|
|
Colapse all |
Post message
MDKSA-2004:125 - Updated iptables packages fix vulnerability 2004-11-04 Mandrake Linux Security Team (security linux-mandrake com) MDKSA-2004:124 - Updated xorg-x11 packages fix libXpm overflow vulnerabilities 2004-11-04 Mandrake Linux Security Team (security linux-mandrake com) SSC Advisory TSA-052 (Callwave.com) 2004-11-04 Secure Science Corporation Advisory Notice (bugtraq securescience net) [ GLSA 200411-09 ] shadow: Unauthorized modification of account information 2004-11-04 Matthias Geerdsen (vorlon gentoo org) (1 replies) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200411-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - [ more ] [ reply ] Re: [ GLSA 200411-09 ] shadow: Unauthorized modification of account information 2004-11-04 Solar Designer (solar openwall com) SSC Advisory TSA-052 (Callwave.com) 2004-11-03 Secure Science Corporation Advisory Notice (bugtraq securescience net) [SECURITY] [DSA 584-1] New dhcp packages fix format string vulnerability 2004-11-04 joey infodrom org (Martin Schulze) [CLA-2004:883] Conectiva Security Announcement - subversion 2004-11-04 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : subversion SUMMARY : Fixes for subverion's vu [ more ] [ reply ] [CLA-2004:884] Conectiva Security Announcement - gaim 2004-11-04 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : gaim SUMMARY : Fixes for gaim's vulnerabiliti [ more ] [ reply ] [HV-MED] Zip/Linux long path buffer overflow 2004-11-03 vuln hexview com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Zip/Linux long path buffer overflow Classification: =============== Level: low-[MED]-high-crit ID: HEXVIEW*2004*11*03*1 URL: http://www.hexview.com/docs/20041103-1.txt Overview: ========= Zip console application by Info-Zip (http://www.info-zip.org) i [ more ] [ reply ] [CLA-2004:885] Conectiva Security Announcement - apache 2004-11-04 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : apache SUMMARY : Fix for mod_ssl vulnerabilit [ more ] [ reply ] [ GLSA 200411-07 ] Proxytunnel: Format string vulnerability 2004-11-03 Thierry Carrez (koon gentoo org) [ GLSA 200411-05 ] libxml2: Remotely exploitable buffer overflow 2004-11-02 Thierry Carrez (koon gentoo org) ERRATA: [ GLSA 200411-01 ] ppp: No denial of service vulnerability 2004-11-02 Luke Macken (lewk gentoo org) [USN-16-1] perl vulnerabilities 2004-11-02 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-16-1 November 02, 2004 perl vulnerabilities CAN-2004-0976 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The f [ more ] [ reply ] [CLA-2004:882] Conectiva Security Announcement - squid 2004-11-03 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : squid SUMMARY : Fixes for squid vulnerabiliti [ more ] [ reply ] [SECURITY] [DSA 583-1] New lvm10 packages fix insecure temporary directory 2004-11-03 joey infodrom org (Martin Schulze) RE: New Whitepaper - "Second-order Code Injection Attacks" 2004-11-02 Gunter Ollmann (NGS) (gunter ngssoftware com) Cool. I make no claims that this a previously "undiscovered" security flaw. I myself have been exploiting these kinds of flaws in web-based applications for many years as well. However, the purpose of the paper is two fold. [Classification] -- Firstly, the paper attempts to classify the second-o [ more ] [ reply ] [Hat-Squad] SQL injection and XSS Vulnerabilities in HELM 2004-11-03 Hat-Squad Security Team (bugtraq hat-squad com) Hat-Squad Advisory: SQL injection and XSS Vulnerabilities in HELM November 2, 2004 Product: HELM Web Hosting Control Panel Vendor URL: http://helm.webhostautomation.com Version: HELM 3.1.19 and lower Vulnerability: SQL injection and XSS Release Date: November 2, 2004 Vendor Status: [ more ] [ reply ] URL spoofing bug (with iframes) in Microsoft Internet Explorer (11/02/2004) 2004-11-02 Benjamin Tobias Franz (0-1-2-3 gmx de) URL spoofing bug (with iframes) in Microsoft Internet Explorer: (11/02/2004) There is a security bug in Microsoft Internet Explorer, which allows to show any faked target-address in the status bar of the window. The example below will display a faked URL ("http://www.microsoft.com/") in the status [ more ] [ reply ] Microsoft ISA Server Authentication Bypassing 2004-11-02 Jérôme ATHIAS (jerome athias caramail com) Vulnerability Microsoft ISA Server Authentication Bypassing Description This weakness is tested in a network environment where Microsoft ISA server is configured as an Internet proxy server and the users are required to provide appropriate user name and the password to access the internet. [ more ] [ reply ] [SECURITY] [DSA 582-1] New libxml packages fix arbitrary code execution 2004-11-02 joey infodrom org (Martin Schulze) Rv: [Full-Disclosure] MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exploit (was: python does mangleme (with IE bugs!)) 2004-11-02 Elia Florio (eflorio edmaster it) Good job, the xploit works on both my : IE 6.0.2800.1106 ENGLISH with SHDOCVW.DLL version 6.0.2800.1400 IE 6.0.2800.1106 ITALIAN with SHDOCVW.DLL version 6.0.2800.1584 Tested on both Win XP Professional - SP1 with latest October patch installed. The overflow occurs in this point of SHDOCVW.DLL (w [ more ] [ reply ] Re: [Full-Disclosure] MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exploit (was: python does mangleme (with IE bugs!)) 2004-11-02 morning_wood (se_cur_ity hotmail com) MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exploit (was: python does mangleme (with IE bugs!)) (fwd) 2004-11-02 Michal Zalewski (lcamtuf coredump cx) A supposed PoC for a vulnerability discovered by ned of felinemenace.org over a week ago, using his Python port of my mangleme utility (the utility itself released some two weeks ago). I'm taking this opportunity to do some whoring because the author indicated that his original post bounced off BUG [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: iptables
Advisory ID:
[ more ] [ reply ]