BugTraq Mode:
(Page 1490 of 1748)  < Prev  1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495  Next >
exploiting overflowed kmalloc() memory? 2004-06-18
infamous41md hotpop com

has anyone done any research on exploiting overflows with memory returned by kmalloc()? after briefly looking at source, i see that internally it relies on the kmem_cache_alloc() functions. i didn't see any sort of coalescing as with dlmalloc, so maybe it's not even possible? anyone have any lin

[ more ]  [ reply ]
RE: Antivirus/Trojan/Spyware scanners DoS! 2004-06-17
secfocuslist yahoo com


Hello,

Here is what I have from TrendMicro IWSS v1

A virus (Compressed_Huge_File, Eicar_test_file,

Eicar_test_file, Eicar_test_file, Eicar_test_file,

Eicar_test_file, Eicar_test_file) was detected in file

SERVER_dwn.zip in http traffic on 6/15/04 3:10:06 PM

with action deleted taken.

[ more ]  [ reply ]
RE: Caveat Lector: Beastie Boys Evil 2004-06-17
Wolf, Glenn (glenn wolf we-inc com)
If I recall, it is possible to disable the offending "bonus" data track by
writing over it with a black marker. This is all in theory, of course.

http://www.wired.com/news/technology/0,1282,52665,00.html

Glenn

-----Original Message-----
From: Dragos Ruiu [mailto:dr (at) kyx (dot) net [email concealed]]
Sent: Wednesday, Ju

[ more ]  [ reply ]
Re: MAGIC XSS INTO THE DNS: coelacanth 2004-06-17
qazxdrgb hotmail com
In-Reply-To: <200406151517.i5FFH8pC029012 (at) web179.megawebservers (dot) com [email concealed]>

This just plain simple XSS attacks, and additionally it relies on a (long since?) patched vulnerability in IIS.

>Still unclear how or why this can be interpreted into the site

>or through the browser.

What is unclear?

1.

[ more ]  [ reply ]
Virus scan attack 2004-06-17
Nate Nord (natenord maximus com)
Just wondering if anyone else has seen this come through their mail portal.
Something has caused our McAfee Webshield SMTP to seriously eat processor
time... to the point that it will no longer forward scanned mail. I've had
to temporarily bypass it until I figure out what it's choking on. I saw
s

[ more ]  [ reply ]
Starwood security contacts 2004-06-18
Liu, Jinsong (JLiu waveseeker com)

Hello:

Anyone knows how to contact Starwood computer security dept?

Thanks

Jinsong

[ more ]  [ reply ]
[ GLSA 200406-14 ] aspell: Buffer overflow in word-list-compress 2004-06-17
Thierry Carrez (koon gentoo org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[ more ]  [ reply ]
Re: Linux Kernel i2c Integer Overflow Vulnerability 2004-06-17
Shaun Colley (shaunige yahoo co uk) (1 replies)
Well, okay, I appreciate all emails I got about my
error. As you've all pointed out, this function is
safe so forget the misinformation. However, there is
a vulnerability in the i2c ioctl() code, which exists
because of a possible integer overflow. I did discuss
this on the LKML with Greg Kroah-H

[ more ]  [ reply ]
Re: Linux Kernel i2c Integer Overflow Vulnerability 2004-06-17
Greg KH (greg kroah com)
TSL-2004-0036 - kerberos 2004-06-18
Trustix Security Advisor (tsl trustix org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Trustix Secure Linux Bugfix Advisory #2004-0036

Package name: kerberos5
Summary: Bugfix
Date: 2004-06-18
Affected versions: Trustix Secure Linux 2.

[ more ]  [ reply ]
USB risks (continued) 2004-06-18
Gadi Evron (ge egotistical reprehensible net)
I'm emailing this to bugtraq as well. A discussion there might produce
more interesting results than "MS sucks" on FD. This is rather important
and has grown in importance over the last couple of years. There were a
few discussions on the subject, but nothing to help formulate a plan on
how to d

[ more ]  [ reply ]
Re: Symantec Enterprise Firewall DNSD cache poisoning Vulnerability 2004-06-18
Peter Jelver (pj esec dk)
In-Reply-To: <1087321536.7690.85.camel (at) bender.telecom.com (dot) ar [email concealed]>

This has yet to be investigated and commented by the vendor, but the SEF firewall dnsd has the option to configure "forwarders" - dnsd will defer all requests to these. A mitigating strategy until the vendor has an answer could be to con

[ more ]  [ reply ]
RE: Caveat Lector: Beastie Boys Evil 2004-06-18
Chris Merkel (chrism geo-synthetics com)
FWIW, the Mike D said that he would have preferred that there were no DRM on
the album, but that it's a standard practice for all EMI releases. Check out
this post from BoingBoing:

http://www.boingboing.net/2004/06/11/new_beasties_disc_ha.html

(Besides, DRM is standard issue nowadays and quite eas

[ more ]  [ reply ]
Re: Caveat Lector: Beastie Boys Evil 2004-06-17
jonspanos yahoo com
In-Reply-To: <200406160110.23023.dr (at) kyx (dot) net [email concealed]>

I had no problem ripping the new album with Exact Audio Copy to WAV files so I can encode it into MP3.

[ more ]  [ reply ]
"IBM Access Support" (eGatherer) Activex Dangerous Methods Vulnerability 2004-06-17
Drew Copley (dcopley eEye com)
"IBM Access Support" (eGatherer) Activex Dangerous Methods Vulnerability

Release Date:
June 15, 2004

Date Reported:
February 20, 2004

Patch Development Time (In Days):
116

Severity:
High (Remote Code Execution)

Vendor:
IBM

Systems Affected:
IBM Access Support (eGatherer) Activex Version 2.0

[ more ]  [ reply ]
TSLSA-2004-0035 - kernel 2004-06-18
Trustix Security Advisor (tsl trustix org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Trustix Secure Linux Security Advisory #2004-0035

Package name: kernel
Summary: Possible security holes in drivers
Date: 2004-06-18
Affected versio

[ more ]  [ reply ]
(Page 1490 of 1748)  < Prev  1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus