SecurityFocus

7a69Adv#15 - Internet Explorer FTP command injection 2004-12-07
Albert Puigsech Galicia (ripe 7a69ezine org)

- ------------------------------------------------------------------
7a69ezine Advisories 7a69Adv#15
- ------------------------------------------------------------------
http://www.7a69ezine.org [05/12/2004]
- ---------------------------------

[ more ] [ reply ]

RE: MD5 To Be Considered Harmful Someday 2004-12-08
Rager, Anton (Anton) (arager avaya com)

Some things to note....

1 - Wang and Joux's attacks do not allow determination of original
inputs from a given hash.
2 - The interesting and newsworthy part of Wang's paper is not that
there are collisions in MD5 (and the other hash algs they produced
collisions for), but that they can produce col

[ more ] [ reply ]

Address Bar Spoophing for the Pheeshies: IntotheNet Explorer 6 2004-12-08
http-equiv (at) excite (dot) com [email concealed] (1 malware com)

Tuesday, December 07, 2004

This is phunny in a pheeble kind of way:

<phorm id="phoo" action="res://C:\\WINDOWS\\system3\shdoclc.dll//dnserror.htm#http://logi
n.passport.net/uilogin.srf?id=666"
method="post">
<input type="submit" value="default value"></phorm>
<a id="phee" hreph="hotphemail.ht

[ more ] [ reply ]

[SECURITY] [DSA 606-1] New nfs-utils packages fix denial of service 2004-12-08
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 606-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
December 8th, 2004

[ more ] [ reply ]

[ GLSA 200412-03 ] imlib: Buffer overflows in image decoding 2004-12-06
Thierry Carrez (koon gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

MDKSA-2004:146 - Updated nfs-utils packages fix remote DoS vulnerability 2004-12-07
Mandrake Linux Security Team (security linux-mandrake com)

MDKSA-2004:144 - Updated lvm1 packages fix temporary file vulnerability 2004-12-07
Mandrake Linux Security Team (security linux-mandrake com)

IE6 Vulnerability - Local File Detection 2004-12-07
ViPeR (viper31337 yahoo co in)

Affected Software : Microsoft Internet Explorer
Vulnerability : Local File Detection

Tested On : MS IE 6.0 SP1, Win2K SP4, [up-to-date]
according to windowsupdate.com

Discovered by : Gregory R. Panakkal

Overview
========
This security vulnerability in Internet Explorer
allows remote attackers to

[ more ] [ reply ]

[ GLSA 200412-04 ] Perl: Insecure temporary file creation 2004-12-07
Luke Macken (lewk gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

MDKSA-2004:147 - Updated openssl packages fix temporary file vulnerability 2004-12-07
Mandrake Linux Security Team (security linux-mandrake com)