|
|
Colapse all |
Post message
CDE libDtHelp and dtlogin vulnerabilities on IRIX 2004-08-03 SGI Security Coordinator (agent99 sgi com) Re: Fwd: New possible scam method : forged websites using XUL (Firefox) 2004-08-03 Barry Fitzgerald (bkfsec sdf lonestar org) Below is my message to bugtraq regarding the Mozilla XUL forgery advisory. Please note that my post was rejected from bugtraq because the moderator claimed openly that the "the Mozilla developers show how amazingly out of touch they are" (his words) indicating that my message was not relevent w [ more ] [ reply ] [SECURITY] [DSA 535-1] New squirrelmail packages fix multiple vulnerabilities 2004-08-03 Matt Zimmerman (mdz debian org) RE: SideFind 2004-08-02 Polazzo Justin (Justin Polazzo facilities gatech edu) Welcome to the world of Malware. There are many IE flaws that allow for the installation of spy/mal/ad :ware. Either disable install on demand, apply XP SP2, or switch them to Mozilla to prevent future installs of this type. Making HKLM\Software|Microsoft|Windows|CurrentVersion|Run read only via r [ more ] [ reply ] OPEN3S - Local Privilege Elevation through Oracle products (Unix Platform) 2004-08-02 Juan Manuel Pascual (jmpascual open3s com) SideFind 2004-08-02 aborg mca org mt Hi .. Has anyone heard of this IE hijacker? One of our uses went through a devastating Sunday when he tried to remove this piece of software from his PC. It appears as a side panel (on the left) and prompts with suggestions when the user utilises Google to perform a search. Essentially, it [ more ] [ reply ] Comersus 5.098 XSS Vulnerable 2004-08-02 Abdul Azis (az001 plasa com) Comersus Shopping Cart 5.098 XSS Vulnerability ======================================================= Vulnerable Systems: * Comersus Cart Version 5.098 Comersus is an open source shopping cart.I found a few XSS Vulnerabilty : Pages Affected: /comersus/store/comersus_message.asp /c [ more ] [ reply ] DOS@MEHTTPS 2004-08-02 CoolICE (CoolICE China com) :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :Application: MailEnable Professional HTTPMail :Vendors: http://www.mailenable.com/ :Version: 1.19 :Platforms: Windows :Bug: D.O.S :Date: 2004-07-30 :Author: CoolICE :E_mail: CoolICE#China.com ::::::::::::::::::::::::::::::::: [ more ] [ reply ] 7a69Adv#13 - USRobotics AP Wireless Denial of Service 2004-08-02 Albert Puigsech Galicia (ripe 7a69ezine org) Re: Sonicwall diag tool includes VPN credentlials 2004-08-01 neil gardner (neil gardner alliedtelesyn co nz) Nope, as a Sonicwall Certified Engineer I can tell you this is basically wrong. Yes, it does save all the important keys in Plaintext, but only if you don't read the manual which warns about this, and only if you click ok on the dialog box pop-up which warns you about this when you go to do it. Th [ more ] [ reply ] RE: Sonicwall diag tool includes VPN credentlials 2004-08-02 Eric McCarty (eric lawmpd com) You are specifically told that the information included in the report contains confidential information, if you are concerned with privacy, zip it and add a password or use another more secure method of transferring the file such as the TSR upload feature of mysonicwall.com, this has been this way f [ more ] [ reply ] Re: Fwd: New possible scam method : forged websites using XUL (Firefox) 2004-08-02 Justin Polazzo (jo ojjo net) (1 replies) In-Reply-To: <20040730210508.GT19188 (at) securityfocus (dot) com [email concealed]> "The security implications of this trick were considered as early as 1999 in Mozilla Bug 22183 (http://bugzilla.mozilla.org/show_bug.cgi?id=22183). However, the Mozilla Foundation has kept the Bug confidential until recently, when a re [ more ] [ reply ] Re: Fwd: New possible scam method : forged websites using XUL (Firefox) 2004-08-03 Peter J. Holzer (hjp wsr ac at) SoX Exploiter by Rosiello Security 2004-08-02 Angelo Rosiello (angelo rosiello org) Rosiello Security SoX Exploiter http://www.rosiello.org Ulf Harnhammar reported that there are two buffer overflows in the 'sox' and 'play' commands. The flaws reside in the st_wavstartread() function in 'wav.c', where the function reads data based on a user-supplied size variable into a buff [ more ] [ reply ] [ GLSA 200408-01 ] MPlayer: GUI filename handling overflow 2004-08-01 Thierry Carrez (koon gentoo org) Re: Citadel/UX Remote DoS Vulnerability 2004-07-31 error citadel org (IO ERROR) For the record, none of the Citadel developers ever received a communication from this person. This advisory was posted to our bugzilla system at about the same time it was sent to BUGTRAQ. A patch for this vulnerability has been placed into CVS and will be included in the next release of Citad [ more ] [ reply ] [EXPL] (MS04-022) Microsoft Windows XP Task Scheduler (.job) Universal Exploit 2004-07-31 houseofdabus HOD (houseofdabus inbox ru) |
|
Privacy Statement |
________________________________________________________________________
______
SGI Security Advisory
Title: libDtHelp and dtlogin vulnerabilities
Number: 20040801-01-P
Date: August 3, 2004
Reference: SGI BUG
[ more ] [ reply ]