SecurityFocus

mod_security 1.7RC1 to 1.7.1 vulnerability 2003-10-28
Adam Dyga (adeon o2 pl)

Program: mod_security (www.modsecurity.org)
Versions: 1.7RC1 to 1.7.1 (Apache 2 version)
Synopsis: malloc based buffer overflow
Author: Adam Dyga (adeon(at)o2.pl, ad(at)adsystems.com.pl)
URL: http://adsystems.com.pl/adg-mod_security171.txt
Discovered: October 24, 2003
Published: October 28

[ more ] [ reply ]

FirstClass 7.1 HTTP Server: Remote Directory Listing 2003-10-28
Richard Maudsley (maudr001 rbwm org)

FirstClass 7.1 HTTP Server allow the listing of all files under the web
root directory and user web directories. This can be achieved by appending
"/Search" to the URL. The browser will present a file searching form. If
all check boxes (search options) are selected, and the filename text box
is left

[ more ] [ reply ]

Wildcard exportfs issue in NFS on IRIX 2003-10-28
SGI Security Coordinator (agent99 sgi com)

RE: Norton Internet Security Blocked Sites XSS 2003-10-28
Sym Security (symsecurity symantec com)

On 27 Oct, 2003 Digital Pranksters posted the following:

To: bugtraq (at) securityfocus (dot) com [email concealed]
Subject: Norton Internet Security 2003 XSS
Date: Oct 27 2003 7:26PM
Message-ID: <Pine.LNX.4.44.0310271323470.9099-100000@mail>

DigitalPranksters Security Advisory
http://www.DigitalPranksters.com

Norton Intern

[ more ] [ reply ]

Local root vuln in kpopup 2003-10-28
b0f www.b0f.net (b0fnet yahoo com)

A local root vuln exists in Kpopup version 0.9.1(latest) and

proberly all other versions. It is avaliable from

http://www.henschelsoft.de/kpopup_en.html (main site)

http://www.freebsd.org/ports/net.html

and many other places if you search kpopup on google.

I. BACKGROUND

Kpopup is a KDE

[ more ] [ reply ]

Mac OS X Long argv[] buffer overflow 2003-10-28
@stake Advisories (advisories atstake com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

@stake, Inc.
www.atstake.com

Security Advisory

Advisory Name: Long argv[] buffer overflow
Release Date: 10/28/2003
Application: Mac OS X
Platform: Mac

[ more ] [ reply ]

Mac OS X Arbitrary File Overwrite via Core Files 2003-10-28
@stake Advisories (advisories atstake com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

@stake, Inc.
www.atstake.com

Security Advisory

Advisory Name: Arbitrary File Overwrite via Core Files
Release Date: 10/24/2003
Application: Kernel
Pla

[ more ] [ reply ]

Mac OS X Systemic Insecure File Permissions 2003-10-28
@stake Advisories (advisories atstake com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

@stake, Inc.
www.atstake.com

Security Advisory

Advisory Name: Systemic Insecure File Permissions
Release Date: 10/28/2003
Application: Finder (Many)

[ more ] [ reply ]

[securemac] Local vulnerability: MacOSX Screensaver locking bypass. 2003-10-28
kang (kang insecure ws)

Mac OS X 10.3 Panther Screen Lock Bypass

*Advisory Title*: Keys Getting Past Panther Screen Lock
*Release Date*: 2003 October 28
*Affected Product*: Mac OS X 10.3 Build 7B85
*Severity*: Low
*Impact*: Security Bypass
*Where*: Local System
*Author*: CodeSamurai (codesamurai (at) mac (dot) com [email concealed])

*VULNERAB

[ more ] [ reply ]

Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability 2003-10-28
Oliver Karow (Oliver Karow gmx de)

Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability
---------------------------------------------------------------

There is a Cross-Site-Scripting Vulnerability in Fastream
NetFile FTP/Webserver Version 6.0.3.588.

Requesting a non existing URL will give a "404 Not Found" answer,
containing the r

[ more ] [ reply ]

Re: a dangerous fast spreading (yet simple) trojan horse (Now IRC.Trojan.Fgt) 2003-10-28
K-OTiK Security (Special-Alerts k-otik com)

In-Reply-To: <20031027174719.11875.qmail (at) sf-www1-symnsj.securityfocus (dot) com [email concealed]>

This trojan is now identified :

IRC.Trojan.Fgt [Symantec] IRC-Worm.Fagot [Kaspersky], Fagot [F-Secure]

Type: Trojan Horse

Infection Length: 156,672 bytes

IRC.Trojan.Fgt is a downloaded file that disables firewal

[ more ] [ reply ]

[OpenPKG-SA-2003.046] OpenPKG Security Advisory (apache) 2003-10-28
OpenPKG (openpkg openpkg org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ] [ reply ]

RE: Internet Explorer and Opera local zone restriction bypass 2003-10-28
Thor Larholm (thor pivx com)

> From: Andreas Sandblad [mailto:sandblad (at) acc.umu (dot) se [email concealed]]
> I can only reproduce it together with user-interaction, that is manually
> pressing refresh in Internet Explorer. I did some attempts to try to
> automaticly refresh the page using javascript but without any luck
> (denied access due to cross-s

[ more ] [ reply ]

Nachi/Welchia/LovSan.D version 2 appears to be spreading 2003-10-27
Young, Keith (Keith Young montgomerycountymd gov) (1 replies)

At approx 4:35 EST this afternoon, we started detecting a new variant of
the Nachi worm infecting machines not patched with MS03-039. No details
are available yet, but (as of right now) none of the major virus authors
are posting info.

Does anyone have a copy of this worm already?

--Keith Young
-

[ more ] [ reply ]

Re: Nachi/Welchia/LovSan.D version 2 appears to be spreading 2003-10-28
Peter Kieser (pfak telus net)

[slackware-security] gdm security update (SSA:2003-300-01) 2003-10-27
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gdm security update (SSA:2003-300-01)

GDM is the GNOME Display Manager, and is commonly used to provide
a graphical login for local users.

Upgraded gdm packages are available for Slackware 9.0, 9.1,
and -current. These fix two

[ more ] [ reply ]

[slackware-security] fetchmail security update (SSA:2003-300-02) 2003-10-27
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] fetchmail security update (SSA:2003-300-02)

Fetchmail is a mail-retrieval and forwarding utility.

Upgraded fetchmail packages are available for Slackware 8.1, 9.0,
9.1, and -current. These fix a vulnerability where a specially

[ more ] [ reply ]

Remote overflow in thttpd 2003-10-27
advisories(-at-)texonet.com (advisories texonet com)

-----------------------------------------------------------------------
Texonet Security Advisory 20030908
-----------------------------------------------------------------------
Advisory ID : TEXONET-20030908
Authors : Joel Soderberg and Christer Oberg
Issue date : Monday, September

[ more ] [ reply ]

Re: [LSD] Security vulnerability in SUN's Java Virtual Machineimplementation 2003-10-27
Michael Earls (Michael Earls cchmc org)

This version also appears to be Vulnerable based on the following
applet.

XP service pack 1>java -version
java version "1.4.2_01"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_01-b06)
Java HotSpot(TM) Client VM (build 1.4.2_01-b06, mixed mode)

michael

PGP Info: KeyID 0x5EB59708 Fi

[ more ] [ reply ]

Root Directory Listing on RH default apache 2003-10-27
tfm tfm org

Hello everybody

[root@localhost root]# cat /etc/redhat-release
Red Hat Linux release 9 (Shrike)

# Install apache from cd or the latest one rpm
[root@localhost root]# rpm -Uvh /tmp/httpd-2.0.40-21.5.i386.rpm

==============================================
From /etc/httpd/conf/httpd.conf
#
# Disab

[ more ] [ reply ]

Les Visiteurs v2.0.1 code injection vulnerability 2003-10-26
Matthieu Peschaud (bugtrack chezwam net)

Les Visiteurs is a great statistics script written in php.

It gives you some graphicals informations on visitors of

your website.

This script was distributed by phpinfo.net but is no more

maintained since a year.

---------

In this version severals unprotected includes can be found

in f

[ more ] [ reply ]