BugTraq Mode:
(Page 1388 of 1748)  < Prev  1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393  Next >
7a69Adv#19 - ZipGenius unpack path disclosure 2005-02-02
Albert Puigsech Galicia (ripe 7a69ezine org)
- ------------------------------------------------------------------
       7a69ezine Advisories                      7a69Adv#19
- ------------------------------------------------------------------
  http://www.7a69ezine.org                            [02/02/2005]
- ---------------------------------

[ more ]  [ reply ]
Limited buffer-overflow in Painkiller 1.35 2005-02-02
Luigi Auriemma (aluigi autistici org)

#######################################################################

Luigi Auriemma

Application: Painkiller
http://www.painkillergame.com
Versions: <= 1.35
Platforms: Windows
Bug: limited buffer-overflow
Exploitation: remote, versus s

[ more ]  [ reply ]
MDKSA-2005:027 - Updated chbg packages fix vulnerability 2005-02-02
Mandrakelinux Security Team (security linux-mandrake com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: chbg
Advisory ID:

[ more ]  [ reply ]
SQL injection in EveryDNS.net Service 2005-02-02
Calum Power (enune fribble net)
The following advisory is also mirrored at
http://www.fribble.net/security.php

--------------- 02/02/2005 ---------------
-- Fribble.net Security Announcement --
------------------------------------------
Security Advisory: SQL injection and path disclosure in EveryDNS.net service

Discovered by

[ more ]  [ reply ]
[SIG^2 G-TEC] DeskNow Mail and Collaboration Server Directory Traversal Vulnerabilities 2005-02-02
chewkeong security org sg


SIG^2 Vulnerability Research Advisory

DeskNow Mail and Collaboration Server Directory Traversal Vulnerabilities

by Tan Chew Keong
Release Date: 02 Feb 2005

ADVISORY URL
http://www.security.org.sg/vuln/desknow2512.html

SUMMARY

DeskNow Mail and Collaboration Server (http://www.desknow.com/des

[ more ]  [ reply ]
MDKSA-2005:028 - Updated ncpfs packages fix vulnerabilities 2005-02-02
Mandrakelinux Security Team (security linux-mandrake com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: ncpfs
Advisory ID:

[ more ]  [ reply ]
MDKSA-2005:026 - Updated imap packages fix authentication vulnerability 2005-02-02
Mandrakelinux Security Team (security linux-mandrake com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: imap
Advisory ID:

[ more ]  [ reply ]
[SECURITY] [DSA 664-1] New cpio packages fix insecure file permissions 2005-02-02
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 664-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
February 2nd, 2005

[ more ]  [ reply ]
Re:WinAmp POC: How to get 900+ shellcodespace!? 2005-02-02
lists bluemail ch
Hello bugtraq!
I tried to add a valid(not overlong) cda:// string before the overflowing
one
i.e
cda://test.cda
cda://AAAAAAAAAAAAAAAAAAAA][many A's]
The result is the following in the stack:
AAAAAAAAAAAAAAAAAAAAAAAAAAAA[214 A's]\00AAAAAAAAAAAAAAAAA[over 700A's]
There is a large part missing from t

[ more ]  [ reply ]
[ GLSA 200502-01 ] FireHOL: Insecure temporary file creation 2005-02-01
Matthias Geerdsen (vorlon gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200502-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
[SECURITY] [DSA 662-1] New squirrelmail package fixes several vulnerabilities 2005-02-01
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 662-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
February 1st, 2005

[ more ]  [ reply ]
[SECURITY] [DSA 663-1] New prozilla packages fix arbitrary code execution 2005-02-01
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 663-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
February 1st, 2005

[ more ]  [ reply ]
[USN-71-1] PostgreSQL vulnerability 2005-02-01
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-71-1 February 01, 2005
postgresql vulnerability
http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php
===========================================================

A security issue affects the following

[ more ]  [ reply ]
[ Security Bulletin] SSRT5900 rev.0 HP-UX TGA daemon remote Denial of Service (DoS) 2005-02-01
Boren, Rich (SSRT) (rich boren hp com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

HP SECURITY BULLETIN

HPSBUX01111 REVISION: 0

SSRT5900 rev.0 HP-UX TGA daemon remote Denial of Service (DoS)

NOTICE:
There are no restrictions for distribution of this Security
Bulletin provided that it remains complete and intact.

The informati

[ more ]  [ reply ]
SAME LADY, DIFFERENT HAT: REELY 2005-02-01
http-equiv (at) excite (dot) com [email concealed] (1 malware com)


Remote read / write / delete oozing the Internet Explorer object, which no
one seems to have bothered to care about in 5 years. Same repitious jonk,
if you haven't learnt by now, don't cry tomorrow. We can't all go around
with a poop scoop picking up your pathetic droppings !

http://www.malwar

[ more ]  [ reply ]
MDKSA-2005:025 - Updated clamav packages fix vulnerability 2005-01-31
Mandrakelinux Security Team (security linux-mandrake com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: clamav
Advisory ID:

[ more ]  [ reply ]
New Whitepaper available on security best practices 2005-01-31
Gunter Ollmann (gunter ngssoftware com)
Hello List,

Driven by multiple requests to provide some kind of guidance on what
constitutes "best security practice", I've created a whitepaper focusing
on host naming and URL conventions. I've found that by following these
simple principles the avenue for attack on many Internet-based
applic

[ more ]  [ reply ]
Zyxel / Netgear and probably other routers leaking information. 2005-01-31
Jens Kalvik (jens kalvik conect se)


Hi!

I have discovered a serious problem with the following routers:
Zyxel P310, P314, P324 and Netgaear RT311, RT314 all with the latest firmware available as of 2005-01-20. I think that the problem is present in all routers using Zynos, but I am not sure.

Let say you have a Computer with IP: 19

[ more ]  [ reply ]
[PersianHacker.net] Full Path Disclosure and PHP Injection In Pafiledb 3.1 Final 2005-01-31
Pedram hayati (pi3ch yahoo com)


In the name of GOD

[Persianhacker.net] Full Path Disclosure and PHP Injection In Pafiledb 3.1 Final

PafileDB
paFileDB is designed to allow webmasters have a database of files for download on their site. To add a download, all you do is upload the file using FTP or whatever method you use, log i

[ more ]  [ reply ]
Re: Winamp Exploit (POC) 5.08 Stack Overflow 2005-01-31
Black Dot (blackd0t mail ru)
In-Reply-To: <20050128190411.10755.qmail (at) mail2.securityfocus (dot) com [email concealed]>

Hello!

I have analyzed the vulnerability myself and the information you've given is correct. There are two things though that need mentioning.

1. You have given an address where 'jmp esp' command resides. I don't know why, yet, but

[ more ]  [ reply ]
[ GLSA 200501-46 ] ClamAV: Multiple issues 2005-01-31
Sune Kloppenborg Jeppesen (jaervosz gentoo org) (1 replies)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-46
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues 2005-02-01
Trog (trog uncon org) (1 replies)
Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues 2005-02-01
Dack (dackbug ereomega net) (2 replies)
Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues 2005-02-02
Darren Bounds (lists intrusense com)
Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues 2005-02-01
Trog (trog uncon org)
[ GLSA 200501-45 ] Gallery: Cross-site scripting vulnerability 2005-01-30
Luke Macken (lewk gentoo org) (1 replies)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-45
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
Re: [ GLSA 200501-45 ] Gallery: Cross-site scripting vulnerability 2005-01-31
Paul Laudanski (zx castlecops com)
Broadcast crash in Xpand Rally 1.0.0.0 2005-01-30
Luigi Auriemma (aluigi autistici org)

#######################################################################

Luigi Auriemma

Application: Xpand Rally
http://www.xpandrally.com
Versions: 1.0.0.0
Platforms: Windows
Bug: reading and writing on unallocated memory (crash)
Exploit

[ more ]  [ reply ]
(Page 1388 of 1748)  < Prev  1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus