|
|
Colapse all |
Post message
[FLSA-2005:1945] Updated sox packages fix buffer overflows 2005-02-20 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2005:2058] Updated cdrtools packages fix a security issue 2005-02-20 Marc Deslauriers (marcdeslauriers videotron ca) Windows Firewall Has A Backdoor 2005-02-19 Jay Calvert (jcalvert habaneronetworks com) By adding a new key to the registry in HKEY_LOCAL_MACHINE/SYSTEM/Services/SharedAccess/Parameters/FirewallPolic y/StandardProfile/AuthorizedApplications/List you can circumvent the whole purpose of the firewall with out the users interaction or knowledge. Spyware / Adware manufacturer's are alread [ more ] [ reply ] ADP Elite System Max 9000 Series Login Vulnerability 2005-02-19 rootfiend safe-mail net Adp Elite system is an invoice/purchase order suite very common in car dealerships. It's a telnet based system. When a user logs in via telnet, adp dumps the user into the program where the user can check on a vehicle's status, generate PO's and RO's, etc.... The program is rather large and runs o [ more ] [ reply ] Gigafast/CompUSA router (model EE400-R) vulnerabilities 2005-02-20 Gary H. Jones II (gary pointblanksecurity com) This router is/was widely sold in CompUSA stores. It is a Gigafast router, re-branded as a CompUSA router. All firmware versions are affected. When reported to the manufacturer on 5/13/04, I had received a response stating that the information would be passed on to firmware developer. Almost a year [ more ] [ reply ] Re: SHA-1 broken 2005-02-20 Michael Silk (michaelsilk gmail com) (1 replies) Inline. > -----Original Message----- > From: exon [mailto:exon (at) home (dot) se [email concealed]] > Sent: Saturday, 19 February 2005 8:58 PM > To: bugtraq (at) securityfocus (dot) com [email concealed] > Subject: Re: SHA-1 broken > > Michael Silk wrote: > > Michael, > > > > But wouldn't it render a login-based hashing system > resistant to the > [ more ] [ reply ] [USN-84-1] Squid vulnerabilities 2005-02-21 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-84-1 February 21, 2005 squid vulnerabilities CAN-2005-0194, CAN-2005-0446 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty [ more ] [ reply ] Arkeia Network Backup Client Remote Access 2005-02-20 H D Moore (sflist digitaloffense net) Anyone able to connect to TCP port 617 can gain read/write access to the filesystem of any host running the Arkeia agent software. This appears to be an intentional design decision on the part of the Arkeia developers. A long-winded description of this issue, complete with screen shots, demonstr [ more ] [ reply ] [SECURITY] [DSA 674-3] New mailman packages really fix several vulnerabilities 2005-02-21 joey infodrom org (Martin Schulze) Re: [Full-Disclosure] Thomson TCW690 Denial Of Service Vulnerability 2005-02-19 Andres Tarasco (atarasco gmail com) Seems to be the same vulnerability published time ago http://www.securityfocus.com/bid/9091 On Sat, 19 Feb 2005 10:43:44 +0100, MurDoK <murdok.lnx (at) gmail (dot) com [email concealed]> wrote: > I found a vulnerability in this cablemodem which a malicious user inside *LAN > can reset it easily. > This cablemodem model is gi [ more ] [ reply ] Re: SHA-1 broken 2005-02-19 securityfocus microtechnical co uk (1 replies) In-Reply-To: <011401c51541$fdafedb0$0400a8c0@p14n> I think Thomas has a good point here. We must separate the academic mathematical arguement about collisions from it's application in the real world. It may be that there are collisions in both MD5 and SHA-1 but have they any actual bearing on the u [ more ] [ reply ] |
|
Privacy Statement |
Fedora Legacy Update Advisory
Synopsis: Updated sox packages fix buffer overflows
Advisory ID: FLSA:1945
Issue date: 2005-02-20
Product: Red Hat Linux
Keywords: Bugfix
Cros
[ more ] [ reply ]