|
|
Colapse all |
Post message
[SECURITY] [DSA 813-1] New centericq packages fix several vulnerabilities 2005-09-15 joey infodrom org (Martin Schulze) Digital Scribe v1.4 Login Bypass / SQL injection / remote code execution 2005-09-15 retrogod aliceposta it Digital Scribe v1.4 Login Bypass / SQL injection / remote code execution software: site: http://www.digital-scribe.org/ description: "Teachers have full control through a web-based interface. Designed for easy installation and even easier use, the Digital Scribe has been used in thousands of s [ more ] [ reply ] Secunia Research: Ahnlab V3 Antivirus Multiple Vulnerabilities 2005-09-15 Secunia Research (vuln secunia com) [SECURITY] [DSA 814-1] New lm-sensors packages fix insecure temporary file 2005-09-15 joey infodrom org (Martin Schulze) ATutor 1.5.1 SQL Injection / Admin credentials disclosure / remote code execution 2005-09-14 retrogod aliceposta it ATUTOR 1.5.1 (possibly prior versions) SQL INJECTION / ADMIN & USERS CREDENTIALS DISCLOSURE / INFORMATION DISCLOSURE / USER IMPERSONATION / REMOTE CODE EXECUTION software: site: http://www.atutor.ca/ description: "ATutor is an Open Source Web-based Learning Content Management System (LCMS) design [ more ] [ reply ] Secunia Research: AVIRA Antivirus ACE Archive Handling BufferOverflow 2005-09-14 Secunia Research (vuln secunia com) iDEFENSE Security Advisory 09.13.05: Linksys WRT54G Router Remote Administration apply.cgi Buffer Overflow Vulnerability 2005-09-13 iDEFENSE Labs (labs-no-reply idefense com) Linksys WRT54G Router Remote Administration apply.cgi Buffer Overflow Vulnerability iDEFENSE Security Advisory 09.13.05 www.idefense.com/application/poi/display?id=305&type=vulnerabilities September 13, 2005 I. BACKGROUND The Linksys WRT54G is a combination wireless access point, switch and route [ more ] [ reply ] iDEFENSE Security Advisory 09.13.05: Linksys WRT54G 'upgrade.cgi' Firmware Upload Design Error Vulnerability 2005-09-13 iDEFENSE Labs (labs-no-reply idefense com) Linksys WRT54G 'upgrade.cgi' Firmware Upload Design Error Vulnerability iDEFENSE Security Advisory 09.13.05 www.idefense.com/application/poi/display?id=307&type=vulnerabilities September 13, 2005 I. BACKGROUND The Linksys WRT54G is a combination wireless access point, switch and router. More info [ more ] [ reply ] Re: [Snort-users] Snort DoS Fallacies 2005-09-13 Martin Roesch (roesch sourcefire com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ok, let's see if we can kill the "analysis" and random speculation dead with this thread. Comments inline: On Sep 13, 2005, at 10:47 AM, Ferguson, Justin (IARC) wrote: > First, if we are using the option -A fast: > > snort/src/output-plugins/spo_al [ more ] [ reply ] iDEFENSE Security Advisory 09.13.05: Linksys WRT54G Management Interface DoS Vulnerability 2005-09-13 iDEFENSE Labs (labs-no-reply idefense com) Linksys WRT54G Management Interface DoS Vulnerability iDEFENSE Security Advisory 09.13.05 www.idefense.com/application/poi/display?id=308&type=vulnerabilities September 13, 2005 I. BACKGROUND The Linksys WRT54G is a combination wireless access point, switch and router. More information is availab [ more ] [ reply ] iDEFENSE Security Advisory 09.13.05: Linksys WRT54G 'restore.cgi' Configuration Modification Design Error Vulnerability 2005-09-13 iDEFENSE Labs (labs-no-reply idefense com) Linksys WRT54G 'restore.cgi' Configuration Modification Design Error Vulnerability iDEFENSE Security Advisory 09.13.05 www.idefense.com/application/poi/display?id=306&type=vulnerabilities September 13, 2005 I. BACKGROUND The Linksys WRT54G is a combination wireless access point, switch and router [ more ] [ reply ] iDEFENSE Security Advisory 09.13.05: Linksys WRT54G Router Remote Administration Fixed Encryption Key Vulnerability 2005-09-13 iDEFENSE Labs (labs-no-reply idefense com) Linksys WRT54G Router Remote Administration Fixed Encryption Key Vulnerability iDEFENSE Security Advisory 09.13.05 www.idefense.com/application/poi/display?id=304&type=vulnerabilities September 13, 2005 I. BACKGROUND The Linksys WRT54G is a combination wireless access point, switch and router. M [ more ] [ reply ] Serious Security issue with broken - Microsoft's .Net XML Serialization API 2005-09-13 Rohit (rohits79 gmail com) (1 replies) Operating Systems: All windows platform with .net framework installed Explanation: This vulnerability could lead to serious security and other issues depending on the implementation. To explain this issue I will try to frame up a possible scenario (Am basically a programmer and can imagine a number [ more ] [ reply ] Re: Serious Security issue with broken - Microsoft's .Net XML Serialization API 2005-09-13 Rohit (rohits79 gmail com) MDKSA-2005:163 - Updated MySQL packages fix vulnerability 2005-09-13 Mandriva Security Team (security mandriva com) MDKSA-2005:162 - Updated squid packages fix vulnerabilities 2005-09-13 Mandriva Security Team (security mandriva com) [SECURITY] [DSA 809-1] New squid packages fix several vulnerabilities 2005-09-13 joey infodrom org (Martin Schulze) Subscribe Me Pro 2.044.09P and prior Directory Traversal Vulnerability 2005-09-13 h4cky0u gmail com -------------------------------------------------------------- HYA-2005-006 h4cky0u.org Advisory 007 -------------------------------------------------------------- Date - Tue Sep 13 2005 TITLE: ====== Subscribe Me Pro 2.044.09P and prior Directory Traversal Vulnerability SEVERITY: ====== [ more ] [ reply ] AzDGDatingLite V 2.1.3 remote code execution 2005-09-13 retrogod aliceposta it AzDGDatingLite V 2.1.3 (possibly prior versions) remote code execution (not yet tested the Platinum version) software: site: http://www.azdg.com/ download page: http://www.azdg.com/scripts.php?l=english description:" AzDGDatingLite is a Free dating script working on PHP and MySQL. Multilanguage, M [ more ] [ reply ] [SECURITY] [DSA 810-1] New Mozilla packages fix several vulnerabilities 2005-09-13 joey infodrom org (Martin Schulze) [USN-181-1] Mozilla products vulnerability 2005-09-12 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-181-1 September 12, 2005 mozilla, mozilla-thunderbird, mozilla-firefox vulnerabilities CAN-2005-2871 =========================================================== A security issue affects the following Ubun [ more ] [ reply ] [USN-83-2] LessTif 1 vulnerabilities 2005-09-12 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-83-2 September 12, 2005 lesstif1-1 vulnerabilities CAN-2004-0914 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) [ more ] [ reply ] [ GLSA 200509-07 ] X.Org: Heap overflow in pixmap allocation 2005-09-12 Thierry Carrez (koon gentoo org) [ GLSA 200509-08 ] Python: Heap overflow in the included PCRE library 2005-09-12 Thierry Carrez (koon gentoo org) util-linux: unintentional grant of privileges by umount 2005-09-12 David Watson (baikie ehwhat freeserve co uk) Affected: Linux umount command as provided in the util-linux package in versions 2.8 to 2.12q, 2.13-pre1 and 2.13-pre2. Privileges needed to exploit: local account with permission to unmount a user-mountable file system with Unix-type features (set-id bits or device nodes). Effect: removal of n [ more ] [ reply ] [OpenPKG-SA-2005.021] OpenPKG Security Advisory (squid) 2005-09-10 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] Re: [Full-disclosure] (TOOL) TAPiON (Polymorphic Decryptor Generator) Engine 2005-09-09 Piotr Bania (bania piotr gmail com) Re, >... >If you want some indepth on polymorphis I recomend you the 29a papers: >http://vx.netlux.org/29a/ I'm not a master in this branch however let me citate one of the aritcles found on the server you sent me (i also recomend you to read it): ----- CUT ----------------------------------- [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 813-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
September 15th, 2005
[ more ] [ reply ]