|
|
Colapse all |
Post message
MDKSA-2004:052 - Updated kolab-server package fixes world readable file vulnerability 2004-05-27 Mandrake Linux Security Team (security linux-mandrake com) WildTangent Web Driver Long FileName Stack Overflow 2004-05-27 NGSSoftware Insight Security Research (nisr ngssoftware com) NGSSoftware Insight Security Research Advisory Name: WildTangent Web Driver Long FileName Stack Overflow Systems Affected: WildTangent Web Driver 4.0 (earlier versions not tested) Severity: High Vendor URL: http://www.wildtangent.com Author: Peter Winter-Smith [ peter (at) ngssoftware (dot) com [email concealed] ] Date Vendor [ more ] [ reply ] Sun-Java-App-Server PE 8.0 path disclosure 2004-05-27 Marc Schoenefeld (schonef uni-muenster de) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, when doing the following requests consequently against a Sun-Java-App-Server PE 8.0 a Windows Box http://127.0.0.1:8080//// http://127.0.0.1:8080////CON you get a HTTP 500 Error, which reveals the installation path and the fact that the server i [ more ] [ reply ] Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability 2004-05-27 sandrijeski yahoo com In-Reply-To: <40A90108.9000301 (at) kurczaba (dot) com [email concealed]> I can't see this as vulnerability because its legal code I do something similar without using image map for my site to hide the affiliate tracking code. This is the code: <a onmouseover="window.status='http://www.the-url-you-see.com;return true" titl [ more ] [ reply ] MDKSA-2004:051 - Updated mailman packages fix password retrieval vulnerability 2004-05-27 Mandrake Linux Security Team (security linux-mandrake com) Re: Exchange pop3 remote exploit 2004-05-27 Tal Schaeffer (tal_schaeffer hotmail com) In-Reply-To: <1082416318017809 (at) lycos-europe (dot) com [email concealed]> A new build of eXchange POP3 has been posted which fixes this Issue. The new build 5.0.1629 can be downloaded from: http://www.exchangepop3.com/download.html >Received: (qmail 7851 invoked from network); 20 Apr 2004 16:32:25 -0000 >Receive [ more ] [ reply ] The Dangers of Cross-Site-Scripting: Rogers Hi-Speed Internet Network [Canada] 2004-05-27 http-equiv (at) excite (dot) com [email concealed] (1 malware com) Wednesday, May 26, 2004 Many people dismiss the dangers of cross site scripting as nothing more than 'parlor tricks'. This is not a good idea. As previously indicated: [see: http://www.securityfocus.com/archive/1/348363] when the right circumstance arises, this puny 'parlor trick' can prove [ more ] [ reply ] [ GLSA 200405-23 ] Heimdal: Kerberos 4 buffer overflow in kadmin 2004-05-27 Kurt Lieber (klieber gentoo org) [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache) 2004-05-27 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] SGI Advanced Linux Environment 3 Security Update #1 2004-05-26 SGI Security Coordinator (agent99 sgi com) Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird 2004-05-25 b0f www.b0f.net (b0fnet yahoo com) (1 replies) In-Reply-To: <40B0954A.6020103 (at) gentoo (dot) org [email concealed]> This bug is over 1 year old take a look here http://www.securityfocus.com/archive/1/321087/2003-05-08/2003-05-14/0 Also includes exploit. -b0f Hi bob >Received: (qmail 26887 invoked from network); 24 May 2004 15:08:38 -0000 >Received: from [ more ] [ reply ] Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird 2004-05-27 KF (lists) (kf_lists secnetops com) (1 replies) [CLA-2004:843] Conectiva Security Announcement - kde 2004-05-26 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : kde SUMMARY : Fix for URI handler vulnerabili [ more ] [ reply ] IRIX libcpr vulnerability 2004-05-26 SGI Security Coordinator (agent99 sgi com) (1 replies) [ GLSA 200405-21 ] Midnight Commander: Multiple vulnerabilities 2004-05-26 Kurt Lieber (klieber gentoo org) [Full-Disclosure] iDEFENSE Security Advisory 05.26.04: 3Com OfficeConnect Remote 812 ADSL Router Telnet Protocol Denial of Service Vulnerability 2004-05-26 idlabs-advisories idefense com iDEFENSE Security Advisory 05.26.04 www.idefense.com/application/poi/display?id=105&type=vulnerabilities May 26, 2004 I. BACKGROUND The 3Com OfficeConnect Remote 812 ADSL Router is a standalone bridge/router, with interfaces to a Local Area Network and an ADSL interface to a Wide Area Network. II [ more ] [ reply ] IEBUG: Archives of Internet Explorer 2004-05-26 Liu Die Yu (liudieyuinchina yahoo com cn) IEBUG: Archives of Internet Explorer ==================================== hi, everyone. i have created a website containing all bugtraq&fd&ms messages related to security issues of: internet explorer, outlook, windows media player and java virtual machine since 2000. it's created and updated by a s [ more ] [ reply ] [security bulletin] SSRT4719 hp OpenView Select Access remote unauthorized access 2004-05-26 Boren, Rich (SSRT) (rich boren hp com) SUSE Security Announcement: kdelibs (SuSE-SA:2004:014) 2004-05-26 krahmer suse de (Sebastian Krahmer) FreeBSD Security Advisory FreeBSD-SA-04:11.msync 2004-05-26 FreeBSD Security Advisories (security-advisories freebsd org) [security bulletin]SSRT4724 HP integrated Lights Out (iLO) Denial of Service (DoS) using port zero 2004-05-26 Boren, Rich (SSRT) (rich boren hp com) [security bulletin] SSRT4749 HP-UX Java Runtime Environment (JRE) remote DoS 2004-05-26 Boren, Rich (SSRT) (rich boren hp com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBUX01044 REVISION: 0 SSRT4749 rev.0 HP-UX Java Runtime Environment (JRE) remote DoS ----------------------------------------------------------------- NOTICE: There are no restrictions for distribution of this Bulletin [ more ] [ reply ] [ GLSA 200405-20 ] Insecure Temporary File Creation In MySQL 2004-05-25 Thierry Carrez (koon gentoo org) [CLA-2004:842] Conectiva Security Announcement - mailman 2004-05-25 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : mailman SUMMARY : Several mailman fixes DATE [ more ] [ reply ] ERRATA: [ GLSA 200405-16 ] Multiple XSS Vulnerabilities in SquirrelMail 2004-05-25 Kurt Lieber (klieber gentoo org) |
|
Privacy Statement |
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: kolab-server
Advisory I
[ more ] [ reply ]