BugTraq Mode:
(Page 1509 of 1748)  < Prev  1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514  Next >
FW: [security bulletin] SSRT4717 Management Agents for HP-UX Remote DoS 2004-05-08
Boren, Rich (SSRT) (rich boren hp com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

HP SECURITY BULLETIN

HPSBMA01037 REVISION: 0

SSRT4717 rev.0 Management Agents: remote DoS with OpenSSL SSL/TLS
in HP WBEM Services

-----------------------------------------------------------------
NOTICE:
Th

[ more ]  [ reply ]
[OpenPKG-SA-2004.020] OpenPKG Security Advisory (ssmtp) 2004-05-07
OpenPKG (openpkg openpkg org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]
Re: Will a smart worm be made in the near future? 2004-05-07
Jose Nazario (jose monkey org)
your worst case scenario all depends on what your goal is.

widespread financial devastation can occur through many mechanisms.
hardware destruction is just one of them, but in the end what does that
get you? you would probably disrupt a national economy for a few months,
and probably cause a few bu

[ more ]  [ reply ]
Streaming Video and Audio 2004-05-06
security lists (lists28 yahoo com)
I have a question that hopefully the list can assist
me with. I have a web application that provides for
on-demand viewing of training sessions. The audio and
video is streamed in Windows Media format via HTTP.
They can use SSL to encrypt authentication to the
site, however, no encryption is used

[ more ]  [ reply ]
Re: Titan FTP Server Aborted LIST DoS 2004-05-06
Noam Rathaus (noamr beyondsecurity com)
On Friday 07 May 2004 05:19, Gene Ken wrote:
> Hi Aviram,
>
> I have some trouble with the testing of current exploit, the below
> is my tested procedure:
>
> 1) In my test bed, the host side is winxp professional with ip_addr
> 192.168.0.2 (english, 5.1 build 2600), and the client side is redhat

[ more ]  [ reply ]
[CLA-2004:840] Conectiva Security Announcement - lha 2004-05-06
Conectiva Updates (secure conectiva com br)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : lha
SUMMARY : Buffer overflow and directory t

[ more ]  [ reply ]
Eudora file URL buffer overflow 2004-05-07
psz maths usyd edu au (Paul Szabo)
There is a buffer overflow in Eudora for Windows, verified on versions
6.1, 6.0.3 and 5.2.1. This is easily exploitable to run arbitrary code.
I do not know if this issue affects Eudora for Macs.

Demo:

#!/usr/bin/perl --
print "From: me\n";
print "To: you\n";
print "Subject: Eudora file URL buffer

[ more ]  [ reply ]
Re: Titan FTP Server Aborted LIST DoS 2004-05-07
Gene Ken (gken vip sina com)
Hi Aviram,

I have some trouble with the testing of current exploit, the below
is my tested procedure:

1) In my test bed, the host side is winxp professional with ip_addr 192.168.0.2
(english, 5.1 build 2600), and the client side is redhat linux 9 using
NAT in
Vmware Workstation 4.5.1 bui

[ more ]  [ reply ]
Windows IPSec Vulnerabilty 2004-05-07
Steffen Pfendtner (steffen wh-netz de)
Hello,

After recent experiment I noticed that there is a man-in-the-middle
vulnerability in Microsoft Windows IPSec implementation when using
certificates for authentication. This also includes the Windows
L2TP/IPSec VPN.

It seems that this is a known problem as there where posts mentioning this
o

[ more ]  [ reply ]
[SECURITY] [DSA 501-1] New exim packages fix buffer overflows 2004-05-07
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 501-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
May 7th, 2004

[ more ]  [ reply ]
Remote DoS IE Memory Access Violation 2004-05-07
E.Kellinis (me cipher org uk)
#########################################
Application: Internet Explorer
Vendors: http://www.microsoft.com
Version: 6.0.2800
Platforms: Windows
Bug: IE and MSN Messenger
Memory_Access_Violation
Risk: Critical
Exploitation: Re

[ more ]  [ reply ]
Security issue with Trend OfficeScan Corporate Edition 2004-05-07
Matt (matt_will_fix_it hotmail com)
Product: Trend OfficeScan
Product Description: Trend OfficeScan is a Corporate Antivirus product from
Trend Microsystems
Vendor URL: http://www.antivirus.com
Versions affected: 3.0 - 6.0 (5.58 is latest version, not fixed until
version 6.5)
Vendor notified: 12th Octob

[ more ]  [ reply ]
Fwd: [Re: cvs commit: src/sys/vm vm_map.c] 2004-05-05
Jacques A. Vidrine (nectar FreeBSD org)
Hello,

FYI:
A FreeBSD user suggested that this issue requires a security advisory.
The issue has been public for some time, but currently, FreeBSD does not
issue advisories for local denial-of-service issues. It is expected
that this bug will soon be fixed in FreeBSD 4.x (it is already fixed
in Fr

[ more ]  [ reply ]
Will a smart worm be made in the near future? 2004-05-05
Taeho Oh (ohhara postech edu)


Will a smart worm be made in the near future?

Nowadays, many bugs are found in the software and many worms are made in a

short time. Foutunately, the worm usually doesn't destroy any data in the

PC until now. And it's very easy to know something is wrong in the PC or

network. Because the net

[ more ]  [ reply ]
SUSE Security Announcement: Live CD 9.1 (SuSE-SA:2004:011) 2004-05-06
Roman Drahtmueller (draht suse de)
-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______

SuSE Security Announcement

Package: Live CD 9.1
Announcement-ID: SuSE-SA:2004:011
Date: Thursda

[ more ]  [ reply ]
[0xbadc0ded #03] DeleGate (SSL-filter) <= 8.9.2 2004-05-06
Joel Eriksson (je-secfocus bitnux com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

========================================================================
==
0xbadc0ded Advisory #03 - 2004/05/06 - DeleGate <= 8.9.2 (SSL-filter)
========================================================================
==

Reference http://0xbadc0ded

[ more ]  [ reply ]
[AppSecInc Security Alert] Microsoft Active Server Pages Cookie Retrieval Issue 2004-05-05
Aaron C. Newman (Application Security, Inc.) (anewman appsecinc com)
Microsoft Active Server Pages Cookie Retrieval Issue

5 May 2004

Risk Level: Low

Summary:
The Active Server Pages (ASP) engine does not properly handle special
cookie values when they are retrieved. Because of this, an unhandled
error is returned to the client. This behavior can be used maliciousl

[ more ]  [ reply ]
Advisory: Heimdal kadmind version4 remote heap overflow 2004-05-05
Evgeny Demidov (demidov gleg net)

Name: Heimdal kadmind version4 remote heap
overflow
Date: 6 May 2004
CVE candidate: CAN-2004-0434
Author: Evgeny Demidov

Description:

There exists a remote preauth heap overflow vulnerability
in Heimdal kadmind version4 support.
All versions of Heimdal including 0.6.1 a

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-04:09.kadmind 2004-05-05
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

========================================================================
=====
FreeBSD-SA-04:09.kadmind Security Advisory
The FreeBSD Project

Topic: he

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-04:08.heimdal 2004-05-05
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

========================================================================
=====
FreeBSD-SA-04:08.heimdal Security Advisory
The FreeBSD Project

Topic: he

[ more ]  [ reply ]
Multiple vulnerabilities in P4DB 2004-05-05
Jon McClintock (jammer weak org)

Product: P4DB
URL: http://www.mydata.se/ftp/P4DB/
Version: P4DB v2.01 and earlier
Risk: Multiple vunlerabilities (high)

Description:

P4DB is a CGI based tool that provides a web-based interface to Perforce
source code repositories. It is third-party software, de

[ more ]  [ reply ]
IRIX Networking Security Updates 2004-05-05
SGI Security Coordinator (agent99 sgi com)
-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______

SGI Security Advisory

Title: IRIX Networking Security Updates
Number: 20050502-01-P
Date: May 5, 2004
Reference: SGI BUGS 904229, 902072,

[ more ]  [ reply ]
[waraxe-2004-SA#027 - Once again - critical vulnerabilities in PhpNuke 6.x - 7.2] 2004-05-05
Janek Vind (come2waraxe yahoo com)


{=======================================================================
=========}

{ [waraxe-2004-SA#027] }

{=======================================================================
=========}

{

[ more ]  [ reply ]
[OpenPKG-SA-2004.019] OpenPKG Security Advisory (kolab) 2004-05-05
OpenPKG (openpkg openpkg org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]
Titan FTP Server Aborted LIST DoS 2004-05-05
Aviram Jenik (aviram beyondsecurity com)
Titan FTP Server Aborted LIST DoS
----------------------------------------------------

Article reference:
http://www.securiteam.com/windowsntfocus/5RP0215CUU.html

SUMMARY

A security vulnerability exists in South River Technologies' Titan FTP Server.
An attacker issuing a LIST command and disc

[ more ]  [ reply ]
Fuse Talk Vunerabilities 2004-05-05
Stuart Jamieson (stuart jamieson active-outdoors co uk)


As well as well known XSS vunerabilities the latest version 4.0 seems to have some other issues.

Unpatched releases of V4.0 allow the user to access the Template banning.cfm without any administrative privleages. All users of the software should check with fusetalk.com for the latest security p

[ more ]  [ reply ]
SMF SIZE Tag Script Injection Vulnerability 2004-05-05
Cheng Peng Su (apple_soup msn com)


########################################################################
####

Advisory Name : SMF SIZE Tag Script Injection Vulnerability

Release Date : May 3,2004

Application : Simple Machines

Test On : SMF 1.0 Beta 5 Public

Vendor URL : http://www.simplemachines.org/

[ more ]  [ reply ]
Corsaire Security Advisory - Verity Ultraseek path disclosure issue 2004-05-05
advisories (advisories corsaire com)

-- Corsaire Security Advisory --

Title: Verity Ultraseek path disclosure issue
Date: 04.01.13
Application: Verity Ultraseek 5.2.1 and prior
Environment: Solaris 7, Windows NT, Windows 2000, Redhat Linux
Author: Martin O'Neal [martin.oneal (at) corsaire (dot) com [email concealed]]
Audience: Vendor notification
Reference: c040

[ more ]  [ reply ]
UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : apache multiple vulnerabilities, upgraded to apache-1.3.29 2004-05-05
please_reply_to_security sco com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________
______

SCO Security Advisory

Subject: UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : apache multiple vulnerabilities, upgraded to apache-1.3.29
Advisory number: SCOSA-2004

[ more ]  [ reply ]
[slackware-security] lha update in bin package (SSA:2004-125-01) 2004-05-04
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] lha update in bin package (SSA:2004-125-01)

New bin- packages are available for Slackware 8.1, 9.0, 9.1, and -current to
fix buffer overflows and directory traversal vulnerabilities in the 'lha'
archive utility. Sites using 'lh

[ more ]  [ reply ]
(Page 1509 of 1748)  < Prev  1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus