|
|
Colapse all |
Post message
[SECURITY] [DSA 642-1] New gallery packages fix several vulnerabilities 2005-01-17 joey infodrom org (Martin Schulze) [OpenPKG-SA-2005.003] OpenPKG Security Advisory (a2ps) 2005-01-17 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] SUSE Security Announcement: php4/mod_php4 (SUSE-SA:2005:002) 2005-01-17 Ludwig Nussel (ludwig nussel suse de) [OpenPKG-SA-2005.002] OpenPKG Security Advisory (sudo) 2005-01-17 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] [SECURITY] [DSA 640-1] New gatos packages fix arbitrary code execution 2005-01-17 joey infodrom org (Martin Schulze) [SECURITY] [DSA 641-1] New playmidi packages fix local root exploit 2005-01-17 joey infodrom org (Martin Schulze) [ GLSA 200501-25 ] Squid: Multiple vulnerabilities 2005-01-16 Sune Kloppenborg Jeppesen (jaervosz gentoo org) exim dns_buld_reverse() proof-of-concept 2005-01-15 Rafael San Miguel Carrasco (smcsoc yahoo es) This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE (iDEFENSE Security Advisory 01.14.05). It has been tested against exim-4.41 under Debian GNU/Linux. Note that setuid () is not included in the shellcode to avoid script-kidding. My RET is 0xbffffae4, but fb [ more ] [ reply ] Apple Airport WDS DoS 2005-01-15 Dylan Griffiths (dylang thock com) Thock.com Security Advisory Problem: Apple AirPort WDS DoS Affected devices: AirPort Extreme and Airport Express. Severity: Denial of service. Author: Dylan Griffiths <dylang (at) thock (dot) com [email concealed]> Vendor Status: Fix available. Overview: Apple's AirPort devices are wireless access points, providing 802.11 [ more ] [ reply ] Various Vulnerabilities in SparkleBlog 2005-01-15 Kovács László (bugtracklist freemail hu) (1 replies) Various Vulnerabilities in SparkleBlog SparkleBlog is an open-source PHP script which allows you to input and edit your weblog entries, without having to go through the hassle of coding in HTML and uploading via FTP every time you want to make an update. A weblog (aka blog) is simply an online ver [ more ] [ reply ] [USN-60-0] Linux kernel vulnerabilities 2005-01-14 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-60-0 January 14, 2005 linux-source-2.6.8.1 vulnerabilities CAN-2005-0001 http://lists.netsys.com/pipermail/full-disclosure/2005-January/030660.ht ml =========================================================== [ more ] [ reply ] iDefense iTunes advisory. 2005-01-15 nemo felinemenace org Hey Everyone, I've written a proof of concept for the iTunes 4.7 advisory released by iDefense on January 13, 2005. Here is some code to exploit the vulnerability, it will generate a *.pls file which,when opened with iTunes 4.7 will bind a shell on port 4444. - nemo <------------------ fm-eyete [ more ] [ reply ] XSS in the nested BB tag in many forum 2005-01-15 pigrelax (pigrelax yandex ru) XSS was found in the nested BB tag in many forum: Invision Power Board: [COLOR=[IMG]http://aaa.aa/=`aaa.jpg[/IMG]]` style=background:url(javascript:alert()) [/COLOR] vBulletin [EMAIL=[URL=s as=`s (at) wew (dot) ew [email concealed]]mailto:assss (at) wew (dot) ew [email concealed]] sssssss[/URL][/EMAIL]` style=`background:url(javaSCrip t:alert(/Hi_from_A [ more ] [ reply ] iDEFENSE Security Advisory 01.14.05: Exim dns_buld_reverse() Buffer Overflow Vulnerability 2005-01-14 customer service mailbox (customerservice idefense com) Exim dns_buld_reverse() Buffer Overflow Vulnerability iDEFENSE Security Advisory 01.14.05 www.idefense.com/application/poi/display?id=183&type=vulnerabilities January 14, 2005 I. BACKGROUND Exim is a mail transfer agent (MTA) for Unix systems similar to sendmail. More information is available at [ more ] [ reply ] [SECURITY] [DSA 639-1] New mc packages fix several vulnerabilities 2005-01-14 joey infodrom org (Martin Schulze) MDKSA-2005:005 - Updated nfs-utils packages fix 64bit vulnerability 2005-01-11 Mandrake Linux Security Team (security linux-mandrake com) Paper: How to exploit overflow vulnerability under Fedora Core 2 2005-01-14 vangelis vangelis (progressfree hotmail com) This paper is about the way of exploiting overflow vulnerability under Fedora Core 2. I don't think this is a perfect guide to the exploitation. If there are some mistakes, give your feedback. I just want this paper will help you to make much better papers about subject. ______________________ [ more ] [ reply ] Internet Explorer valid JavaScript-file successfull load detection local file enumeration 2005-01-14 Berend-Jan Wever (skylined edup tudelft nl) Hi all, Internet Explorer allows webpages on a remote server to load scripts from the local harddisk. These scripts get run in the remote server's security zone. This is not so much cross-site scripting but what I will call "cross-site loading" for now. Cross-site loading is not a new problem, a nu [ more ] [ reply ] [CLA-2005:918] Conectiva Security Announcement - twiki 2005-01-14 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : twiki SUMMARY : Fix for twiki remote vulnerab [ more ] [ reply ] XSS Vulnerability in Siteman v1.1.9 2005-01-14 Pedram hayati (pi3ch yahoo com) New XSS Vulnerability in Siteman v1.1.9, Discovered by PersianHacker.NET Security Team by Pi3cH (pi3ch yahoo com) http://www.PersianHacker.NET Siteman is a Content Management System (CMS) that is so easy to install and use, that a person who has no knowledge about creating homepages can ge [ more ] [ reply ] iDEFENSE Security Advisory 01.13.05: SGI IRIX inpview Design Error Vulnerability 2005-01-13 customer service mailbox (customerservice idefense com) SGI IRIX inpview Design Error Vulnerability iDEFENSE Security Advisory 01.13.05 www.idefense.com/application/poi/display?id=182&type=vulnerabilities January 13, 2005 I. BACKGROUND The inpview program is a setuid root application that is included in the InPerson networked multimedia conferencing [ more ] [ reply ] iDEFENSE Security Advisory 01.13.05: MySQL MaxDB WebAgent websql logon Buffer Overflow Vulnerability 2005-01-13 customer service mailbox (customerservice idefense com) MySQL MaxDB WebAgent websql logon Buffer Overflow Vulnerability iDEFENSE Security Advisory 01.13.05 www.idefense.com/application/poi/display?id=181&type=vulnerabilities January 13, 2005 I. BACKGROUND MaxDB by MySQL is a re-branded and enhanced version of SAP DB, SAP AG's open source database. Max [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 642-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
January 17th, 2005
[ more ] [ reply ]