|
|
Colapse all |
Post message
[FLSA-2005:152889] Updated mc packages fix security issues 2005-08-10 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2005:129284] Updated spamassassin package fixes security issue 2005-08-10 Marc Deslauriers (marcdeslauriers videotron ca) MDKSA-2005:137 - Updated ucd-snmp packages fix a DoS vulnerability 2005-08-11 Mandriva Security Team (security mandriva com) MDKSA-2005:135 - Updated kdegraphics packages fix vulnerability 2005-08-11 Mandriva Security Team (security mandriva com) remote DOS on Wyse thin client 1125SE 2005-08-10 Josh Zlatin-Amishav (josh ramat cc) Synopsis: Wyse Winterm 1125SE Remote DOS. Product: Wyse Winterm 1125SE http://www.wyse.com/products/winterm/1125se/index.htm) Version: Confirmed on Firmware 4.2.09f, 4.4.061f (latest) Author: Josh Zlatin-Amishav Date: August 10, 2005 Background: The Winterm 1125SE is a thin client whi [ more ] [ reply ] MDKSA-2005:138 - Updated cups packages fix vulnerability 2005-08-11 Mandriva Security Team (security mandriva com) Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) 2005-08-11 Reed Arvin (reedarvin gmail com) Summary: Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) (http://www.nai.com/) Details: The ePolicy Orchestrator Agent web server (which runs on TCP port 8081 by default and serves the McAfee Agent Activity Log) can be used to view files that exist on the same [ more ] [ reply ] [SECURITY] [DSA 773-1] New amd64 packages fix several bugs 2005-08-11 joey infodrom org (Martin Schulze) [USN-165-1] heartbeat vulnerability 2005-08-11 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-165-1 August 11, 2005 heartbeat vulnerability CAN-2005-2231 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubu [ more ] [ reply ] [USN-164-1] netpbm vulnerability 2005-08-11 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-164-1 August 11, 2005 netpbm-free vulnerability CAN-2005-2471 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) U [ more ] [ reply ] Re: Compromising pictures of Microsoft Internet Explorer! 2005-08-11 Michal Zalewski (lcamtuf dione ids pl) > This experiment resulted in identifying a potential remote code > execution path in Microsoft Internet Explorer, plus some other bugs, and > should be a good starting point for further testing of other browsers or > similar programs. Just for the reference, this is confirmed to be fixed by the m [ more ] [ reply ] [USN-166-1] Evolution vulnerabilities 2005-08-11 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-166-1 August 11, 2005 evolution vulnerabilities http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035922.ht ml CAN-2005-0806 =========================================================== A security [ more ] [ reply ] High Risk Vulnerability in Novell eDirectory Server 2005-08-11 NGSSoftware Insight Security Research (nisr nextgenss com) Peter Winter-Smith of NGSSoftware has discovered a high risk vulnerability in Novell eDirectory Server. This flaw can be exploited to achieve arbitrary code execution with Local System privileges on an affected server. This issue has fixed in Novell eDirectory Server version 8.7.3 solution ID NOVL1 [ more ] [ reply ] SUSE Security Announcement: Mozilla various security problems (SUSE-SA:2005:045) 2005-08-11 Marcus Meissner (meissner suse de) ms05038 exploit poc (down&execute) 2005-08-11 zwell sohu com /*+++++++++++++++++++++++++++++++++++++++++++++++ Ms05 038 exploit POC Write By ZwelL 2005 8 11 http://www.donews.net/zwell zwell (at) sohu (dot) com [email concealed] Some code belongs to Lion(cnhonker), regards to him. This code tested on Windows 2003 ------------------------------------------ [ more ] [ reply ] ISS vs. Cisco: Chapter 2 2005-08-11 FX (fx phenoelit de) (1 replies) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear list reader, this morning I found to my complete surprise the following email in my inbox, which sheds some light from a different angle on the whole ISS and Cisco story: - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FX, I heard you have got [ more ] [ reply ] Privilege escalation in Nortel Contivity VPN Client V05_01.030 2005-08-10 Jeff Peadro (jeff peadro gmail com) Summary: Privilege escalation in Nortel Contivity VPN Client V05_01.030 (http://www.nortel.com) Details: The Contivity VPN Client is a Windows application that lets you define and store connection information for accessing your corporate network through a Contivity Secure IP Services Gateway. When [ more ] [ reply ] MDKSA-2005:133 - Updated netpbm packages fix temporary file vulnerabilities 2005-08-10 Mandriva Security Team (security mandriva com) MDKSA-2005:132 - Updated heartbeat packages fix temporary file vulnerabilities 2005-08-10 Mandriva Security Team (security mandriva com) CoolWebSearch found in massive spyware ring 2005-08-10 Paul Laudanski (zx castlecops com) Sunbelt Software recently reported to the FBI evidence that shows CoolWebSearch is in a massive spyware ring where private information such as user names, passwords, chat sessions, bank information are stored and uploaded to servers. The FBI responded and are working on the case. "Note that ther [ more ] [ reply ] Full path disclosure in CaLogic 1.22 and possible in older versions. 2005-08-10 gb network gmail com Full path disclosure in CaLogic 1.22 and possible in older versions. Language: PHP Project name: CaLogic Risk: Low Home page: http://www.calogic.de Discovered by: ][GB][ & Zetha Explotation examples: http://[target]/calogic122/doclsqlres.php Fatal error: Call to a member function on a non-objec [ more ] [ reply ] Help put a stop to incompetent computer forensics 2005-08-10 Jason Coombs (jasonc science org) (1 replies) "An experienced computer forensics person could tell you whether it was because of [a Trojan virus] or not." -- Marcus Lawson. This quote and article citation below concerning "computer forensics" is typical of the opinion of "computer forensics" professionals. We know it's a big fat lie told by [ more ] [ reply ] RE: [Full-disclosure] Help put a stop to incompetent computer forensics 2005-08-10 Christopher Day (cday asgardgroup com) [KDE Security Advisory] kpdf temp file writing DoS vulnerability 2005-08-09 Dirk Mueller (mueller kde org) NSFOCUS SA2005-02 : Microsoft IE Devenum.dll COM Instantiation Remote Code Execution Vulnerability 2005-08-10 NSFOCUS Security Team (security nsfocus com) NSFOCUS Security Advisory(SA2005-02) Topic: Microsoft IE Devenum.dll COM Instantiation Remote Code Execution Vulnerability Release Date: 2005-08-10 CVE CAN ID: CAN-2005-1990 http://www.nsfocus.com/english/homepage/research/0502.htm Affected systems & software =========================== Micros [ more ] [ reply ] [security bulletin] SSRT5998 rev.1 - HP System Management Homepage (v2.0.x) Denial of Service (DoS) and XSS 2005-08-10 security-alert hp com [security bulletin] SSRT5957 rev.0 - HP Tru64 UNIX IPSEC Tunnel ESP Mode Remote Unauthorized Disclosure of Encrypted Data 2005-08-10 Security Alert (secure hpchs cup hp com) |
|
Privacy Statement |
Fedora Legacy Update Advisory
Synopsis: Updated mc packages fix security issues
Advisory ID: FLSA:152889
Issue date: 2005-08-10
Product: Red Hat Linux, Fedora Core
Keywords:
[ more ] [ reply ]