Portcullis Security Advisory

Vulnerable System:

Webseries Payment Application

Vulnerability Title:

Poor Password Change Implementation

Vulnerability discovery and development:

Portcullis Security Testing Services

Affected systems:

Bottomline Webseries Payment Application

[ more ]  [ reply ]

from http://www.pandasoftware.com/about/press/viewNews.aspx?noticia=5818
===
Video files appear that download malicious application when they are run

01/10/2005. These files are .wmv files infected by Trj/WmvDownloader.A and
Trj/WmvDownloader.B, two Trojans that take advantage of a new technology

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-59-1 January 10, 2005
mailman vulnerabilities
CAN-2004-1177, http://bugs.debian.org/285839
===========================================================

A security issue affects the following Ubuntu releases:

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

========================================================================
========

NileSOFT Security Advisory

------------------------------------------------------------------------
--------

ID : NILESA-20050101

Title : Denial of Service vulnerabili

[ more ]  [ reply ]

On Mon, 10 Jan 2005 14:08:11 -0500, Darren Bounds
<dbounds (at) intrusense (dot) com [email concealed]> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Multi-vendor AV gateway image inspection bypass vulnerability
> January 10, 2005
>
> A vulnerability has been discovered which allows a remote attacker to
> bypas

[ more ]  [ reply ]

In-Reply-To: <3F13EFFD.6050402 (at) t-online (dot) de [email concealed]>

Hi,

Same here. And there are two other issues:

1. If you continuously send "empty" data like "word wraps" from the interior network to the printer port 515 it causes the router to crash completely. You'll have to shut it down.

2. If you continuou

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2005-01-11 iTunes 4.7.1

iTunes 4.7.1 is now available and delivers the following security
enhancement:

CVE-ID: CAN-2005-0043

Impact: Malicious playlists can cause iTunes to crash and could
execute arbitrary code

Description: iTunes suppo

[ more ]  [ reply ]

------------------------------------------------

Advisory Name : IlohaMail Insecure Configuration Files

Release Date : 10 January, 2004

Application : IlohaMail (http://ilohamail.org/)

Vulnerable: IlohaMail-0.8.14-rc1 and lower

Not Vulnerable: IlohaMail-0.8.14-rc2

Author : SRR Project G

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

Hi,
Does anyone know of security contact for nokia mobile phones model 7610
and model 6600.
Thanks
Rohit

[ more ]  [ reply ]

Portcullis Security Advisory

Vulnerable System:

Webseries Payment Application

Vulnerability Title:

Execute Of Arbitrary Reports

Vulnerability discovery and development:

Portcullis Security Testing Services

Affected systems:

Bottomline Webseries Payment Application

Detail

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-58-1 January 10, 2005
krb5 vulnerability
CAN-2004-1189
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The fol

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

LSS Security Advisory #LSS-2005-01-02
http://security.lss.hr

---

Title : Apache mod_auth_radius remote integer overflow
Advisory ID : LSS-2005-01-02
Date : 2005-01-10
Advisory URL: : http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-01-02
Impact : Denial of se

[ more ]  [ reply ]

LSS Security Advisory #LSS-2005-01-03
http://security.lss.hr

---

Title : Squirrelmail vacation v0.15 local root exploit
Advisory ID : LSS-2005-01-03
Date : 10.01.2005.
Advisory URL: : http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-01-03
Impact : Privilege

[ more ]  [ reply ]

Portcullis Security Advisory

Vulnerable System:

MediaPartner 5.0

Vulnerability Title:

Source Code Disclosure

Vulnerability discovery and development:

Portcullis Security Testing Service

Affected systems:

Emotion MediaPartner Web Server Version 5.0 and 5.1

Details:

By appendi

[ more ]  [ reply ]

Advisory Information

--------------------

Advisory name : Woltlab Burning Book addentry.php SQL Injection

Discovered by : drhankey / it-security23.net

Vendor Name : Woltlab

Vendor Homepage : http://www.woltlab.de

Software : Woltlab Burning Book Lite

Vulnerability Type : Cross-Sit

[ more ]  [ reply ]

The Metasploit Framework is an advanced open-source exploit
development platform. The 2.3 release includes three user interfaces,
46 exploits and 68 payloads.

The Framework will run on any modern operating system that has a working
Perl interpreter. The Windows installer includes a slimmed-down ver

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]

Portcullis Security Advisory

Vulnerable System:

MediaPartner 5.0

Vulnerability Title:

In Place Password Update Process Flawed

Vulnerability discovery and development:

Portcullis Security Testing Service

Affected systems:

Emotion MediaPartner Web Server Version 5.0 (5.1 not

[ more ]  [ reply ]

Portcullis Security Advisory

Vulnerable System:

Webseries Payment Application

Vulnerability Title:

Directory & File Enumeration Via Reporting System

Vulnerability discovery and development:

Portcullis Security Testing Services

Affected systems:

Bottomline Webseries Payment

[ more ]  [ reply ]

Portcullis Security Advisory

Vulnerable System:

Webseries Payment Application

Vulnerability Title:

Password Policy Implemented At Client rather than Server

Vulnerability discovery and development:

Portcullis Security Testing Services

Affected systems:

Bottomline Webseries P

[ more ]  [ reply ]

Portcullis Security Advisory

Vulnerable System:

Webseries Payment Application

Vulnerability Title:

Lack of Backend Authorisation Checking

Vulnerability discovery and development:

Portcullis Security Testing Services

Affected systems:

Bottomline Webseries

[ more ]  [ reply ]

LSS Security Advisory #LSS-2005-01-01

http://security.lss.hr

---

Title : Mod_dosevasive symlink and race vulnerability
Advisory ID : LSS-2005-01-4
Date : January 1th, 2005
Advisory URL: : http://security.lss.hr/en/index.php?page=details&ID=L

[ more ]  [ reply ]