|
|
Colapse all |
Post message
MDKSA-2003:082 - Updated php packages fix vulnerabilities 2003-08-04 Mandrake Linux Security Team (security linux-mandrake com) Postfix 1.1.12 remote DoS / Postfix 1.1.11 bounce scanning 2003-08-03 Michal Zalewski (lcamtuf ghettot org) [SECURITY] [DSA-363-1] New postfix packages fix remote denial of service, bounce scanning 2003-08-03 Matt Zimmerman (mdz debian org) xtokkaetama[v1.0b+]: (missed) buffer overflow exploit. 2003-08-03 Vade 79 (v9 fakehalo deadpig org) not a big deal, but after viewing the debian advisory for xtokkaetama; BID found at http://www.securityfocus.com/bid/8312. i took a quick look at the source, and noticed an overlooked buffer overflow that occurs later in the program. the overflow is a result of the "-nickname" command line [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-03:08.realpath 2003-08-04 FreeBSD Security Advisories (security-advisories freebsd org) OpenPKG Security Engineering now covering 1.2 and 1.3 only 2003-08-04 OpenPKG (openpkg openpkg org) Starting with todays release of OpenPKG 1.3 (see press release http://www.openpkg.org/press/PR-004-openpkg-1.3.html for more details) the (one year old) OpenPKG 1.1 release becomes deprecated. Following our community commitment to provide security updates for the last two releases, the OpenPKG Secu [ more ] [ reply ] MDKSA-2003:081 - Updated postfix packages fix remote DoS 2003-08-04 Mandrake Linux Security Team (security linux-mandrake com) Re: VMware GSX Server 2.5.1 / Workstation 4.0 (for Linux systems) vulnerability 2003-08-02 VMware (vmware-security-alert vmware com) In-Reply-To: <Pine.LNX.4.55.0307231606160.25752 (at) mail.securityfocus (dot) com [email concealed]> Description ----------- The following products have a vulnerability that can allow a user of the host system to start an arbitrary program with root privileges. This was previously reported in this advisory: http:/ [ more ] [ reply ] [slackware-security] KDE packages updated (SSA:2003-213-01) 2003-08-02 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] KDE packages updated (SSA:2003-213-01) New KDE packages are available for Slackware 9.0. These address a security issue where Konqueror may leak authentication credentials. Here are the details from the Slackware 9.0 ChangeLog [ more ] [ reply ] [SECURITY] [DSA-362-1] New mindi packages fix insecure temporary file creation 2003-08-02 Matt Zimmerman (mdz debian org) [SECURITY] Netfilter Security Advisory: Conntrack list_del() DoS 2003-08-02 Netfilter Core Team (coreteam netfilter org) [SECURITY] Netfilter Security Advisory: NAT Remote DOS (SACK mangle) 2003-08-02 Netfilter Core Team (coreteam netfilter org) [SEC-LABS] Win32 Device Drivers Communication Vulnerabilities + PoC for Symantec Norton AntiVirus \'2002 (probably all versions) Device Driver 2003-08-02 yup tlen pl The Sec-Labs security research group found a bug in Win32 Device Drivers Communication, the white-paper for this vulnerability can be viewed at http://sec-labs.hack.pl , the exploit code for Symantec Norton AntiVirus '2002 (probably all versions) Device Driver is also stored at our homepage. [ more ] [ reply ] [Advisory] IISShield V1.0.2 2003-08-01 RawData (RawData netcabo pt) Moderator please disregard last message. There were some problems with the webmailers. :( Original message follows: Hi all, A problem related to the denial of an Http Request in a specific byte check was encountered. The issue fixed is related to a very special situation which does not interfer [ more ] [ reply ] NOVL-2003-10085583 GroupWise (Wireless) WebAccess 6_5 Log InfoLeak 2003-08-01 Ed Reed (ereed novell com) RE: [Full-Disclosure] Guideliens for Security Vuln reporting and response process 2003-08-01 Jason Coombs (jasonc science org) These guidelines are seriously flawed and misguided. They are being advanced by a group of people who appear to have devised economic models in which they benefit from control of other people's freedoms and profit by limiting the potential for security while attaching a brand name to those limits. [ more ] [ reply ] phpbuilder.com unrestricted page! 2003-08-01 npguy (npguy ysgnet com) recently, 01 security submission has discovered a serious problem with phpbuilder.com ---[ about phpbuilder.com ]--- phpbuilder.com is one of the premier php site. Thousand of developer share and contribute their articles on php. ---[summary]--- the bug actually allows any user to launch DOS attac [ more ] [ reply ] [SECURITY] [DSA-358-1] New kernel source and i386, alpha kernel images fix multiple vulnerabilities 2003-08-01 Matt Zimmerman (mdz debian org) Re: Novell GroupWise 6.5 Clear Text Vulnerability 2003-08-01 Ryan Nelson (ryann village gurnee il us) This part from the TID is kind of important: GroupWise Webaccess users using their desktop or laptop computers do NOT have this problem. Only happens with WML & HDML. Only happens when using Wireless Phones Ryan >>> "Adam Gray" <agray (at) novacoast (dot) com [email concealed]> 7/31/2003 7:13:43 PM >>> Novacoast Security [ more ] [ reply ] [CLA-2003:715] Conectiva Security Announcement - wu-ftpd 2003-08-01 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : wu-ftpd SUMMARY : Remote vulnerability in the [ more ] [ reply ] [SECURITY] [DSA-360-1] New xfstt packages fix several vulnerabilities 2003-08-01 Matt Zimmerman (mdz debian org) [SECURITY] [DSA-359-1] New atari800 packages fix buffer overflows 2003-08-01 Matt Zimmerman (mdz debian org) [Advisory] IISShield V1.0.2 2003-08-01 rawdata (rawdata netcabo pt) Hi all, A problem related to the denial of an Http Request in a specific byte check was encountered. The issue fixed is related to a very special situation which does not interfere with the scanning and inspection features of IISShield. Users are advised to download the latest version (v1.0.2) a [ more ] [ reply ] Novell GroupWise 6.5 Clear Text Vulnerability 2003-08-01 Adam Gray (agray novacoast com) Novacoast Security Advisory Novell GroupWise 6.5 Vulnerability Synopsis: Novacoast has discovered a vulnerability in the Novell GroupWise 6.5 Wireless Webaccess logging functionality. The software exposes all username and passwords within the log file in clear text. This information could be used [ more ] [ reply ] RAV ActiveX Buffer overflow in ravupdt.dll file 2003-08-01 Tri Huynh (trihuynh zeeup com) RAV Online Scanning ActiveX Buffer Overflow in RAVUPDT.DLL ================================================= PROGRAM: RAV ONLINE SCANNING ACTIVEX HOMEPAGE: www.ravantivirus.com VULNERABLE VERSIONS: Online Version Only DESCRIPTION ================================================= RAV Online Scan [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
________________________________________________________________________
Mandrake Linux Security Update Advisory
________________________________________________________________________
Package name: php
Advisory ID:
[ more ] [ reply ]