|
|
Colapse all |
Post message
[security bulletin] SSRT4743, SSRT4884 rev.1 - HP Tru64 UNIX TCP/IP remote Denial of Service (DoS) 2005-10-06 security-alert hp com Planet Technology Corp FGSW2402RS switch default password /"backdoor" 2005-10-06 lms fe up pt Hello all, Today i discovered a pseudo backdoor [thru a default password] while trying to reset the password on a Planet Technology Corp FGSW2402RS switch. Allthough i dont consider this to be a real problem since the only access seems to be thru the serial port, i would like to share this with th [ more ] [ reply ] [SECURITY] [DSA 845-1] New mason packages fix missing init script 2005-10-06 joey infodrom org (Martin Schulze) PAKCON II: Call for Paper (CfP), Final Call! 2005-10-05 Ayaz Ahmed Khan (ayaz pakcon org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Folks: This is second round for the Call for Papers (CfP) for PAKCON II. We have couple of speaking slots left for the PAKCON II, Pakistan's Cyber Security Convention. It will be happening on 29th and 30th November, 2005 in Karachi, Pakistan. If you [ more ] [ reply ] Secunia Research: ALZip Multiple Archive Handling Buffer Overflow 2005-10-05 Secunia Research (vuln secunia com) Some new whitepapers ... 2005-10-05 David Litchfield (davidl ngssoftware com) (1 replies) Hey all, I've written two papers available from here http://www.ngssoftware.com/papers.htm The first deals with buffer _underruns_ , DEP and Address Space Layout Randomization on Windows. During the paper's review process I was pointed to http://www.phrack.org/show.php?p=58 which deals with the [ more ] [ reply ] [SECURITY] [DSA 844-1] New mod-auth-shadow packages fix authentication bypass 2005-10-05 joey infodrom org (Martin Schulze) Patches available for critical flaws in HP Openview 2005-10-05 NGSSoftware Insight Security Research (nisr nextgenss com) (1 replies) David and Mark Litchfield of NGSSoftware have discovered a number of critical and high risk vulnerabilities in HP Openview. The flaws can be exploited by attackers without valid credentials to fully compromise a vulnerable server. Windows, Linux. HP-UX and Solaris are all affected. These issues [ more ] [ reply ] Announcement : Core Banking Application Security List 2005-10-05 Lila Buchalski (lbuchalski iconsinc com) [SECURITY] [DSA 843-1] New arc packages fix insecure temporary files 2005-10-05 joey infodrom org (Martin Schulze) RE: iDEFENSE Security Advisory 10.04.05: Symantec AntiVirus Scan Engine Web Service Buffer Overflow Vulnerability 2005-10-04 iDEFENSE Labs (labs-no-reply idefense com) A correction should be made to the credit section of this advisory. The vulnerability was not discovered by infamous41md[at]hotpop.com. Instead it was discovered by an anonymous contributor. infamous41md[at]hotpop.com is responsible for the discovery of the other vulnerability released today in UW-I [ more ] [ reply ] iDEFENSE Security Advisory 10.04.05: Symantec AntiVirus Scan Engine Web Service Buffer Overflow Vulnerability 2005-10-04 iDEFENSE Labs (labs-no-reply idefense com) Symantec AntiVirus Scan Engine Web Service Buffer Overflow Vulnerability iDEFENSE Security Advisory 10.04.05 www.idefense.com/application/poi/display?id=314&type=vulnerabilities October 4, 2005 I. BACKGROUND Symantec Scan Engine is a TCP/IP server and programming interface that enables third par [ more ] [ reply ] iDEFENSE Security Advisory 10.04.05: UW-IMAP Netmailbox Name Parsing Buffer Overflow Vulnerability 2005-10-04 iDEFENSE Labs (labs-no-reply idefense com) UW-IMAP Netmailbox Name Parsing Buffer Overflow Vulnerability iDEFENSE Security Advisory 10.04.05 www.idefense.com/application/poi/display?id=313&type=vulnerabilities October 4, 2005 I. BACKGROUND UW-IMAP is a popular free IMAP service for Linux and UNIX systems and is distributed with various [ more ] [ reply ] [ GLSA 200510-04 ] Texinfo: Insecure temporary file creation 2005-10-05 Thierry Carrez (koon gentoo org) [security bulletin] SSRT051023 rev.5 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Privileged Access 2005-10-04 security-alert hp com [security bulletin] SSRT051030 rev.1 - HP OpenView Event Correlation Services (OV ECS) Remote Unauthorized Privileged Access 2005-10-04 security-alert hp com [security bulletin] SSRT5940 rev.2 - HP-UX Mozilla remote, unauthorized user may execute privileged code 2005-10-04 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBUX01133 REVISION: 2 SSRT5940 rev.2 - HP-UX Mozilla remote, unauthorized user may execute privileged code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. INITIAL RELEASE: 03 Oct [ more ] [ reply ] [security bulletin] SSRT051040 rev.0 - HP-UX Mozilla Remote Unauthorized Execution of Privileged Code 2005-10-04 security-alert hp com A common researcher diagnosis error: misreading error messages 2005-10-04 Steven M. Christey (coley mitre org) In "Re: BID #14752 update", Josh Zlatin-Amishav pointed out a vulnerability diagnosis error that seems to be happening more frequently: >BID 14752 is not only an XSS vulnerability, the real problem is a >directory transversal flaw and affects Guppy versions less than >4.5.6a. > >[snip] > >The code [ more ] [ reply ] [ GLSA 200510-03 ] Uim: Privilege escalation vulnerability 2005-10-04 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [SECURITY] [DSA 833-2] New mysql-dfsg-4.1 package fixes arbitrary code execution 2005-10-04 joey infodrom org (Martin Schulze) [security bulletin] SSRT051041 rev.0 - HP-UX Mozilla Remote Unauthorized Execution of Privileged Code or Denial of Service (DoS) 2005-10-04 security-alert hp com [USN-193-1] dia vulnerability 2005-10-04 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-193-1 October 04, 2005 dia vulnerability CAN-2005-2966 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 (Hoary Hedgehog) The fol [ more ] [ reply ] [USN-155-3] Fixed mozilla locale packages 2005-10-04 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-155-3 October 04, 2005 mozilla-locale-... updates https://bugzilla.ubuntu.com/show_bug.cgi?id=14577 =========================================================== A security issue affects the following Ubuntu rel [ more ] [ reply ] [ GLSA 200510-02 ] Berkeley MPEG Tools: Multiple insecure temporary files 2005-10-03 Thierry Carrez (koon gentoo org) [ GLSA 200510-01 ] gtkdiskfree: Insecure temporary file creation 2005-10-03 Thierry Carrez (koon gentoo org) |
|
Privacy Statement |
Hash: SHA1
HP SECURITY BULLETIN
HPSBTU01210 REVISION: 1
SSRT4743, SSRT4884 rev.1 - HP Tru64 UNIX TCP/IP remote Denial of
Service (DoS)
NOTICE:
The information in this Security Bulletin should be acted upon
as soon as possible.
IN
[ more ] [ reply ]