SecurityFocus

ERRATA: [ GLSA 200405-25 ] tla: Multiple vulnerabilities in included libneon 2004-06-02
Thierry Carrez (koon gentoo org)

Additional information on WRT54G administration page 2004-06-02
Alan W. Rateliff, II (alan2 rateliff net)

I have made the effort to grab three additional units, all v2 hardware,
off-the-shelf, and here is what I have found: Two of three units came with
the firewall enabled, while one of the three came with it disabled. The
packaging leaves no evidence as to whether any of these items were
previously op

[ more ] [ reply ]

[SECURITY] [DSA 512-1] New gallery packages fix unauthenticated access 2004-06-02
Matt Zimmerman (mdz debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 512-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
June 2nd, 2004

[ more ] [ reply ]

TSLSA-2004-0032 - kerberos 2004-06-02
Trustix Security Advisor (tsl trustix org)

TSLSA-2004-0031 - apache 2004-06-02
Trustix Security Advisor (tsl trustix org)

TSSA-2004-009 - kerberos5 2004-06-02
tinysofa Security Team (security tinysofa org)

========================================================================
===
_
|_ . _ _ _ (_ _
|_ | | ) \/ _) (_) | (_|
/

[ more ] [ reply ]

TSSA-2004-008 - apache 2004-06-02
tinysofa Security Team (security tinysofa org)

========================================================================
===
_
|_ . _ _ _ (_ _
|_ | | ) \/ _) (_) | (_|
/

[ more ] [ reply ]

MDKSA-2004:055 - Updated apache2 package fix vulnerability in mod_ssl 2004-06-01
Mandrake Linux Security Team (security linux-mandrake com)

MDKSA-2004:053 - Updated xpcd package fix vulnerabilities 2004-06-01
Mandrake Linux Security Team (security linux-mandrake com)

MDKSA-2004:054 - Updated mod_ssl package fix remote vulnerability 2004-06-01
Mandrake Linux Security Team (security linux-mandrake com)

MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname 2004-06-01
Tom Yu (tlyu mit edu)

[Squid 2004-OSC2Nuke-001] Inadequate Security Checking in OSC2Nuke 2004-06-01
Squid (squidsecurity hushmail com)

========================================================================
===

========================================================================
===

Advisory: 2004-OSC2Nuke-001

Affected Software: OSC2Nuke 7x version 1

OSCNukeLite V3.1 and earlier

Main Develope

[ more ] [ reply ]

[Squid 2004-Nuke-001] Inadequate Security Checking in PHPNuke v7.3 and earlier 2004-06-01
Squid (squidsecurity hushmail com)

========================================================================
===

========================================================================
===

Advisory: 2004-Nuke-001

Affected Software: PHPNuke

Affected Versions: Version 7.3 and earlier

Main Developer: Francisco Burzi

[ more ] [ reply ]

[Squid 2004-betaNC-001] Inadequate Security Checking in NukeCops betaNC Bundle 2004-06-01
Squid (squidsecurity hushmail com)

========================================================================
===

========================================================================
===

Advisory: 2004-betaNC-001

Affected Software: Nuke Cops betaNC PHP-Nuke Bundle w/ PHPNuke 6.5 and later

Affected Versions: all cvs v

[ more ] [ reply ]

RS-2004-1: SquirrelMail "Content-Type" XSS vulnerability 2004-05-30
Roman Medina (roman rs-labs com) (1 replies)

Re: RS-2004-1: SquirrelMail "Content-Type" XSS vulnerability 2004-06-01
lupe lupe-christoph de (Lupe Christoph)

Firebird Database Remote Database Name Overflow 2004-06-01
Aviram Jenik (aviram beyondsecurity com)

Firebird Database Remote Database Name Overflow
------------------------------------------------------------------------

Article reference:
http://www.securiteam.com/unixfocus/5AP0P0UCUO.html

SUMMARY

<http://firebird.sourceforge.net> Firebird is "a relational database offering
many ANSI SQL-92

[ more ] [ reply ]

Mollensoft Lightweight FTP Server CWD Buffer Overflow 2004-06-01
Aviram Jenik (aviram beyondsecurity com)

Mollensoft Lightweight FTP Server CWD Buffer Overflow
------------------------------------------------------------------------

Article reference:
http://www.securiteam.com/windowsntfocus/5RP0L15CUM.html

SUMMARY

STORM has discovered a security vulnerability in
<http://www.mollensoft.com/produ

[ more ] [ reply ]

OSVDB Post Go-Live Update, 3000 Stable Entries 2004-06-01
jkouns opensecurityfoundation org

06/01/2004 ? OSVDB Post Go-Live Update, 3000 Stable Entries

We have had an overwhelming positive response since the go-live of the Open
Source Vulnerability Database project, and would like to thank everyone that
has supported OSVDB. In the two months, we've gotten many new volunteers
and have over

[ more ] [ reply ]

LinkSys WRT54G administration page availble to WAN 2004-05-31
Alan W. Rateliff, II (lists rateliff net) (3 replies)

Manufacturer: LinkSys (a division of Cisco)
Product: Wireless-G Broadband Router
Model: WRT54G
Product Page:
http://www.linksys.com/products/product.asp?grid=33&scid=35&prid=601
Firmware tested: v2.02.7

In a recent client installation I discovered that even if the remote
administration function is

[ more ] [ reply ]

Re: LinkSys WRT54G administration page availble to WAN 2004-06-01
Matthew Gillespie (mgillespie socket net) (1 replies)

RE: LinkSys WRT54G administration page availble to WAN 2004-06-01
Alan W. Rateliff, II (lists rateliff net)

Re: LinkSys WRT54G administration page availble to WAN 2004-05-31
Matthew Caron (matt mattcaron net) (1 replies)

RE: LinkSys WRT54G administration page availble to WAN 2004-05-31
Alan W. Rateliff, II (lists rateliff net)

Re: LinkSys WRT54G administration page availble to WAN 2004-06-01
Steffen Mueller (steffen mueller vision-it de) (1 replies)

Re: LinkSys WRT54G administration page availble to WAN 2004-06-01
Valdis Kletnieks vt edu