|
|
Colapse all |
Post message
iDEFENSE Security Advisory 11.17.05: Qualcomm WorldMail IMAP Server Directory Traversal Vulnerability 2005-11-17 labs-no-reply (at) idefense (dot) com [email concealed] (labs-no-reply idefense com) Qualcomm WorldMail IMAP Server Directory Traversal Vulnerability iDEFENSE Security Advisory 11.17.05 www.idefense.com/application/poi/display?id=341&type=vulnerabilities November 17, 2005 I. BACKGROUND Qualcomm WorldMail is an email and messaging server designed for use in small to large enterpri [ more ] [ reply ] [SECURITY] [DSA 899-1] New egroupware packages fix several vulnerabilities 2005-11-17 joey infodrom org (Martin Schulze) [SECURITY] [DSA 898-1] New phpgroupware packages fix several vulnerabilities 2005-11-17 joey infodrom org (Martin Schulze) [KAPDA::#13] - XMB HTML Injection & Path Disclosure. 2005-11-17 alireza hassani (trueend5 yahoo com) [KAPDA::#13] - XMB (extreme message board) HTML Injection & Path Disclosure. KAPDA New advisory Vendor: http://www.xmbforum.com Bug: HTML Injection & Path Disclosure Exploitation: Remote with browser Description: -------------------- XMB is a free message board powered by PHP and MySQL. Vulnerab [ more ] [ reply ] MDKSA-2005:213 - Updated php packages fix multiple vulnerabilities 2005-11-17 Mandriva Security Team (security mandriva com) ShmooCon 2006 - Washington DC 2005-11-16 B Potter (gdead shmoo com) Bugtraq'rs, ShmooCon 2006 is upon us! ShmooCon 2005 (aka: the first one) was a huge success and we've decided to push our luck and have another one. The second annual ShmooCon will be January 13-15, in Washington, D.C., at the Marriott Wardman Park Hotel. In a nutshell, over three days, the [ more ] [ reply ] [security bulletin] SSRT5979 - HP-UX Running IPSec Remote Denial of Service (DoS) 2005-11-16 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00555601 Version: 1 HPSBUX02076 SSRT5979 - HP-UX Running IPSec Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release [ more ] [ reply ] [ GLSA 200511-14 ] GTK+ 2, GdkPixbuf: Multiple XPM decoding vulnerabilities 2005-11-16 Thierry Carrez (koon gentoo org) MDKSA-2005:212 - Updated egroupware packages to address phpldapadmin, phpsysinfo vulnerabilities 2005-11-16 Mandriva Security Team (security mandriva com) [security bulletin] SSRT5979 - HP Jetdirect 635n IPv6/IPsec Print Server (J7961A) Remote Denial of Service (DoS) 2005-11-16 Security Alert (secure hpchs cup hp com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00557788 Version: 1 HPSBPI02078 SSRT5979 - HP Jetdirect 635n IPv6/IPsec Print Server (J7961A) Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upo [ more ] [ reply ] [USN-216-1] GDK vulnerabilities 2005-11-16 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-216-1 November 16, 2005 gtk+2.0, gdk-pixbuf vulnerabilities CVE-2005-2975, CVE-2005-2976, CVE-2005-3186 =========================================================== A security issue affects the following Ubuntu [ more ] [ reply ] [security bulletin] SSRT051251 - Apache-based Web Server on HP-UX mod_ssl, proxy_http, Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access 2005-11-16 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00555254 Version: 1 HPSBUX02074 SSRT051251 - Apache-based Web Server on HP-UX mod_ssl, proxy_http, Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access NOTICE: Th [ more ] [ reply ] Re: Authentication vulnerability in Belkin wireless devices 2005-11-16 Andrei Mikhailovsky (mlists arhont com) This is very odd, as we've reproduced this vulnerability on about 5 different F5D7230-4 with firmware 4.05.3 and 4.03.3, as well as on a few of the F5D7232-4 routers with the same firmware. This can't be a network specific setup issue, as we've tested this on several unrelated networks from Linux a [ more ] [ reply ] In response to ISAKMP 'vulnerabilities' 2005-11-16 sigint hush com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Some thoughts on the ISAKMP advisory. http://www.uniras.gov.uk/niscc/docs/br-20051114-01013.html?lang=en While reading over this my first thoughts are 'they wrote a fuzzer, it exposed some vulnerabilities, interesting but not too interesting'. I think [ more ] [ reply ] Cisco Security Advisory: Fixed SNMP Communities and Open UDP Port in Cisco 7920 Wireless IP Phone 2005-11-16 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Fixed SNMP Communities and Open UDP Port in Cisco 7920 Wireless IP Phone Document ID: 68179 Advisory ID: cisco-sa-20051116-7920 http://www.cisco.com/warp/public/707/cisco-sa-20051116-7920.shtml Revision 1.0 For Public Relea [ more ] [ reply ] Buffer Overrun in FTGate4 Groupware Mail server 2005-11-16 io lucaercoli it /****** Package: FTGate4 Groupware Mail server Auth: http://www.floosietek.com/ Version(s): 4.1 / previous versions may also be vulnerable Vulnerability Type: Remote Code Execution *****************/ Disclaimer: --------- The information is provided "as is" without warranty of any kind. The au [ more ] [ reply ] Database servers on XP and the curious flaw 2005-11-16 David Litchfield (davidl ngssoftware com) Hey all, I've just put up a paper on a curious flaw that appears when running a database server on Windows XP with Simple File Sharing enabled. The flaw essentially allows a remote attacker to gain access to the database, sometimes with DBA privileges, without knowledge of a valid password. To be ho [ more ] [ reply ] SUSE Security Announcement: gdk-pixbuf, gtk2 (SUSE-SA:2005:065) 2005-11-16 Thomas Biege (thomas suse de) RE: List of Security-oriented Fairs/Events/Conferences? 2005-11-16 Juha-Matti Laurio (juha-matti laurio netti fi) [ GLSA 200511-13 ] Sylpheed, Sylpheed-Claws: Buffer overflow in LDIF importer 2005-11-15 Thierry Carrez (koon gentoo org) Critical SQL Injection PHPNuke <= 7.8 2005-11-15 sp3x securityreason com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SecurityAlert SA027 Author: sp3x GPG: http://securityreason.com/key/sp3x.gpg Date: 15. November 2005 Affected software : =================== PHPNuke version : 7.8 with all security fixes/patches Not Affected software : ======================= PHPNu [ more ] [ reply ] APPLE-SA-2005-11-15 iTunes 6 for Windows 2005-11-15 noreply securityfocus com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2005-11-15 iTunes 6 for Windows CVE-ID: CVE-2005-2938 Available for: Microsoft Windows XP and Microsoft Windows 2000 Impact: iTunes 5 for Windows may launch the wrong helper program Description: Due to the way iTunes 5 for Windows launches [ more ] [ reply ] iDEFENSE Security Advisory 11.15.05: Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability 2005-11-15 labs-no-reply (at) idefense (dot) com [email concealed] (labs-no-reply idefense com) Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability iDEFENSE Security Advisory 11.15.05 www.idefense.com/application/poi/display?id=339&type=vulnerabilities November 15, 2005 I. BACKGROUND GTK+ is a multi-platform toolkit for creating graphical user interfaces. Offering a compl [ more ] [ reply ] iDEFENSE Security Advisory 11.15.05: Multiple Vendor Insecure Call to CreateProcess() Vulnerability 2005-11-15 labs-no-reply (at) idefense (dot) com [email concealed] (labs-no-reply idefense com) Multiple Vendor Insecure Call to CreateProcess() Vulnerability iDEFENSE Security Advisory 11.15.05 www.idefense.com/application/poi/display?id=340&type=vulnerabilities November 15, 2005 I. BACKGROUND The Microsoft Windows API includes the CreateProcess() function as a means to create a new proces [ more ] [ reply ] Authentication vulnerability in Belkin wireless devices 2005-11-15 Andrei Mikhailovsky (mlists arhont com) [securityzone (at) macromedia (dot) com [email concealed]: Macromedia Security Bulletins] 2005-11-15 noreply securityfocus com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Macromedia Security Bulletins: - Contribute Publishing Server - Flash Communication Server - Breeze Communication Server and Breeze Live Server ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ MPSB05-08 Contribute Publ [ more ] [ reply ] |
|
Privacy Statement |
[ more ] [ reply ]