BugTraq Mode:
(Page 1638 of 1748)  < Prev  1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643  Next >
[CLA-2003:713] Conectiva Security Announcement - perl 2003-07-29
Conectiva Updates (secure conectiva com br)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : perl
SUMMARY : CGI.pm cross site scripting vu

[ more ]  [ reply ]
KDE Security Advisory: Konqueror Referrer Authentication Leak 2003-07-29
Dirk Mueller (mueller kde org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

KDE Security Advisory: Konqueror Referer Leaking Website Authentication Credentials
Original Release Date: 2003-07-29
URL: http://www.kde.org/info/security/advisory-20030729-1.txt

0. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN

[ more ]  [ reply ]
[SECURITY] [DSA-353-1] New sup packages fix insecure temporary file creation 2003-07-29
Matt Zimmerman (mdz debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 353-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
July 29th, 2003

[ more ]  [ reply ]
iDEFENSE Security Advisory 07.29.03: Buffer Overflow in Sun Solaris Runtime Linker 2003-07-29
iDEFENSE Labs (labs idefense com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

iDEFENSE Security Advisory 07.29.03:
http://www.idefense.com/advisory/07.29.03.txt
Buffer Overflow in Sun Solaris Runtime Linker
July 29, 2003

I. BACKGROUND

The Solaris runtime linker, ld.so.1(1), processes dynamic executables
and shared objects at ru

[ more ]  [ reply ]
PBLang Cross Site Scripting Vulnerability (Newest version) 2003-07-27
Quan Van Truong (quan_vu_208cn yahoo com)


PBLang is a PHP-base forum. A security hole has just found in this product

allows an attacker to steals cookies or does many things?

|--------------------------------------------|

Vulnerable systems: PBLang Forum

Version: 4.56 (4.5 RC 2)

Website: http://pblang.drmartinus.de/

Problem:

[ more ]  [ reply ]
Re: DCOM RPC exploit (dcom.c) 2003-07-27
S G Masood (sgmasood yahoo com)
Hello list,

The Dcom.c compiles neatly on Cygwin with GCC 3.2 when
the "#include <error.h>" line is removed.

*Very* accurate. If the machine is vulnerable, the
exploit will almost always succeed on the first
attempt.

I've successfully tested it on about 16 boxes and each
one was rooted on the fi

[ more ]  [ reply ]
Shattering SEH II 2003-07-28
Brett Moore (brett moore security-assessment com)
moderator: I forgot the link :-)
========================================================================
=
= Shattering SEH II
=
= brett.moore (at) security-assessment (dot) com [email concealed]
= http://www.security-assessment.com
=
= Originally posted: July 28, 2003
===========================================================

[ more ]  [ reply ]
[CLA-2003:711] Conectiva Security Announcement - mnogosearch 2003-07-28
Conectiva Updates (secure conectiva com br)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : mnogosearch
SUMMARY : Remote buffer overflow

[ more ]  [ reply ]
Cisco Aironet AP1100 Valid Account Disclosure Vulnerability 2003-07-28
zitouni réda (reda zitouni vigilante com)


VIGILANTe Security Watch Advisory

Name: Cisco Aironet AP1100 Valid Account Disclosure Vulnerability

Systems Affected: Tested on a Cisco Aironet AP1100 Model 1120B Series

Wireless device.

Firmware version 12.2(4)JA and earlier.

NB : A large number of Cisco IOSes are affected by this flaw.

[ more ]  [ reply ]
Cisco Aironet AP 1100 Malformed HTTP Request Crash Vulnerability 2003-07-28
zitouni réda (reda zitouni vigilante com)


VIGILANTe Security Watch Advisory

Name: Cisco Aironet AP 1100 Malformed HTTP Request Crash Vulnerability

Systems Affected: Tested on a Cisco Aironet AP1100 Model 1120B Series

Wireless device.

Firmware version 12.2(4)JA and earlier.

Severity: High Risk

Vendor URL: http://www.vigilante.com

[ more ]  [ reply ]
Cisco Security Advisory: HTTP GET Vulnerability in AP1x00 2003-07-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: HTTP GET Vulnerability in AP1x00

Revision 1.0

For Public Release 2003 July 28 16:00 UTC (GMT)

----------------------------------------------------------------------

Contents

Summary
Affected Prod

[ more ]  [ reply ]
[PAPER]: Address relay fingerprinting. 2003-07-27
Vade 79 (v9 fakehalo deadpig org)


PAPER: "Address relay fingerprinting".

AUTHOR: vade79/v9 v9 (at) fakehalo.deadpig (dot) org [email concealed] (fakehalo).

HEADER: A small paper about how to use often discarded bugs.

(sorry if this has been discussed already, found no information on this)

This paper discusses how to use values returned from pro

[ more ]  [ reply ]
Remotely exploitable overflow in mod_mylo for Apache 2003-07-28
Carl Livitt (carl learningshophull co uk)

There exists a remotely exploitable buffer overflow in the mod_mylo module for
apache.

It is a relatively obscure MySQL logging module for Apache that appears not to
be in widespread use at present. However, it is present in FreeBSD ports, so
may affect FreeBSD slighly more than Linux systems.

[ more ]  [ reply ]
Gallery XSS security advisory (with fix and patch instructions) 2003-07-27
Bharat Mediratta (bharat menalto com)
___________________
PROBLEM DESCRIPTION

Gallery is an open source image management system. Learn more about
it at http://gallery.sourceforge.net

Gallery has a feature that allows users to search their image captions
and descriptions for specific search terms. A typo in the security code
of this

[ more ]  [ reply ]
DCOM RPC exploit (dcom.c) 2003-07-26
fulldisclosure catholic org
03-026 working exploit

-----------------------------------------

This email was sent using FREE Catholic Online Webmail.
http://webmail.catholic.org/

[ more ]  [ reply ]
Re: VMware GSX Server 2.5.1 / Workstation 4.0 (for Linux systems) vulnerability 2003-07-26
VMware (vmware-security-alert vmware com)
In-Reply-To: <Pine.LNX.4.55.0307231606160.25752 (at) mail.securityfocus (dot) com [email concealed]>

VMware GSX Server 2.5.1 patch 1 (for Linux operating systems) build 5336

is now available for downloading by VMware customers with support

services. This release corrects the vulnerability reported in

http://www.security

[ more ]  [ reply ]
EEYE:ALERT Free RPC/DCOM vulnerability scanning tool 2003-07-26
Marc Maiffret (marc eeye com)
Due to the recent release of multiple exploits for the very serious
Microsoft RPC/DCOM vulnerability
(http://www.microsoft.com/security/security_bulletins/ms03-026.asp) we
have decided to release a free scanning tool that will allow
administrators to check to see if DCOM is enabled on remote machine

[ more ]  [ reply ]
Re: ssh host key generation in Red Hat Linux 2003-07-25
Kent Borg (kentborg borg org)
It has been pointed out that the Linux random driver will block if it
computes there is no entropy available, and this is correct.

However, last August there were bugs discovered in entropy accounting
that caused it to overestimate current entropy, and the Red Hat
2.4.20-19.9 kernel still doesn't s

[ more ]  [ reply ]
scan.sygate.com. over-scanning? 2003-07-25
Stephen Samuel (samuel bcgreen com) (1 replies)
On a lark, I went to the sygate site, and asked them to do a
port scan. From all I can see on the site, they seem to ONLY
claim to do a port scan, but a while later, I got a note from
my system about them doing a good bit more than just scanning
for an open port 80.

http://scan.sygatetech.com/

Is

[ more ]  [ reply ]
Re: scan.sygate.com. over-scanning? 2003-07-25
H D Moore (sflist digitaloffense net)
Workaround for stopping MS2003-030 exploitation via HTML? 2003-07-25
Johnson, Jeff FOR:EX (Jeff S Johnson gems1 gov bc ca)
CERT recently issued an advisory about this vulnerability (CA-2003-18,
http://www.cert.org/advisories/CA-2003-18.html) that said that setting the
Internet Explorer 'Run ActiveX Controls' security setting to disable in
appropriate IE security zones would prevent exploitation of this in web
pages and

[ more ]  [ reply ]
CERT Advisory CA-2003-18 Integer Overflows in Microsoft Windows DirectX MIDI Library 2003-07-25
CERT Advisory (cert-advisory cert org)

-----BEGIN PGP SIGNED MESSAGE-----

CERT Advisory CA-2003-18 Integer Overflows in Microsoft Windows DirectX
MIDI Library

Original issue date: July 25, 2003
Last revised: --
Source: CERT/CC

A complete revision history is at the end of this file.

Systems Affected

* Microsoft W

[ more ]  [ reply ]
question about oracle advisory 2003-07-25
Tina Bird (tbird precision-guesswork com) (1 replies)

Oracle's released three security-related patches today. I'm trying to
get my head around them to write up a Stanford Security Alert, but
there's conflicting information. According to
http://otn.oracle.com/deploy/security/pdf/2003alert57.pdf the buffer
overflow in the EXTPROC code can only be trig

[ more ]  [ reply ]
Re: question about oracle advisory 2003-07-26
David Litchfield (david ngssoftware com)
OpenServer 5.0.x : Samba security update available avaliable for download. 2003-07-24
security sco com

To: bugtraq (at) securityfocus (dot) com [email concealed] announce (at) lists.caldera (dot) com [email concealed] scoannmod (at) xenitea.on (dot) ca [email concealed]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________
______

SCO Security Advisory

Subject: OpenServer 5.0.5 OpenServer 5.0.6 : Samba security upd

[ more ]  [ reply ]
(Page 1638 of 1748)  < Prev  1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus