|
|
Colapse all |
Post message
NetWare-Enterprise-Web-Server/5.1/6.0 Multiple Vulnerabilities 2004-01-23 Rafel Ivgi, The-Insider (theinsider 012 net il) FREESCO public http server - Cross Site Scripting Vulnerabillity 2004-01-22 Rafel Ivgi, The-Insider (theinsider 012 net il) GeoHttpServer Authentification Bypass Vulnerability & D.O.S (Denial Of Service) 2004-01-22 Rafel Ivgi, The-Insider (theinsider 012 net il) NetBus Pro Web Server Direcory Listing And Remote File Upload 2004-01-22 Rafel Ivgi, The-Insider (theinsider 012 net il) vulnerabilities of postscript printers 2004-01-22 Bob Kryger (bobk panix com) (1 replies) During one of our security reviews the following situation was uncovered. What are your thoughts? Suppose a postscript printer has multiple interfaces connected to different networks, is there a way to leverage PostScript to create a vulnerability such as. 1. Allow an attacker log in to the pri [ more ] [ reply ] Major hack attack on the U.S. Senate 2004-01-22 Richard M. Smith (rms computerbytesman com) (1 replies) http://www.boston.com/news/nation/articles/2004/01/22/infiltration_of_fi les_ seen_as_extensive?mode=PF Infiltration of files seen as extensive Senate panel's GOP staff pried on Democrats By Charlie Savage, Globe Staff, 1/22/2004 WASHINGTON -- Republican staff members of the US Senate Judiciary Co [ more ] [ reply ] Need for Speed Hot pursuit 2 <= 242 client's buffer overflow 2004-01-22 Luigi Auriemma (aluigi altervista org) AV products vulnerability [Fwd: [TH-research] Upx hack tool] 2004-01-22 Gadi Evron (ge linuxbox org) The below discussed tool in the forwarded message from TH-Research (The Trojan Horses Research Mailing List) appears to enable malware to pass right through the detection mechanisms of most AV products. The reason this email message is forwarded is because this new.. erm.. let us call it a "pack [ more ] [ reply ] TBE - the banner engine server-side script execution vulnerability 2004-01-22 Ed J. Aivazian (stealth arminco com) WHAT ============================== TBE - the banner engine is a banner exchange system widely used in Russia and countries of the former USSR. TBE has all the basic features required for a beginner banner exchange network and together with its low cost TBE got pretty popular. Company: Native Solut [ more ] [ reply ] Re: [SuSE 9.0] possible symlink attacks in some scripts 2004-01-22 Thomas Biege (thomas suse de) >greetings, Hello. >i have done a litte reseach on a SuSE linux 9.0 box >for possible symlink attacks. i have checked nearly >every script i could found on the system. i havent >found much and nothing very special. Good. >i dont have a >clue if the following scripts are somewhere on the >system [ more ] [ reply ] yet another new phising scam 2004-01-22 Gadi Evron (ge linuxbox org) This phishing scam was first detected (as far as I know) by a friend of mine 3 days ago, on the 20th of January. He sent it to some related security companies, but I haven't seen much on it, so I figured it's time to let administrators know exactly what's up. This one targets Citibank users. It [ more ] [ reply ] RE: Paper announcement: Is finding security holes a good idea? 2004-01-22 Daniel Whelan (daniel whelan kickapoocheese com) I am in a sinking ship. The water flows in at a constant rate and does not diminish. I begin bailing. After a little while, I notice that my efforts have had no 'measurable effect'; the level of water in my ship has not gone down, so I decide to focus my attention on trimming the sails or 'other' [ more ] [ reply ] Hijacking Apache 2 via mod_perl 2004-01-21 Steve Grubb (linux_4ever yahoo com) (2 replies) Product: mod_perl Versions: 1.99_09 / apache 2.0.47 URL: http://perl.apache.org Impact: Daemon Hijacking Bug class: Leaked Descriptor Vendor notified: Yes Fix available: No Date: 01/21/04 [ more ] [ reply ] Re: Hijacking Apache 2 via mod_perl 2004-01-22 Ben Laurie (ben algroup co uk) (1 replies) Re[2]: Hijacking Apache 2 via mod_perl 2004-01-22 3APA3A (3APA3A SECURITY NNOV RU) (3 replies) [ GLSA 200401-02 ] Honeyd remote detection vulnerability via a probe packet 2004-01-21 Tim Yamin (plasmaroo gentoo org) Paper announcement: Is finding security holes a good idea? 2004-01-21 Eric Rescorla (ekr rtfm com) (5 replies) Bugtraq readers might be interested in this paper: Is finding security holes a good idea? Eric Rescorla RTFM, Inc. <http://www.rtfm.com/> A large amount of effort is expended every year on finding and patching security holes. Th [ more ] [ reply ] Re: Paper announcement: Is finding security holes a good idea? 2004-01-22 Christopher E. Cramer (chris cramer duke edu) Re: Paper announcement: Is finding security holes a good idea? 2004-01-22 Robert Lemos (rob lemos cnet com) Re: Paper announcement: Is finding security holes a good idea? 2004-01-22 Kurt Seifried (bt seifried org) Re: Paper announcement: Is finding security holes a good idea? 2004-01-22 Benjamin Franz (snowhare nihongo org) Re: Paper announcement: Is finding security holes a good idea? 2004-01-22 Oliver Friedrichs (oliver_friedrichs symantec com) |
|
Privacy Statement |
Software: Novell Netware
Vendor: http://www.Novell.com
Versions: NetWare-Enterprise-Web-Server/5.1/6.0
Platforms: Windows
Bug: Multiple Vulnerabilities
Risk: Medium
E
[ more ] [ reply ]