SecurityFocus

OpenLinux: Gnupg (gpg) severe bug could compromise almost all ElGamal keys 2004-03-03
please_reply_to_security sco com

OpenLinux: screen buffer overflow 2004-03-03
please_reply_to_security sco com

OpenLinux: rsync heap based overflow 2004-03-03
please_reply_to_security sco com

directory traversal in GWeb 0.6 2004-03-03
Donato Ferrante (fdonato autistici org)

Donato Ferrante

Application: GWeb HTTP Server
http://freshmeat.net/projects/gweb/

Version: 0.6

Bug: directory traversal bug

Author: Donato Ferrante
e-mail: fdonato (at) autistici (dot) org [email concealed]
web: www.autistici.org/

[ more ] [ reply ]

The non-apreciated world of full-disclosure 2004-03-03
Davide Del Vecchio (dante alighieri org)

16 days after my post regarding the Firewall/VPN Appliance vuln
and 1 month more my TELEPHONE notice to Symantec support,
Symantec released a new version of firmware for their appliance.
But the problem it`s not the time.
The problem is that they told me it was "not a vulnerability",
after 1 month t

[ more ] [ reply ]

Wftpd stat Command Remote Vulnerability Exploit 2004-03-03
security team 0seen (o5een hotmail com)

#!/usr/bin/python

#wftpd exploit, code by OYXin

#POC and lame python exploit, only test on WFTD pro 3.21.1.1 with win2000 cn sp4

#vul found by axl rose <rdxaxl hotmail com>

#Thanks ax1 and all 0seen team members.

#Night gave me the eye of black

#with it I pursue after the light

import

[ more ] [ reply ]

Spider Sales shopping cart software multiple security vulnerabilities 2004-03-03
S-Quadra Security Research (research s-quadra com)

S-Quadra Advisory #2004-03-03

Topic: Spider Sales shopping cart software multiple security vulnerabilities
Severity: High
Vendor URL: http://www.spidersales.com
Advisory URL: http://www.s-quadra.com/advisories/Adv-20040303.txt
Release date: 03 Mar 2004

1. DESCRIPTION

"Spider Sales is a po

[ more ] [ reply ]

New Internet Explorer Cross Zone/Site Scripting Vulnerability 2004-03-03
Cheng Peng Su (apple_soup msn com)

########################################################################
#

Advisory Name : Internet Explorer Cross Zone/Site Scripting Vulnerability

Release Date : Mar 3,2004

Application : Microsoft Internet Explorer

Tested On : MS-IE 6.0(sp1)

Vendor URL : http://www.microsoft.c

[ more ] [ reply ]

03-02-04 XSS Bug in NetScreen-SA 5000 Series of SSL VPN appliance 2004-03-02
Lachniet, Mark (mlachniet sequoianet com)

TITLE: 03-02-04 XSS Bug in NetScreen-SA 5000 Series of SSL VPN
appliance

SUMMARY

Cross Site Scripting bug in the 'delhomepage.cgi' CGI binary in the
NetScreen-SA 5000 Series SSL VPN appliance.

DETAILS

There exists a cross-site scripting bug in 'row' parameter of the
'delhomepage.c

[ more ] [ reply ]

[FLSA-2004:1284] Updated kernel resolves security vulnerabilities 2004-03-02
Jesse Keating (jkeating j2solutions net)

-----------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated kernel resolves security vulnerabilities
Advisory ID: FLSA:1284
Issue date: 2004-03-02
Product: Red Hat Linux
Keywords: Sec

[ more ] [ reply ]

[SECURITY] [DSA 454-1] New Linux 2.2.22 packages fix local root exploit (alpha) 2004-03-02
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 454-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
March 2nd, 2004

[ more ] [ reply ]

OpenLinux: Integer overflow may allow local users to cause a denial of service or possibly execute arbitrary code 2004-03-02
please_reply_to_security sco com

Format String vuln in Inktomi Search4.0 2004-03-02
Blurred Vision (really_blurred_vision hotmail com)

Besides the discussion found here:
http://lists.virus.org/dw-0day-0306/msg00071.html

Which confirms the existance of a format string bug, has anyone seen anymore
on the following FS bug in inktomi search?

URL: http://<vuln_inktomisearch_server>/query.html?charset=%3

RESPONSE:
Internal Server Erro

[ more ] [ reply ]

SonicWall VPN/Firewall Appliance - DoS, ARP Flood, Network mapping vulnerability 2004-03-02
xeno hush ai (1 replies)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SonicWall Firewall/VPN Appliance

www.sonicwall.com

Product History:

SonicWALL's family of Internet security appliances provide the first
line of defense against Internet security threats. They include an ICSA-
certified, stateful packet inspection fi

[ more ] [ reply ]

RE: SonicWall VPN/Firewall Appliance - DoS, ARP Flood, Network mapping vulnerability 2004-03-02
Dennis M. Callan (dcallan camulusit com)

The Cult of a Cardinal Number 2004-03-02
Phantasmal Phantasmagoria (phantasmal hush ai)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------

The Cult of a Cardinal Number (Equal to the Sum of 1+1)
by Phantasmal Phantasmagoria
phantasmal (at) hush (dot) ai [email concealed]

- ---- Table of Contents -------------

1 - Introduction
2 - Technical Details
3 - F

[ more ] [ reply ]

Motorola T720 cell phone DoS vulnerability. 2004-03-01
Shaun Colley (shaunige yahoo co uk) (1 replies)

~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*

Product: Motorola T720 Cell phones
http://www.motorola.com
Versions: T270
Bug: DoS vulnerability
Impact: Attacker's can reboot the cellphone
remotely.
Date: March 01, 2004
Author:

[ more ] [ reply ]

Re: Motorola T720 cell phone DoS vulnerability. 2004-03-01
John T. Larkin (jlarkin alpinebutterfly org)

mremap(2) full details available 2004-03-01
Paul Starzetz (ihaquer isec pl)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Synopsis: Linux kernel do_mremap VMA limit local privilege escalation
vulnerability
Product: Linux kernel
Version: 2.2 up to and including 2.2.25, 2.4 up to to and including 2.4.24,
2.6 up to to and including 2.6.2
Vendor:

[ more ] [ reply ]

[SECURITY] [DSA 452-1] New libapache-mod-python packages fix denial of service 2004-03-01
Matt Zimmerman (mdz debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 452-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
February 29th, 2004

[ more ] [ reply ]

YabbSE (3 on 1) 2004-03-01
backspace (backspace_2k terra es)

Summary
YaBB SE is a PHP/MySQL port of the popular forum software YaBB (yet another
bulletin board).

This time we discovered three new holes. That ranges from extracting
information
to deleting information and files in the remote web server.

Details
Vulnerable Systems:
* YaBB SE versions 1.5.4, 1

[ more ] [ reply ]

Clients broadcast buffer overflow in Red Faction <= 1.20 2004-03-01
Luigi Auriemma (aluigi altervista org)

#######################################################################

Luigi Auriemma

Application: Red Faction
http://www.redfaction.com
Versions: <= 1.20
Platforms: Windows, MacOS
Bug: broadcast client buffer overflow
Risk: hig

[ more ] [ reply ]

Critical WFTPD buffer overflow vulnerability 2004-02-28
axl rose (rdxaxl hotmail com)

Name of Advisory: Critical WFTPD buffer overflow vulnerability
Severity: Critical
Discoverer: axl (rdxaxl (at) hotmail (dot) com [email concealed])
Released: Today
Vendor Notified: Today

WFTPD who? what? when?
~~~~~~~~~~~~~~~~~~~~~~
Vendor quote: "WFTPD Server has been a leading FTP server for Windows si

[ more ] [ reply ]

Multiple WFTPD Denial of Service vulnerabilities 2004-02-28
axl rose (rdxaxl hotmail com)

Name of Advisory: Multiple WFTPD Denial of Service vulnerabilities
Severity: Low
Discoverer: axl (rdxaxl (at) hotmail (dot) com [email concealed])
Released: Today
Vendor Notified: Today

WFTPD who? what? when?
~~~~~~~~~~~~~~~~~~~~~~
Vendor quote: "WFTPD Server has been a leading FTP server for Windows sin

[ more ] [ reply ]

laptop security 2004-02-28
Gadi Evron (ge egotistical reprehensible net)

I think this may interest some people here.

I always say, whenever laptops are mentioned: "Forget everything else, I
have nightmares already!".

The loss of information due to laptop thefts is extremely high, here is
an innovation that may possibly be as useless as car theft alarms
(unless you a

[ more ] [ reply ]

InnoMedia VideoPhone Authorization Bypass 2004-02-28
Rafel Ivgi, The-Insider (theinsider 012 net il)

#######################################################################

Application: InnoMedia VideoPhone
Server: GoAhead-Webs
Vendors: InnoMedia Pte Ltd
GoAhead Ltd
http://www.innomedia.com/
http://www.

[ more ] [ reply ]

LAN SUITE Web Mail 602Pro Multiple Vulnerabilities 2004-02-28
Rafel Ivgi, The-Insider (theinsider 012 net il)

#######################################################################

Application: LAN SUITE Web Mail
Server: WEB602/1.04
Vendors: Software602, Inc
http://www.software602.com
Versions: 602Pro
Platforms: Windows
Bug: Direct

[ more ] [ reply ]

Invision Power Board SQL injection! 2004-02-28
Knight Commander (knight4vn yahoo com)

Invision Power Board SQL injection!

Program Name : Invision Board Forum

Vulnerable Versions : All versions

Home Page : http://www.invisionboard.com

Author : Knight Commander (at http://security.com.vn)

Email : knight4vn

[ more ] [ reply ]