|
|
Colapse all |
Post message
HACKING WITH JAVASCRIPT 2005-02-09 hictor ertd (hict0r hotmail com) HACKING WITH JAVASCRIPT hictor This tutorial is an overview of how javascript can be used to bypass simple/advanced html forms and how it can be used to override cookie/session authentication. SIMPLE HTML FORMS 1. Bypassing Required Fields Surely you have met a webpage that requires you to fi [ more ] [ reply ] RE: MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit 2005-02-10 Thor Larholm (thor pivx com) > From: Andrew Hunter [mailto:andiroohunter (at) msn (dot) com [email concealed]] > Unfortunatly MSN would let me load the .png as my display picture? I am using > MSN 7 so that is probbobly why, i will down grade to MSN 6 and try again. MSN 7 is not affected as the vulnerability was reported to Microsoft before it's beta re [ more ] [ reply ] [USN-79-1] PostgreSQL vulnerabilities 2005-02-10 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-79-1 February 10, 2005 postgresql vulnerabilities CAN-2005-0244 CAN-2005-0245 CAN-2005-0246 CAN-2005-0247 =========================================================== A security issue affects the following Ubun [ more ] [ reply ] UPDATE: [ GLSA 200501-45 ] Gallery: Cross-site scripting vulnerability 2005-02-10 Luke Macken (lewk gentoo org) [FLSA-2005:1906] Updated abiword packages fix security issue 2005-02-10 Dominic Hargreaves (dom earth li) [FLSA-2005:1943] Updated libpng resolves security vulnerabilities 2005-02-10 Dominic Hargreaves (dom earth li) [USN-78-1] Mailman vulnerability 2005-02-09 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-78-1 February 09, 2005 mailman vulnerabilities CAN-2005-0202 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Th [ more ] [ reply ] [SECURITY] [DSA 675-1] New hztty packages fix local utmp exploit 2005-02-10 joey infodrom org (Martin Schulze) [ GLSA 200502-11 ] Mailman: Directory traversal vulnerability 2005-02-10 Sune Kloppenborg Jeppesen (jaervosz gentoo org) Barracuda Spam Firewall <= 3.1.10 acts as open relay for whitelisted senders. 2005-02-10 Sean Sosik-Hamor (ssh mac com) Description (www.barracudanetworks.com): The Barracuda Spam Firewall is an integrated hardware and software solution for complete protection of your e-mail server. It provides a powerful, easy to use, and affordable solution to eliminate spam and viruses from your organization. Synopsis: Under n [ more ] [ reply ] [SECURITY] [DSA 673-1] New evolution packages fix arbitrary code execution as root 2005-02-10 joey infodrom org (Martin Schulze) iDEFENSE Security Advisory 02.10.05: IBM AIX ipl_varyon Local Buffer Overflow Vulnerability 2005-02-10 iDefense Customer Service (customerservice idefense com) (1 replies) IBM AIX ipl_varyon Local Buffer Overflow Vulnerability iDEFENSE Security Advisory 02.10.05 www.idefense.com/application/poi/display?id=196&type=vulnerabilities February 10, 2005 I. BACKGROUND The ipl_varyon program is a setuid root application, installed by default under multiple versions of IB [ more ] [ reply ] Re:iDEFENSE Security Advisory 02.10.05: IBM AIX ipl_varyon Local Buffer Overflow Vulnerability 2005-02-10 Shiva Persaud (shivapd us ibm com) iDEFENSE Security Advisory 02.10.05: IBM AIX netpmon Local Buffer Overflow Vulnerability 2005-02-10 iDefense Customer Service (customerservice idefense com) (1 replies) IBM AIX netpmon Local Buffer Overflow Vulnerability iDEFENSE Security Advisory 02.10.05 www.idefense.com/application/poi/display?id=197&type=vulnerabilities February 10, 2005 I. BACKGROUND The netpmon program is a setuid root application, installed by default under multiple versions of IBM AIX, [ more ] [ reply ] Re: iDEFENSE Security Advisory 02.10.05: IBM AIX netpmon Local Buffer Overflow Vulnerability 2005-02-10 Shiva Persaud (shivapd us ibm com) [SECURITY] [DSA 674-1] New mailman packages fix several vulnerabilities 2005-02-10 joey infodrom org (Martin Schulze) iDEFENSE Security Advisory 02.10.05: IBM AIX lspath Local File Access Vulnerability 2005-02-10 iDefense Customer Service (customerservice idefense com) (1 replies) IBM AIX lspath Local File Access Vulnerability iDEFENSE Security Advisory 02.10.05 www.idefense.com/application/poi/display?id=195&type=vulnerabilities February 10, 2005 I. BACKGROUND The lspath program is a setuid root application, installed by default under newer versions of IBM AIX. It is use [ more ] [ reply ] Re: iDEFENSE Security Advisory 02.10.05: IBM AIX lspath Local File Access Vulnerability 2005-02-10 Shiva Persaud (shivapd us ibm com) [Security Bulletin] SSRT4861 rev.0 - HP-UX BIND9.2.0 remote Denial of Service (DoS) 2005-02-10 Boren, Rich (SSRT) (rich boren hp com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBUX01117 REVISION: 0 SSRT4861 rev.0 - HP-UX BIND 9.2.0 remote Denial of Service (DoS) NOTICE: There are no restrictions for distribution of this Security Bulletin provided that it remains complete and intact. The informa [ more ] [ reply ] yet another DSL modem backdoor - Mentor (Conexant) 2005-02-09 Adam Laurie (adam laurie thebunker net) (1 replies) Amazingly, despite numerous reports of backdoors in these Conexant DSL routers, they are *still* being shipped with the port 254 backdoor menu enabled... I've just switched ADSL provider, and the new modem they sent me was a "Mentor MR4C/UK". It appears to be another conexant clone, and if you [ more ] [ reply ] Re: yet another DSL modem backdoor - Mentor (Conexant) 2005-02-10 Philip Barnham (admin darktech org uk) |
|
Privacy Statement |
products:
http://securityresponse.symantec.com/avcenter/security/Content/2005.02.0
8.html
The details are somewhat lacking on what specifically needs to be
updated. We are running several NAV servers from 7.5 to 8.1 and I can't
t
[ more ] [ reply ]