|
|
Prev week |
Colapse all |
Post message
Panda ActiveScan 5.0 - Remote Buffer Overflow and A Crash(D.O.S) 2004-04-06 Rafel Ivgi, The-Insider (theinsider 012 net il) Papers: The Invisible Catalog 2004-04-06 Pete Herzog (pete isecom org) Just letting you all know ISECOM has released the December 2003 version of the TIC to the public. We now have three of the TICs freely available to the public on-line. For those of you unfamiliar with the TIC, it's not your typical security newsletter. It's a small catalog of ideas, prospects, bu [ more ] [ reply ] [ GLSA 200404-03 ] Tcpdump Vulnerabilities in ISAKMP Parsing 2004-04-06 Joshua J. Berry (condordes gentoo org) blaxxun3D(blaxxun Platform) 7 - Remote Buffer Overflow 2004-04-06 Rafel Ivgi, The-Insider (theinsider 012 net il) [ GLSA 200404-02 ] KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability 2004-04-06 Aida Escriva-Sammer (aescriva gentoo org) Foundstone Labs Advisory: Citrix MetaFrame Password Manager 2.0 2004-04-06 Foundstone Labs (labs foundstone com) Foundstone Labs Advisory Advisory Name: Citrix MetaFrame Password Manager 2.0 credentials not encrypted under certain configurations Release Date: April 5, 2004 Application: Citrix MetaFrame Password Manager 2.0 Platforms: Windows 2000 and Windows XP Type: Information Disclosure Vendors: Citrix Ven [ more ] [ reply ] Re: Netsky.R, auto execute w/ IE6 ? 2004-04-06 vbsubmit hotmail com In-Reply-To: <7FD2F95D5721174389F954C1BDC86739815186 (at) altair.stcservices (dot) com [email concealed]> You would think windows update would keep MS Office up to date but it does not. Run office update here http://office.microsoft.com/ click the check for update pic upper right. You will need to install sr1, sr3 and more p [ more ] [ reply ] RE: Netsky.R, auto execute w/ IE6 ? 2004-04-06 BugtraQ (bugtraqFolder stcservices com) Thanks Jim, and all who replied. Updating MS Office w/ latest patches solved the problem. It appears it was the iframe issue you mentioned. Here is the message source for those who asked: ----------------------------------------------------------------- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 [ more ] [ reply ] [product-security (at) apple (dot) com [email concealed]: APPLE-SA-2004-04-05 Security Update 2004-04-05]] 2004-04-06 David Ahmad (da securityfocus com) ----- Forwarded message from Apple Product Security <product-security (at) apple (dot) com [email concealed]> ----- From: Apple Product Security <product-security (at) apple (dot) com [email concealed]> Subject: APPLE-SA-2004-04-05 Security Update 2004-04-05 To: <security-announce (at) lists.apple (dot) com [email concealed]> Date: Tue, 06 Apr 2004 09:49:37 -0700 User-Agent: Microso [ more ] [ reply ] [SECURITY] [DSA 477-1] New xine-ui packages fix insecure temporary file creation 2004-04-06 joey infodrom org (Martin Schulze) [ GLSA 200404-01 ] Insecure sandbox temporary lockfile vulnerabilities in Portage 2004-04-06 Tim Yamin (plasmaroo gentoo org) Vuln Info Disclosure may become illegal in France [was: Re: Bugfinder Being Indicted As Criminal] 2004-04-05 Fozzy (fozzy dmpfrance com) > This article now reads (roughly translated) : > > (...) > > This article is not applicable when the offering, the yelding or > the placing at disposal is justified by the needs of scentific or > technical research or by the needs of the security or protection > of communication networks or informa [ more ] [ reply ] Re: IBM Director 3.1 Windows Agent Remote DoS 2004-04-06 Vess Nedevski (vdn4844 bjc org) Tested on ver 4.11 of IBM Director. NOT Vulnerable. Suggest upgrade to ver. 4.11. Version 3.1 does NOT run on Windows 2003. FYI >>> "Juanma Merino" <t3k (at) ibernet (dot) com [email concealed]> 4/5/2004 1:28:14 PM >>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory by Juanma Merino Remote DoS on IBM Dire [ more ] [ reply ] LNSA-#2004-0008: Multiple security problems in Monit 2004-04-06 Vincenzo Ciaglia (ciaglia netwosix org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ************************************************************************ ************ Netwosix Linux Security Advisory #2004-0008 <http://www.netwosix.org> - ------------------------------------------------------------------------ ----------- Package nam [ more ] [ reply ] MDKSA-2004:026 - Updated mplayer packages fix remotely exploitable vulnerability 2004-04-05 Mandrake Linux Security Team (security linux-mandrake com) [SECURITY] [DSA 476-1] New heimdal packages fix cross-realm vulnerability 2004-04-06 Matt Zimmerman (mdz debian org) Paper: Comparing binaries with graph isomorphisms 2004-04-06 Todd Sabin (tsabin razor bindview com) I'm pleased to announce the availability of a new paper: Comparing binaries with graph isomorphisms. http://razor.bindview.com/publish/papers/comparing-binaries.html The paper presents a method and algorithms for finding differences between two versions of a binary executable file, based on graph [ more ] [ reply ] Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France 2004-04-05 K-OTiK Security (Special-Alerts k-otik com) In-Reply-To: <20040403225951.GA3424 (at) nessus (dot) org [email concealed]> >From: Renaud Deraison <deraison (at) nessus (dot) org [email concealed]> >Subject: Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France > >This article now reads (roughly translated) : > >"Art. 323-3-1. - The fact of offering, of yielding or of placing at [ more ] [ reply ] Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France 2004-04-04 K-OTiK Security (Special-Alerts k-otik com) In-Reply-To: <20040403204252.8002.qmail (at) search.securityfocus (dot) com [email concealed]> >From: Chris Wysopal <cwysopal (at) atstake (dot) com [email concealed]> >Subject: Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France > >Sure looks like the penalty for publishing an exploit tool will be equivalent to using the tool to com [ more ] [ reply ] Advisory: Multiple Vulnerabilities in Monit 2004-04-05 mattmurphy (at) kc.rr (dot) com [email concealed] (mattmurphy kc rr com) Multiple Vulnerabilities in Monit I. Product Description As quoted from http://www.tildeslash.com/monit/ web page: "monit is a utility for managing and monitoring, processes, files, directories and devices on a Unix system. Monit conducts automatic maintenance and repair and can execute meaningfu [ more ] [ reply ] Automated wireless client penetration tool "hotspotter" released. 2004-04-04 Max Moser (mmo remote-exploit org) I would like to announce the availability of a proof of concept tool release. Hotspotter automates a method of penetration against wireless clients, independent of the encryption mechanism used. Get it at http://www.remote-exploit.org now. Feel free to provide feedback, below you will find some [ more ] [ reply ] [Full-Disclosure] iDEFENSE Security Advisory 04.05.04: Perl win32_stat Function Buffer Overflow Vulnerability 2004-04-05 idlabs-advisories idefense com Perl win32_stat Function Buffer Overflow Vulnerability iDEFENSE Security Advisory 04.05.04 www.idefense.com/application/poi/display?id=93&type=vulnerabilities April 5, 2004 I. BACKGROUND Perl is a popular programming language due to its text manipulation capabilities and rapid development cycle. [ more ] [ reply ] Macromedia Dreamweaver Remote Database Scripts (#NISR05042004B) 2004-04-05 NGSSoftware Insight Security Research (nisr nextgenss com) NGSSoftware Insight Security Research Advisory Name: Macromedia Dreamweaver Remote Database Scripts Systems Affected: IIS/Dreamweaver MX and UltraDev 4 Severity: Critical Vendor URL: http://www.macromedia.com/ Author: David Litchfield [ david (at) ngssoftware (dot) com [email concealed] ] Date Vendor Notified: 10th March 20 [ more ] [ reply ] Re: new IE vurn 2004-04-05 Gavin Hanover (ghanover avantipress com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 i've seen this vuln being exploited on the following urls *brasky.com* *ilwig.net/rofl.swf* *sillyu.afraid.org* *preview.ampuh.info* *just4fun.afraid.org* *nowim.4t3.com* *goten007.cjb.net* depending on what version of windows you run, you may also ne [ more ] [ reply ] |
|
Privacy Statement |
Application: Panda ActiveScan
Vendors: http://www.activescan.com
http://www.pandasoftware.com/activescan/com/activescan_principal.htm
Version: 5.0
Platforms: Windows
Bug:
[ more ] [ reply ]