|
|
Colapse all |
Post message
[ GLSA 200405-09 ] ProFTPD Access Control List bypass vulnerability 2004-05-19 Kurt Lieber (klieber gentoo org) [FLSA-2004:1546] Updated utempter resolves security vulnerability -- Reissue: updated 8.0 version numbers 2004-05-19 Jesse Keating (jkeating j2solutions net) RE: Buffer Overflow in ActivePerl ? 2004-05-18 Drew Copley (dcopley eeye com) > -----Original Message----- > From: noderat (at) hotmail (dot) com [email concealed] [mailto:noderat (at) hotmail (dot) com [email concealed]] > Sent: Tuesday, May 18, 2004 9:11 PM > To: bugtraq (at) securityfocus (dot) com [email concealed] > Subject: Re: Buffer Overflow in ActivePerl ? > > In-Reply-To: <40AAB885.10935.31071242@localhost> > > >Looks like full control of EIP... [ more ] [ reply ] Re: Buffer Overflow in ActivePerl ? 2004-05-19 noderat hotmail com In-Reply-To: <40AAB885.10935.31071242@localhost> >Looks like full control of EIP... > >However, there is not likely to be a privilege escalation here unless >perhaps a script processor on a web server can be cajoled into doing >something with this?? (Not at all familiar with the innards of W [ more ] [ reply ] MDKSA-2004:047 - Updated kdelibs packages fix URI handling vulnerabilities 2004-05-18 Mandrake Linux Security Team (security linux-mandrake com) Unknown IE bug with css-styles 2004-05-18 henkie_is_leet hotmail com (1 replies) Heya ppl!, I was coding around a bit.. When I was testing the html code with internet explorer, the damn thing started to crash! (Including all other IE's that where open at the same time) I?ve tested it several times (on different machines) and all had the same problem. it has something [ more ] [ reply ] Overflow@OmniHTTPd 2004-05-18 Han_B (han_b safepro com cn) EXP_OmniHTTPd.BAT @echo off :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :Application: OmniHTTPd :Vendors: http://www.omnicron.ca :Version: <=V3.0a :Platforms: Windows :Bug: Overflow :Date: 2004-04-23 :Author: CoolICE :E-mail: CoolICE#China.com :::::::::::::::::::::::::: [ more ] [ reply ] [SECURITY] [DSA 504-1] New heimdal packages fix potential buffer overflow 2004-05-18 joey infodrom org (Martin Schulze) Zen Cart login.php SQL Injection Vulnerability 2004-05-18 Oliver Minack (oliverm helpmode de) Overview: "Zen Cart? truly is the art of e-commerce; a free, user-friendly, open source shopping cart system." Description: An input validation vulnerability has been reported in Zen Cart, allowing a remote user to inject SQL commands. The '/admin/login.php' file does not properly validate [ more ] [ reply ] Advisory 05/2004: phpMyFAQ local file inclusion vulnerability 2004-05-18 Stefan Esser (s esser e-matters de) [slackware-security] kdelibs (SSA:2004-238-01) 2004-05-18 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] kdelibs (SSA:2004-238-01) New kdelibs packages are available for Slackware 9.0, 9.1 and -current to fix security issues with URI handling. More details about this issue may be found in the Common Vulnerabilities and Exposures (C [ more ] [ reply ] Vapid Labs Security Advisory for PrimeBase Database 4.2 (update) 2004-05-18 Larry W. Cashdollar (lwc vapid ath cx) This is in response to bugtraq id 8771,9087. ---------- Forwarded message ---------- Date: Fri, 14 May 2004 07:19:18 -0700 From: Barry Leslie To: Larry W. Cashdollar <lwc (at) vapid.ath (dot) cx [email concealed]> Subject: Re: WG: Vapid Labs Security Advisory for PrimeBase Database 4.2 Hi, I am not sure if you are aware o [ more ] [ reply ] MDKSA-2004:046 - Updated apache packages fix a number of vulnerabilities 2004-05-17 Mandrake Linux Security Team (security linux-mandrake com) MDKSA-2004:045 - Updated passwd packages fix vulnerabilities 2004-05-17 Mandrake Linux Security Team (security linux-mandrake com) MDKSA-2004:044 - Updated libuser packages fix vulnerability 2004-05-17 Mandrake Linux Security Team (security linux-mandrake com) Buffer Overflow in ActivePerl ? 2004-05-17 Oliver (at) greyhat (dot) de [email concealed] (Oliver greyhat de) (3 replies) hi folks, i played around with ActiveState's ActivePerl for Win32, and crashed Perl.exe with the following command: perl -e "$a="A" x 256; system($a)" I wonder if this bug isnt known?!? Because system() is a very common command.... Can anybody reproduce this? I put together a little advisory o [ more ] [ reply ] Re: Buffer Overflow in ActivePerl ? 2004-05-18 rich sf lclogic com (2 replies) RE: [Full-Disclosure] Re: Buffer Overflow in ActivePerl ? 2004-05-18 Bill Royds (full-disclosure royds net) ROCKET SCIENCE: Outllook 2003 2004-05-17 http-equiv (at) excite (dot) com [email concealed] (1 malware com) Monday, May 17, 2004 Technical final step to 'silent delivery and installation of an executable on the target computer, no client input other than reading an email' this can be achieved with the highly touted 'secure-by-default' Outlook 2003 mail client from the craftsman known as 'Microsoft [ more ] [ reply ] Desktop.ini flaw results in executing folders 2004-05-17 roozbeh afrasiabi (roozbeh_afrasiabi yahoo com) Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability 2004-05-17 thegeekmeister SAFe-mail net (1 replies) i find that this apparently works just the same in mozilla firefox on gentoo linux 2004.1. the only way to detect that this is an image, or an image map, at all is to look at the source, or to select the text, as right clicking does not allow saving image or copying image location. -------- Origin [ more ] [ reply ] Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability 2004-05-18 Jan Kluka (kluka no-junk-please ii fmph uniba sk) [waraxe-2004-SA#030 - Multiple vulnerabilities in PhpNuke 6.x - 7.3] 2004-05-17 Janek Vind (come2waraxe yahoo com) |
|
Privacy Statement |
Gentoo Linux Security Advisory GLSA 200405-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
[ more ] [ reply ]