BugTraq Mode:
(Page 1443 of 1748)  < Prev  1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448  Next >
RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes 2004-09-28
Polazzo Justin (Justin Polazzo facilities gatech edu)
Nice call with the MD6 checksums(MD5 might be cracked, as a recent
letter to bugtraq demonstrated :) ran on the electronic voting systems.
That would be a good way to verify the authenticity of the code, after
it was posted on sourceforge.

As for the paper trails, does it really matter? An earlier

[ more ]  [ reply ]
[FLSA-2004:1468] Updated tcpdump packages that fix multiple security vulnerabilities 2004-09-29
Dominic Hargreaves (dom earth li)
-----------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated tcpdump resolves security vulnerabilities
Advisory ID: FLSA:1468
Issue date: 2004-09-29
Product: Red Hat Linux
Keywords: Se

[ more ]  [ reply ]
directory traversal in ParaChat Server 5.5 2004-09-28
Donato Ferrante (fdonato autistici org)
Donato Ferrante

Application: ParaChat Server
http://www.parachat.com/

Version: 5.5

Bug: directory traversal

Date: 28-Sep-2004

Author: Donato Ferrante
e-mail: fdonato (at) autistici (dot) org [email concealed]
web: www.auti

[ more ]  [ reply ]
RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes 2004-09-28
Reed, Phillip C. (LNG-DAY) (phillip reed lexisnexis com)
Well there you go. Money is evidently more important than votes.

> -----Original Message-----
>
> Why can't this all be done the same way Nevada handles modern
> slot machines?
> For example if you are playing a slot in Nevada and feel it's
> not behaving
> there is a 24 hour toll free number

[ more ]  [ reply ]
RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes 2004-09-28
Bruce Barnett barnett+bugtraq (at) grymoire.crd.ge (dot) COM [email concealed] (barnett+bugtraq grymoire crd ge COM)

> Let me add one more social dynamic. The public will want to see
> instantaneous vote results, so eventually these computers will be
> networked to send the results back to a central voting computer ... And
> we are all familiar with how easily networked computer can be
> compromised if they aren

[ more ]  [ reply ]
Crash in Alpha Black Zero 1.04 2004-09-29
Luigi Auriemma (aluigi autistici org)

#######################################################################

Luigi Auriemma

Application: Alpha Black Zero: Intrepid Protocol
http://www.playlogicgames.nl/abz/
Versions: <= 1.04
Platforms: Windows
Bug: crash
Risk: mediu

[ more ]  [ reply ]
Re: Default username/password pairs in ON Command CCM 5.x database backend, Sep 20 2004 2:24PM 2004-09-29
Sym Security (secure symantec com)
Reference:
http://www.securityfocus.com/archive/1/375760/2004-09-19/2004-09-25/0
On Sep 20 2004, Jonas Olsson posted:

Security advisory
=================
Advisory name: Default username/password pairs in ON Command CCM 5.x
database backend
Release date: 2004-09-20
Applicat

[ more ]  [ reply ]
[ GLSA 200409-35 ] Subversion: Metadata information leak 2004-09-29
Sune Kloppenborg Jeppesen (jaervosz gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200409-35
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
Php RFC1867 Upload Vuln. POC Released 2004-09-27
Stefano Di Paola (stefano dipaola wisec it)
Hi all,
Php 4.3.9 and 5.0.2 have been released with the patch for this
vulnerability, so I've decided to release the POC for this vuln.

For mail brevity anyone interested in this poc can find it on
(English Version)
http://www.wisec.it/news.php?lang=en

(Italian Version)
http://www.wisec.it/news.ph

[ more ]  [ reply ]
MSSQL 7.0 DoS 2004-09-28
securma caramail com
/* Microsoft mssql 7.0 server is vulnerable to denial of service attack
 * By sending a large buffer with specified data an attacker can stop the service
 * "mssqlserver" the error noticed is different according to services' pack but the result is always
 * the same one.
 *  Exception Codes = c00000

[ more ]  [ reply ]
[FLSA-2004:1552] Updated cadaver packages that fix security vulnerabilities 2004-09-29
Dominic Hargreaves (dom earth li)
-----------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated cadaver resolves security vulnerabilities
Advisory ID: FLSA:1552
Issue date: 2004-09-29
Product: Red Hat Linux
Keywords: Se

[ more ]  [ reply ]
Possible GDI Exploit Vector 2004-09-29
james_love agilent com


Does anyone know if MSN Messenger 6 uses GDI+ to render jpeg images that appear as the profile images you see in MSN 6 Chat windows? If so, this could provide an extremely fast way to propagate a worm using the GDI+ flaw. All you would need to do to start it off is set the crafted image as ur prof

[ more ]  [ reply ]
RE: Promiscuous email printing in Canon imageRunner 2004-09-29
Eric McCarty (eric lawmpd com)
You think that's bad?, HP Laserjet 4000's, 4100's, 4200's and others
accept any print job you FTP to them, and its anonymous ftp so anyone
can ftp in and send over a print job using the PUT command. This is
nothing new and has been long reported however.

The trick would be finding a way to upload

[ more ]  [ reply ]
Php RFC1867 Upload Vuln. POC Released 2004-09-29
Stefano Di Paola (stefano dipaola wisec it)
Hi all,
Php 4.3.9 and 5.0.2 have been released with the patch for this
vulnerability, so I've decided to release the POC for this vuln.

==PHP File Upload Vulnerability POC

==Title: Overwrite $_FILE array in rfc1867 - Mime
multipart/form-data File Upload
Author:

[ more ]  [ reply ]
Re: Diebold Global Election Management System (GEMS) BackdoorAccount Allows Authenticated Users to 2004-09-29
Gareth Humphries (ghumphries linz govt nz)
>
>
>>>> Simon <lists (at) sime.org (dot) uk [email concealed]> 29/09/2004 08:20:09 >>>
>Marco S Hyman wrote:
> >
> > All I demand from a voting system is that votes can be voter
verified.
> > That's not true of ANY voting machine regardless of who writes the
code
> > unless there is a hard copy audit trail. If there is a har

[ more ]  [ reply ]
[CLA-2004:870] Conectiva Security Announcement - imlib 2004-09-28
Conectiva Updates (secure conectiva com br)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : imlib
SUMMARY : Fix for a buffer overflow in

[ more ]  [ reply ]
[security bulletin] SSRT4794 rev.0 HPStorageWorks Command View XP access restriction bypass 2004-09-29
Boren, Rich (SSRT) (rich boren hp com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

HP SECURITY BULLETIN

HPSBST01071 REVISION: 0

SSRT4794 rev.0 HP StorageWorks Command View XP
access restriction bypass

NOTICE:
There are no restrictions for distribution of this Bulletin
provided that it remains complete and intact

[ more ]  [ reply ]
(Page 1443 of 1748)  < Prev  1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus