With great sadness, I regret to inform you that Itojun
will not be presenting his great knowledge of IPv6 at
PacSec. I have been informed by several sources
that he passed away yesterday.

Funeral services will be held on Nov 7th at Rinkai-Saijo
in Tokyo. There aren't many details of his passing,

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200710-30:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[ more ]  [ reply ]

======================================================================
ILIAS <= 3.8.3 Cross Site Scripting
======================================================================

Author: L4teral <l4teral [4t] gmail com>
Impact: Cross Site Scripting
Status: patch available

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200710-31
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

As nice workaround you can use the NoScript-Addon
https://addons.mozilla.org/en-US/firefox/addon/722

Regards,
Jan
thabob schrieb:
> ground418 security advisory
>
> Date: 30-10-2007
> Subject: Firefox / IE6 crash on javascript nested loops
> Author: Vi

[ more ]  [ reply ]

IBM AIX bellmail Stack Buffer Overflow Vulnerability

iDefense Security Advisory 10.30.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 30, 2007

I. BACKGROUND

bellmail is a mail user-agent (MUA) and is commonly used for accessing
locally stored electronic mail messages. Under AIX, the

[ more ]  [ reply ]

IBM AIX ftp domacro Parameter Buffer Overflow Vulnerability

iDefense Security Advisory 10.30.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 30, 2007

I. BACKGROUND

The ftp program is a client application for accessing data stored on FTP
servers. This client is responsible for interf

[ more ]  [ reply ]

IBM AIX lquerypv Stack Buffer Overflow Vulnerability

iDefense Security Advisory 10.30.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 30, 2007

I. BACKGROUND

The lquerypv utility is used to examine the properties of a physical
volume in a volume group. It is installed set-uid root by

[ more ]  [ reply ]

IBM AIX lqueryvg Stack Buffer Overflow Vulnerability

iDefense Security Advisory 10.30.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 30, 2007

I. BACKGROUND

The lqueryvg utility is used to examine the properties of disk volume
groups. It is installed set-uid root by default on multi

[ more ]  [ reply ]

IBM AIX dig dns_name_fromtext Integer Underflow Vulnerability

iDefense Security Advisory 10.30.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 30, 2007

I. BACKGROUND

dig is a utility that is commonly used for DNS diagnostics. Under AIX
5.2, the dig program is installed by default an

[ more ]  [ reply ]

IBM AIX 5.2 crontab BSS Buffer Overflow Vulnerability

iDefense Security Advisory 10.30.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 30, 2007

I. BACKGROUND

The crontab program is a user utility that enables users to create,
remove, and edit cron jobs. The cron jobs will then later

[ more ]  [ reply ]

ground418 security advisory

Date: 30-10-2007
Subject: Firefox / IE6 crash on javascript nested loops
Author: Vincent Audet Menard
Original file: http://www.ground418.org/exploits/read.php?file=07-ffox-loops
Risk: low

Tested on: IE6, IE7, Firefox, Safari
Vulnerable: IE6 and older, Firefox 2.0.0.8 a

[ more ]  [ reply ]

IBM AIX swcons Local Arbitrary File Access Vulnerability

iDefense Security Advisory 10.30.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 30, 2007

I. BACKGROUND

The swcons program is a set-uid root application which is installed by
default on IBM AIX. It allows for console logs to b

[ more ]  [ reply ]

Hallo list members, and sorry if you receive multiple copies of this message

this is just a friendly reminder that registration for the DeepSec
Security Conference 2007 is available at the URL
http://deepsec.net/register/

The conference is taking place in less than 3 weeks in the awesome city
of V

[ more ]  [ reply ]

======================================================================

Secunia Research 30/10/2007

- IPSwitch IMail Server IMail Client Buffer Overflow -

======================================================================
Table of Contents

Affected Software.....

[ more ]  [ reply ]

In the last week I've found a XSS vuln into the Sutra's Airkiosk

application for the realtime distribution of flights/booking and

check-in interface (www.airkiosk.com).

The XSS is possible because they are using a VULN/OLD formlib.pl in

their application that permits to execute any JavaScript

[ more ]  [ reply ]

Folks,

I'm pleased to announce the release of the latest version of the open
source RFID python library, RFIDIOt: 0.1q

Not a huge amount in this update, but I'm gonna be on the road for a
couple of weeks so I thought I'd better get it out:

fix asn1 field length calculation in mrpkey.py
ad

[ more ]  [ reply ]

All,

I've posted a tutorial on Siebel security basics to my blog at http://
vote4katz.com/?p=13

The short story is to make sure you use common sense and tune
defaults, which is pretty universal if you think about it.

As always, feedback, discourse, etc is always welcome.

-Jon

[ more ]  [ reply ]

On Mon, 29 Oct 2007, Brandon S. Allbery KF8NH wrote:

> On Oct 29, 2007, at 17:49 , Juergen Schmidt wrote:
>
> >- if you set it to "Block all incoming connections" it still allows access
> >to certain system services. We could access the ntp daemon that is running
> >per default over the internet.

[ more ]  [ reply ]

Author: J. Carlos Nieto.
Date: Oct 21, 2007

There exists a security hole in the default django's admin panel.

Background
==========
Django is a high-level Python Web framework that encourages rapid
development and clean, pragmatic design.
Django has an automatic admin panel that allows a person w

[ more ]  [ reply ]

On Oct 29, 2007, at 17:49 , Juergen Schmidt wrote:

> - if you set it to "Block all incoming connections" it still allows
> access
> to certain system services. We could access the ntp daemon that is
> running
> per default over the internet. In a LAN based scenario, we were
> able to
> query

[ more ]  [ reply ]

Hello,

we did some functional testing on the firewall of Mac OS X Leopard.
Short summary:

- the firewall is not activated by default but there are services running
even if you don't activate any sharing (as shown by netstat or lsof)

- if you set it to "Block all incoming connections" it still a

[ more ]  [ reply ]

Note: This advisory should have been published several months ago;
apologies for the delay -- John Heasman

=======
Summary
=======
Name: Memory overwrites in JVM via malformed TrueType font
Release Date: 29 October 2007
Reference: NGS00419
Discover: John Heasman <john (at) ngssoftware (dot) com [email concealed]>
Vendor: Sun M

[ more ]  [ reply ]

Note: This advisory should have been published several months ago;
apologies for the delay -- John Heasman

=======
Summary
=======
Name: Untrusted Java applet can connect to localhost
Release Date: 29 October 2007
Reference: NGS00443
Discover: John Heasman <john (at) ngssoftware (dot) com [email concealed]>
Vendor: Sun Microsy

[ more ]  [ reply ]

The binary of the (presumably not widely used) Windows software
"Virtual Floppy Drive 2.1"
<http://chitchat.at.infoseek.co.jp/vmware/vfd.html>
ships with a vfd.dll that is statically linked against zlib 1.2.2
<http://www.zlib.net/> which is vulnerable to CAN-2005-2096.

A scan with ClamAV against t

[ more ]  [ reply ]

I wrote Sunday, October 21, 2007 2:18 PM:

> Anonymous <farion42 (at) yahoo (dot) de [email concealed]> wrote Saturday, October 20, 2007 11:55 AM:
>
>> As a workaround, one could try to manually replace zlib32.dll in a Windows
>> GSView 4.8 installation with the current zlib1.dll version 1.2.3.

[...]

> Unfortunately the main

[ more ]  [ reply ]

=======
Summary
=======
Name: Heap overflow in RealPlayer ID3 tag parsing code
Release Date: 29 October 2007
Reference: NGS00432
Discover: John Heasman <john (at) ngssoftware (dot) com [email concealed]>
Vendor: RealNetworks
Systems Affected: Several builds of RealPlayer 10.5,
All builds of RealPlayer 10.
For additional aff

[ more ]  [ reply ]

BugTraq

I found this ISC announcement quite amusing:
http://www.isc.org/index.pl?/sw/bind/docs/response_transaction_id_issues
.php
It's a text published by ISC as a follow up to the bind9 predictable id saga.

Particularly the following statement is funny, and shows complete lack
of understanding of

[ more ]  [ reply ]

rPath Security Advisory: 2007-0225-2
Published: 2007-10-26
Updated:
2007-10-29 added thunderbird update
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
firefox=conary.rpath.com@rpl:1/2.0.0.8-0.1-1

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

Debian Security Advisory DSA-1388-3 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Noah Meyerhans
October 29, 2007

[ more ]  [ reply ]