.:[ packet storm ]:.
                               
honesty is the best policy
honesty is the best policy

 ///  File Name:glsa-200805-04.txt
Description:
Gentoo Linux Security Advisory GLSA 200805-04 - A vulnerability has been reported in FCKEditor due to the way that file uploads are handled in the file editor/filemanager/upload/php/upload.php when a filename has multiple file extensions (CVE-2008-2041). Another vulnerability exists in the _bad_protocol_once() function in the file phpgwapi/inc/class.kses.inc.php, which allows remote attackers to bypass HTML filtering (CVE-2008-1502). Versions less than 1.4.004 are affected.
Homepage:http://security.gentoo.org
File Size:3609
Related CVE(s):CVE-2008-1502, CVE-2008-2041
Last Modified:May 7 20:38:18 2008
MD5 Checksum:0ef7dd1b359cd5c05af051363a60b6d3

 .:. Back
 

 ///  Last 10 Files
  1. :· cisco-sa-20080514-cup.txt
  2. :· cisco-sa-20080514-cucmdos.txt
  3. :· cisco-sa-20080514-csm.txt
  4. :· debian-sploit.txt
  5. :· EC2ND-2008-CFP.txt
  6. :· sqlfuzzer.py.txt
  7. :· xsschecker.py.txt
  8. :· msie-crosszone.txt
  9. :· idautomation-activex.txt
  10. :· AD20080514.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· cisco-sa-20080514-cup.txt
  2. :· cisco-sa-20080514-cucmdos.txt
  3. :· cisco-sa-20080514-csm.txt
  4. :· AD20080514.txt
  5. :· dsa-1577-1.txt
  6. :· dsa-1576-1.txt
  7. :· glsa-200805-16.txt
  8. :· glsa-200805-15.txt
  9. :· USN-612-6.txt
  10. :· USN-612-5.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· debian-sploit.txt
  2. :· msie-crosszone.txt
  3. :· idautomation-activex.txt
  4. :· rgboard-rfixss.txt
  5. :· hordeturba-xss.txt
  6. :· feedback-sql.txt
  7. :· freelance-sql.txt
  8. :· internetphotoshow-cookie.txt
  9. :· activekb-cookie.txt
  10. :· asgastracker-cookie.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· sqlfuzzer.py.txt
  2. :· xsschecker.py.txt
  3. :· nipper-0.11.7.tgz
  4. :· nipper-0.11.7.zip
  5. :· browserrecon-1.0-php.tar.gz
  6. :· dradis-v1.2.tar.gz
  7. :· samhain-2.4.4.tar.gz
  8. :· plash_1.19.orig.tar.gz
  9. :· opennhrp-0.7.tar.bz2
  10. :· ZoneMinder-1.23.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· EC2ND-2008-CFP.txt
  2. :· win32-generator.txt
  3. :· xsrf-paper.txt
  4. :· Bellua2008-CFP.txt
  5. :· Access-Through-Access.pdf
  6. :· kiwicon2008-cfp.txt
  7. :· tempest.pdf
  8. :· capture-server-2.1.0-300-src.zip
  9. :· capture-client-2.1.0-300-src.zip
  10. :· ruby-nmap-parser-0.3.tgz
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice