|
|
Colapse all |
Post message
MDKSA-2004:041 - Updated ProFTPD packages fix vulnerability 2004-04-30 Mandrake Linux Security Team (security linux-mandrake com) Multi stage attacks on networks? 2004-04-29 Sudhakar-bugtraq Govindavajhala (sudhakar CS Princeton EDU) (1 replies) Hi I am a Ph.D. student studying network security at Princeton University. I am trying to see if attacker can use a series of vulnerabilities to take over a particular resource. Has there been prior work on this topic earlier? Can someone give me a real example where the adversary actually uses [ more ] [ reply ] [RHSA-2004:163-01] Updated OpenOffice packages fix security vulnerability in neon 2004-04-30 bugzilla redhat com RE: After Ms patches last Wed ... 2004-04-30 David Hayden (dahayden clubhayden com) For those of you that had problems with the MS Patch... Microsoft (Quote, Chart) confirmed that disruptive bugs in a recently issued Windows security patch could cause systems to freeze or lead to system usage overload. The buggy patch, issued earlier this month to plug numerous "critical" vulnera [ more ] [ reply ] [RHSA-2004:173-00] Updated mc packages resolve several vulnerabilities 2004-04-30 bugzilla redhat com Dameware Mini Remote Control Version 4.2 ? Weak Key Agreement Scheme 2004-04-30 ax09001h (ax09001h hotmail com) Title: Dameware Mini Remote Control Version 4.2 ? Weak Key Agreement Scheme Versions: Dameware Mini Remote Control Version 4.2 Vulnerability: The latest version of Dameware?s Mini Remote Control System uses a weak key agreement scheme. The scheme consists of the sharing of pointers int [ more ] [ reply ] HP Web Jetadmin 2004-04-30 John Morris (jrm atl hp com) -----BEGIN PGP SIGNED MESSAGE----- HP has issued the security bulletin: HPSBPI01026 SSRT2397 rev.0 Web Jetadmin potential denial of service, unauthorized access which addresses the issues reported in: http://www.phenoelit.de/stuff/HP_Web_Jetadmin_advisory.txt The issues are resolved [ more ] [ reply ] SECURITY.NNOV: Sambar security quest 2004-04-30 3APA3A (3APA3A SECURITY NNOV RU) This advisory is old (originally discovered in January, 2003 published by iDefense[1] and fixed by Vendor[2] in September, 2003) but probably is generally unknown, at least there is no CVE entries. It can interest you, if you tired of endless crossite scriptings, buffer overflows and SQL in [ more ] [ reply ] MDKSA-2004:039 - Updated mc packages fix vulnerabilities 2004-04-29 Mandrake Linux Security Team (security linux-mandrake com) [OpenPKG-SA-2004.018] OpenPKG Security Advisory (proftpd) 2004-04-30 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] [RHSA-2004:177-01] An updated X-Chat package fixes vulnerability in Socks-5 proxy 2004-04-30 bugzilla redhat com [RHSA-2004:179-01] An updated LHA package fixes security vulnerabilities 2004-04-30 bugzilla redhat com cqure.net.20040430.citrixmetaframe 2004-04-30 Patrik Karlsson (patrik cqure net) Hi, The following advisory has been released by cqure.net. The severity level has been set to low, as in Citrix's advisory available at; http://support.citrix.com/kb/entry.jspa?entryID=4289&categoryID=118 The reason for the low severity is the fact that you have to be local admin on the Citrix se [ more ] [ reply ] A technical description of the SSL PCT vulnerability (CVE-2003-0719) 2004-04-30 Juliano Rizzo (juliano rizzo corest com) There has been public discussions about the exploitation of the SSL PCT vulnerability. Exploit code was made publicly available (THCIISLame.c) and rumors of a potential worm that uses the vulnerability as an attack vector are spreading the security news. What follows is my analysis of the vulnerab [ more ] [ reply ] [SECURITY] [DSA 498-1] New libpng packages fix denial of service 2004-04-30 joey infodrom org (Martin Schulze) MDKSA-2004:040 - Updated libpng packages fix vulnerability 2004-04-30 Mandrake Linux Security Team (security linux-mandrake com) SquirrelMail Cross Scripting Attacks.... 2004-04-29 Alvin Alex (alvin_gboy hotmail com) (1 replies) SquirrelMail latest version (although is tested on version 1.4.2) is prone to many cross scripting attacks that can be used to steal user cookies.The Exploit lies in the way squirrel mail represents the folder names and shows them.To make the matters worse.No extra unique variable added to the url [ more ] [ reply ] [ GLSA 200404-21 ] Multiple Vulnerabilities in Samba 2004-04-29 Joshua J. Berry (condordes gentoo org) [SECURITY] [DSA 497-1] New mc packages fix several vulnerabilities 2004-04-29 joey infodrom org (Martin Schulze) [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png) 2004-04-29 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: proftpd
Advisory ID:
[ more ] [ reply ]