BugTraq Mode:
(Page 1409 of 1748)  < Prev  1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414  Next >
[USN-41-1] Samba vulnerability 2004-12-17
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-41-1 December 17, 2004
samba vulnerability
CAN-2004-1154
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The fo

[ more ]  [ reply ]
MDKSA-2004:151 - Updated php packages fix multiple vulnerabilities 2004-12-18
Mandrake Linux Security Team (security linux-mandrake com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: php
Advisory ID:

[ more ]  [ reply ]
Re: DJB's students release 44 *nix software vulnerability advisories 2004-12-18
D. J. Bernstein (djb cr yp to)
Shu T. Messenger writes:
> In each case, Professor Bernstein notified the author of the
> vulnerable package on Dec 15 via e-mail. This mail hit Bugtraq on the
> 16th, giving one day for vendors to provide fixes.

Actually, I sent all of these notifications to the public securesoftware
mailing list

[ more ]  [ reply ]
MS Windows Media Player 9 Vulns (2) 2004-12-18
Arman Nayyeri (arman-n Phreaker net)


Microsoft Windows Media Player 9 Vulns

======================================

Title: Microsoft Windows Media Player 9 Vulns (2)

HappyName: MS-WMP9-2P-BY-R/\/\AN

Date: Friday, April 17, 2004

Software: Microsoft Windows Media Player 9

Vendor: Microsoft Corporation

Patch: F

[ more ]  [ reply ]
Multiple Vulnerabilities In Kayako eSupport v2.x 2004-12-18
GulfTech Security (security gulftech org)
##########################################################
# GulfTech Security Research December 18th, 2004
##########################################################
# Vendor : Kayako Web Solutions
# URL : http://www.kayako.com/
# Version : Kayako eSupport v2.x
# Risk : Multiple Vuln

[ more ]  [ reply ]
Bug in Crypt::ECB perl module 2004-12-17
Bennett R. Samowich (brs fsproduce com)
There is a bug in the Crypt::ECB module that affects the way it processes blocks of data. It appears that Crypt::ECB incorrectly processes the last block of data if it contains a singe ASCII "0". This has been tested using the Blowfish, Rijndael, TripleDES, DES, and IDEA algorithms. Below is some

[ more ]  [ reply ]
[SECURITY] [DSA 610-1] New cscope packages fix insecure temporary file creation 2004-12-17
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 610-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
December 17th, 2004

[ more ]  [ reply ]
Internet Explorer Code Execution Bypass Vulnerability 2004-12-17
aikon none (aikon bcn gmail com)


Last week I discovered a vulnerability to avoid/overrun/bypass the new protection for Local JS Execution on IE (winxp sp2)

--cut here--

<script>

window.alert("Example Exploit");

</script>

--cut here--

(Copy and paste into your Notepad and save it as EXAMPLE.HTM)

If you

[ more ]  [ reply ]
[OpenPKG-SA-2004.056] OpenPKG Security Advisory (cvstrac) 2004-12-17
OpenPKG (openpkg openpkg org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]
4 Vulnerabilities in GamePort 2004-12-17
amoXi Devilkin (am0xi yahoo com)


Exploit Tested On :

GamePort 4.0

GamePort 3.1

GamePort 3.0

Platform :

Windows 9X/Me/2K/XP

Background of Program :

Gameport is a product of interactivestudio(www.interactivestudio.sk). it is very Common Program in Iran(My Country) that is used for G

[ more ]  [ reply ]
NetBSD kernel local vulnerabilities 2004-12-17
Evgeny Demidov (demidov gleg net)
Name: NetBSD kernel local vulnerabilities
Date: Dec 18, 2004
Author: Evgeny Demidov

Description:

There exists multiple vulnerabilities in NetBSD binary compatibility code.
They can be approximately divided into two parts:

1) signal number validation problems in xxx_sys_ki

[ more ]  [ reply ]
[ GLSA 200412-13 ] Samba: Integer overflow 2004-12-17
Sune Kloppenborg Jeppesen (jaervosz gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
4 Vulnerabilities in GamePort 2004-12-17
amoXi Devilkin (am0xi yahoo com)


Exploit Tested On :

GamePort 4.0

GamePort 3.1

GamePort 3.0

Platform :

Windows 9X/Me/2K/XP

Background of Program :

Gameport is a product of interactivestudio(www.interactivestudio.sk). it is very Common Program in Iran(My Country) that is used for G

[ more ]  [ reply ]
NetBSD Security Advisory 2004-010: Insufficient argument validation in compat code 2004-12-17
NetBSD Security-Officer (security-officer netbsd org)

-----BEGIN PGP SIGNED MESSAGE-----

NetBSD Security Advisory 2004-010
=================================

Topic: Insufficient argument validation in compat code

Version: NetBSD-current: source prior to Oct 27, 2004
NetBSD 2.0: not affected
NetBSD 1.6.2: affected
NetBSD 1.6.1: affected

[ more ]  [ reply ]
Gadu-Gadu, another two bugs 2004-12-17
Jaroslaw Sajko (sloik man poznan pl)

Product: Gadu-Gadu, build 155 and older
Vendor: SMS-EXPRESS.COM (http://www.gadu-gadu.pl)
Impact: Script execution in local zone,
Remote DoS
Severity: High
Authors: Blazej Miga <bla (at) man.poznan (dot) pl [email concealed]>,
Jaroslaw Sajko <sloik (at) man.poznan (dot) pl [email concealed]>
Date: 17/12/04

[ISSUE]

Gadu-Gadu is the first Polish

[ more ]  [ reply ]
phphpbb2 + php version < 4.3.10 unserialize() memory dump sql password from config.php exploit 2004-12-17
bad boy (slythers gmail com)


php bug in ext/standart/var_unserializer.c in php < 4.3.10

for dump php heap memory with phpbb2 ,who use unserialize() for cookie , and found the config.php(sql password) in the heap.

you need http://overdose.tcpteam.org/serv.h and http://overdose.tcpteam.org/serv.cpp for compile

/*

***

[ more ]  [ reply ]
[OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba) 2004-12-17
OpenPKG (openpkg openpkg org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]
[ GLSA 200412-12 ] Adobe Acrobat Reader: Buffer overflow vulnerability 2004-12-16
Luke Macken (lewk gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
Unchecked returns from kernel_read() in linux-2.6.10-rc2 kernel 2004-12-17
Katrina Tsipenyuk (ytsipenyuk fortifysoftware com)
Greetings,

Fortify Software engineering team has looked at linux-2.6.10-rc2
and performed static analysis of the code. We have discovered seve

[ more ]  [ reply ]
(Page 1409 of 1748)  < Prev  1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus