|
|
Colapse all |
Post message
[OpenPKG-SA-2004.008] OpenPKG Security Advisory (squid) 2004-04-01 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] [SECURITY] [DSA 470-1] New Linux 2.4.17 packages fix several local root exploits (hppa) 2004-04-01 joey infodrom org (Martin Schulze) Pikachu -Turn on WEP ! 2004-04-01 Himanshu Singh (crypto softhome net) (1 replies) Hi, I have just released a little toy program called Pikachu to sniff JPEG images from wireless/wired ethernet networks. Pikachu can be used to sniff JPEG images from wireless/wired Ethernet networks. This will help you give a general idea of traffic flowing through your network. Run it [ more ] [ reply ] Re: NetSky.q Virus. Looking for more detailed information on how the DOS will be performed. 2004-03-31 Paul (paul edonkey2000 com) I just wanted to say thanks to all the people who responded, I think we have enough information to build a decent set of firewall rules to drop the incoming packets at the access points. Moving forward, I don't really understand why this information was so hard to get in the first place, all of th [ more ] [ reply ] [CLA-2004:836] Conectiva Security Announcement - libxml2 2004-03-31 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : libxml2 SUMMARY : Buffer overflow vulnerabili [ more ] [ reply ] UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : perl unsafe Safe compartment 2004-03-31 please_reply_to_security sco com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ ______ SCO Security Advisory Subject: UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : perl unsafe Safe compartment Advisory number: SCOSA-2004.1 Issue date: 2004 March 29 [ more ] [ reply ] OpenLinux: vim arbitrary commands execution through modelines 2004-03-31 please_reply_to_security sco com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ ______ SCO Security Advisory Subject: OpenLinux: vim arbitrary commands execution through modelines Advisory number: CSSA-2004-015.0 Issue date: 2004 March 30 Cross refer [ more ] [ reply ] Google using Expired Cert and SSLv2 2004-03-31 Matthew S. Hamrick (mhamrick cryptonomicon net) (1 replies) http://www.cryptonomicon.net/modules.php?name=News&file=article&sid=729 Don't know how apropos it is to bugtraq, but I suppose it's relevant to the web application security community. It's fairly well known amongst people who use SSL to secure portions of their web application that SSL version 2 is [ more ] [ reply ] Re: Google using Expired Cert and SSLv2 2004-04-01 Ivaylo Kostadinov (ivaylo kostadinov computing-services oxford ac uk) OpenLinux: util-linux could leak sensitive data 2004-03-31 please_reply_to_security sco com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ ______ SCO Security Advisory Subject: OpenLinux: util-linux could leak sensitive data Advisory number: CSSA-2004-016.0 Issue date: 2004 March 30 Cross reference: sr889555 [ more ] [ reply ] TOOL: Adder - runtime patching in python 2004-03-31 Oliver Lavery (oliver lavery sympatico ca) Today marks another solar cycle I've spent on this planet. To celebrate I'd like to share one of my toys with all of you. Adder is a tool I wrote for myself, so that I could experiment with runtime modification of binary applications. I've found it really useful for prototyping run-time patches, un [ more ] [ reply ] Open Source Vulnerability Database Opens for Public Access 2004-03-31 fbr (fbr 14x net) (Moderator, My apologies if this isn't appropriate content for this list. I believe that having vulnerability information available quickly is something that every individual in the security community needs. If this would be more appropriate for the pen-test or vuln-dev lists, please let me kno [ more ] [ reply ] Bugfinder Being Indicted As Criminal ("Counterfeiter") in France 2004-03-31 Drew Copley (dcopley eeye com) http://www.guillermito2.net/archives/2004_03_25e.html [thanks to AJ 'Effin' Reznor] [Disclaimer: I don't know who has seen this already, and I do not pretend to know the full facts of the case. -- Drew ] Excerpt: It's quite interesting to discover, from the inside, how the french justice system [ more ] [ reply ] [CLA-2004:835] Conectiva Security Announcement - ethereal 2004-03-31 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : ethereal SUMMARY : Several remote vulnerabili [ more ] [ reply ] [CLA-2004:834] Conectiva Security Announcement - openssl 2004-03-31 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : openssl SUMMARY : Remote denial of service vu [ more ] [ reply ] Re: cdp buffer overflow vulnerability 2004-03-31 Vade 79 (v9 fakehalo deadpig org) In-Reply-To: <20040331161611.75451.qmail (at) web25104.mail.ukl.yahoo (dot) com [email concealed]> for the patch you provided you should use sizeof(buffer), not strlen(buffer) (or 200) to limit the amount written to buffer[]. >--- songname.patch --- > >--- cdp.c 2004-03-31 15:48:55.000000000 +0100 >+++ cdp.1.c [ more ] [ reply ] Re: cdp buffer overflow vulnerability - updated details 2004-03-31 Shaun Colley (shaunige yahoo co uk) Disregard all details I gave on this vulnerability. After re-studying it, and talking with David Ahmad, I came (with help from David) to the conclusion that the issue is slightly different to what I first stated. Revised: Details ######## The buffer overflow occurs in the routine which display [ more ] [ reply ] RE: Followup: vuln in WinBlox monitor for winnt 2004-03-31 Drew Copley (dcopley eeye com) (1 replies) > -----Original Message----- > From: Oliver Lavery [mailto:oliver.lavery (at) sympatico (dot) ca [email concealed]] > Sent: Tuesday, March 30, 2004 1:11 PM > To: bugtraq (at) securityfocus (dot) com [email concealed] > Subject: Followup: vuln in WinBlox monitor for winnt <snip> > > That's it. No pissing competition. Liu's onto something > very good [ more ] [ reply ] RE: Followup: vuln in WinBlox monitor for winnt 2004-03-31 Oliver Lavery (oliver lavery sympatico ca) (1 replies) [CLA-2004:833] Conectiva Security Announcement - mc 2004-03-31 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : mc SUMMARY : Buffer overflow vulnerability DA [ more ] [ reply ] |
|
Privacy Statement |
Hello all,
If this is something obvious that I have overlooked I apologize in
advance....
I have received several emails (W2K, Outlook 2000) that appear to be
Netsky.Q or Netsky.R. When opened these emails launch the attachment
automatically. In my case, the .pif file has already been removed
[ more ] [ reply ]