Linuxlookup

> refresh: 0; URL=javascript:alert(document.cookie)
> The code will work in context of this site.

...which happens to be covered here for half a year or so:
http://code.google.com/p/browsersec/wiki/Part2#Redirection_restrictions

I can't see how this could be a vulnerability per se,...

--------------------------------------------------------------------------
Debian Security Advisory DSA-1825-1 security_at_debian.org
http://www.debian.org/security/ Nico Golde
July 3rd, 2009 ...

#2009-007 FCKeditor input sanitization errors

Description:

FCKeditor, a web based open source HTML text editor, suffers from a remote
file upload vulnerability.

The input of several connector modules is not properly verified before being
used, this leads to exposure of the contents of...

This is a different and more practical approach to get a reverse shell
or code execution in SQL Injections (particularly in MSSQL). The idea
is simple. Getting a reverse shell from an SQL Injection with one HTTP
request without using an extra channel such as TFTP, FTP to upload the
initial...

Hello SecurityFocus!

I want to warn you about Cross-Site Scripting vulnerabilities in Mozilla,
Internet Explorer, Opera and Chrome. I wrote about it at my site this Monday
(29.06.2009) and also informed corresponding browsers developers about this
vulnerability.

At 21.04.2009 there was fixed...

('binary' encoding is not supported, stored as-is) Multiple Flaws in Axesstel MV 410R

by Filip Palian <filip (dot) palian (at) pjwstk (dot) edu (dot) pl

Description:
Axesstel MV 410R is a device offered by the two leading polish telecom
operators Orange and Polish Telecom to provide...

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200907-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200907-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

===========================================================
Ubuntu Security Notice USN-795-1 July 02, 2009
nagios2, nagios3 vulnerability
CVE-2009-2288
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu...

===========================================================
Ubuntu Security Notice USN-794-1 July 02, 2009
libcompress-raw-zlib-perl, perl vulnerability
CVE-2009-1391
===========================================================

A security issue affects the following Ubuntu...

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-007
- Original release date: June 30th, 2009
- Last revised: July 2nd, 2009
- Discovered by: Juan Galiana Lara
- Severity: 6.8/10 (CVSS Base Score)
=============================================

I....

#2009-009 CamlImages integer overflows

Description:

CamlImages, an open source image processing library, suffers from several
integer overflows which may lead to a potentially exploitable heap overflow and
result in arbitrary code execution.

The vulnerability is triggered by PNG image...

('binary' encoding is not supported, stored as-is) eAccelerator encoder files backup Vulnerability

1.Description
eAccelerator is a free open-source PHP accelerator, optimizer, and dynamic content cache. It increases the performance of PHP scripts by caching them in their compiled state, so that...

('binary' encoding is not supported, stored as-is) Affected product
----------------

Sourcefire 3D Sensor and Defense Center 4.8.x
 
Tested on 4.8.0.3 and 4.8.0.4, 3D Sensor 2500 & DC 1000
All 4.8.x releases, up to and including 4.8.1, confirmed vulnerable by sourcefire.

...

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01756421
Version: 1

HPSBUX02431 SSRT090085 rev.1 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as soon as...

SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01793493

Version: 1
HPSBUX02440 SSRT090106 rev.1 - HP-UX Running NFS/ONCplus, Local Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2009-06-30
Last...

Dear Cru3l.b0y,

And this "new bug" was reported 4 years ago by Donnie Werner aka
morning_wood http://securityvulns.ru/Idocument295.html

XAMP latest version is 1.7.1.

trolling?

--Tuesday, June 30, 2009, 7:21:52 PM, you wrote to bugtraq_at_securityfocus.com:

Cb> Hi...

------------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID: VMSA-2009-0008
Synopsis: ESX Service Console update...

Security Advisory
---------------------------------------
Vulnerable Software: radware AppWall Web Application Firewall
Vulnerable Version: Gateway Version 4.6.0.2 / AppWall Version
1.0.2.6
Homepage: http://www.radware.com/
Found by: Michael Kirchner, Wolfgang Neudorfer,
Lukas...

Security Advisory
---------------------------------------
Vulnerable Software: phion airlock Web Application Firewall
Vulnerable Version: 4.1-10.41
Homepage: http://www.phion.com/
Found by: Michael Kirchner, Wolfgang Neudorfer,
Lukas Nothdurfter (Team h4ck!nb3rg)
Impact: Remote...