|
|
Colapse all |
Post message
RE: router worms and International Infrastructure [was: Re: IOS exploit] 2005-09-22 martin kusala net > That leaves us with 30% of the Internet dead, and that's really a bad > scenario as someone I know would say. There's been dramatic advances in router vulnerability research recently- one hopes that Cisco and Juiper are keeping pace. While we are still in the theoretical stages of these attacks, [ more ] [ reply ] [SECURITY] [DSA 818-1] New kdeedu packages fix insecure temporary files 2005-09-22 joey infodrom org (Martin Schulze) OpenServer 6.0.0 : TCP Remote ICMP Denial Of Service Vulnerabilities 2005-09-22 please_reply_to_security sco com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ ______ SCO Security Advisory Subject: OpenServer 6.0.0 : TCP Remote ICMP Denial Of Service Vulnerabilities Advisory number: SCOSA-2005.38 Issue date: 2005 September 22 C [ more ] [ reply ] Protty v.01A (beta) - shellcode execution protection library for Windows NT based systems 2005-09-22 Piotr Bania (bania piotr gmail com) Hi, For those who are interrested i have released Protty lib: Protty is a ring 3 library developed to protect against shellcode execution on Windows NT based systems. The full description of the mechanism was published within the Phrack magazine volume #63, available here: http://www.phrack.org/ph [ more ] [ reply ] FireFox exploit updated 2005-09-22 Berend-Jan Wever (berendjanwever gmail com) http://www.milw0rm.com Somewhere I totally forgot to credit Tom Ferris for finding the vulnerability. I hate it when people forget credits and now I am one of them :(. Please update your copy if you have mirrored it on your site. Cheers, SkyLined -- Berend-Jan Wever <berendjanwever (at) gmail (dot) com [email concealed]> ht [ more ] [ reply ] Re: Paper - How It's Difficult to Ruin a Good Name: An Analysis of Reputational Risk 2005-09-21 hodejo1 aol com This paper is an expansion on Richard Menta's SC Magazine article from last June titled "A Need to Know". That is the actual starting point for this topic. The article is on SC Mags Web site at: http://www.scmagazine.com/features/index.cfm?fuseaction=FeatureDetails&n ewsUID=3cdf7a84-e2d6-46e4-8607-1 [ more ] [ reply ] [security bulletin] SSRT5988 rev.1 - HP Tru64 Unix libXpm Remote Denial of Service (DoS) or Execute Privileged Code 2005-09-21 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBTU01228 REVISION: 1 SSRT5988 rev.1 - HP Tru64 Unix libXpm Remote Denial of Service (DoS) or Execute Privileged Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. INITIAL RELE [ more ] [ reply ] UnixWare 7.1.4 : LibTIFF < 3.72 malformed data code exec 2005-09-20 please_reply_to_security sco com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ ______ SCO Security Advisory Subject: UnixWare 7.1.4 : LibTIFF < 3.72 malformed data code exec Advisory number: SCOSA-2005.34 Issue date: 2005 September 20 Cross referen [ more ] [ reply ] [SNS Advisory No.83] Webmin/Usermin PAM Authentication Bypass Vulnerability 2005-09-21 snsadv lac co jp (snsadv) ------------------------------------------------------------------ SNS Advisory No.83 Webmin/Usermin PAM Authentication Bypass Vulnerability Problem first discovered on: Sun, 04 Sep 2005 Published on: Tue, 20 Sep 2005 ------------------------------------------------------------------ Severity Leve [ more ] [ reply ] Upcoming Black Hat events announcement 2005-09-21 Jeff Moss (jmoss blackhat com) Dear BugTraq readers, I want to keep you up to date with what Black Hat is up to. Currently there is a stand alone training in Seattle in October, a Briefings in Tokyo in October, and a Federal Training and Briefings in Crystal City in January. Black Hat returns to Amsterdam at the end February w [ more ] [ reply ] [BuHa-Security] Multiple vulnerabilities in (admincp/modcp of) vBulletin 3.0.7 2005-09-20 bugtraq morph3us org MDKSA-2005:167 - Updated util-linux packages fix umount vulnerability 2005-09-21 Mandriva Security Team (security mandriva com) MDKSA-2005:168 - Updated masqmail packages fix vulnerabilities 2005-09-21 Mandriva Security Team (security mandriva com) MDKSA-2005:166 - Updated clamv packages fix vulnerabilities 2005-09-21 Mandriva Security Team (security mandriva com) PocketPC exploitation 2005-09-21 Jose Morales (mrjoemango2 hotmail com) I would like to contribute to the list a paper i just had published that discusses the vulnerabilities of current virus detectors for pocket pc's, it is scary to think that such simplistic detectors are the current state of the art for such powerfull devices, it leads one to think that the lesson [ more ] [ reply ] Re: Subscribe Me Pro 2.044.09P and prior Directory Traversal Vulnerability 2005-09-21 please_use_support_form ourwebsite com Paper - How It's Difficult to Ruin a Good Name: An Analysis of Reputational Risk 2005-09-21 Kenneth F. Belva (ken ftusecurity com) This paper was delivered as the keynote presentation at the FiTech Summit 2005. You may find a link to the FiTech Summit here: http://www.me-uk.com/summits/eventdetails.asp?eventID=9022 The paper asks: Given a publicly disclosed security incident, "to what extent is (or isn't) investor confidence [ more ] [ reply ] [ GLSA 200509-14 ] Zebedee: Denial of Service vulnerability 2005-09-20 Thierry Carrez (koon gentoo org) [ GLSA 200509-15 ] util-linux: umount command validation error 2005-09-20 Thierry Carrez (koon gentoo org) [USN-185-1] CUPS vulnerability 2005-09-20 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-185-1 September 20, 2005 cupsys vulnerability CAN-2004-2154 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The f [ more ] [ reply ] MDKSA-2005:138-1 - Updated cups packages fix vulnerability 2005-09-20 Mandriva Security Team (security mandriva com) Secunia Research: Opera Mail Client Attachment Spoofing and ScriptInsertion 2005-09-20 Secunia Research (vuln secunia com) phpBB 2.0.17 remote avatar size bug 2005-09-20 SmOk3 (smok3f00 gmail com) (2 replies) Title: phpBB remote avatar size bug Software: phpBB 2.0.17 (and maybe prior versions) Discovered by: David Sopas Ferreira < david at systemsecure dot org > Original link: http://www.systemsecure.org/ssforum/viewtopic.php?t=272 » Email from phpBB « Your report "Avatar size" has been closed because [ more ] [ reply ] bacula insecure temporary file creation 2005-09-20 Eric Romang / ZATAZ.com (eromang zataz com) ######################################################### bacula insecure temporary file creation Vendor: http://www.bacula.org/ Advisory: http://www.zataz.net/adviso/bacula-09192005.txt Vendor informed: yes Exploit available: yes Impact : low Exploitation : low ################################## [ more ] [ reply ] MDKSA-2005:165 - Updated cups packages fix vulnerability 2005-09-20 Mandriva Security Team (security mandriva com) |
|
Privacy Statement |
- Platinum Secure Smart Card security bypass technique -
========================================================
Vendor: http://360degreeweb.com
Vendor informed: nope...but Acer were
Impact : pretty high
Vulnerable Systems
---------------
[ more ] [ reply ]