|
|
Colapse all |
Post message
local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33? 2004-10-29 Larry Cashdollar (lwc vapid ath cx) [ GLSA 200410-31 ] Archive::Zip: Virus detection evasion 2004-10-29 Thierry Carrez (koon gentoo org) [USN-11-1] libgd2 vulnerabilities 2004-10-29 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-11-1 October 28, 2004 libgd2 vulnerabilities CAN-2004-0990 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Wartho [ more ] [ reply ] [SECURITY] [DSA 577-1] New postgresql packages fix symlink vulnerability 2004-10-29 joey infodrom org (Martin Schulze) [OpenPKG-SA-2004.047] OpenPKG Security Advisory (apache) 2004-10-29 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] [OpenPKG-SA-2004.046] OpenPKG Security Advisory (postgresql) 2004-10-29 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] [SECURITY] [DSA 576-1] New Squid packages fix several vulnerabilities 2004-10-29 joey infodrom org (Martin Schulze) [USN-6-1] postgresql contributed script vulnerability 2004-10-27 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-6-1 October 27, 2004 postgresql contributed script vulnerability CAN-2004-0977 =========================================================== A security issue affects the following Ubuntu releases: Ubun [ more ] [ reply ] [ GLSA 200410-30 ] GPdf, KPDF, KOffice: Vulnerabilities in included xpdf 2004-10-28 Thierry Carrez (koon gentoo org) New URL spoofing bug in Microsoft Internet Explorer 2004-10-28 0-1-2-3 gmx de (1 replies) New URL spoofing bug in Microsoft Internet Explorer There is a security bug in Internet Explorer 6.0.2800.1106 (fully patched), which allowes to show any faked target-address in the status bar of the window. The example below will display a faked URL ("http://www.microsoft.com/") in the status bar [ more ] [ reply ] RE: New URL spoofing bug in Microsoft Internet Explorer 2004-10-29 Larry Seltzer (larry larryseltzer com) [USN-8-1] gaim vulnerabilities 2004-10-27 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-8-1 October 27, 2004 gaim vulnerabilities CAN-2004-0891 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) [ more ] [ reply ] [USN-7-1] imagemagick vulnerability 2004-10-27 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-7-1 October 27, 2004 imagemagick vulnerability CAN-2004-0981 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty War [ more ] [ reply ] [USN-9-1] tetex-bin vulnerabilities 2004-10-28 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-9-1 October 27, 2004 tetex-bin vulnerabilities CAN-2004-0888 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty War [ more ] [ reply ] [USN-4-1] Standard C library script vulnerabilities 2004-10-28 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-4-1 October 27, 2004 Standard C library script vulnerabilities CAN-2004-0968 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu [ more ] [ reply ] [USN-3-1] GhostScript utility script vulnerabilities 2004-10-27 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-3-1 October 27, 2004 GhostScript utility script vulnerabilities CAN-2004-0967 =========================================================== A security issue affects the following Ubuntu releases: Ubunt [ more ] [ reply ] RE: Update: Web browsers - a mini-farce (MSIE gives in) 2004-10-28 Michael Wojcik (Michael Wojcik microfocus com) > From: Valdis.Kletnieks (at) vt (dot) edu [email concealed] [mailto:Valdis.Kletnieks (at) vt (dot) edu [email concealed]] > Sent: Thursday, 28 October, 2004 14:23 > > On Wed, 27 Oct 2004 10:42:41 PDT, Michael Wojcik said: > > > You don't have to understand how to exploit a buffer overflow in > > order to avoid overflowing buffers. > > But you have to [ more ] [ reply ] [USN-5-1] gettext vulnerabilities 2004-10-27 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-5-1 October 27, 2004 gettext vulnerabilities CAN-2004-0966 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warth [ more ] [ reply ] [FLSA-2004:2089] Updated mozilla packages fix security vulnerabilities 2004-10-27 Dominic Hargreaves (dom earth li) PHP4 cURL functions bypass open_basedir 2004-10-27 FraMe (frame hispalab com) ==================================================== Subject: PHP4 cURL functions bypass open_basedir Author: frame at kernelpanik.org Product: PHP4 compile with cURL (not tested in PHP5) Vendor: PHP/Zend Vendor URL: www.php.net Tipe: Local Risk: Low/Medium ========================================== [ more ] [ reply ] RE: Update: Web browsers - a mini-farce (MSIE gives in) 2004-10-27 David Brodbeck (DavidB mail interclean com) > -----Original Message----- > From: Valdis.Kletnieks (at) vt (dot) edu [email concealed] [mailto:Valdis.Kletnieks (at) vt (dot) edu [email concealed]] > The point people are missing is that covering all (or even > anywhere *near* "all") the "unfortunate sequences" or "corrupted files" is > *really really* hard, Quite often, "unfortunate sequence" mean [ more ] [ reply ] |
|
Privacy Statement |
Luiz Fernando.
http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0547.html
The nessus check for this vulnerability recommends upgrading to
Apache version 1.3.32:
http://cgi.nessus.org/plugins/dump.php3?id=14771
But in Apache
[ more ] [ reply ]