To: announce (at) lists.sco (dot) com [email concealed] bugtraq (at) securityfocus (dot) com [email concealed] full-disclosure (at) lists.netsys (dot) com [email concealed]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________
______

SCO Security Advisory

Subject: UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 :

[ more ]  [ reply ]

Just today (12 Nov 2003) opening my mailbox I have found a mail of about 1
megabyte and half and fortunally for the sender I don't use filters.

The mail has been sent by the Gamespy's lawyers asking me to remove my bug
research stuff from my site.

The stuff is composed by my proof-of-concepts and

[ more ]  [ reply ]

C:\telnet 192.168.175.3 5555

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\WINNT\system32>

--

/*
Proof of concept for MS03-049.
This code was tested on a Win2K SP4 with FAT32 file system, and is supposed
to work *only* with that (it will probably crash

[ more ]  [ reply ]

Hello Alun,

Alun Jones wrote:
>>-----Original Message-----
>>From: Goetz Babin-Ebell [mailto:babin-ebell (at) trustcenter (dot) de [email concealed]]
>>Sent: Monday, November 10, 2003 11:25 AM
>>
>>But wrongly rejecting good input has no security implications.
>>But wrongly accepting bad input has.
>
> Coding to satisfy only

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]

Windows Workstation Service Remote Buffer Overflow

Release Date:
November 11, 2003

Date Reported:
September 15, 2003

Severity:
High (Remote Code Execution)

Systems Affected:
Windows 2000
Windows XP

Description:
eEye Digital Security has discovered a remote buffer overflow in the Windows Worksta

[ more ]  [ reply ]

> From: Alun Jones [mailto:alun (at) texis (dot) com [email concealed]]
> Sent: Tuesday, November 11, 2003 12:13 PM

> > From: Goetz Babin-Ebell [mailto:babin-ebell (at) trustcenter (dot) de [email concealed]]
> > Sent: Monday, November 10, 2003 11:25 AM
> >
> > But wrongly rejecting good input has no security implications.
> > But wrongly accepting bad

[ more ]  [ reply ]

HylaFAX Security Advisory
11 November 2003

Subject: Format String Vulnerability Fixed

Introduction:

HylaFAX is a mature (est. 1991) enterprise-class open source software
package for sending and receiving facsimiles as well as for sending
alpha-numeric pages. It runs on a wide variety of UNIX-

[ more ]  [ reply ]

Local proof of concept exploit for Unace v2.2

demz
demz (at) geekz (dot) nl [email concealed] // www.geekz.nl

[ more ]  [ reply ]

DoS in PureFTPd - continue.

After carefully read the source PureFTPd and talk with autor PureFTPd i must apologize for false alarm about DoS in PureFTPd, becouse the messy code will never be executed. Looked once more for source - function displayrate():

"in file src/ftpd.c"

static voi

[ more ]  [ reply ]

/************************************
**---------------------------------**
** RusH security team advisory **
**---------------------------------**
** www.rsteam.ru **
** http://rst.void.ru **
************************************/

/********************************

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrake Linux Security Update Advisory
_______________________________________________________________________

Package name: hylafax
Advisory ID:

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 400-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
November 11th, 2003

[ more ]  [ reply ]

What's more, as is in the linked topic, is that there is no 2.0.7

>----- Original Message -----
>From: "Marius Kaase" <marius (at) kaase (dot) net [email concealed]>
>To: "jocanor jocanor" <jocanor2002 (at) hotmail (dot) com [email concealed]>
>Cc: <bugtraq (at) securityfocus (dot) com [email concealed]>
>Sent: Saturday, November 08, 2003 2:39 PM
>Subject: Re: sql injection in phpbb

[ more ]  [ reply ]

Hello,

I have discover a realy simple buffer overflow in unace(www.winace.com)
command.

normally if you put a wrong filename:
[root@megahz root]# ./unace e aa.ace

UNACE v2.2 Copyright by ACE Compression Software May 9 2002
10:59:42

[ more ]  [ reply ]

When logging into IRC via gaim, gaim registers the user with their valid
local account id as well as the nick chosen by the end user. This is
revealed when an attacker asks for information regarding the victim.

Given that the host name (DNS/IP) is also registered, an attacker now
knows both the loc

[ more ]  [ reply ]

>On a related topic,
>
>Does anyone have a method to programatically (perhaps using registry
>entries) change security settings in Internet Explorer for a
>specific zone.
>For example, if I wanted to disable active scripting for the
>Internet Zone
>for 1000 end users by pushing a script, reg entry

[ more ]  [ reply ]

"Goetz Babin-Ebell" <babin-ebell (at) trustcenter (dot) de [email concealed]> said:

>> We need a little bit more than that, because our understanding of
>> "what's bad" increases with time, and that frequently reduces the set
>> of "what's good."
>
>Yes.
>But wrongly rejecting good input has no security implications.

Actuall

[ more ]  [ reply ]

In-Reply-To: <3FAD4685.2040907 (at) kaase (dot) net [email concealed]>

>Received: (qmail 32171 invoked from network); 8 Nov 2003 21:06:28 -0000

>Received: from outgoing3.securityfocus.com (205.206.231.27)

> by mail.securityfocus.com with SMTP; 8 Nov 2003 21:06:28 -0000

>Received: from lists2.securityfocus.com (lists2.secur

[ more ]  [ reply ]

Symbol Technologies Default WEP KEYS Vulnerability
Systems: Symbol Technologies PDT 8100
Severity: Medium
Category: Default password storage and access
Classification: Installation problem
BugTraq-ID: TBA
CVE-ID: CAN-2003-0934
SymbolTech-ID: 620646
Local Exploit: yes
Vendor URL: http://www.symbol.

[ more ]  [ reply ]

From: "Cowperthwaite, Eric" <eric.cowperthwaite (at) eds (dot) com [email concealed]>
> On a related topic,
>
> Does anyone have a method to programatically (perhaps using registry
> entries) change security settings in Internet Explorer for a specific
zone.
> For example, if I wanted to disable active scripting for the Intern

[ more ]  [ reply ]

I want to signal an interesting type of problem that affects almost all the
videogames with multiplayer support and moreover a resource where finding
informations and proof-of-concepts for games and game's engines.

I already managed this problem in the past (over one year ago) with
Half-Life and t

[ more ]  [ reply ]

----------------------------------------------------------------------
SNS Advisory No.69
Eudora "Reply-To-All" Buffer Overflow Vulnerability

Problem first discovered on: Thu, 09 Jan 2003
Published on: Mon, 10 Nov 2003
----------------------------------------------------------------------

Overview

[ more ]  [ reply ]

On Mon, Nov 10, 2003 at 04:35:06PM +0100, Adam Zabrocki wrote:
sizeof_resolved_path = MAXPATHLEN + 1U;
if ((resolved_path = malloc(sizeof_resolved_path)) == NULL) { ... }
resolved_path[sizeof_resolved_path - 1U] = 0;
> if (realpath(name, resolved_path) == NULL) { ... }

[ more ]  [ reply ]