BugTraq Mode:
(Page 1415 of 1748)  < Prev  1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420  Next >
MDKSA-2004:145 - Updated rp-pppoe packages fix vulnerability 2004-12-07
Mandrake Linux Security Team (security linux-mandrake com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: rp-pppoe
Advisory ID:

[ more ]  [ reply ]
zone transfers, a spammer's dream? 2004-12-07
Lode Vermeiren (lode linu cx)
Hello all,

while doing some experiments with dig using a .fm domain I made a small
typo. Much to my surprise the whole fm zone was transferable by anyone.
It's obvious this is a fabulous source for dictionary spammers who just
mail to generic addresses at as much domains as they can possibly find.

[ more ]  [ reply ]
Cleartext SMB passwords in Novell Desktop Linux using KDE 2004-12-07
Mike DeMaria (mdemaria nwc com)
Exploit: When creating a symbolic link to a file or folder located on a
SMB network share using KDE, the user's name and password are displayed
in clear text on the desktop. The login name and password are also in
the link file's meta data in addition to the actual filename itself.

Systems affe

[ more ]  [ reply ]
Bypass personal firewall application protection . Again. 2004-12-07
offtopic (offtopic mail ru)
Bypass personal firewall application protection . Again.
(c)oded by offtopic (offtopic (at) mail (dot) ru [email concealed]) 2004
Special thank to 3APA3A for links to the debuggers for Windows.

<quote src= http://www.security.nnov.ru/advisories/bypassing.asp?l=EN >
Personal firewall usually restricts access to network to

[ more ]  [ reply ]
Remote Web Server Text File Viewing Vulnerability in WebLibs 1.0 2004-12-08
John Bissell (monkey321_1 hotmail com)


Advisory:

=========

Remote Web Server Text File Viewing Vulnerability in WebLibs 1.0

Author:

=======

John Bissell A.K.A. HighT1mes

Vendor Homepage:

================

http://awsd.com/

Date:

=====

12, 07, 2004

Severity:

=========

High

Overview:

=========

WebLibs is a p

[ more ]  [ reply ]
Online Script Decoder 2004-12-07
GreyMagic Security (security greymagic com) (1 replies)
Windows Script Encoder is a Microsoft tool to encode scripts so that "Web
hosts and Web clients cannot view or modify their source". It encodes the
content of script tags using a very simple encoding algorithm and renames
the scripts "language" attribute from "JScript" or "Javascript" to
"JScript.En

[ more ]  [ reply ]
Re: Online Script Decoder 2004-12-07
Stefan Paletta (stefanp cabal1 com)
MDKSA-2004:143 - Updated ImageMagick packages fix vulnerability 2004-12-07
Mandrake Linux Security Team (security linux-mandrake com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: ImageMagick
Advisory ID

[ more ]  [ reply ]
MD5 To Be Considered Harmful Someday 2004-12-06
Dan Kaminsky (dan doxpara com)
I've been doing some analysis on MD5 collision announced by Wang et al.
Short version: Yes, Virginia, there is no such thing as a safe hash
collision -- at least in a function that's specified to be
cryptographically secure. The full details may be acquired at the
following link:

http://www.

[ more ]  [ reply ]
Multiple Vulnerabilities in paFileDB 3.1 2004-12-07
Ahmad Muammar (y3dips echo or id)


ECHO_ADV_09$2004

------------------------------------------------------------------------
---

Multiple Vulnerabilities in paFileDB 3.1

------------------------------------------------------------------------
---

Author: y3dips

Date: November, 26th 2004

Location: Indonesia, Jakarta

[ more ]  [ reply ]
[ GLSA 200412-05 ] mirrorselect: Insecure temporary file creation 2004-12-07
Luke Macken (lewk gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-05:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
MaxDB WebTools <= 7.5.00.18 buffer overflow and Denial of Service 2004-12-07
Evgeny Demidov (demidov gleg net)
Name: MaxDB WebTools <= 7.5.00.18 buffer overflow and Denial of Service
Date: 7 Dec 2004
Platforms: Any
Author: Evgeny Demidov

Description:

"MaxDB is a heavy-duty, SAP-certified open source database for OLTP and OLAP usage which offers high reliability, availability,

[ more ]  [ reply ]
Broadcast client crash in Battlefield 1942 1.6.19 and Vietnam 1.2 2004-12-07
Luigi Auriemma (aluigi autistici org)

#######################################################################

Luigi Auriemma

Application: Battlefield 1942 and Vietnam
http://www.battlefield1942.com
Versions: Battlefield 1942 <= 1.6.19
Battlefield Vietnam <= 1.2
Platform

[ more ]  [ reply ]
Local root exploit on Mac OS X with Adobe Version Cue 2004-12-07
fintler (fintler gmail com) (1 replies)
Note: Sorry if this is a dupe, I might of sent it to the wrong address.

Local root exploit on Mac OS X 10.3.6 with Adobe products installed
Found by Jonathan Bringhurst <fintler (at) gmail.com (dot) NOSP [email concealed]AM>

Summary:

It's possible to create a suid root shell with a non-privileged user
on a Mac OS X 10.3.6 sy

[ more ]  [ reply ]
Re: Local root exploit on Mac OS X with Adobe Version Cue 2004-12-07
Chet Ramey (chet caleb ins cwru edu)
MDKSA-2004:142 - Updated gzip packages fix temporary file vulnerability 2004-12-07
Mandrake Linux Security Team (security linux-mandrake com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: gzip
Advisory ID:

[ more ]  [ reply ]
RE: Disclosure of file system information in Mozilla Firefox and Opera Browser: 2004-12-06
Thor Larholm (thor pivx com)
This is not a vulnerability, it is expected behavior.

Mozilla shares the same zone design as IE which means that a file from
the local file zone can read any other file from the local file zone.
You cannot use this approach to read a local file from another zone such
as the Internet zone. From the

[ more ]  [ reply ]
[Advisory] Mozilla Products Remote Crash Vulnerability 2004-12-06
Niek van der Maas (niekvdmaas gmail com)
Hi,

I'm posting it here, the Mozilla guys didn't want to answer or even
confirm this bug. No idea whether this one is exploitable or not, I'll
leave that over to the readers of these lists.
Bye,

Niek van der Maas
MaasOnline
http://maas-online.nl/

Mozilla Products Remote Crash Vulnerability
=====

[ more ]  [ reply ]
Tool Announcement: AIRT -- the Advanced Incident Response Tool (linux) 2004-12-06
madsys (madsys ercist iscas ac cn)
hey all,

I'm proud to announce that the AIRT 0.2 is now available:

http://159.226.5.93/projects/airt.htm

AIRT (Advanced incident response tool) is a set of incident response assistant tools on linux platform. It's useful when you want to know what evil kernel backdoor is resident on you

[ more ]  [ reply ]
Winamp - Buffer Overflow In IN_CDDA.dll [ Patch Released ] 2004-12-06
Brett Moore (brett moore security-assessment com)
Quick update on the winamp issue.

A new version 5.07 has been released and includes a fix for
the buffer overflow in the IN_CDDA.dll module.

Change Log
http://www.winamp.com/player/version_history.php

New Release
http://www.winamp.com/player/

Regards

Brett Moore
Network Intrusion Specialist, CT

[ more ]  [ reply ]
Hosting Controller 2004-12-05
mouse small (e_b_i yahoo com)


-= Security Advisory =-

Advisory Information

-------------------------

Software Package : Hosting Controller

Vendor Homepage : http://www.hostingcontroller.com

Platforms : Windows based servers

Vulnerable Versions: All version ( Teste

[ more ]  [ reply ]
[ GLSA 200412-02 ] PDFlib: Multiple overflows in the included TIFF library 2004-12-05
Luke Macken (lewk gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
Re: [Advisory] Mozilla Products Remote Crash Vulnerability 2004-12-06
Berend-Jan Wever (skylined edup tudelft nl)
It's a NULL-pointer. This is not exploitable to gain access to systems or elevate priviledges.

Cheers,

Berend-Jan Wever
<skylined (at) edup.tudelft (dot) nl [email concealed]>
http://www.edup.tudelft.nl/~bjwever
SkyLined in #SkyLined on EFNET

[ more ]  [ reply ]
Web Application Security Consortium 'Guest Articles' Call for Papers 2004-12-06
robert webappsec org
Web Application Security Consortium
Guest Articles Call for Papers

The Web Application Security Consortium (WASC) is seeking contributed
'Guest Articles' by industry professionals on the latest in trends, techniques,
defenses, best practices and lessons learned relevant to the field of web
appli

[ more ]  [ reply ]
DoS leading to crash of client in Remote Execute 2.30 2004-12-06
headpimp pimp-industries com

Pimp industries.
"Its all about the Bling, B&^@# and Fame!"

Dos in Client of Remote Execute v2.30 by IbexSoftware
(C) Paul Craig
Pimp Industries 2004

Background
-------------
Remote Execute 2.30 is vulnerable to an open connection attack, where
after seven connections a

[ more ]  [ reply ]
Re: Advanced Guestbook 2004-12-06
Spy Hat (spyhat spyhat com)
In-Reply-To: <8ea2ac2004120211406650777b (at) mail.gmail (dot) com [email concealed]>

The previous version of Advance Guestbook (2.2) also vulnerable to XSS

yours,

SpyHat

>Received: (qmail 10259 invoked from network); 3 Dec 2004 06:52:14 -0000

>Received: from outgoing.securityfocus.com (HELO outgoing2.securityfocus.co

[ more ]  [ reply ]
[SECURITY] [DSA 605-1] New viewcvs packages fix information leak 2004-12-06
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 605-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
December 6th, 2004

[ more ]  [ reply ]
7a69Adv#16 - Konqueror FTP command injection 2004-12-05
Albert Puigsech Galicia (ripe 7a69ezine org)
- ------------------------------------------------------------------
7a69ezine Advisories 7a69Adv#16
- ------------------------------------------------------------------
http://www.7a69ezine.org [05/12/2004]
- ---------------------------------

[ more ]  [ reply ]
Multiple vulnerabilities in w3who ISAPI DLL 2004-12-06
Nicolas Gregoire (ngregoire exaprobe com)

Exaprobe
www.exaprobe.com

Security Advisory

Advisory Name: Multiple vulnerabilities in w3who
Release Date: 6 December 2004
Application: Microsoft ISAPI extension w3who.dll
Platform: Windows 2000/XP Resourc

[ more ]  [ reply ]
Opera 7.54 vulnerabilities again (still unfixed) 2004-12-04
Marc Schoenefeld (schonef uni-muenster de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi out there,

there have been questions concerning the criticality of the opera 7.54
security hole series which was published last month
(http://archives.neohapsis.com/archives/bugtraq/2004-11/0250.html).

- From my subjective point of view, the opera

[ more ]  [ reply ]
(Page 1415 of 1748)  < Prev  1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus