|
|
Colapse all |
Post message
reconsidering physical security: pod slurping 2005-06-13 Abe Usher (abe usher sharp-ideas net) pod slurping ------------ I've written a report that explores an idea that has been known by the security community for decades: physical security is important to information system security. A year ago a report was published by the Gartner Group warning that iPods <http://www.apple.com/ipod/> [ more ] [ reply ] [OpenPKG-SA-2005.010] OpenPKG Security Advisory (openpkg) 2005-06-10 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] TSL-2005-0028 - multi 2005-06-13 Trustix Security Advisor (tsl trustix org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- Trustix Secure Linux Security Advisory #2005-0028 Package name: kerberos5, mailman, mod_perl, openssl, php, spamassassin, tcpdump, telnet, wget Summary: Multipl [ more ] [ reply ] [OpenPKG-SA-2005.009] OpenPKG Security Advisory (gzip) 2005-06-10 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] [ GLSA 200506-11 ] Gaim: Denial of Service vulnerabilities 2005-06-12 Thierry Carrez (koon gentoo org) singapore v0.9.11 cross site scripting and path disclosure 2005-06-12 thegreatone2176 yahoo com Because of singapores heavy use of classes it has multiple path disclosure occurences. The following pages all produced class related errors when navigating directly to them in your browser. gallery/includes/admin.class.php templates/admin_default/ all the .tpl.php files templates/default/ all the [ more ] [ reply ] Security contact of airport Rome, Italy 2005-06-13 Michael Schwartzkopff (misch multinet de) Anybody got a hint how to contact? -- Dr. Michael Schwartzkopff MultiNET Services GmbH Bretonischer Ring 7 85630 Grasbrunn Tel: (+49 89) 456 911 - 0 Fax: (+49 89) 456 911 - 21 mob: (+49 174) 343 28 75 PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B Skype: misch42 [ more ] [ reply ] File Upload Manager Sploits 2005-06-12 blackshoe gmail com Below is some code for a recent unpatched exploit for file managers using php as the base code. Share this with the world and help protect. File Upload Manager - Bypass File Extension and Arbitrary File Delete nothing to see here @ hackthissite.org Through an input validation flaw, users are able [ more ] [ reply ] [OpenPKG-SA-2005.008] OpenPKG Security Advisory (bzip2) 2005-06-10 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] [OpenPKG-SA-2005.007] OpenPKG Security Advisory (cvs) 2005-06-10 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] [ GLSA 200506-08 ] GNU shtool, ocaml-mysql: Insecure temporary file creation 2005-06-11 Thierry Carrez (koon gentoo org) [ GLSA 200506-07 ] Ettercap: Format string vulnerability 2005-06-11 Thierry Carrez (koon gentoo org) [ GLSA 200506-10 ] LutelWall: Insecure temporary file creation 2005-06-11 Thierry Carrez (koon gentoo org) Re: Arbitrary code execution in eping plugin 2005-06-11 oliver codersquad de (2 replies) Hello, the problem is in function eping_validaddr() in functions.php where the host is checked if it is valid as the name says... But the only check is to see if it is a valid ip adress for eping, here is the code: --------------8<-----------------------------------------8<------------- ----------- [ more ] [ reply ] Multiple vulnerabilities in Pico Server (pServ) v3.3 2005-06-11 Raphaël Rigo ML (ml twilight-hall net) [Full-disclosure] [USN-139-1] Gaim vulnerability 2005-06-10 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-139-1 June 10, 2005 gaim vulnerability CAN-2005-1269 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5 [ more ] [ reply ] Voice VLAN Access/Abuse Possible on Cisco voice-enabled, 802.1x-secured Interfaces 2005-06-10 csirt fishnetsecurity com ======================================================================== == Title: Voice VLAN Access/Abuse Possible on Cisco voice-enabled, 802.1x-secured Interfaces Vulnerability Discovery: FishNet Security - http://www.fishnetsecurity.com Date: 06/08/2005 Severity: Medium - Voice VLAN locally acces [ more ] [ reply ] osCommere HTTP Response Splitting 2005-06-10 GulfTech Security Research (security gulftech org) (1 replies) ########################################################## # GulfTech Security Research June 10th, 2005 ########################################################## # Vendor : osCommerce # URL : http://www.oscommerce.com/ # Version : osCommerce 2.2 Milestone 2 && Earlier # Risk : HTT [ more ] [ reply ] [USN-138-1] gedit vulnerability 2005-06-09 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-138-1 June 09, 2005 gedit vulnerability CAN-2005-1686 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu [ more ] [ reply ] [ GLSA 200506-06 ] libextractor: Multiple overflow vulnerabilities 2005-06-09 Thierry Carrez (koon gentoo org) |
|
Privacy Statement |
1) D.o.S. to the bluetooth device
Many bluetooth device communications can be totally inhibited simply by sending a ping-flood to the device from a linux laptop with bluetooth connect
[ more ] [ reply ]