|
|
Colapse all |
Post message
Broadcast buffer-overflow in Vypress Messenger 3.5.1 2004-10-01 Luigi Auriemma (aluigi autistici org) EEYE: RealPlayer pnen3260.dll Heap Overflow 2004-10-01 Marc Maiffret (mmaiffret eEye com) RealPlayer pnen3260.dll Heap Overflow Release Date: October 1, 2004 Date Reported: August 09, 2004 Severity: High (Remote Code Execution) Vendor: RealNetworks Systems Affected: Windows: RealPlayer 10.5 (6.0.12.1040 and earlier) RealPlayer 10 RealPlayer 8 (Local Playback) RealOne Player V2 RealO [ more ] [ reply ] Re: Promiscuous email printing in Canon imageRunner 2004-10-01 Marco Ivaldi (raptor 0xdeadbeef info) > Try scanning the Ip address with nmap -A 10.0.0.1 Hello Bugtraq, While we're talking about printers, some time ago i discovered by accident some lame Denial of Service vulnerabilities in my HP JetDirect printer (tested on J3111A, firmware version G.05.35 -- pretty old). Not sure if they can b [ more ] [ reply ] Oracle 9i Union Flaw 2004-09-30 Brandon Petty (bmpfg8 umr edu) A fellow student, here at UMR, has tested the MSAccess 2K/XP Union Flaw on Oracle 9i. His name is Muthukumar Narayanan: mnmr6 (at) umr (dot) edu [email concealed] . He found that Oracle 9i has the same problem as Access... but it is a little different. He found that you can select up to 2 miss ordered columns for the res [ more ] [ reply ] SQL Injection vulnerability in bBlog 0.7.3 2004-10-01 James McGlinn (james servers co nz) Servers.co.nz Security Advisory SCN200409-1 Available in HTML format at http://www.servers.co.nz/security/SCN200409-1.php ------------------------------------------------------------ SQL Injection vulnerability in bBlog 0.7.3 Author: James McGlinn, Servers.co.nz Ltd <james_at_servers dot co dot [ more ] [ reply ] [SECURITY] [DSA 553-1] New getmail packages fix root compromise 2004-09-27 joey infodrom org (Martin Schulze) CFMX vulnerability 2004-09-30 Eric Lackey (eric lackey gmail com) Software: Macromedia ColdFusion MX 6.1 Description: There is a vulnerability in the ColdFusion MX 6.1 product. To exploit this, a user needs access to create a cold fusion template on a ColdFusion server with CreateObject or cfobject tags enabled. The code given below writes a java class to the Co [ more ] [ reply ] RE: Promiscuous email printing in Canon imageRunner 2004-09-30 Jeff Bates (JJB crouse org) Try scanning the Ip address with nmap -A 10.0.0.1 My IR2200 didn't have port 25 open, but it still printed 15-20 sheets of paper. - J -----Original Message----- From: Matthew E. Lauterbach [mailto:mlauterbach (at) mail.wtamu (dot) edu [email concealed]] Sent: Monday, September 27, 2004 5:02 AM To: bugtraq@securityfocus. [ more ] [ reply ] iDEFENSE Security Advisory 09.29.04 - Macromedia JRun 4 mod_jrun Apache Module Buffer Overflow Vulnerability 2004-09-29 customer service mailbox (customerservice idefense com) Macromedia JRun 4 mod_jrun Apache Module Buffer Overflow Vulnerability iDEFENSE Security Advisory 09.29.04 www.idefense.com/application/poi/display?id=145&type=vulnerabilities September 29, 2004 I. BACKGROUND Macromedia JRun 4 is a full Java 2 Enterprise Edition (J2EE) compatible application ser [ more ] [ reply ] RE: Diebold Global Election Management System (GEMS) Backdoor 2004-09-28 Geoff Vass (geoff cadzow com au) I don't think Jeremy was arguing that "killing free enterprise" is a reason not to do something; it's the reason given by the people who oppose scrutiny in this area. This is a common political tactic, if you oppose something, you pick something in the argument that's off-topic or even irrelevant a [ more ] [ reply ] iDEFENSE Security Advisory 09.30.04 - Samba Arbitrary File Access Vulnerability 2004-09-30 customer service mailbox (customerservice idefense com) Samba Arbitrary File Access Vulnerability iDEFENSE Security Advisory 09.30.04 www.idefense.com/application/poi/display?id=146&type=vulnerabilities September 30, 2004 I. BACKGROUND Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients. II [ more ] [ reply ] Re:[4] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue 2004-09-29 advisories (advisories corsaire com) > No. It is possible to write out a MIME message which > cannot be interpreted ambiguously by software that > correctly obeys the relevant RFCs. You have simply changed the subject; this is quite different from your previous statement that it is possible to create a single canonical version by sel [ more ] [ reply ] RE: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes 2004-09-28 David Brodbeck (DavidB mail interclean com) > -----Original Message----- > From: Jeremy Epstein [mailto:jeremy.epstein (at) webmethods (dot) com [email concealed]] > Besides, given what most of us know about government > efficiency, would you > WANT the government to be designing and building voting machines? Be > careful of what you wish for, as you may get it! Much [ more ] [ reply ] Samba Security Announcement -- Potential Arbitrary File Access 2004-09-30 Gerald (Jerry) Carter (jerry samba org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Potential Arbitrary File Access Affected Versions: Samba 2.2.x <= 2.2.11 and Samba 3.0.x <= 3.0.5 Summary: A remote attacker may be able to gain access to files which exist outside of the share's defined path. Such files must still be rea [ more ] [ reply ] Unicornscan 0.4.2 2004-09-30 robert dyadsecurity com For those of you who didn't get to catch our Unicornscan launch at Toorcon over the weekend, I would like to invite you to http://www.unicornscan.org. Unicornscan is a new information gathering and correlation engine built for and by members of the security research and testing communities. It was [ more ] [ reply ] [SECURITY] [DSA 555-1] New frenet6 packages fix potential information leak 2004-09-30 joey infodrom org (Martin Schulze) Multiple vulnerabilities in w-agora forum 2004-09-30 Alexander Antipov (antipov SecurityLab ru) http://www.maxpatrol.com/mp_advisory.asp Title: Multiple vulnerabilities in w-agora forum Date: 28.09.04 Severity: Medium Application: w-agora 4.1.6a, http://www.w-agora/en/download.php Platform: PHP I. DESCRIPTION Multiple vulnerabilities were found in w-agora forum. A remote user can con [ more ] [ reply ] |
|
Privacy Statement |
#######################################################################
Luigi Auriemma
Application: Vypress Messenger
http://www.vypress.com/products/messenger/
Versions: <= 3.5.1
Platforms: Windows
Bug: buffer overflow
Risk: cri
[ more ] [ reply ]