|
|
Colapse all |
Post message
[USN-151-1] zlib vulnerability 2005-07-21 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-151-1 July 21, 2005 zlib vulnerability CAN-2005-1849 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5 [ more ] [ reply ] [USN-150-1] KDE library vulnerability 2005-07-21 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-150-1 July 21, 2005 kdelibs vulnerability CAN-2005-1920 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 (Hoary Hedgehog) The [ more ] [ reply ] [USN-152-1] PAM/NSS LDAP vulnerabilitiy 2005-07-21 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-152-1 July 21, 2005 openldap2, libpam-ldap, libnss-ldap vulnerabilities CAN-2005-2069 =========================================================== A security issue affects the following Ubuntu releases: Ubu [ more ] [ reply ] [USN-149-1] Firefox vulnerabilities 2005-07-21 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-149-1 July 21, 2005 mozilla-firefox vulnerabilities CAN-2005-1937, CAN-2005-2260, CAN-2005-2261, CAN-2005-2263, CAN-2005-2264, CAN-2005-2265, CAN-2005-2266, CAN-2005-2267, CAN-2005-2268, CAN-2005-2269, CAN-2 [ more ] [ reply ] Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 rev.4 2005-07-20 Darren Reed (avalon caligula anu edu au) (1 replies) In some mail from Fernando Gont, sie said: > The IPv4 minimum MTU is 68, and not 576. If you blindly send packets larger > than 68 with the DF bit set, in the case there's an intermmediate with an > MTU lower that 576, the connection will stall. And I think you can safely say that if you see any [ more ] [ reply ] Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 rev.4 2005-07-20 Fernando Gont (fernando frh utn edu ar) MDKSA-2005:122 - Updated kdelibs packages fix vulnerability in kate and kwrite 2005-07-20 Mandriva Security Team (security mandriva com) Re: ICMP-based blind performance-degrading attack 2005-07-20 Fernando Gont (fernando frh utn edu ar) At 07:42 p.m. 20/07/2005, Darren Reed wrote: >Go look in the bugtraq archives for 8 July 2001 and you might find an >email like the one below. THere was a thread on this topic then. > >It would be nice if you included a referral or something in your IETF >draft to my original work on this, 4 years [ more ] [ reply ] Oracle and setting the record straight 2005-07-20 David Litchfield (davidl ngssoftware com) Hey all, I don't know whether this helps serve any purpose or not, other than the vent some of my own frustrations; however... In the wake of the release of Alex Kornbrust's details on some Oracle flaws there has been some discussion in various places about when I supposedly did the same thing l [ more ] [ reply ] MDKSA-2005:123 - Updated shorewall packages fix vulnerability 2005-07-20 Mandriva Security Team (security mandriva com) Peter Gutmann data deletion theaory? 2005-07-20 Jared Johnson (jaredsjazz Yahoo com) (1 replies) All, Do you all agree with Peter Gutman's conclusion on his theory that data can never really be erased, as noted in his quote below: "Data overwritten once or twice may be recovered by subtracting what is expected to be read from a storage location from what is actually read. Data which is overwr [ more ] [ reply ] [SECURITY] [DSA 763-1] New zlib packages fix buffer overflow 2005-07-21 Michael Stone (mstone klecker debian org) Re: ICMP-based blind performance-degrading attack 2005-07-21 Darren Reed (avalon caligula anu edu au) In some mail from Fernando Gont, sie said: > > The new stuff is the counter-measures, not the attacks. Call me a cynic, but if you were focused on the counter-measure side of things, you'd be providing patches, not exploits. > >What's most surprising is that there does not appear to be a document [ more ] [ reply ] [SECURITY] [DSA 764-1] New cacti packages fix several vulnerabilities 2005-07-21 joey infodrom org (Martin Schulze) Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 2005-07-21 Darren Reed (avalon caligula anu edu au) In some mail from Fernando Gont, sie said: > > At 07:25 p.m. 20/07/2005, Darren Reed wrote: > > >In some mail from Fernando Gont, sie said: > > > The IPv4 minimum MTU is 68, and not 576. If you blindly send packets > > larger > > > than 68 with the DF bit set, in the case there's an intermmediate [ more ] [ reply ] RE: Installation of software, and security. . . 2005-07-20 Glenn Everhart chase com Trojans embedded in installation scripts have been a problem in commercial space for many years, despite risk of exposure. I can recall a DBMS that installed its basic relational engine to run at elevated priority relative to everything else on the box, apparently in order to make itself look better [ more ] [ reply ] Re: Re: several vulnerabilities present in Belkin wireless routers 2005-07-20 steven salaets windriver com What I wonder is: How much of a security threat is this? Are we not talking about default settings here? How secure is a linksys or cisco AP out of the box? As far as I recall Cisco also enables telnet by default and if you Google for a default administrative password for any network device it won't [ more ] [ reply ] PeanutHull Local Privilege Escalation Vulnerability 2005-07-20 Sowhat . (smaillist gmail com) PeanutHull Local Privilege Escalation Vulnerability by Sowhat EN: http://secway.org/advisory/AD20050720EN.txt CN: http://secway.org/advisory/AD20050720CN.txt Product Affected: PeanutHull <= 3.0 Beta 5 Overview: Oray Inc. is the world's biggest DDNS (Dynamic Domain Name Service) Provider (Ac [ more ] [ reply ] |
|
Privacy Statement |
the assumed adversary motivations and capabilities are. If the adversary is
a nation-state with electron microscopes and other expensive devices, and
the disk is believed to have held highly classified information, it's
cle
[ more ] [ reply ]