SecurityFocus

drone armies C&C report - Jan/2005 2005-01-30
Gadi Evron (gadi tehila gov il)

Below is a periodic public report from the drone armies / botnets
research and mitigation mailing list.
For this report it should be noted that we base our analysis on the data
we have accumulated from various sources.

According to our incomplete analysis of information we have thus far, we
now pub

[ more ] [ reply ]

[ GLSA 200501-41 ] TikiWiki: Arbitrary command execution 2005-01-30
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-41
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

WASC-Articles: "The 80/20 Rule for Web Application Security" 2005-01-31
robert webappsec org

The Web Application Security Consortium is proud to present our first 'Guest Article'
written by Jeremiah Grossman, CTO of WhiteHat Security. The article is entitled
"The 80/20 Rule for Web Application Security: Increase your security without
touching the source code" . In this article Jeremiah d

[ more ] [ reply ]

[ GLSA 200501-44 ] ncpfs: Multiple vulnerabilities 2005-01-30
Thierry Carrez (koon gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-44
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

Security Bulletin - SSRT4875 rev.1 - HP Tru64 UNIX Java (TM) Technology Software Denial of Service (DoS) 2005-01-31
Boren, Rich (SSRT) (rich boren hp com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

HP SECURITY BULLETIN

HPSBTU01112 REVISION: 1

SSRT4875 rev.1 - HP Tru64 UNIX: Java (TM) Technology Software
Denial of Service (DoS)

NOTICE:
There are no restrictions for distribution of this Security
Bulletin provided that it rema

[ more ] [ reply ]

[ GLSA 200501-43 ] f2c: Insecure temporary file creation 2005-01-30
Thierry Carrez (koon gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-43
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[ GLSA 200501-42 ] VDR: Arbitrary file overwriting issue 2005-01-30
Thierry Carrez (koon gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-42
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

XSS in Infinite Mobile Delivery v2.6 Webmail 2005-01-29
steven lovebug org

Vendor: Captaris, Inc.
Date: January 29, 2005
Issue: XSS in Infinite Mobile Delivery v2.6 Webmail
URL: http://www.capataris.com
Advisory: http://www.lovebug.org/imd_advisory.txt

Issue:

The webmail portion of the latest (and final) release of Infinite Mobile
Delivery contains a Cross

[ more ] [ reply ]

SquirrelMail Security Advisory 2005-01-29
Jonathan Angliss (jon squirrelmail org)

SquirrelMail Security Advisory
==============================

SquirrelMail 1.4.4 has been released to resolve a number of security
issues disclosed below. It is strongly recommended that all running
SquirrelMail prior to 1.4.4 upgrade to the latest release.

Remote File Inclusion
-----------------

[ more ] [ reply ]

RE: SECURITY.NNOV: Multiple applications fd_set structure bitmap array index overflow 2005-01-29
David LeBlanc (dleblanc exchange microsoft com) (1 replies)

-----Original Message-----
From: Damien Miller [mailto:djm (at) mindrot (dot) org [email concealed]] said:

>This effectively limits select to a maximum of FD_SETSIZE descriptors
on Windows. I don't think that this limitiation exists on other
platforms.

---------------------------

Note the bit where it says:

#ifndef FD_SE

[ more ] [ reply ]

Re: SECURITY.NNOV: Multiple applications fd_set structure bitmap array index overflow 2005-01-29
Lee Dilkie (lee_dilkie mitel com)

[ GLSA 200501-40 ] ngIRCd: Buffer overflow 2005-01-28
Thierry Carrez (koon gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-40
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

Re: Unrestricted I/O access vulnerability in INCA Gameguard 2005-01-28
David Roberts (david howden demon co uk)

In-Reply-To: <000001c4fc2b$bfd81820$6101a8c0@sauron>

On January 26 2005, NCsoft updated their Lineage 2 client for the North American and European market to include the GameGuard system.

The GameGuard system includes an updated version of the NPPTNT2.SYS driver (2005.1.5.1). The updated driver no

[ more ] [ reply ]

RE: SECURITY.NNOV: Multiple applications fd_set structure bitmap array index overflow 2005-01-28
David LeBlanc (dleblanc exchange microsoft com) (2 replies)

-----Original Message-----
3APA3A [mailto:3APA3A (at) security.nnov (dot) ru [email concealed]] wrote:

> For Windows fd_set is a sockets array, not bitmask and FD_SETSIZE
defines maximum number of sockets in this array. So, Windows
application may be vulnerable only if it places a large number of
sockets into same fd_set s

[ more ] [ reply ]

Re[2]: SECURITY.NNOV: Multiple applications fd_set structure bitmap array index overflow 2005-01-30
3APA3A (3APA3A SECURITY NNOV RU)

Re: SECURITY.NNOV: Multiple applications fd_set structure bitmap array index overflow 2005-01-28
Damien Miller (djm mindrot org)

Winamp Exploit (POC) 5.08 Stack Overflow 2005-01-28
Rojodos (rojo2_bugtraq yahoo es)

Hello :)

I´ve coded an exploit about this vulnerability, using the advisory "NSFOCUS SA2005-01 : Buffer Overflow in WinAMP in_cdda.dll CDA Device Name" as a guide. The advisory is very good, so it´s very easy to code the exploit.

This code:

cda://AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHnT _IJJJ?å3ÿW?ìÆEø

[ more ] [ reply ]

Multiple vulnerabilities in Icewarp Web Mail 5.3.0: New holes 2005-01-29
ShineShadow (ss_contacts hotmail com)

ShineShadow Security Report 26012005-03

TITLE: Multiple vulnerabilities in Icewarp Web Mail 5.3.0 : New holes.

BACKGROUND

Merak Mail Server, with the revolutionary Merak Mail Server GroupWare Server, cutting-edge Merak Mail Server Instant Antispam and much more, is the fastest, most stable, se

[ more ] [ reply ]

[OpenPKG-SA-2005.004] OpenPKG Security Advisory (sasl) 2005-01-28
OpenPKG (openpkg openpkg org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ] [ reply ]

WebWasher Classic - HTTP CONNECT weakness 2005-01-28
Oliver Karow (Oliver Karow gmx de)

WebWasher Classic - HTTP CONNECT weakness
=========================================

WebWasher Classic
=================

WebWasher Classic is a well known HTTP-URL/Popup/Script filtering proxy
which
is free for non commercial use.
WebWasher Classic supports two modes, a client mode, where it only

[ more ] [ reply ]

[ GLSA 200501-39 ] SquirrelMail: Multiple vulnerabilities 2005-01-28
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-39
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

Multiple vulnerabilities in Alt-N WebAdmin <= 3.0.2 2005-01-28
David Alonso Pérez (kamborio gmail com)

WebAdmin is a web application to administer MDaemon and RelayFax. It
can be run on its own or as an ISAPI application under Microsoft
Internet Information Services (IIS). MDaemon is an e-mail server for
Microsoft Windows. RelayFax is a fax server also for Microsoft
Windows. Both applications have be

[ more ] [ reply ]

MDKSA-2005:024 - Updated evolution packages fix vulnerability 2005-01-27
Mandrakelinux Security Team (security linux-mandrake com)

WarFTPD 1.82 RC9 DoS 2005-01-27
MC.Iglo (mc iglo gmx de)

Hello,

due to an access violation, specialy crafted CWD-Commands will exit
the FTP server when running as a NT service.
User needs to be logged on.

Vendor's report can be found at
http://support.jgaa.com/index.php?cmd=ShowReport&ID=02643

Solution: deny anonymous or untrusted logins or use patched

[ more ] [ reply ]

[ GLSA 200501-37 ] GraphicsMagick: PSD decoding heap overflow 2005-01-26
Thierry Carrez (koon gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-37
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[ GLSA 200501-38 ] Perl: rmtree and DBI tmpfile vulnerabilities 2005-01-26
Thierry Carrez (koon gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-38
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[SECURITY] [DSA 661-1] New f2c packages fix insecure temporary files 2005-01-27
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 661-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
January 27th, 2005

[ more ] [ reply ]

UEBIMIAU <= 2.7.2 MULTIPLES VULNERABILITIES 2005-01-27
Nash Leon (nashleon yahoo com br) (1 replies)

ADVISORE 01 15/01/2005

INTRUDERS TIGER TEAM SECURITY - SECURITY ADVISORE

http://www.intruders.com.br/
http://www.intruders.org.br/

ADVISORE/0105 - UEBIMIAU < 2.7.2 MULTIPLES
VULNERABILITIES

PRIORITY: HIGH

I - INTRODUCTION:
----------------

From http://www.uebimiau.org/

"UebiM

[ more ] [ reply ]

Re: UEBIMIAU <= 2.7.2 MULTIPLES VULNERABILITIES 2005-01-28
pokley (pokleyzz scan-associates net)