|
|
Colapse all |
Post message
Cisco Security Advisory: Cisco Intrusion Prevention System Malformed Packet Denial of Service 2006-07-12 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Intrusion Prevention System Malformed Packet Denial of Service Advisory ID: cisco-sa-20060712-ips http://www.cisco.com/warp/public/707/cisco-sa-20060712-ips.shtml Revision 1.0 For Public Release 2006 July 12 1600 UTC [ more ] [ reply ] [USN-314-1] samba vulnerability 2006-07-12 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-314-1 July 12, 2006 samba vulnerability CVE-2006-3403 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubu [ more ] [ reply ] [SECURITY] [DSA 1108-1] New mutt packages fix arbitrary code execution 2006-07-10 Moritz Muehlenhoff (jmm debian org) Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) 2006-07-12 Roman Medina-Heigl Hernandez (roman rs-labs com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Maybe this is obvious for Paul Starzetz (as well as many other people) but full-disclosure is not really "full" without exploit code. Working exploit attached. You can also download it from: http://www.rs-labs.com/exploitsntools/rs_prctl_kernel.c Gree [ more ] [ reply ] Cisco Security Advisory: Cisco Router Web Setup Ships with Insecure Default IOS Configuration 2006-07-12 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Router Web Setup Ships with Insecure Default IOS Configuration Document ID: 70650 Advisory ID: cisco-sa-20060712-crws http://www.cisco.com/warp/public/707/cisco-sa-20060712-crws.shtml Revision 1.0 For Public Release [ more ] [ reply ] [USN-315-1] libmms, xine-lib vulnerabilities 2006-07-12 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-315-1 July 12, 2006 libmms, xine-lib vulnerabilities =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubun [ more ] [ reply ] [USN-316-1] installer vulnerability 2006-07-12 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-316-1 July 12, 2006 Installer vulnerability https://launchpad.net/bugs/48350 =========================================================== A security issue affects the following Ubuntu releases: Ubun [ more ] [ reply ] [USN-313-1] OpenOffice.org vulnerabilities 2006-07-12 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-313-1 July 11, 2006 openoffice.org-amd64, openoffice.org vulnerabilities CVE-2006-2198, CVE-2006-2199, CVE-2006-3117 =========================================================== A security issue affects the [ more ] [ reply ] Re: LAMP vs Microsoft 2006-07-11 Steven M. Christey (coley mitre org) Researcher "fads," differences in vendor disclosure practices, and vulnerability database editorial policies will heavily influence vulnerability statistics, to the point where comparing them is not very informative (at least, you're not getting the whole picture). You also have the challenge of de [ more ] [ reply ] ZDI-06-022: Microsoft Office Excel File Rebuilding Code Execution Vulnerability 2006-07-11 zdi-disclosures 3com com ZDI-06-022: Microsoft Office Excel File Rebuilding Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-022.html July 11, 2006 -- CVE ID: CVE-2006-2388 -- Affected Vendor: Microsoft -- Affected Products: Office Excel 2003 Office Excel Viewer 2003 Office Excel 2002 Offi [ more ] [ reply ] TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability 2006-07-11 Tippingpoint Security Research Team (tsrt tippingpoint com) TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability http://www.tippingpoint.com/security/advisories/TSRT-06-02.html July 11, 2006 -- CVE ID: CVE-2006-1314 -- Affected Vendor: Microsoft -- Affected Products: Windows 2000 Windows XP SP1 Windows XP SP2 Windows 2003 Windows 2 [ more ] [ reply ] Juniper Networks DX Web Administration Persistent System Log XSS Vulnerability 2006-07-10 Darren Bounds (dbounds gmail com) Juniper Networks DX Web Administration Persistent System Log XSS Vulnerability July 10, 2006 Product Overview: The Juniper Networks (Redline) DX application acceleration platform delivers a complete data center acceleration solution for web-enabled and IP-based business applications. Vulnerabilit [ more ] [ reply ] [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd 2006-07-10 Gerald (Jerry) Carter (jerry samba org) (1 replies) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Memory exhaustion DoS against smbd == CVE ID#: CAN-2006-1059 == == Versions: Samba Samba 3.0.1 - 3.0.22 (inclusive) == == Summary: smbd may allow internal structure [ more ] [ reply ] Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd 2006-07-10 Gerald (Jerry) Carter (jerry samba org) SYMSA-2006-007: Microsoft Office Malformed String Parsing Vulnerability 2006-07-10 research symantec com CYBSEC - Security Pre-Advisory: Microsoft Windows DHCP Client Service Remote Buffer Overflow 2006-07-11 Mariano Nuñez Di Croce (mnunez cybsec com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 (The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_Microsoft_Window s_DHCP_Client_Service_Remote_Buffer_Overflow.pdf ) CYBSEC S.A. www.cybsec.com Pre-Advisory Name: Microsof [ more ] [ reply ] Local file inclusion in Farsinews3.0BETA1 2006-07-10 armin390 9mail com if magic_quotes_gpc is Off in php.ini then local file inclusion in /jscripts/tiny_mce/tiny_mce_gzip.php is available to use;)!! why? #code(jscripts/tiny_mce/tiny_mce_gzip.php) ... $theme = isset($_REQUEST['theme']) ? $_REQUEST['theme'] : ""; $language = isset($_REQUEST['language']) ? $_REQUES [ more ] [ reply ] [SECURITY] [DSA 1107-1] New GnuPG packages fix denial of service 2006-07-10 joey infodrom org (Martin Schulze) Old vulnerable sotwares collection 2006-07-10 Jerome Athias (jerome athias free fr) Hi, it's often difficult to find old versions of vulnerable softwares it's usefull to have these old versions to test an exploit, study a vulnerability or doing a patch analysis... it's also usefull to test a fuzzer, a scanner... for a course or a challenge... so i think about to build a little [ more ] [ reply ] |
|
Privacy Statement |
boundary condition error, i have checked the code flow of mso_203 and
it was producing access violation errors which i have sent to bugtraq
and FD , microsoft's MSRC blog has been updated at
http://blogs.technet.com/msrc/archive/
[ more ] [ reply ]