> Apple Computer Inc. said in a statement given to MacCentral on
> Friday that the company would be fixing security flaws uncovered in
> Mac OS X Jaguar by Cambridge, MA-based security research firm @Stake
> earlier this week.

> http://maccentral.macworld.com/news/2003/10/31/jaguarfix/index.php?re

[ more ]  [ reply ]

DoS in Plug and Play Web Server Proxy Server
==============================

Plug & Play server is a HTTP/FTP/NEWS/MAIL/TELNET/DNS/DHCP/HTTP-PROXY
server, running on Windows platforms.

Version: 1.0002c
--------

Vendor: www.pandpsoft.com
-------

Vulnerability:
--------------
Sending the followi

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Description

- -----------

These VMware server products use a version of OpenSSL for securing remote

management connections that has known vulnerabilities that can expose

systems to denial of service attacks:

- VMware GSX Server 2.5.1 (

[ more ]  [ reply ]

Redirection and refresh parses local file

("that's all" is the end of file if you are in a hurry)

[tested]

OS:WinXp

Microsoft Internet Explorer v6.Sp1; up-to-date on 2003/10/30

[demo]

http://www.safecenter.net/UMBRELLAWEBV4/IredirNrefresh/IredirNrefresh-My
Page.htm

[exp]

if an iframe

[ more ]  [ reply ]

-- Corsaire Security Advisory --

Title: BEA WebLogic example InteractiveQuery.jsp XSS issue
Date: 04.07.03
Application: BEA WebLogic 8.1 and prior
Environment: Various
Author: Martin O'Neal [martin.oneal (at) corsaire (dot) com [email concealed]]
Audience: General distribution
Reference: c030704-008

-- Scope --

The aim of

[ more ]  [ reply ]

------------------------------------------------------------------------
----
IRM Security Advisory No. 008

Citrix Metaframe XP is vulnerable to Cross Site Scripting

Vulnerablity Type / Importance: XSS / Medium

Problem discovered: August 18th 2003
Vendor contacted: August 18th 2003
Advisory publis

[ more ]  [ reply ]

Author: Stan Bubrouski
Date: October 31, 2003
Package(s): j2re/j2sdk
OS: Linux (possibly others, see below)
Versions: 1.4.2 - 1.4.2_02
Severity: Local users may overwrite any file owned by the user who
installs java due to insecure file handling while unpacking/installing
java.

Problem: There are

[ more ]  [ reply ]

Thor Larholm <thor (at) pivx (dot) com [email concealed]> wrote:

>> Storing in an unpredictable location might help.
>> Obfuscation does not: instead of setting a cookie
>> of BadThing, the attacker could set one that will
>> become BadThing. The need to reverse-engineer the
>> obfuscation, and details like possible character

[ more ]  [ reply ]

-- Corsaire Security Advisory --

Title: BEA Tuxedo Administration CGI multiple argument issues
Date: 04.07.03
Application: BEA Tuxedo 8.1 and prior
Environment: Various
Author: Martin O'Neal [martin.oneal (at) corsaire (dot) com [email concealed]]
Audience: General distribution
Reference: c030704-009

-- Scope --

The aim of

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
---
GENTOO LINUX SECURITY ANNOUNCEMENT 200310-04
- ------------------------------------------------------------------------
---

PACKAGE : net-www/apache
SUMMA

[ more ]  [ reply ]

The irritation has begun :/

A new version of Mimail.C has cropped up. It spoofs the recipients domain and sends the mail as 'james@<spoofed domain>' and has an attachment: pictures.jpg.exe

Some clients have reported massive amounts of lag due to its mass mailing and one client's firewall dro

[ more ]  [ reply ]

http://www.rosiello.org

Vulnerabilities Section.

/*

*

* http://www.rosiello.org

* (c) Rosiello Security

*

* Copyright Rosiello Security 2003

* All Rights reserved.

*

* Tested on Red Hat 9.0

*

* Author: Angelo Rosiello

* Mail : angelo (at) rosiello (dot) org [email concealed]

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______

SUSE Security Announcement

Package: thttpd
Announcement-ID: SuSE-SA:2003:044
Date: Friday, Oct

[ more ]  [ reply ]

> From: Paul Szabo [mailto:psz (at) maths.usyd.edu (dot) au [email concealed]]
> Storing in an unpredictable location might help.
> Obfuscation does not: instead of setting a cookie
> of BadThing, the attacker could set one that will
> become BadThing. The need to reverse-engineer the
> obfuscation, and details like possib

[ more ]  [ reply ]

--On Thursday, October 30, 2003 3:15 PM -0500 gabriel rosenkoetter
<gr (at) eclipsed (dot) net [email concealed]> wrote:

> I'm going to hazard a guess based on other posts here and figure
> that that does either a straight shell call or at least the equivalent
> of a find / -perm <something> -exec chmod <somethingelse> {} \;

[ more ]  [ reply ]

William A. Schulze <was (at) macromedia (dot) com [email concealed]> wrote in
http://www.securityfocus.com/archive/1/342910 :

> ... Flash Player stores cookies in a somewhat predictable location
> (assuming the username can be guessed), and some of the contents are
> stored as plain text. While this is not in itself a directly

[ more ]  [ reply ]

[Moderator: I'd say don't bother approving this message, especially
since this argument misses the important point here. Only but I
can't figure out why you approved the one that I'm replying to,
which seems to be suggesting that people go ahead and do something
that I'm pretty sure I'm right in say

[ more ]  [ reply ]

#######################################################################

Luigi Auriemma

Application: Serious Sam engine
http://www.seriousengine.com
Versions: Versions using TCP protocol in multiplayer:
- SeriousSam: the First Encounter

[ more ]  [ reply ]

On Wed, Oct 29, 2003 at 07:58:54PM -0500, James Kelly wrote:
> problem is easily fixed by adding this command to a root cron job.
>
> diskutil repairpermissions /
>
> Above command can be run every day for your paranoia protection ;-)

Actually, my paranoia protection says that that would be a REA

[ more ]  [ reply ]

william schulze [mailto:was (at) macromedia (dot) com [email concealed]] wrote...
> Once an updated Flash Player is available, we will post the
> new software and notify both our customers and the BugTraq
> community with this information.

Will there be a standalone version of this patch that can be deployed
silently (unatt

[ more ]  [ reply ]

Mac OS X Maintenance Agreements are available for clients and
servers. Since mac os 10.0 (before "X") apple has used paid upgrades
that addressed security updates, as the release point for the next
supported version of the OS.

I don't personally agree with this method of major patch/upgra

[ more ]  [ reply ]

There have been several posts on the subject, starting with my post on
the new trojan horse exploiting this "bug" to load itself, and then
execute javascript code with one of the latest IE exploits allowing it
to over-write files.

Some guesses have been made, and although it is true that if the fil

[ more ]  [ reply ]

On Wednesday 29 October 2003 02:30 am, Joshua Levitsky wrote:

> If Apple is responsible then we should see 10.2 patches backported. I think
> it's reasonable that 10.3 patches come, and then 10.2 patches, and Apple
> should have some Life Cycle policy to say if everything before 10.2 is EOL
> or no

[ more ]  [ reply ]

Product: Led-Forums

Versions: Beta 1

Vulnerability: XSS- and redirection-Bug

Date: October 30, 2003

Discovered by: ProXy <proxy (at) excluded (dot) org [email concealed]>

1. - XSS-Bug

The Welcome-Message of the Led-Forums software could be changed by everybody.

Normal Text, HTML and Javascript it's all allow

[ more ]  [ reply ]

At 7:52 PM +0100 10/29/03, Ragnar Sundblad wrote:
>--On den 29 oktober 2003 13:03 -0500 Adam Shostack <adam (at) homeport (dot) org [email concealed]> wrote:
>
>>I think that announcing a set of security issues, and saying "the fix
>>is to upgrade your entire OS" is not a great disclosure strategy.
>
>I certainly agree here, as

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]

In-Reply-To: <20031024135303.26267.qmail (at) linuxmail (dot) org [email concealed]>

All:

Macromedia is dedicated to protecting the security of our customers, and we are taking steps to resolve this issue.

To summarize, the Flash Player stores cookies in a somewhat predictable location (assuming the username can be gues

[ more ]  [ reply ]

In-Reply-To: <fc.00802e600021e6b400802e600021e6b4.21e717 (at) rbwm (dot) org [email concealed]>

>FirstClass 7.1 HTTP Server allow the listing of all files under the web

>root directory and user web directories.

While this statement is correct, it is not a bug, but rather a misunderstanding/misconfiguration of the FirstClas

[ more ]  [ reply ]

This vulnerability is much ado about nothing
It was caused by developers of shareware using third party installers
which changed the permissions on certain
directories of MacOS X.

Problem largely solved with the increased use of Apple's installer

AND

problem is easily fixed by adding this comman

[ more ]  [ reply ]

[Please do not use vacation(1), procmail(1), or "Out of Office
Autoreply" features on public mail lists. Thanks.]

-----------------------------------------------------------------------
Immunix Secured OS Security Advisory

Packages updated: apache
Affected products: Immunix OS 7+
Bugs fixed: CAN

[ more ]  [ reply ]