|
|
Colapse all |
Post message
Python Security Advisory PSF-2005-001 - SimpleXMLRPCServer.py 2005-02-03 Guido van Rossum (gvanrossum gmail com) http://www.python.org/security/PSF-2005-001/ --------------------------------------------------------------------- Python Security Advisory Advisory ID: PSF-2005-001 Issue Date: February 3, 2005 Product: Python Versions: 2.2 all versions, 2.3 prior to 2.3.5, 2.4 CVE Names: CAN-2005- [ more ] [ reply ] ngIRCd <= v0.8.2 Format String Vulnerability 2005-02-03 CoKi (coki nosystem com ar) ------------------------------------------------- No System Group - Advisory #11 - 03/02/05 ------------------------------------------------- Program: ngIRCd Homepage: http://arthur.ath.cx/~alex/ngircd/ Operating System: Linux and Unix-Compatible Vulnerable Versions: ngIRCd v0.8.2 and prior Risk: [ more ] [ reply ] New presentation: Advanced SQL Injection in Oracle databases 2005-02-03 Esteban Martínez Fayó (secemf yahoo com ar) Hi, this is to announce the release of a presentation called "Advanced SQL Injection in Oracle databases". This presentation shows, with many examples, how the SQL Injection vulnerabilities in applications that use Oracle databases can be exploited and how to prevent this. The topics also include b [ more ] [ reply ] MDKSA-2005:029 - Updated vim packages fix vulnerabilities 2005-02-03 Mandrakelinux Security Team (security linux-mandrake com) [ GLSA 200502-04 ] Squid: Multiple vulnerabilities 2005-02-02 Sune Kloppenborg Jeppesen (jaervosz gentoo org) SV: Zyxel / Netgear and probably other routers leaking information. 2005-02-01 Jens Kalvik (Jens Kalvik conect se) Hi! I was a bit quick on this, it seems as Zyxels routers latest firmware solves the problem. We made an upgrade from an older firmware to the latest, but forgot to empty the arp cache on the computer, so it looked as the problem was still there. But the problem with Netgear RT311 and RT314 is stil [ more ] [ reply ] Google getting smarter ?!?! 2005-02-02 John Madden (chiwawa999 yahoo com) (1 replies) Hi, I noticed today that a simple search in Google using inurl causes Google to display this message when you try to access the second page: =================================================== We're sorry... ... but we can't process your request right now. A computer virus or spyware application [ more ] [ reply ] Windows Security Checklists - 10 Parts 2005-02-01 Paul Laudanski (zx castlecops com) Greetings, We have seen a great interest in Windows Security articles on our front page news. Written by Larry Stevenson, aka Prince_Serendip, they are as follows: Part 1: Firewalls and Antivirus Applications http://castlecops.com/article-5541-nested-0-0.html Part 2: To Do and Do Not http: [ more ] [ reply ] Gallery is still vulnerable to Cross-site Scripting attacks 2005-02-02 Jon Keating (jon licq org) Hello, After testing out the updates to CVS for Gallery, I realized it is still vulnerable to the cross-site scripting attacks that was mentioned in the first advisory. The following code was committed to CVS: /* * Test for relative URL, which we know to be local. If URL contains :// * assume [ more ] [ reply ] Portcullis Advisory 05-009 Update, Webseries Payment Application 2005-02-02 Paul J Docherty (PJD portcullis-security com) Portcullis Security Advisory AREAS UPDATED: VENDOR RESPONSE. VENDOR RESPONSE: The product vendor, Bottomline Technologies has provided Portcullis with the following response to the security advisory. It should be noted that the resolution of this issue has not been verified by Portcullis: Bottom [ more ] [ reply ] Portcullis Advisory 05-008 Update, Webseries Payment Application 2005-02-02 Paul J Docherty (PJD portcullis-security com) Portcullis Security Advisory AREAS UPDATED: VENDOR RESPONSE. VENDOR RESPONSE: The product vendor, Bottomline Technologies has provided Portcullis with the following response to the security advisory. It should be noted that the resolution of this issue has not been verified by Portcullis: Bottom [ more ] [ reply ] Portcullis Advisory 05-007 Update, Webseries Payment Application 2005-02-02 Paul J Docherty (PJD portcullis-security com) Portcullis Security Advisory AREAS UPDATED: VENDOR RESPONSE. VENDOR RESPONSE: The product vendor, Bottomline Technologies has provided Portcullis with the following response to the security advisory. It should be noted that the resolution of this issue has not been verified by Portcullis: Bottom [ more ] [ reply ] Portcullis Advisory 05-006 Update, Webseries Payment Application 2005-02-02 Paul J Docherty (PJD portcullis-security com) Portcullis Security Advisory AREAS UPDATED: VENDOR RESPONSE. VENDOR RESPONSE: The product vendor, Bottomline Technologies has provided Portcullis with the following response to the security advisory. It should be noted that the resolution of this issue has not been verified by Portcullis: Bottom [ more ] [ reply ] Portcullis Advisory 05-001 Update, Webseries Payment Application 2005-02-02 Paul J Docherty (PJD portcullis-security com) Portcullis Security Advisory AREAS UPDATED: VENDOR RESPONSE - IMPACT. VENDOR RESPONSE: The product vendor, Bottomline Technologies has provided Portcullis with the following response to the security advisory. It should be noted that the resolution of this issue has not been verified by Portcullis [ more ] [ reply ] Portcullis Advisory 05-005 Update, Webseries Payment Application 2005-02-02 Paul J Docherty (PJD portcullis-security com) Portcullis Security Advisory AREAS UPDATED: VENDOR RESPONSE. VENDOR RESPONSE: The product vendor, Bottomline Technologies has provided Portcullis with the following response to the security advisory. It should be noted that the resolution of this issue has not been verified by Portcullis: Bottom [ more ] [ reply ] [FLSA-2005:2187] Updated freeradius packages fix security flaws 2005-02-02 Marc Deslauriers (marcdeslauriers videotron ca) 7a69Adv#21 - WinRAR unpack one-folder path disclosure 2005-02-02 Albert Puigsech Galicia (ripe 7a69ezine org) 7a69Adv#20 - ZipGenius unpack one-folder path disclosure 2005-02-02 Albert Puigsech Galicia (ripe 7a69ezine org) [ GLSA 200502-02 ] UW IMAP: CRAM-MD5 authentication bypass 2005-02-02 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [FLSA-2005:2272] Updated unarj package fixes security issue 2005-02-02 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2005:2255] Updated zip package fixes security issue 2005-02-02 Marc Deslauriers (marcdeslauriers videotron ca) [USN-72-1] Perl vulnerabilities 2005-02-02 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-72-1 February 02, 2005 perl vulnerabilities CAN-2005-0155, CAN-2005-0156 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty [ more ] [ reply ] |
|
Privacy Statement |
Donato Ferrante
Application: LANChat Pro Revival
http://lanchat.republika.pl/
Version: 1.666c
Bug: Denial Of Service
Date: 03-Feb-2005
Author: Donato Ferrante
e-mail: fdonato (at) autistici (dot) org [email concealed]
web:
[ more ] [ reply ]