SecurityFocus

[ GLSA 200404-06 ] Util-linux login may leak sensitive data 2004-04-07
Kurt Lieber (klieber gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200404-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org
- - - - - -

[ more ] [ reply ]

CAN-2004-0155: The KAME IKE Daemon Racoon does not verify RSASignatures during Phase 1, allows man-in-the-middle attacks andunauthorized connections 2004-04-07
Ralf Spenneberg (ralf spenneberg net)

Security Advisory: The KAME IKE Daemon Racoon does not verify RSA
Signatures during Phase 1, allows man-in-the-middle attacks and
unauthorized connections

Author: Ralf Spenneberg <ralf (at) spenneberg (dot) net [email concealed]>

[ more ] [ reply ]

Cisco Security Advisory: A default Username and Password in WLSE and HSE devices 2004-04-07
Cisco Systems Product Security Incident Response Team (psirt cisco com)

REAL One Player R3T File Format Stack Overflow 2004-04-07
NGSSoftware Insight Security Research (mark ngssoftware com)

NGSSoftware Insight Security Research Advisory

Name: REAL One Player R3T File Format Stack Overflow
Systems Affected: RealPlayer 8, RealOne Player, RealOne Player v2 for
Windows only (all languages), RealPlayer 10 Beta (English only) and
ReaPlayer Enterprise (all versions, standalone and as configu

[ more ] [ reply ]

Release of Cisco Attack tool Asleap 2004-04-07
Joshua Wright (jwright hasborg com)

In August 2003, I wrote a tool called asleap for Linux systems to
exploit a weakness in the Cisco LEAP authentication protocol. Using
this tool, an attacker can actively compromise Cisco LEAP networks
by mounting an offline dictionary attack against weak user
passwords. In my testing, I was able t

[ more ] [ reply ]

Kerio Personal Firewall 4 and IE 6 "Bug" 2004-04-06
E.Kellinis (me cipher org uk)

- ----------------
Kerio Personal Firewall 4
- ----------------

+Web Filtering enabled problem
If a URL contains (%13%12%13) Kerio Firewall Crashes

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=&btnG=Google
+Search

also it can be passed to a browser via IFRAME tag and crash Kerio

[ more ] [ reply ]

Re: eSignal v7 remote buffer overflow 2004-04-06
Scott Johnson (scott_johnson_esignal yahoo com)

In-Reply-To: <1701098125.20040325175344 (at) freemail (dot) hu [email concealed]>

This issue has been corrected and a new version is now available on the eSignal Download site (ver 7.6 release 3, Build 636a):

http://www.esignal.com/download/default.asp

For all related inquiries, please contact eSignal Technical Support

[ more ] [ reply ]

[SECURITY] [DSA 478-1] New tcpdump packages fix denial of service 2004-04-06
Matt Zimmerman (mdz debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 478-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
April 6th, 2004

[ more ] [ reply ]

[ GLSA 200404-05 ] ipsec-tools contains an X.509 certificates vulnerability 2004-04-07
Kurt Lieber (klieber gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200404-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org
- - - - - -

[ more ] [ reply ]

Panda ActiveScan 5.0 - Remote Buffer Overflow and A Crash(D.O.S) 2004-04-06
Rafel Ivgi, The-Insider (theinsider 012 net il)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application: Panda ActiveScan
Vendors: http://www.activescan.com
http://www.pandasoftware.com/activescan/com/activescan_principal.htm
Version: 5.0
Platforms: Windows
Bug:

[ more ] [ reply ]

Papers: The Invisible Catalog 2004-04-06
Pete Herzog (pete isecom org)

Just letting you all know ISECOM has released the December 2003
version of the TIC to the public. We now have three of the TICs
freely available to the public on-line.

For those of you unfamiliar with the TIC, it's not your typical
security newsletter. It's a small catalog of ideas, prospects,
bu

[ more ] [ reply ]

[ GLSA 200404-03 ] Tcpdump Vulnerabilities in ISAKMP Parsing 2004-04-06
Joshua J. Berry (condordes gentoo org)

blaxxun3D(blaxxun Platform) 7 - Remote Buffer Overflow 2004-04-06
Rafel Ivgi, The-Insider (theinsider 012 net il)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application: blaxxun3D(blaxxun Platform)
Vendors: http://www.blaxxun.com
Version: 7
Platforms: Windows
Bug: Buffer Overflow
Risk: High - Running Arbitary Code At SYS

[ more ] [ reply ]

[ GLSA 200404-02 ] KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability 2004-04-06
Aida Escriva-Sammer (aescriva gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200404-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org
- - - - - -

[ more ] [ reply ]

GNU Sharutils buffer overflow vulnerability. 2004-04-06
Shaun Colley (shaunige yahoo co uk)

~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*

Product: GNU Sharutils -
shar utility
Versions: Latest - GNU sharutils 4.2.1
Assumed all
Bug: Buffer overflow
Impact: Attackers can possibly execute arbitrary
code
Risk:

[ more ] [ reply ]

Foundstone Labs Advisory: Citrix MetaFrame Password Manager 2.0 2004-04-06
Foundstone Labs (labs foundstone com)

Foundstone Labs Advisory

Advisory Name: Citrix MetaFrame Password Manager 2.0 credentials not
encrypted under certain configurations
Release Date: April 5, 2004
Application: Citrix MetaFrame Password Manager 2.0
Platforms: Windows 2000 and Windows XP
Type: Information Disclosure
Vendors: Citrix
Ven

[ more ] [ reply ]

Re: Netsky.R, auto execute w/ IE6 ? 2004-04-06
vbsubmit hotmail com

In-Reply-To: <7FD2F95D5721174389F954C1BDC86739815186 (at) altair.stcservices (dot) com [email concealed]>

You would think windows update would keep MS Office up to date but it does not. Run office update here http://office.microsoft.com/ click the check for update pic upper right. You will need to install sr1, sr3 and more p

[ more ] [ reply ]

RE: Netsky.R, auto execute w/ IE6 ? 2004-04-06
BugtraQ (bugtraqFolder stcservices com)

Thanks Jim, and all who replied. Updating MS Office w/ latest patches
solved the problem. It appears it was the iframe issue you mentioned.

Here is the message source for those who asked:
-----------------------------------------------------------------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0

[ more ] [ reply ]

[product-security (at) apple (dot) com [email concealed]: APPLE-SA-2004-04-05 Security Update 2004-04-05]] 2004-04-06
David Ahmad (da securityfocus com)

----- Forwarded message from Apple Product Security <product-security (at) apple (dot) com [email concealed]> -----

From: Apple Product Security <product-security (at) apple (dot) com [email concealed]>
Subject: APPLE-SA-2004-04-05 Security Update 2004-04-05
To: <security-announce (at) lists.apple (dot) com [email concealed]>
Date: Tue, 06 Apr 2004 09:49:37 -0700
User-Agent: Microso

[ more ] [ reply ]

[SECURITY] [DSA 477-1] New xine-ui packages fix insecure temporary file creation 2004-04-06
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 477-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
April 6th, 2004

[ more ] [ reply ]

Support Contact Info 2004-04-06
Mark Litchfield (mark ngssoftware com)

Hi,

I'm looking if possible for any direct security contacts either at Kazaa,
Grokster or Altnet. Any assistance would be most appreciated.

Thanks in advance

Mark Litchfield
NGS Software Ltd

[ more ] [ reply ]

[ GLSA 200404-01 ] Insecure sandbox temporary lockfile vulnerabilities in Portage 2004-04-06
Tim Yamin (plasmaroo gentoo org)

Re: IBM Director 3.1 Windows Agent Remote DoS 2004-04-06
Vess Nedevski (vdn4844 bjc org)

Tested on ver 4.11 of IBM Director. NOT Vulnerable. Suggest upgrade to ver. 4.11.
Version 3.1 does NOT run on Windows 2003. FYI

>>> "Juanma Merino" <t3k (at) ibernet (dot) com [email concealed]> 4/5/2004 1:28:14 PM >>>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Security Advisory by Juanma Merino

Remote DoS on IBM Dire

[ more ] [ reply ]

LNSA-#2004-0008: Multiple security problems in Monit 2004-04-06
Vincenzo Ciaglia (ciaglia netwosix org)

MDKSA-2004:026 - Updated mplayer packages fix remotely exploitable vulnerability 2004-04-05
Mandrake Linux Security Team (security linux-mandrake com)

[SECURITY] [DSA 476-1] New heimdal packages fix cross-realm vulnerability 2004-04-06
Matt Zimmerman (mdz debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 476-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
April 6th, 2004

[ more ] [ reply ]

Paper: Comparing binaries with graph isomorphisms 2004-04-06
Todd Sabin (tsabin razor bindview com)

I'm pleased to announce the availability of a new paper:

Comparing binaries with graph isomorphisms.
http://razor.bindview.com/publish/papers/comparing-binaries.html

The paper presents a method and algorithms for finding differences
between two versions of a binary executable file, based on graph

[ more ] [ reply ]

Format string bug in IGI 2: Covert Strike 1.3 2004-04-05
Luigi Auriemma (aluigi altervista org)

#######################################################################

Luigi Auriemma

Application: IGI 2: Covert Strike
http://www.igi2-game.com
Versions: <= 1.3
Platforms: Windows, Linux
Bug: format string bug
Risk: high
Exploi

[ more ] [ reply ]