|
|
Colapse all |
Post message
[ GLSA 200504-21 ] RealPlayer, Helix Player: Buffer overflow vulnerability 2005-04-22 Thierry Carrez (koon gentoo org) [PLSN-0003] - Remote exploits in MPlayer 2005-04-21 Peachtree Linux Security Team (security peachtree burdell org) ------------------------------------------------------------------------ --- Peachtree Linux Security Notice PLSN-0003 April 20, 2005 Remote buffer overflow and possible code execution in mplayer http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 http://www.mplayerhq.hu/homepage/design7/news. [ more ] [ reply ] RE: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords 2005-04-21 Mark Senior (Mark Senior gov ab ca) It also slows down cracking numerous passwords in parallel using a dictionary/heuristic approach a la john the ripper - without a salt, you can calculate the hash of each password guess once, and then scan through an entire shadow file for the hash. With salts, you have to hash each guess once per [ more ] [ reply ] Multiple vulnerabilities in Argosoft Mail Server 1.8.7.6 2005-04-22 ShineShadow (ss_contacts hotmail com) ShineShadow Security Report 22042005-04 TITLE: Multiple vulnerabilities in Argosoft Mail Server Pro 1.8.7.6. BACKGROUND ArGoSoft Mail Server is fully functional SMTP/POP3/Finger (Pro version also has IMAP module) server for Windows 95/98/NT/2000, which will let you turn your computer into the [ more ] [ reply ] [PLSN-0001] - Multiple vulnerabilities in Gaim 2005-04-21 Peachtree Linux Security Team (security peachtree burdell org) ------------------------------------------------------------------------ --- Peachtree Linux Security Notice PLSN-0001 April 19, 2005 Remote code execution and remote DoS vulnerability in PHP CAN-2005-0524, CAN-2005-0525, CAN-2005-1042, CAN-2005-1043 ------------------------------------------------- [ more ] [ reply ] [PLSN-0002] - Multiple vulnerabilities in Gaim 2005-04-21 Peachtree Linux Security Team (security peachtree burdell org) ------------------------------------------------------------------------ --- Peachtree Linux Security Notice PLSN-0002 April 20, 2005 Multiple remote vulnerabilities in Gaim CAN-2005-0965, CAN-2005-0966, CAN-2005-0967, CAN-2005-0208, CAN-2005-0473, CAN-2005-0472 ------------------------------------- [ more ] [ reply ] Multiple Sql injection and XSS in Asp Nuke 0.80 (Working exploits included) 2005-04-22 dcrab (dcrab hackerscenter com) Severity: High Title: Multiple Sql injection and XSS in Asp Nuke 0.80 (Working exploits included) Date: 22/04/2005 Vendor: Asp Nuke Vendor Website: http://www.aspnuke.com/ Summary: There are, multiple sql injection and xss in asp nuke 0.80. Proof of Concept Exploits: http://localhost/module/ [ more ] [ reply ] [PLSN-0003] - Remote exploits in mplayer 2005-04-22 Peachtree Linux Security Team (security peachtree burdell org) ------------------------------------------------------------------------ --- Peachtree Linux Security Notice PLSN-0003 April 20, 2005 Remote buffer overflow and possible code execution in mplayer http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 http://www.mplayerhq.hu/homepage/design7/news. [ more ] [ reply ] UPDATE: [ GLSA 200410-10 ] gettext: Insecure temporary file handling 2005-04-22 Sune Kloppenborg Jeppesen (jaervosz gentoo org) UPDATE: [ GLSA 200504-16 ] CVS: Multiple vulnerabilities 2005-04-22 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [ GLSA 200504-20 ] openMosixview: Insecure temporary file creation 2005-04-21 Thierry Carrez (koon gentoo org) Canonicalization and directory traversal in iSeries FTP security products 2005-04-20 Shalom Carmel (shalom venera com) Canonicalization problems in iSeries FTP security products Overview ------------ The IBM iSeries (AS/400) server provides a unified access scheme, called IFS, to all of the files and to all of the database tables in all of the database libraries. Because the built-in FTP server provides full acces [ more ] [ reply ] MDKSA-2005:077 - Updated cdrecord packages fix vulnerability 2005-04-21 Mandriva Security Team (security mandriva com) APG Classmaster Workstation Windows SMB share access vulnerability 2005-04-21 Alex Garrett (alex exploitthissite org) Greetings, This vulnerability affects (I believe) all APG Classmaster Workstation versions. It remains a problem as an attacker can access shares with full permissions over a LAN. An attackers needs to issue a simple command in an MSDOS prompt (using the net windows application), mapping an acco [ more ] [ reply ] [PLSN-0001] - Multiple PHP vulnerabilities 2005-04-21 Peachtree Linux Security Team (security peachtree burdell org) ------------------------------------------------------------------------ --- Peachtree Linux Security Notice PLSN-0001 April 19, 2005 Remote code execution and remote DoS vulnerability in PHP CAN-2005-0524, CAN-2005-0525, CAN-2005-1042, CAN-2005-1043 ------------------------------------------------- [ more ] [ reply ] Re: Microsoft Windows image rendering DoS vuln 2005-04-21 patrick (mccpat gmail com) (1 replies) Ok everyone, someone sent me a copy of the site which was the link that was originally sent with the vulnerability. Looking closer, it seems that it may not be that the extremely large height and width properties of the image in a site is what is causing the crash. However, I have not had time to te [ more ] [ reply ] xine security announcement: multiple heap overflows in MMS and Real RTSP streaming clients 2005-04-21 Michael Roitzsch (mroi users sourceforge net) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 xine security announcement ========================== Announcement-ID: XSA-2004-8 Summary: By a user receiving data from a malicious network streaming server, an attacker can overrun a heap buffer, which can, on some systems, lead to or help in execut [ more ] [ reply ] |
|
Privacy Statement |
Gentoo Linux Security Advisory GLSA 200504-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
[ more ] [ reply ]