5)
- [RHSA-2008:0061-02] Moderate: setroubleshoot security and bug fix (RHEL5)
- [RHSA-2008:0287-01] Important: libxslt security update (RHEL2.1, RHEL3, RHEL4, RHEL5)
- [RHSA-2008:0492-01] Important: gnutls security update (RHEL4)
- [RHSA-2008:0489-01] Critical: gnutls security update (RHEL5)
Exploit Code
- phpRaider 1.0.7 (phpbb3.functions.php) RFI Vulnerability
- RoomPHPlanning 1.5 (idresa) Remote SQL Injection Vulnerability
- OneCMS 2.5 (install_mod.php) Local File Inclusion Vulnerability
- Quate CMS 0.3.4 (RFI/LFI/XSS/DT) Multiple Remote Vulnerabilities
- VLC 0.8.6d SSA Parsing Double Sh311 Universal Exploit
- e107 Plugin BLOG Engine 2.2 (uid) Blind SQL Injection Vulnerability
- Netbutikker <= v4 Remote SQL Injection Vulnerabilities
- Weblosninger <= v4 (XSS/SQL) Multiple Remote Vulnerabilities
- 6rbScript (news.php newsid) Remote SQL Injection Vulnerability
- Alcatel OmniPCX Office 210/061.1 Remote Command Execution Vuln
- Netious CMS 0.4 (index.php pageid) SQL Injection Vulnerability
- Php Jokesite 2.0 (cat_id) Remote SQL Injection Vulnerability
- MX-System 2.7.3 (index.php page) Remote SQL Injection Vulnerability
- ComicShout 2.5 (index.php comic_id) Remote SQL Injection Vulnerability
- Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities
- eCMS 0.4.2 (SQL/PB) Multiple Remote Vulnerabilities
- EntertainmentScript 1.4.0 (page.php page) Local File Inclusion Exploit
- EntertainmentScript (play.php id) Remote SQL Injection Vulnerability
- MercuryBoard <= 1.1.5 (login.php) Remote Blind SQL Injection Exploit
- AlkalinePHP <= 0.80.00 beta (thread.php id) SQL Injection Exploit
- microSSys CMS <= 1.5 Remote File Inclusion Vulnerability
- MyPicGallery 1.0 Arbitrary Add-Admin Exploit
- PHP AGTC-Membership System <= 1.1a Arbitrary Add-Admin Exploit
- MeltingIce File System <= 1.0 Remote Arbitrary Add-User Exploit
- GNU/Gallery <= 1.1.1.0 (admin.php) Local File Inclusion Vulnerability
- easyCMS <= 0.4.2 Multiple Remote Vulnerabilities
- AlkalinePHP <= 0.77.35 (adduser.php) Arbitrary Add-Admin Vuln
- LulieBlog 1.2 Multiple Remote Vulnerabilities
- Ajax framework (lang) Local File Inclusion Vulnerability
- TAGWORX.CMS Multiple Remote SQL Injection Vulnerabilities
- CMS WebManager-Pro Multiple Remote SQL Injection Vulnerabilities
- Smeego 1.0 (Cookie lang) Local File Inclusion Exploit
- FicHive 1.0 (category) Remote Blind SQL Injection Exploit
- How2ASP.net Webboard <= 4.1 Remote SQL Injection Vulnerability
- WR-Meeting 1.0 (msnum) Local File Disclosure Vulnerability
- Zomplog <= 3.8.2 (force_download.php) File Disclosure Vulnerability
- Archangel Weblog 0.90.02 (post_id) SQL Injection Exploit
- Zomplog <= 3.8.2 (newuser.php) Arbitrary Add Admin Exploit
- StanWeb.CMS (default.asp id) Remote SQL Injection Exploit
- Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (ruby)
- IMGallery 2.5 Multiply Remote SQL Injection Vulnerabilities
- Multi-Page Comment System 1.1.0 Insecure Cookie Handling Vulnerability
- Web Slider <= 0.6 Insecure Cookie/Authentication Handling Vuln
- RantX 1.0 Insecure Admin Authentication Vulnerability
- Pet Grooming Management System <= 2.0 Arbitrary Add-Admin Exploit
- 68 Classifieds 4.0 (category.php cat) SQL Injection Vulnerability
- Symantec Altiris Client Service 6.8.378 Local Privilege Escalation Exploit
- Newsmanager 2.0 (RFI/RFD/SQL/PB) Multiple Remote Vulnerabilities
- Kostenloses Linkmanagementscript SQL Injection Vulnerabilities
- Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit
- Kostenloses Linkmanagementscript (page_to_include) RFI Vulnerability
- Rgboard <= 3.0.12 (RFI/XSS) Multiple Remote Vulnerabilities
- MS Internet Explorer (Print Table of Links) Cross-Zone Scripting PoC
- La-Nai CMS <= 1.2.16 (fckeditor) Arbitrary File Upload Exploit
- Internet Photoshow (Special Edition) Insecure Cookie Handling Vuln
- ActiveKB <= 1.5 Insecure Cookie Handling/Arbitrary Admin Access
- AS-GasTracker 1.0.0 Insecure Cookie Handling Vulnerability
- Feedback a
nd Rating Script 1.0 (detail.php) SQL Injection Vulnerability - Freelance Auction Script 1.0 (browseproject.php) SQL Injection Vuln
- IDAutomation Bar Code ActiveX Multiple Remote Vulnerabilities
- Linkspile (link.php cat_id) Remote SQL Injection Vulnerability
- The Real Estate Script (dpage.php docID) SQL Injection Vulnerability
- EMO Realty Manager (news.php ida) SQL Injection Vulnerability
- Meto Forum 1.1 Multiple Remote SQL Injection Vulnerabilities
- CaLogic Calendars 1.2.2 (langsel) Remote SQL Injection Vulnerability
- Web Group Communication Center (WGCC) <= 1.0.3 SQL Injection Vuln
