SecurityFocus

iDEFENSE Security Advisory 10.13.05: Multiple Vendor XMail 'sendmail' Recipient Buffer Overflow Vulnerability 2005-10-13
iDEFENSE Labs (labs-no-reply idefense com)

Multiple Vendor XMail 'sendmail' Recipient Buffer Overflow Vulnerability

iDEFENSE Security Advisory 10.13.05
www.idefense.com/application/poi/display?id=321&type=vulnerabilities
October 13, 2005

I. BACKGROUND

XMail is an Internet and intranet mail server. XMail sources compile
under GNU/Linux, Fr

[ more ] [ reply ]

[security bulletin] SSRT5975 HP-UX Running on Itanium Platforms Local Denial of Service (DoS) 2005-10-13
Security Alert (secure hpchs cup hp com)

[security bulletin] SSRT051041 rev.1 - HP-UX Mozilla Remote Unauthorized Execution of Privileged Code or Denial of Service (DoS) 2005-10-13
security-alert hp com

[USN-203-1] Abiword vulnerabilities 2005-10-13
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-203-1 October 13, 2005
abiword vulnerabilities
CAN-2005-2972
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubu

[ more ] [ reply ]

Secunia Research: AhnLab V3 Antivirus ALZ/UUE/XXE Archive HandlingBuffer Overflow 2005-10-13
Secunia Research (vuln secunia com)

======================================================================

Secunia Research 13/10/2005

- AhnLab V3 Antivirus ALZ/UUE/XXE Archive Handling Buffer Overflow -

======================================================================
Table of Contents

Affected Softwa

[ more ] [ reply ]

Yapig: XSS / Code Injection Vulnerability 2005-10-13
enji infosys tuwien ac at

===========================================================
Yapig: XSS / Code Injection Vulnerability
===========================================================
Technical University of Vienna Security Advisory
TUVSA-0510-001, October 13, 2005
========================================================

[ more ] [ reply ]

Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service 2005-10-13
Piotr Bania (bania piotr gmail com)

Kerio Technologies Kerio Personal Firewall and Kerio Server
Firewall FWDRV driver
Local denial of service
by Piotr Bania <bania.piotr (at) gmail (dot) com [email concealed]>
http://pb.specialised.info

Original location:
http://pb.specialised.info/all/adv/kerio-fwdrv-dos-adv.txt

Severity: Low

[ more ] [ reply ]

[SECURITY] [DSA 864-1] New Ruby 1.8 packages fix safety bypass 2005-10-13
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 864-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
October 13th, 2005

[ more ] [ reply ]

[SECURITY] [DSA 865-1] New hylafax packages fix insecure temporary files 2005-10-13
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 865-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
October 13th, 2005

[ more ] [ reply ]

VERITAS NetBackup: Java User-Interface, format string vulnerability 2005-10-12
secure symantec com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This advisory is available from:
http://www.symantec.com/avcenter/security/Content/2005.10.12.html

Symantec Security Advisory

SYM05-018

12 Oct, 2005

VERITAS NetBackup: Java User-Interface, format string vulnerability

Revision History
None

Severi

[ more ] [ reply ]

[SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability 2005-10-12
Gary Oleary-Steele (garyo sec-1 com)

SEC-1 LTD.
www.sec-1.com

Security Advisory

Advisory Name: Collaboration Data Objects Buffer Overflow Vulnerability
Application: Multiple Applications that implement CDO
Platform: Windows 2000 (All

[ more ] [ reply ]

Research for network security news article 2005-10-12
lgreenem cmp com

I'm looking for information and sources for a story I'm writing for InformationWeek magazine about the state of network security and Cisco's role in it. Are network attacks on the rise? More specifically, are attacks on Cisco networking equipment on the rise? How well is the company addressing secur

[ more ] [ reply ]

Secunia Research: Novell NetMail NMAP Agent "USER" Buffer OverflowVulnerability 2005-10-12
Secunia Research (vuln secunia com)

======================================================================

Secunia Research 12/10/2005

- Novell NetMail NMAP Agent "USER" Buffer Overflow Vulnerability -

======================================================================
Table of Contents

Affected Softwar

[ more ] [ reply ]

ZDI-05-001: VERITAS NetBackup Remote Code Execution 2005-10-12
zdi-disclosures 3com com

ZDI-05-001: VERITAS NetBackup Remote Code Execution

http://www.zerodayinitiative.com/advisories/ZDI-05-001.html

October 12th, 2005

-- CVE ID:

CAN-2005-2715

-- Affected Vendor:

Symantec VERITAS

-- Affected Products:

VERITAS NetBackup Data and Business Center 4.5FP

VERITAS NetBackup Dat

[ more ] [ reply ]

Linux Orinoco drivers information leakage 2005-10-12
Meder Kydyraliev (meder o0o nu)

Linux Orinoco Driver Information Leakage Vulnerability
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I. Background
~~~~~~~~~~~~~

http://sourceforge.net/projects/orinoco

The Linux orinoco driver, included in the kernel since 2.4.3 and in David
Hinds' pcmcia-cs package

[ more ] [ reply ]

[USN-201-1] SqWebmail vulnerabilities 2005-10-11
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-201-1 October 11, 2005
courier vulnerabilities
CAN-2005-2724, CAN-2005-2769, CAN-2005-2820
===========================================================

A security issue affects the following Ubuntu releases:

U

[ more ] [ reply ]

MDKSA-2005:181 - Updated squid packages fix vulnerabilities 2005-10-12
Mandriva Security Team (security mandriva com)

[SEC-1 Advisory] GFI MailSecurity 8.1 Web Module Buffer Overflow 2005-10-12
Gary Oleary-Steele (garyo sec-1 com)

SEC-1 LTD.
www.sec-1.com

Security Advisory

Advisory Name: GFI MailSecurity 8.1 Web Module Buffer Overflow
Release Date: 12/October/2005
Application: GFI MailSecurity For SMTP version 8.1

Platform:

[ more ] [ reply ]

[SECURITY] [DSA 863-1] New xine-lib packages fix arbitrary code execution 2005-10-12
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 863-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
October 12th, 2005

[ more ] [ reply ]

[ GLSA 200510-11 ] OpenSSL: SSL 2.0 protocol rollback 2005-10-12
Thierry Carrez (koon gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200510-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[USN-202-1] KOffice vulnerability 2005-10-12
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-202-1 October 12, 2005
koffice vulnerability
CAN-2005-2971
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04 (Hoary Hedgehog)

The

[ more ] [ reply ]

MDKSA-2005:179 - Updated openssl packages fix vulnerabilities 2005-10-12
Mandriva Security Team (security mandriva com)

MDKSA-2005:178 - Updated squirrelmail packages fixes XSS vulberability 2005-10-12
Mandriva Security Team (security mandriva com)

MDKSA-2005:180 - Updated xine-lib packages fixes cddb vulnerability 2005-10-12
Mandriva Security Team (security mandriva com)

using php local file include vulnerabilities for command execution 2005-10-11
Andreas Zeidler (az zitc de) (1 replies)

hi,

this is a comment on the recent phpmyadmin vulnerability[1] discovered
by maksymilian arciemowicz. i didn't really know where to post this,
so i hope this is the right place.

anyway, since i've used a file inclusion vulnerability in an older
version of phpmyadmin as a starting point for a sec

[ more ] [ reply ]

Re: using php local file include vulnerabilities for command execution 2005-10-11
Andreas Zeidler (az zitc de)

[ GLSA 200510-10 ] uw-imap: Remote buffer overflow 2005-10-11
Thierry Carrez (koon gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200510-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[USN-200-1] Thunderbird vulnerabilities 2005-10-11
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-200-1 October 11, 2005
mozilla-thunderbird vulnerabilities
CAN-2005-2701, CAN-2005-2702, CAN-2005-2703, CAN-2005-2704,
CAN-2005-2705, CAN-2005-2706, CAN-2005-2707, CAN-2005-2968
================================

[ more ] [ reply ]