There have been several posts on the subject, starting with my post on
the new trojan horse exploiting this "bug" to load itself, and then
execute javascript code with one of the latest IE exploits allowing it
to over-write files.

Some guesses have been made, and although it is true that if the fil

[ more ]  [ reply ]

Product: Led-Forums

Versions: Beta 1

Vulnerability: XSS- and redirection-Bug

Date: October 30, 2003

Discovered by: ProXy <proxy (at) excluded (dot) org [email concealed]>

1. - XSS-Bug

The Welcome-Message of the Led-Forums software could be changed by everybody.

Normal Text, HTML and Javascript it's all allow

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]

In-Reply-To: <20031024135303.26267.qmail (at) linuxmail (dot) org [email concealed]>

All:

Macromedia is dedicated to protecting the security of our customers, and we are taking steps to resolve this issue.

To summarize, the Flash Player stores cookies in a somewhat predictable location (assuming the username can be gues

[ more ]  [ reply ]

In-Reply-To: <fc.00802e600021e6b400802e600021e6b4.21e717 (at) rbwm (dot) org [email concealed]>

>FirstClass 7.1 HTTP Server allow the listing of all files under the web

>root directory and user web directories.

While this statement is correct, it is not a bug, but rather a misunderstanding/misconfiguration of the FirstClas

[ more ]  [ reply ]

This vulnerability is much ado about nothing
It was caused by developers of shareware using third party installers
which changed the permissions on certain
directories of MacOS X.

Problem largely solved with the increased use of Apple's installer

AND

problem is easily fixed by adding this comman

[ more ]  [ reply ]

[Please do not use vacation(1), procmail(1), or "Out of Office
Autoreply" features on public mail lists. Thanks.]

-----------------------------------------------------------------------
Immunix Secured OS Security Advisory

Packages updated: apache
Affected products: Immunix OS 7+
Bugs fixed: CAN

[ more ]  [ reply ]

Program: E107 (www.e107.org)
Versions: 0.545 & 0.603 tested, below may also be vulnerable
Synopsis: Tagboard Denial of Service vulnerability (system wide)
Security Risk: Medium (It's a system wide DoS)
Author: Blademaster (nielserman (at) hotmail (dot) com [email concealed]) (www.hackingheaven.com)
URL:
http://www.hackingheaven

[ more ]  [ reply ]

In-Reply-To: <20031029180349.GA85446 (at) lightship.internal.homeport (dot) org [email concealed]>

@stake's policy has been the same since June, 2002 which was its last revision. Our policy is in line with the OIS guidelines. Assuming Mac OS X 10.2 is supported, Apple is not following the OIS guidelines which require a ven

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : libnids
SUMMARY : Remotely exploitable buffer

[ more ]  [ reply ]

Thor,

Sorry, I hadn't read the vendor response section of the advisories fully,
I'd rather assumed they would be issuing a security update for 10.2 as
per usual.

I'd have to agree it's a pretty poor showing from Apple if the only fix is
to
buy the next version of the operating system. I believe M

[ more ]  [ reply ]

Graham,

Thank you for the feedback.

I can't locate any new patches or updates through the software update tool on our 10.2 systems, and Apples security site (which I now received the URL to) mentions nothing about these security updates for OS X 10.2

The only way for any Mac OS X 10.2 us

[ more ]  [ reply ]

I usually download main updates (10.2.8) and security patches from
http://www.apple.com/downloads/macosx/apple

There's also an automated update from within OS X which will check
for and install patches automatically.

These are non-chargeable updates, I believe the price you quote is
for a single

[ more ]  [ reply ]

TelCondex SimpleWebserver Buffer Overflow
=========================================

The TelCondex SimpleWebserver 2.12.30210 Build 3285 is vulnerable to a
remote executable buffer overflow, due to missing length check on the
referer-variable of the HTTP-header.

It is possible to overwrite the st

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 396-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
October 29th, 2003

[ more ]  [ reply ]

because of the difference in http server in handling IPv4 mapped
address (IPv4 traffic goes into the system into AF_INET6 socket),
the peer's address passed by $REMOTE_ADDR to CGI script can vary
between the http server.
some http server would pass IPv4 mapped address as is (::ffff:10.1.1.1),

[ more ]  [ reply ]

STG Security Advisory: [SSA-20031025-05] InfronTech WebTide 7.04 Directory

and File Disclosure Vulnerability

Revision 1.0

Date Published: 2003-10-25 (KST)

Last Update: 2003-10-25

Disclosed by SSR Team (advisory (at) stgsecurity (dot) com [email concealed])

Abstract

========

InfronTech's J2EE Web Application Server

[ more ]  [ reply ]

In-Reply-To: <20031025100233.6289.qmail (at) linuxmail (dot) org [email concealed]>

try this ...

its dam strange to see WINXP LOGOFF WITHOUT ASKING MY PERMISSION

file://c:\windows\system32\logoff.exe

--------------------

>Received: (qmail 3472 invoked from network); 27 Oct 2003 15:55:23 -0000

>Received: from outgo

[ more ]  [ reply ]