|
|
Prev week |
Colapse all |
Post message
[ GLSA 200510-14 ] Perl, Qt-UnixODBC, CMake: RUNPATH issues 2005-10-17 Thierry Carrez (koon gentoo org) Re: Google Talk cleartext proxy credentials vulnerability 2005-10-15 3APA3A (3APA3A SECURITY NNOV RU) Dear m123303 (at) richmond.ac (dot) uk [email concealed], Again and again. HKEY_CURENT_USER is accessible for user only. If one can access user's account he can recover _any_ stored password, because he can do everything user can. The only additional reason, storing password in registry is not good, is password can be eas [ more ] [ reply ] MDKSA-2005:185 - Updated koffice packages fix KWord RTF import overflow vulnerability 2005-10-14 Mandriva Security Team (security mandriva com) Security Contacr for Mycall 2005-10-14 Fixer (fixer gci net) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Does anyone know of a security contact for Mycall? They provide kiosks and terminals for hotels and such. I tried their website and Google, but with no luck. Thanks! - -cdh -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (MingW32) Comment: Using [ more ] [ reply ] [KAPDA::#6] Punbb SQL Injection Vulnerability 2005-10-14 advisory kapda ir [KAPDA::#6] Punbb SQL Injection Vulnerability Punbb search.php SQL Injection Vulnerability KAPDA New advisory Vulnerable products : Punbb ( V 1.2.8 and 1.2.7 are tested,Hopefully all other versions) Vendor: http://www.punbb.org/ Vulnerability: Sql injection About Punbb -------------------- [ more ] [ reply ] MDKSA-2005:184 - Updated cfengine packages fix temporary file vulnerabilities 2005-10-14 Mandriva Security Team (security mandriva com) [ GLSA 200510-12 ] KOffice, KWord: RTF import buffer overflow 2005-10-14 Sune Kloppenborg Jeppesen (jaervosz gentoo org) Trusted Digital, Trusted Mobility Suite Authorization Bypass Vulnerability 2005-10-14 none securityfocus com Trusted Digital, Trusted MObility Suite Authorization Bypass Vulnerability Affected applications Trusted Mobility Agent PC Policy Versions: All Backgroud: Trusted Mobility Suite detects, controls and centrally manages mobile devices. It also pushes security policy and disables lost or stolen [ more ] [ reply ] CAID 33485 - Computer Associates iGateway debug mode HTTP GET request buffer overflow vulnerability 2005-10-14 Williams, James K (James Williams ca com) Title: Computer Associates iGateway debug mode HTTP GET request buffer overflow vulnerability CA Vulnerability ID: 33485 Discovery Date: 2005-10-06 CA Advisory Date: 2005-10-14 Discovered By: EMendoza Impact: Remote attacker can execute arbitrary code with SYSTEM privileges. Summary: The [ more ] [ reply ] MDKSA-2005:183 - Updated wget packages fix NTLM authentication vulnerability 2005-10-14 Mandriva Security Team (security mandriva com) Gallery 2.x Remote File Access Vulnerability 2005-10-14 Bharat Mediratta (bharat menalto com) Vendor information: Gallery is an open source web based photo album organizer. The 2.x is a newly released complete rewrite of the application. Url: http://gallery.menalto.com Contact: gallery (at) menalto (dot) com [email concealed] Vulnerability class: Input sanitization Details: Michael Dipper [ more ] [ reply ] MDKSA-2005:182 - Updated curl packages fix NTLM authentication vulnerability 2005-10-14 Mandriva Security Team (security mandriva com) Google Talk cleartext proxy credentials vulnerability 2005-10-14 m123303 richmond ac uk Title: Google Talk cleartext proxy credentials vulnerability Risk: Low/Medium Versions affected: <= 1.0.0.72 Credits: pagvac (Adrian Pastor) Date found: 12th Oct, 2005 Homepage: www.ikwt.com (In Knowledge We Trust) www.adrianpv.com E-mail: m123303 [ - a t - ] richmond.ac.uk [Backgro [ more ] [ reply ] RTasarim WebAdmin modul SQL injection 2005-10-14 khc bsdmail org, and securityfocus com,www clankurd tk securityfocus com Site : www.rtasarim.com/en/yazilim.asp Description : WEBADMIN (Site Administrating Program) By courtesy of the Program it can be possible to intervene to the parts of the site instantly. All parts those have interactivity option can be updated. username : admin password : 'or' or username : 'o [ more ] [ reply ] Re: Antivirus detection bypass by special crafted archive. 2005-10-14 Williams, James K (James Williams ca com) fRoGGz, SecuBox Labs: thanks for posting the advisory. We are wrapping up our investigation and development of solutions to address this issue. We will post an appropriate notification when those solutions are available. In the meantime, CA eAV users can protect themselves by enabling Realtime S [ more ] [ reply ] Airscanner Mobile Security Advisory #05101001: iTunes Shared Music Denial of Service/Spoofing/Flooding/Abuse 2005-10-14 Seth Fogie (seth airscanner com) *Airscanner Mobile Security Advisory #05101001: iTunes 6.0 Shared Music Denial of Service/Spoofing/Flooding/Abuse* *Demo:* The following is a link to a Flash demo in which we demonstrate the vulnerability. (link to flash demo <http://www.airscanner.com/security/itwns2.html>) *URL: *http://www.ai [ more ] [ reply ] [USN-205-1] Curl and wget vulnerabilities 2005-10-14 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-205-1 October 14, 2005 curl, wget vulnerabilities CAN-2005-3185 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) [ more ] [ reply ] [USN-204-1] SSL library vulnerability 2005-10-14 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-204-1 October 14, 2005 openssl vulnerability CAN-2005-2969 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubunt [ more ] [ reply ] iDEFENSE Security Advisory 10.13.05: Multiple Vendor wget/curl NTLM Username Buffer Overflow Vulnerability 2005-10-13 iDEFENSE Labs (labs-no-reply idefense com) Multiple Vendor wget/curl NTLM Username Buffer Overflow Vulnerability iDEFENSE Security Advisory 10.13.05 www.idefense.com/application/poi/display?id=322&type=vulnerabilities October 13, 2005 I. BACKGROUND GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the mos [ more ] [ reply ] iDEFENSE Security Advisory 10.13.05: Multiple Vendor XMail 'sendmail' Recipient Buffer Overflow Vulnerability 2005-10-13 iDEFENSE Labs (labs-no-reply idefense com) Multiple Vendor XMail 'sendmail' Recipient Buffer Overflow Vulnerability iDEFENSE Security Advisory 10.13.05 www.idefense.com/application/poi/display?id=321&type=vulnerabilities October 13, 2005 I. BACKGROUND XMail is an Internet and intranet mail server. XMail sources compile under GNU/Linux, Fr [ more ] [ reply ] [security bulletin] SSRT5975 HP-UX Running on Itanium Platforms Local Denial of Service (DoS) 2005-10-13 Security Alert (secure hpchs cup hp com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBUX01233 REVISION: 0 SSRT5975 HP-UX Running on Itanium Platforms Local Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. INITIAL RELEASE: 12 October 2005 [ more ] [ reply ] [security bulletin] SSRT051041 rev.1 - HP-UX Mozilla Remote Unauthorized Execution of Privileged Code or Denial of Service (DoS) 2005-10-13 security-alert hp com [USN-203-1] Abiword vulnerabilities 2005-10-13 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-203-1 October 13, 2005 abiword vulnerabilities CAN-2005-2972 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubu [ more ] [ reply ] Secunia Research: AhnLab V3 Antivirus ALZ/UUE/XXE Archive HandlingBuffer Overflow 2005-10-13 Secunia Research (vuln secunia com) Yapig: XSS / Code Injection Vulnerability 2005-10-13 enji infosys tuwien ac at =========================================================== Yapig: XSS / Code Injection Vulnerability =========================================================== Technical University of Vienna Security Advisory TUVSA-0510-001, October 13, 2005 ======================================================== [ more ] [ reply ] Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service 2005-10-13 Piotr Bania (bania piotr gmail com) Kerio Technologies Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local denial of service by Piotr Bania <bania.piotr (at) gmail (dot) com [email concealed]> http://pb.specialised.info Original location: http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt Severity: Low [ more ] [ reply ] [SECURITY] [DSA 864-1] New Ruby 1.8 packages fix safety bypass 2005-10-13 joey infodrom org (Martin Schulze) [SECURITY] [DSA 865-1] New hylafax packages fix insecure temporary files 2005-10-13 joey infodrom org (Martin Schulze) VERITAS NetBackup: Java User-Interface, format string vulnerability 2005-10-12 secure symantec com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This advisory is available from: http://www.symantec.com/avcenter/security/Content/2005.10.12.html Symantec Security Advisory SYM05-018 12 Oct, 2005 VERITAS NetBackup: Java User-Interface, format string vulnerability Revision History None Severi [ more ] [ reply ] |
|
Privacy Statement |
Gentoo Linux Security Advisory GLSA 200510-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
[ more ] [ reply ]