|
|
Colapse all |
Post message
[SECURITY] [DSA 441-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel) 2004-02-18 joey infodrom org (Martin Schulze) Remote Administrator 2.x: highly possible remote hole or backdoor 2004-02-16 Pavel Levshin (flicker mariinsky ru) Hello! There is ongoing DDOS attack against some websites in Russia, including http://www.peterhost.ru. It has begun at 21, January, and has increased over time. Actual flood is performed by little executables on "infected" computers. These .exe files lie at the root directory of the drive C of eac [ more ] [ reply ] Re: Second critical mremap() bug found in all Linux kernels 2004-02-18 Steve Bremer (steveb nebcoinc com) Re: Microsoft ASN.1 (Half a sploit) 2004-02-17 WebHead (webheadport80 yahoo com) In-Reply-To: <20040215130958.17364.qmail (at) www.securityfocus (dot) com [email concealed]> FYI... The DoS exploit for ms04-007 works successfully on WS03 /W2K3 and W2K AdvServer with SP3. WebHead >Received: (qmail 15182 invoked from network); 16 Feb 2004 16:42:00 -0000 >Received: from outgoing3.securityfocus.co [ more ] [ reply ] [SECURITY] [DSA 439-1] New Linux 2.4.16 packages fix several local root exploits (arm) 2004-02-18 joey infodrom org (Martin Schulze) [slackware-security] Kernel security update (SSA:2004-049-01) 2004-02-18 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] Kernel security update (SSA:2004-049-01) New kernels are available for Slackware 9.1 and -current to fix a bounds-checking problem in the kernel's mremap() call which could be used by a local attacker to gain root privileges. Pl [ more ] [ reply ] [SECURITY] [DSA 440-1] New Linux 2.4.17 packages fix several local root exploits (powerpc/apus) 2004-02-18 joey infodrom org (Martin Schulze) [SECURITY] [DSA 438-1] New Linux 2.4.18 packages fix local root exploit (alpha+i386+powerpc) 2004-02-18 joey infodrom org (Martin Schulze) [RHSA-2004:065-01] Updated kernel packages resolve security vulnerabilities 2004-02-18 bugzilla redhat com WebCortex Webstores2000 version 6.0 multiple security vulnerabilities 2004-02-18 Nick Gudov (cipher s-quadra com) S-Quadra Advisory #2004-02-18 Topic: WebCortex Webstores2000 version 6.0 multiple security vulnerabilities Severity: High Vendor URL: http://www.webcortex.com Advisory URL: http://www.s-quadra.com/advisories/Adv-20040218.txt Release date: 18 Feb 2004 1. DESCRIPTION Webstores2000 is a [ more ] [ reply ] [slackware-security] metamail security update (SSA:2004-049-02) 2004-02-18 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] metamail security update (SSA:2004-049-02) Metamail is a set of utilities for processing MIME mail. New metamail packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix two format string bugs and two buffer [ more ] [ reply ] ZH2004-07SA (security advisory): Multiple Sql injection vulnerabilities in Online Store Kit 3.0 Products (Lite - Standard and Pro) 2004-02-18 ZetaLabs (zetalabs zone-h org) ZH2004-07SA (security advisory): Multiple Sql injection vulnerabilities in Online Store Kit 3.0 Products (Lite - Standard and Pro) Published: 17 february 2004 Released: 17 february 2004 Name: Online Store Kit Products (Lite - Standard - Pro) Affected Systems: 3.0 Issue: Sql Injectio [ more ] [ reply ] ZH2004-08SA (security advisory): OWLS 1.0 Remote arbitrary files retrieving 2004-02-18 ZetaLabs (zetalabs zone-h org) EarlyImpact ProductCart shopping cart software multiple security vulnerabilities 2004-02-18 S-Quadra Security Research (research s-quadra com) S-Quadra Advisory #2004-02-16 Topic: EarlyImpact ProductCart shopping cart software multiple security vulnerabilities Severity: High Vendor URL: http://www.earlyimpact.com Advisory URL: http://www.s-quadra.com/advisories/Adv-20040216.txt Release date: 16 Feb 2004 1. DESCRIPTION ProductCar [ more ] [ reply ] SNMP community string disclosure in Linksys WAP55AG 2004-02-17 NN Poster (nnposter mailandnews com) Linksys WAP55AG does not properly secure SNMP community strings. In particular, it is possible to obtain all community strings, including read/write, by querying OID 1.3.6.1.4.1.3955.2.1.13.1.2. 1.3.6.1.4.1.3955.2.1.13.1.2.1 = STRING: "public" 1.3.6.1.4.1.3955.2.1.13.1.2.2 = STRING: "private" [ more ] [ reply ] Beagle.b@mm spreading at a steady pace. 2004-02-17 dotsecure hushmail com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It seems that Beagle variant B is spreading on the internet folks. It hit our company mailservers today. It seems like its creating port 8866. Does anyone know if there is a known exploit code using that specific port? Any additional details, anyone [ more ] [ reply ] iDEFENSE Security Advisory 02.17.04: Ipswitch IMail LDAP Daemon Remote Buffer Overflow 2004-02-17 iDefense Labs (labs iDefense com) iDEFENSE Security Advisory 02.17.04 Ipswitch IMail LDAP Daemon Remote Buffer Overflow http://www.idefense.com/application/poi/display?id=74 February 17, 2004 I. BACKGROUND Ipswitch IMail server is a Windows based messaging solution with a customer base of over 53 million users. More information a [ more ] [ reply ] Broker FTP DoS (Message Server) 2004-02-17 Aviram Jenik (aviram beyondsecurity com) Broker FTP DoS (Message Server) ------------------------------------------------ Article reference: http://www.securiteam.com/windowsntfocus/5IP0B0AC1I.html SUMMARY Beyond Security's SecurITeam has discovered two security vulnerabilities in the Broker FTP product, these vulnerabilities allow [ more ] [ reply ] Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS 2004-02-17 thiago vazquez light com br We have many products from APC and we've tested that vulnerability in some of them and ..... following are the results. The following systems are vulnerable: - Silcon DP3320E with Web/SNMP Management Card AP9606 - AOS v3.0.1 - Silcon DP340E with Web/SNMP Management Card AP9606 - AOS v3.0.1 You can [ more ] [ reply ] ASN.1 vulnerability -is- on Win98 2004-02-17 Joshua Levitsky (jlevitsk joshie com) As per Microsoft there is now a Windows 98 security patch for MS04-007. It was completed today and is not available on Windows Update at this time. If you have a support contract with Microsoft be sure to ask your TAM for the patch. Perhaps by the time anyone reads this the patch will be available [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 441-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
February 18th, 2004
[ more ] [ reply ]