SecurityFocus

New Macromedia Security Zone Bulletins Postede 2004-09-23
securityzone macromedia com (Macromedia Security Zone)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
IMPORTANT:

Several security issues that may affect JRun customers
have come to our attention recently.

To learn about this new issue and what actions you can take
to address it, please visit the Macromedia Security Zone:

http://w

[ more ] [ reply ]

NEW GDI+ JPEG Remote Exploit 2004-09-23
John Bissell (monkey321_1 hotmail com)

/***************************************************************

*

* GDI+ JPEG Remote Exploit

* By John Bissell A.K.A. HighT1mes

*

* Exploit Name:

* =============

* JpegOfDeath.c v0.5

*

* Date Exploit Released:

* ======================

* Sep, 23, 2004

*

* Description:

[ more ] [ reply ]

[ GLSA 200409-31 ] jabberd 1.x: Denial of Service vulnerability 2004-09-23
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200409-31
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

Microsoft's GDI Detetection Tool faults 2004-09-24
albatross tim it

Today I downloaded the a gdi+ vulnerability (MS04-028) detection tool published by The SANS. In contraddiction as the report provided by MS gdidettool.exe it found two version of vulnerable dlls.

Be warned don't trust only MS's detection tool! Do all steps to patch your machines.

albatross

[ more ] [ reply ]

Buffer overflow in Zinf 2.2.1 for Win32 2004-09-24
Luigi Auriemma (aluigi autistici org)

I don't know why this bug has not been tracked but moreover I don't
completely know why it has not been fixed yet in the Windows version of
Zinf.

In short, Zinf is an audio player for Linux and Windows: http://www.zinf.org
The latest Linux version is 2.2.5 while the latest Windows version is 2.2.1

[ more ] [ reply ]

TSLSA-2004-0049 - apache 2004-09-23
Trustix Security Advisor (tsl trustix org)

aspWebCalendar /aspWebAlbum: SQL injection 2004-09-23
Pedro Sanches (pedro_sanches sapo pt)

[1]Introduction

"aspWebCalendar is an .asp (Active Server Pages) script that allows you to easily create an online events calendar that supports multiple users. Easy installation and usage are the key features of aspWebCalendar. The script contains a text file with a few configuration variables

[ more ] [ reply ]

[ GLSA 200409-32 ] getmail: Filesystem overwrite vulnerability 2004-09-23
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200409-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

Promiscuous email printing in Canon imageRunner 2004-09-23
Andrew Daviel (advax triumf ca)

The Canon iR5000i digital printer (and probably other imageRunner models)
has a somewhat undocumented print-from-email feature.

Any text/plain email sent to port 25 on the device will be printed.
The MAIL FROM and RCPT TO values are not authenticated or even checked
for syntax.

There appears to b

[ more ] [ reply ]

Example of JPG Exploit & Shellcode 2004-09-22
javier falbo (javier_falbo hotmail com)

// CAN-2004-0200

// launch a local cmd.exe (not bound to the net)...
// GDI+ buffer overrun exploit by FoToZ
// NB: the headers here are only sample headers taken from a .JPG file,
// with the FF FE 00 01 inserted in header1.
// Sample shellcode is provided
// You can put approx. 2500 bytes of shel

[ more ] [ reply ]

Multiple vulnerabilities in ActivePost Standard 3.1 2004-09-23
Luigi Auriemma (aluigi autistici org)

#######################################################################

Luigi Auriemma

Application: ActivePost Standard
http://www.activepost.net
Versions: <= 3.1
Platforms: Windows
Bugs: - File-Server crash
- File-server di

[ more ] [ reply ]

[CLA-2004:868] Conectiva Security Announcement - apache 2004-09-23
Conectiva Updates (secure conectiva com br)

MDKSA-2004:102 - Updated ImageMagick packages fix arbitray code execution vulnerabilities 2004-09-22
Mandrake Linux Security Team (security linux-mandrake com)

Symantec Enterprise Firewall/VPN and Gateway Security 300 Series Appliances Multiple Issues 2004-09-22
Sym Security (secure symantec com)

MDKSA-2004:100 - Updated mpg123 packages fix vulnerabilities 2004-09-22
Mandrake Linux Security Team (security linux-mandrake com)

Re: ICMP spoofed source tunneling 2004-09-22
Dave Paris (dparis w3works com)

At the risk of possibly sinking my foot firmly into my mouth, it appears
that you've implemented an unimplemented feature of LOKI2 (circa 1997).
ref: http://www.phrack.org/show.php?p=51&a=6

If you look in the source at the link referenced, specifically the
help() function, you'll find:

%s dest\t-

[ more ] [ reply ]

[ GLSA 200409-30 ] xine-lib: Multiple vulnerabilities 2004-09-22
Thierry Carrez (koon gentoo org)

MDKSA-2004:101 - Updated webmin packages fix vulnerabilities 2004-09-22
Mandrake Linux Security Team (security linux-mandrake com)

Remote buffer overflow in MDaemon IMAP and SMTP server 2004-09-22
pigrelax (pigrelax yandex ru)

Buffer overflow in MDaemon 6.5.1 in SAML, SOML, SEND, MAIl command in SMTP
server and in LIST command in IMAP server.

More information (In Russian!): http://www.securitylab.ru/48146.html

------------------------------------------------------------------------
----
MaxPatrol is a professional netw

[ more ] [ reply ]