|
|
Colapse all |
Post message
RE: BrightStor ARCserve Backup buffer overflow PoC (fix available) 2005-02-17 Williams, James K (James Williams ca com) Dangers of discarding duplicated messages 2005-02-17 Adrian Bunk (bunk stusta de) Some people use programs as part of their email delivery that automatically discard duplicate messages (e.g. sent to two mailing lists the receiver is both subscribed to) based on their Message-ID. Currently, someone on linux-kernel automatically sends an email to everyone who sent an email to l [ more ] [ reply ] NetSec Security Advisory: Multiple Vulnerabilities Resulting From Use Of Apple OSX HFS+ 2005-02-16 TAC (tac netsec net) ------------------------ NetSec Security Advisory ------------------------ VULNERABILITY DETAILS Name: Multiple Vulnerabilities Resulting From Use Of Apple OSX HFS+ Impact: HIGH Platform: Apple OS X (Darwin) <= 10.2 Method: Possible unauthorized access to file system data Identifier: 0701 [ more ] [ reply ] [PersianHacker.NET 200505-06] paNews v2.0b4 XSS Vulnerability 2005-02-16 PersianHacker Team (pi3ch yahoo com) [PersianHacker.NET 200505-06] paNews v2.0b4 XSS Vulnerability Date: 2005 February Bug Number: 06 paNews is a news management script to use on your site. Users can use paCode, special code designed to allow the adding of images and font changes in the posts without allowing users to use HTML to po [ more ] [ reply ] RE: Microsoft Baseline Security Analyzer not seeing KB887742 and KB88 6185 Correction 2005-02-16 Threlkeld, Richard (richardt qualcomm com) From http://www.microsoft.com/technet/security/bulletin/ms05-009.mspx under the FAQ section: "Can I use the Microsoft Baseline Security Analyzer (MBSA) to determine if this update is required? MBSA will determine if this update is required for Windows Media Player. MBSA will not determine if this u [ more ] [ reply ] Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. 2005-02-16 lyal.collins (lyal collins key2it com au) One difference occurs to me immediately. In the CC scheme, every legitmate participant (issuing, acquiring, cardholder, merchant et al) have knowingly agreed to a contract under a common structure. In CA/PKI land, you may be legally and contractually obligated and have certain rights defined (or r [ more ] [ reply ] [Security Bulletin] SSRT5893 rev.0 - HP Web-enabled Management Software Remote Buffer Overflow 2005-02-16 Boren, Rich (SSRT) (rich boren hp com) Update Your Bookmarks 2005-02-16 Amit Klein (AKsecurity) (aksecurity hotpop com) Hi I noticed that very recently, the whitepapers section of www.sanctuminc.com was removed (possibly as part of phasing out the www.sanctuminc.com website). So here are few links to mirrored resources (there are many more mirrors; those listed below seem most stable): *** long links may be wor [ more ] [ reply ] Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. 2005-02-14 Bill Brown (bbrown ists dartmouth edu) [USN-83-1] LessTif 2 vulnerabilities 2005-02-16 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-83-1 February 16, 2005 lesstif1-1 vulnerabilities CAN-2004-0914 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) [ more ] [ reply ] SHA-1 broken 2005-02-16 Gadi Evron (gadi tehila gov il) (2 replies) [SECURITY] [DSA 684-1] New typespeed packages fix arbitrary group games code execution 2005-02-16 joey infodrom org (Martin Schulze) [ GLSA 200502-20 ] Emacs, XEmacs: Format string vulnerabilities in movemail 2005-02-15 Thierry Carrez (koon gentoo org) [USN-82-1] Linux kernel vulnerabilities 2005-02-15 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-82-1 February 15, 2005 linux-source-2.6.8.1 vulnerabilities CAN-2005-0176, CAN-2005-0177, CAN-2005-0178 http://oss.sgi.com/archives/netdev/2005-01/msg01036.html ================================================= [ more ] [ reply ] RE: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. 2005-02-16 David Schwartz (davids webmaster com) (2 replies) > My proposition is that the argument that they (and their associated webs > of trust) are inherently trustworthy because of external pressures is a > flawed assumption because they do not have the proposed level of > pressure applied to them since most of the people affected by their web > of trus [ more ] [ reply ] RE: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. 2005-02-17 Nick FitzGerald (nick virus-l demon co uk) Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. 2005-02-16 bkfsec (bkfsec sdf lonestar org) (1 replies) RE: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. 2005-02-17 David Schwartz (davids webmaster com) |
|
Privacy Statement |
> Subject: BrightStor ARCserve Backup buffer overflow PoC
> From: <cybertronic () gmx ! net>
> Date: 2005-02-11 18:19:23
> Message-ID: <20050211181923.27031.qmail () www ! securityfocus ! com>
>
> //cybertronic (at) gmx (dot) net [email concealed]
>
> #include <stdio.h>
> [...snip...]
FYI - we have posted a f
[ more ] [ reply ]