|
|
Colapse all |
Post message
Cross Site Scripting in Oracle Webcache 9i Adminstrator Application 2005-04-28 Alexander Kornbrust (ak red-database-security com) File appending vulnerability in Oracle Webcache 9i 2005-04-28 Alexander Kornbrust (ak red-database-security com) Webcache Client Requests Bypass OHS mod_access Restrictions 2005-04-28 Alexander Kornbrust (ak red-database-security com) [Security Bulletin] SSRT5958 rev.0 - HP OpenView Radia Mgmt. Portal (RMP) Radia Mgmt. Agent Remote unauthorized Privileged Access and (DoS) 2005-04-28 Boren, Rich (SSRT) (rich boren hp com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBMA01138 REVISION: 0 SSRT5958 rev.0 - HP OpenView Radia Management Portal (RMP) Radia Management Agent (RMA) Remote Unauthorized Privileged Access and Denial of Service (DoS) NOTICE: There are no restrictions for distribu [ more ] [ reply ] Netflix Site may assist Phishing 2005-04-28 Sara Togian (saratogian gmail com) Hello, Similar to the previously discussed issues with the eBay and Capital One website, Netflix also has a redirect which can assist phishing. https://www.netflix.com/redirect.jsp?target=http://dummy.site.com/ Or, it can be made even more obscure: https://www.netflix.com/redirect.jsp?target=%6 [ more ] [ reply ] OT: Two Factor Authentication on Linux / Mac / Windows 2005-04-28 Mohit Muthanna (mohit muthanna gmail com) Apologies for being off-topic. <shameless plug> Project Page: http://sourceforge.net/projects/teleauth Public Service: http://public.paynacea.com If anyone is interested, I am currently testing my new two-factor authentication system and am offering the service for free. It does not use keys, tag [ more ] [ reply ] phpBB Notes Mod SQL Injection Vulnerability 2005-04-27 GulfTech Security Research (security gulftech org) High risk flaw in HP OpenView Radia Management Agent 2005-04-28 NGSSoftware Insight Security Research (nisr nextgenss com) David Morgan and Dominic Beecher of NGSSoftware Ltd have discovered a high risk vulnerability in HP's OpenView Radia Management Portal (RMP) Radia Management Agent (RMA). The vulnerability permits unauthenticated remote execution of arbitrary commands, generally in the context of a high-privileged a [ more ] [ reply ] [SECURITY] [DSA 718-1] New ethereal packages fix buffer overflow 2005-04-28 joey infodrom org (Martin Schulze) [SECURITY] [DSA 719-1] New prozilla packages fix arbitrary code execution 2005-04-28 joey infodrom org (Martin Schulze) [SECURITY] [DSA 718-2] New ethereal packages fix buffer overflow 2005-04-28 joey infodrom org (Martin Schulze) [ GLSA 200504-28 ] Heimdal: Buffer overflow vulnerabilities 2005-04-28 Sune Kloppenborg Jeppesen (jaervosz gentoo org) RE: Capital One's website inadvertently assists phishing 2005-04-27 Rager, Anton (Anton) (arager avaya com) This an interesting 'fix'. It appears that the redirector domain check logic is in the '200 OK' response from capitalone's server in the form of HTML/Javascript. The client logic checks the redirect location against a list of valid sites or a regex match on "capitalone.com" domain. There are sever [ more ] [ reply ] RE: IE - cross site click detection? 2005-04-27 ViPeR (viper31337 yahoo co in) hi, yes, i had actually, mailed a "corrected" version of my mail to bugtraq, stating that "clicks" are detected only when you clicked on the blank areas of the page.. seems it was never delieverd. your example seems to work fine. rgds, Gregory R. Panakkal http://www.crapware.tk --- James C Slora [ more ] [ reply ] ZRCSA-200501 - Multiple vulnerabilities in Claroline 2005-04-27 Sieg Fried (Siegfried zone-h org) Zone-H Research Center Security Advisory 200501 http://fr.zone-h.org Date of release: 27/04/2005 Software: Claroline (www.claroline.net) Affected versions: 1.5.3 1.6 beta 1.6 Release Candidate 1 (probably previous versions too) Risk: High Discovered by: Kevin Fernandez "Siegfried" Mehdi Ouda [ more ] [ reply ] Buffer overflow in KMiNT21 Software Golden FTP Server Pro v2.52 (10.04.2005) 2005-04-27 Reed Arvin (reedarvin gmail com) Summary: Buffer overflow in KMiNT21 Software Golden FTP Server Pro v2.52 (10.04.2005) (http://www.goldenftpserver.com/) Details: Passing an overly long username parameter to the FTP server causes the EIP register to be overwritten after the USER/PASS login sequence is completed. Once this has been [ more ] [ reply ] [CLA-2005:948] Conectiva Security Announcement - squid 2005-04-27 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : squid SUMMARY : Fixes for multiple squid vuln [ more ] [ reply ] Privilege escalation in BulletProof FTP Server v2.4.0.31 2005-04-27 Reed Arvin (reedarvin gmail com) Summary: Privilege escalation in BulletProof FTP Server v2.4.0.31 (http://www.bpftpserver.com/) Details: When the BPFTPServer service is installed and running as LocalSystem it is possible to manipulate the administrative interface and escalate privileges to that of the LocalSystem account. Vulner [ more ] [ reply ] Privilege escalation in BakBone NetVault 7.1 2005-04-27 Reed Arvin (reedarvin gmail com) Summary: Privilege escalation in BakBone NetVault 7.1 (http://www.bakbone.com/) Details: The nvstatsmngr.exe process, which is a hidden command prompt window that is permitted to interact with the Desktop, can be manipulated by any local user to escalate privileges to that of the LocalSystem accoun [ more ] [ reply ] iDEFENSE Labs Releases dltrace 2005-04-27 iDEFENSE Labs (labs-no-reply idefense com) iDEFENSE Labs is pleased to announce the release of dltrace, a portable dynamic library call tracer. dltrace attempts to remain portable to all x86 platforms which support the execution of ELF binaries and expose a debugging interface via procfs or the ptrace() system call. The shared library call t [ more ] [ reply ] [CLA-2005:949] Conectiva Security Announcement - gaim 2005-04-27 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : gaim SUMMARY : Fixes for gaim's vulnerabiliti [ more ] [ reply ] |
|
Privacy Statement |
Serverity: HIGH
I found a bug when lam-runtime-7.0.6-2mdk is installed it creates a new user/group with insecure permissions.
BUG:
user "mpi" is created without a password which can be used to compromise a system.
# rpm -qf /var/lib/mpi/test_mpi.lam
lam-runtime-7.0.6-2mdk
FIX:
Either lock the
[ more ] [ reply ]