|
|
Colapse all |
Post message
MDKSA-2005:145 - Updated openvpn packages fix several vulnerabilities 2005-08-23 Mandriva Security Team (security mandriva com) [ Suresec Advisories ] - Several MacOS X vulnerabilities 2005-08-22 Suresec Advisories (advisories suresec org) Suresec Security Advisory - #00005 22/08/05 Several MacOS X vulnerabilities Advisory: http://www.suresec.org/advisories/adv5.pdf Description: 2 bufferoverflows in ping and traceroute were found. Additionaly a vulnerability was found in dsindentity that allows any user to remove useraccounts. [ more ] [ reply ] Re: RE: Cisco Clean Access Agent (Perfigo) bypass 2005-08-22 cdmiller-bugtraq adams edu More clarification, response to Cisco guy, 1) Authenticated windows users can get on the network without installing the CCA agent, unless, "the administrator can define Network Scanning rules on the CCA Manager and use Nessus scans to determine the real OS in use". Perhaps remote checks should be [ more ] [ reply ] Remote IIS 5.x and IIS 6.0 Server Name Spoof 2005-08-22 inge_eivind henriksen chello no (1 replies) ** Inge Henriksen Security Advisory - Full Disclosure Proof of Concept at http://ingehenriksen.blogspot.com/ ** It is possible to remotely spoof the "SERVER_NAME" Microsoft® Internet Information Server® 5.0, 5.1 and 6.0 variable by doing a modified HTTP request. Thus potentially revealing sensitive [ more ] [ reply ] [SECURITYREASON.COM] Multiple vulnerabilities in PostNuke 0.760-RC4b=>x cXIb8O3.15 2005-08-22 max jestsuper pl -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [Multiple vulnerabilities in PostNuke 0.760-RC4b=>x cXIb8O3.15] Author: Maksymilian Arciemowicz ( cXIb8O3 ) Date: 12.6.2005 from SECURITYREASON.COM - --- 0.Description --- PostNuke: The Phoenix Release (0.750) PostNuke is an open source, open develo [ more ] [ reply ] 32919 - Computer Associates Message Queuing (CAM/CAFT) multiple vulnerabilities 2005-08-22 Williams, James K (James Williams ca com) Title: 32919 - Computer Associates Message Queuing (CAM/CAFT) multiple vulnerabilities CA Vulnerability ID: CAID 32919 Disclosure Date: 2005-08-19 Discovered By: CA internal audit Impact: Remote attackers can execute arbitrary code, or cause a denial of service condition. Summary: Durin [ more ] [ reply ] SQL Injection and PHP Code Injection Vulnerabilities in PHPKit 1.6.1 2005-08-22 phuket (phuket bugtraq gmail com) SQL Injection and PHP Code Injection Vulnerabilities in PHPKit 1.6.1 Version: PHPKit 1.6.1 Risk: High if magic_quotes_gpc = Off URL: http://www.phpkit.com ************************************************************************ *** SQL Injection in include.php?path=login/member.php The parameters [ more ] [ reply ] RE: Cisco Clean Access Agent (Perfigo) bypass 2005-08-21 Dario Ciccarone (dciccaro) (dciccaro cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, This post is to confirm that the Cisco Systems PSIRT is actively researching into this issue. We will be providing a more thorough answer on Monday, August 22, 2005. Attached: a cleartext, PGP signed version of this same email. Thanks, [ more ] [ reply ] Cisco Security Advisory: Cisco Intrusion Prevention System Vulnerable to Privilege Escalation 2005-08-22 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ======================================================================== = Cisco Security Advisory: Cisco Intrusion Prevention System Vulnerable to Privilege Escalation Revision 1.0 For Public Release 2005 August 22 1700 UTC (GMT) ================= [ more ] [ reply ] RE: Cisco Clean Access Agent (Perfigo) bypass 2005-08-22 Dario Ciccarone (dciccaro) (dciccaro cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is in response to the email posted by 'llhansen-bugtraq (at) adams (dot) edu [email concealed]' on August 19, 2005. The original email is available at http://www.securityfocus.com/archive/1/408603/30/0/threaded . Attached: a cleartext, PGP signed version of this same em [ more ] [ reply ] DMA[2005-0818a] - 'Apple OSX dsidentity privilege abuse' 2005-08-22 KF (lists) (kf_lists digitalmunition com) Cisco Security Advisory: SSL Certificate Validation Vulnerability in IDS Management Software 2005-08-22 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ======================================================================== = Cisco Security Advisory: SSL Certificate Validation Vulnerability in IDS Management Software Revision 1.0 For Public Release 2005 August 22 1700 UTC (GMT) ================== [ more ] [ reply ] ELM < 2.5.8 Remote Exploit POC 2005-08-22 c0ntexb gmail com /* Exploit code for the bug posted by Ulf Harnhammar (metaurtelia.com) http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html Probably you will need to change SYSLOC and STRLOC to work on your box */ #include <stdio.h> #include <stdlib.h> #include <string.h> #include <uni [ more ] [ reply ] SUSE Security Announcement: Adobe Reader Plugin buffer overflow (SUSE-SA:2005:047) 2005-08-22 Marcus Meissner (meissner suse de) ToorCon 7 Lineup Finalized & Pre-Registration Ending 2005-08-20 h1kari (at) toorcon (dot) org [email concealed] (h1kari toorcon org) TOORCON 7 LINEUP FINALIZED & PRE-REGISTRATION ENDING ToorCon 7 has finalized its speaker lineup with over 30 talks spanned across 2 days. ToorCon will be taking place this year at the San Diego Convention Center on September 16th-18th. ABOUT TOORCON ToorCon is just around the corner again this ye [ more ] [ reply ] Bugs Land Down Under v800 2005-08-20 bl2k shabgard org Bugs Land Down Under v800 PHP/MySQL Website engine Copyright Neocrome - http://www.neocrome.net --------------------------------------------- Sql Injection and Cross Site Scripting Problem examlple : /ldu/forums.php?m=topics&s=' /ldu/list.php?c=articles&s=title&w=asc&o='&p=1 /ldu/list.php?c=artic [ more ] [ reply ] [SECURITY] [DSA 779-1] New Mozilla Firefox packages fix several vulnerabilities 2005-08-20 joey infodrom org (Martin Schulze) [USN-171-1] PHP4 vulnerabilities 2005-08-20 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-171-1 August 20, 2005 php4 vulnerabilities CAN-2005-1751, CAN-2005-1759, CAN-2005-2498 =========================================================== A security issue affects the following Ubuntu releases: Ubun [ more ] [ reply ] Woltlab Burning Board <= 2.2.2/2.3.3 modcp.php SQL injection 2005-08-20 admin batznet com ##################################################### # Woltlab Burning Board <= 2.2.2/2.3.3 modcp.php # SQL injection # Discovered by [R] ##################################################### Vendor: WoltLab URL: http://www.woltlab.de/ Version: <= 2.3.3 Type: SQL-injection Description [ more ] [ reply ] IBM Lotus Notes multiple disclosures of password hashes 2005-08-20 Shalom Carmel (shalom venera com) Summary ======== A vulnerability describing password hashes disclosure in Domino webmail was published in July 2005.A further test revealed disclosed password hashes in the Lotus Notes client and in Domino LDAP. Details ======= Lotus Notes client can be used to access the Notes Address Book (NA [ more ] [ reply ] Vul in MyBB 2005-08-19 s2b hotmail com Hello The Injected File : search.php Discovered by: HACKERS PAL & Devil-00 & ABDUCTER Injected Versions :- Powered by MyBulletinBoard 1.00 Release Candidate 4 Powered by MyBulletinBoard 1.00 Release Candidate 3 Powered by MyBulletinBoard 1.00 Release Candidate 2 Powered by MyBulletinBoard 1.00 Rel [ more ] [ reply ] Secunia Research: HAURI Anti-Virus Compressed Archive DirectoryTraversal 2005-08-19 Secunia Research (vuln secunia com) [ GLSA 200508-10 ] Kismet: Multiple vulnerabilities 2005-08-19 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [USN-169-1] Linux kernel vulnerabilities 2005-08-19 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-169-1 August 19, 2005 linux-source-2.6.8.1, linux-source-2.6.10 vulnerabilities CAN-2005-2098, CAN-2005-2456, CAN-2005-2457, CAN-2005-2458, CAN-2005-2459, CAN-2005-2548, CAN-2005-2555 ========================= [ more ] [ reply ] Cisco Clean Access Agent (Perfigo) bypass 2005-08-19 llhansen-bugtraq adams edu Description: Cisco Clean Access is an easily deployed software solution that can automatically detect, isolate, and clean infected or vulnerable devices that attempt to access your network. It identifies whether networked devices such as laptops, personal digital assistants, even game consoles are [ more ] [ reply ] [SECURITY] [DSA 778-1] New mantis packages fix several vulnerabilities 2005-08-19 joey infodrom org (Martin Schulze) [USN-170-1] gnupg vulnerability 2005-08-19 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-170-1 August 19, 2005 gnupg vulnerability CAN-2005-0366 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: openvpn
Advisory ID:
[ more ] [ reply ]