|
|
Colapse all |
Post message
iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP SELECT Command DoS Vulnerability 2005-05-24 iDEFENSE Labs (labs-no-reply idefense com) Ipswitch IMail IMAP SELECT Command DoS Vulnerability iDEFENSE Security Advisory 05.24.05 www.idefense.com/application/poi/display?id=241&type=vulnerabilities May 24, 2005 I. BACKGROUND Ipswitch IMail server is a Windows based messaging solution with a customer base of over 53 million users. More [ more ] [ reply ] iDEFENSE Security Advisory 05.24.05: Ipswitch IMail Web Calendaring Arbitrary File Read Vulnerability 2005-05-24 iDEFENSE Labs (labs-no-reply idefense com) Ipswitch IMail Web Calendaring Arbitrary File Read Vulnerability iDEFENSE Security Advisory 05.24.05 www.idefense.com/application/poi/display?id=242&type=vulnerabilities May 24, 2005 I. BACKGROUND Ipswitch Collaboration Suite (ICS) is a comprehensive communication and collaboration solution for [ more ] [ reply ] iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP LOGIN Remote Buffer Overflow Vulnerabilities 2005-05-24 iDEFENSE Labs (labs-no-reply idefense com) Ipswitch IMail IMAP LOGIN Remote Buffer Overflow Vulnerabilities iDEFENSE Security Advisory 05.24.05 www.idefense.com/application/poi/display?id=243&type=vulnerabilities May 24, 2005 I. BACKGROUND Ipswitch Collaboration Suite (ICS) is a comprehensive communication and collaboration solution for [ more ] [ reply ] iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP LSUB DoS Vulnerability 2005-05-24 iDEFENSE Labs (labs-no-reply idefense com) Ipswitch IMail IMAP LSUB DoS Vulnerability iDEFENSE Security Advisory 05.24.05 www.idefense.com/application/poi/display?id=245&type=vulnerabilities May 24, 2005 I. BACKGROUND Ipswitch Collaboration Suite (ICS) is a comprehensive communication and collaboration solution for Microsoft Windows with [ more ] [ reply ] iDEFENSE Security Advisory 05.24.05: Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability 2005-05-24 iDEFENSE Labs (labs-no-reply idefense com) Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability iDEFENSE Security Advisory 05.24.05 www.idefense.com/application/poi/display?id=244&type=vulnerabilities May 24, 2005 I. BACKGROUND Ipswitch Collaboration Suite (ICS) is a comprehensive communication and collaboration solution for M [ more ] [ reply ] ACROS Security: HTML Injection in BEA WebLogic Server Console (1) 2005-05-24 ACROS Security (lists acros si) =====[BEGIN-ACROS-REPORT]===== PUBLIC ======================================================================== = ACROS Security Problem Report #2005-05-24-1 ------------------------------------------------------------------------ - ASPR #2005-05-24-1: HTML Injection in BEA WebLogic Server Console (1 [ more ] [ reply ] ACROS Security: HTML Injection in BEA WebLogic Server Console (2) 2005-05-24 ACROS Security (lists acros si) =====[BEGIN-ACROS-REPORT]===== PUBLIC ======================================================================== = ACROS Security Problem Report #2005-05-24-2 ------------------------------------------------------------------------ - ASPR #2005-05-24-2: HTML Injection in BEA WebLogic Server Console (2 [ more ] [ reply ] Blue Coat Reporter multiple remote vulnerabilities 2005-05-24 Oliver Karow (Oliver Karow gmx de) Blue Coat Reporter 7.1.1.1 - multiple remote vulnerabilities ============================================================ Blue Coat Reporter ================== "Blue Coat Reporter 7 provides identity-based reporting on Web communications enabling enterprises to evaluate Web policies and manage n [ more ] [ reply ] CAID 32896 - Computer Associates Vet Antivirus engine heap overflow vulnerability 2005-05-24 Williams, James K (James Williams ca com) CAID 32896 - Computer Associates Vet Antivirus engine heap overflow vulnerability CA Vulnerability ID: 32896 Discovery Date: 2005/04/26 Discovered By: Alex Wheeler Title: Computer Associates Vet Antivirus engine heap overflow vulnerability Impact: Remote attackers can gain privileged ac [ more ] [ reply ] [ GLSA 200505-18 ] Net-SNMP: fixproc insecure temporary file creation 2005-05-23 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [ GLSA 200505-17 ] Qpopper: Multiple Vulnerabilities 2005-05-23 Sune Kloppenborg Jeppesen (jaervosz gentoo org) Meteor FTP Server v1.5 Buffer Overflow 2005-05-23 Auston J (Anix44 gmail com) The overflow is triggered once a series of commands have been issued with specific criteria. In theory, using the USER command followed by a large amount of data will result in memory corruption as we have seen previously. However, if the PASS and PORT command are also issued with the right argume [ more ] [ reply ] Format string and crash in Warrior Kings 1.3 and Battles 1.23 2005-05-23 Luigi Auriemma (aluigi autistici org) Cookie Cart Default Installation Multiple Vulnerabilities 2005-05-21 SoulBlack Group (soulblacktm gmail com) ============================================================ ============================================================ Title: Cookie Cart Default Installation Multiple Vulnerabilities Vendor: http://www.metromkt.net/ccart Vulnerability discovery: SoulBlack - Security Research - http://soulblac [ more ] [ reply ] Computer Associates Vet Antivirus Library Remote Heap Overflow 2005-05-23 list rem0te com Date May 23, 2005 Vulnerability Computer Associates Vet library provides antivirus scan engine capabilities. Vet scan engines allow products to analyze various streams for malware. Vet is vulnerable to an integer wrap during the analysis of an OLE stream. The integer wrap causes an arbitrary heap o [ more ] [ reply ] pst.advisory 2005-21: gxine remote exploitable . opensource is god .lol windows 2005-05-21 yan feng (jsk ph4nt0m net) [SECURITYREASON.COM] PostNuke Non Critical SQL Injection and Include 0.760-RC3=>x 2005-05-21 Maksymilian Arciemowicz (max jestsuper pl) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [PostNuke Non Critical SQL Injection and Include 0.760-RC3=>x cXIb8O3.10] Author: cXIb8O3(Maksymilian Arciemowicz) Date: 2.4.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release (0.760-RC3=>X) PostNuke is an open [ more ] [ reply ] [SECURITYREASON.COM] PostNuke XSS and Full path disclosure 0.760RC3=>x 2005-05-21 Maksymilian Arciemowicz (max jestsuper pl) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [PostNuke XSS and Full path disclosure 0.760RC3=>x cXIb8O3.7] Author: Maksymilian Arciemowicz ( cXIb8O3 ) Date: 15.3.2005 from SECURITYREASON.COM - --- 0.Description --- PostNuke: The Phoenix Release (0.750) and (0.760RC3) PostNuke is an open sour [ more ] [ reply ] [SECURITYREASON.COM] PostNuke XSS 0.760{RC2,RC3} 2005-05-21 Maksymilian Arciemowicz (max jestsuper pl) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [PostNuke XSS 0.760{RC2,RC3} cXIb8O3.6] Author: Maksymilian Arciemowicz ( cXIb8O3 ) Date: 4.3.2005 from SECURITYREASON.COM - --- 0.Description --- PostNuke: The Phoenix Release (0.750) PostNuke is an open source, open developement content manageme [ more ] [ reply ] [SECURITYREASON.COM] PostNuke SQL Injection 0.750=>x 2005-05-21 Maksymilian Arciemowicz (max jestsuper pl) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [PostNuke SQL Injection 0.750=>x cXIb8O3.5] Author: cXIb8O3 Date: 2.3.2005 from SecurityReason.Com - --- 0.Description --- PostNuke: The Phoenix Release (0.750) PostNuke is an open source, open developement content management system (CMS). PostNuk [ more ] [ reply ] [UPDATE] UNICODE BUFFER OVERFLOW IN MS-WORD 2005-05-21 Bahaa Naamneh (b_naamneh hotmail com) [UPDATE] UNICODE BUFFER OVERFLOW IN MS-WORD ------------------------------------------- This update concerning the bug that I've described here : [ http://www.securityfocus.com/archive/1/398546/2005-05-17/2005-05-23/0 ] this bug affected only winword.exe version 10.2627.6714 and below. servi [ more ] [ reply ] Security contact for Trillian 2005-05-19 Suramya Tomar (security suramya com) Hi Everyone, Does anyone know who's the security contact person for Trillian Pro (www.ceruleanstudios.com)? I tried looking through their website and searched using google but wasn't able to find any contact info to report security problems. Thanks, Suramya -- ------------------------------ [ more ] [ reply ] RE: Security issue in Microsoft Outlook 2005-05-18 Scovetta, Michael V (Michael Scovetta ca com) Sorry to shoot you down, but this isn't a security issue at all. You can do the same thing by typing some text, highlighting it, right-clicking, clicking Hyperlink, and typing an address. On the receiving end, the client will get: <a href="http://www.foo-labs.info">http://www.cybertrion.com</a> wh [ more ] [ reply ] episodex guestbook security bypass & html injection 2005-05-20 farhad koosha (farhadkey yahoo com) Vendor URL : http://www.episodex.de HTML Injection : "Name" & other fields in "default.asp" are not validated. Script code will be executed in the user's browser session, when the entry is viewed. Security Bypass : It is possible to edit settings without authentication by accessing the scripts [ more ] [ reply ] worm "postcard" e-mail issue 2005-05-19 M. Perri (icc-mysql icorp net) Be advised there is a new worm spreading. It says you have received a postcard with a link to click to see the postcard, however, the URL first goes to some dsl customer in canada who has been comprised and some sort of javascript is run on the local machine... nut sure what it does.... Can an [ more ] [ reply ] picasm error handling stack overflow vulnerability 2005-05-20 Shaun Colley (scolleyuk gmail com) picasm error handling stack overflow vulnerability Name: picasm error handling stack overflow Versions Affected: picasm <= 1.12b Severity: Medium/High Impact: Arbitrary code execution Maintainer's Website: <http://www.co.jyu.fi/~trossi> Author: Shaun Colley Vendor Notified: May 7th 2005 Public Disc [ more ] [ reply ] |
|
Privacy Statement |
Javamail Multiple Information Disclosure Vulnerabilities
May 25, 2005 Yangon, Myanmar.
Vulnerable Systems:
* JavaMail API 1.3
* JavaMail API 1.2
* JavaMail API 1.1.3
Tested on Apache Tomcat/5.0.16
Possibly on all versions of Windows
Failed to restrict to accessing other directory and files
[ more ] [ reply ]