BugTraq Mode:
(Page 1644 of 1748)  < Prev  1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649  Next >
[SECURITY] [DSA-350-1] New falconseye packages fix buffer overflow 2003-07-15
Matt Zimmerman (mdz debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 350-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
July 15th, 2003

[ more ]  [ reply ]
FIXED: MacOSX - crash screensaver locked with password and get thedesktop back 2003-07-15
t4 ursine com
In-Reply-To: <1057328741.1655.172.camel (at) localhost (dot) loca [email concealed]ldomain>

Apple has released a Security Update for MacOS X 10.2.6 which

addresses this problem. Info available here:

http://docs.info.apple.com/article.html?artnum=120232

[ more ]  [ reply ]
DSL- Router Teledat 530 DoS 2003-07-15
mac ac t-online de (Dr Markus a Campo)
Hello,

behind my DSL-router Teledat 530 I have a Windows-box with a Norton
Firewall 2003. The Symantec security scan on
http://security.symantec.com/ssc/ (I think a normal portscan) lets the
router crash - reboot is required.

The vendor (Deutsche Telekom) told me to uninstall Norton Firewall to

[ more ]  [ reply ]
Splatt Forum html injection code in post icon 2003-07-15
Lethalman (lethalman libero it)


Any user can inject html code when create a new post.

The bug are in the post icon:

<img src="icon.gif" etc.>

If you create a personalized form with this code:

icon.gif"><script>alert('bug');<script><any

tag="

the final code of the post icon is:

<img

src="icon.gi

[ more ]  [ reply ]
SuSE Security Announcement: nfs-utils (SuSE-SA:2003:031) 2003-07-15
krahmer suse de (Sebastian Krahmer)
-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______

SuSE Security Announcement

Package: nfs-utils
Announcement-ID: SuSE-SA:2003:031
Date: Tue Jul 1

[ more ]  [ reply ]
Multiple vulnerabilites in Citadel/UX 2003-07-15
Carl Livitt (carllivitt hush com)

There are remotely exploitable flaws in Citadel/UX BBS software. See
attached advisory for details and links to updated packages.

Regards,
Carl

[ more ]  [ reply ]
[CLA-2003:696] Conectiva Security Announcement - ucd-snmp 2003-07-15
Conectiva Updates (secure conectiva com br)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : ucd-snmp
SUMMARY : Remote heap overflow vulne

[ more ]  [ reply ]
[CLA-2003:695] Conectiva Security Announcement - mpg123 2003-07-15
Conectiva Updates (secure conectiva com br)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : mpg123
SUMMARY : Local buffer overflow vulner

[ more ]  [ reply ]
xfstt-1.4 vulnerability 2003-07-14
ruben unteregger (ruben unteregger era-it ch)
---------------------------------------------------------------
ERA IT Solutions AG http://www.era-it.ch

Security Advisory - xfstt-1.4 vulnerability - 11/07/2003
---------------------------------------------------------------

1. Vulnerability description
2. Impact
3. Notificatio

[ more ]  [ reply ]
Internet Explorer Full-Screen mode threats 2003-07-15
Marek Bialoglowy (mb systemintegra com)
Hello,

I was reading the "IE chromeless window vulnerabilities" thread and thought
maybe I could add some proof of concept to this discussion.

This very simple demo:

http://www.systemintegra.com/ie-fullscreen/

shows how system password could be captured thanks to Internet Explorer
working in ful

[ more ]  [ reply ]
possible open relay hole in qmail-smtpd-auth patch 2003-07-15
John Simpson (jms1 jms1 net)
the qmail-smtpd-auth patch is a commonly used patch to qmail which allows
the qmail-smtpd program to support the AUTH extension, by specifying a
"checkpassword" program on the command line. the homepage for the patch is:

http://members.elysium.pl/brush/qmail-smtpd-auth/

the patch modifies qmail-

[ more ]  [ reply ]
RE: IE chromeless window vulnerabilities 2003-07-14
Jason Sloderbeck (ops-lists positivenetworks net)


Here's a quick summary of the amazingly high risk to the vast majority of

users running IE 5.5+ (including IE 6 SP1), even at the Medium security

level. This may be redundant to some, but I'm not sure the full impact is

obvious, especially since it's been around since 2001 and the advisories

[ more ]  [ reply ]
@stake exploit code (oops) 2003-07-14
wirepair (wirepair roguemail net)
although it states impersonating system, in reality
cmd.exe is not launched as a cmd.exe process. Sorry folks
I should've done more testing on this one... I'll post the
new version on my site once it is finished.
http://sh0dan.org
thanks, and sorry again.
-wire
_____________________________
For t

[ more ]  [ reply ]
RE: StarSiege: Tribes DoS 2003-07-14
Aeloria Resa (terin alpha-designs net)
Confirmed on Windows XP Professional with Tribes Release 1.11 4.28.00.
The PHP code would not work. The C code compiled without a hitch. It
promptly felled my local Tribes server.

[ more ]  [ reply ]
Asus AAM6000EV ADSL Router Wide Open 2003-07-14
cw (security fidei co uk) (1 replies)
Asus have been notified but haven't even acknowledged yet alone mentioned a fix.

If the inbuilt webserver is activated, anyone on the local network can get the full user/pass list from the router without any identification whatsoever by going to the ip address of the router and appending /userdata

[ more ]  [ reply ]
Re: Asus AAM6000EV ADSL Router Wide Open 2003-07-15
Michael Renzmann (security dylanic de)
[SECURITY] [DSA-349-1] New nfs-utils package fixes buffer overflow 2003-07-14
Matt Zimmerman (mdz debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 349-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
July 14th, 2003

[ more ]  [ reply ]
Grub Distributed Client - Cleartext Passwords 2003-07-13
morning_wood (se_cur_ity hotmail com)
------------------------------------------------------------------
- EXPL-A-2003-016 exploitlabs.com Advisory 016
------------------------------------------------------------------
-=- Looksmart / Grub Distributed Webcrawling Client -=-

Donnie Werner
http://exploitlabs.com

Vuner

[ more ]  [ reply ]
RE: Website to (Safely) Check Content Filtering S/W for Malicious Code??? 2003-07-13
Menashe Eliezer (menashe finjan com)
Hello Scott,
Finjan Software may offer such a web proxy service in the future, using our gateway product for behavior analysis.
You can also send me the details of the web site, and it will be analyzed in our research center.
Please don't hesitate to ask questions.

--
Best Regards,
Menashe Eliezer

[ more ]  [ reply ]
BlackBook - Multiple Vunerabilities 2003-07-13
morning_wood (se_cur_ity hotmail com)
------------------------------------------------------------------
- EXPL-A-2003-015 exploitlabs.com Advisory 015
------------------------------------------------------------------
-= BlackBook =-

Donnie Werner
July 11, 2003

Vunerability(s):
-----------

[ more ]  [ reply ]
ImageMagick's Overflow 2003-07-14
Angelo Rosiello (guilecool usa com)


ImageMagick's Overflow

Rosiello Security's Advisory

&

DTORS

http://www.rosiello.org

I. BACKGROUND

The ImageMagick (display) is an image viewer.

ImageMagick is part of th

[ more ]  [ reply ]
TA-2003-07 Denial of Service Attack against Twilight WebServer v1.3.3.0 2003-07-13
Rushjo (at) tripbit (dot) org [email concealed] (rushjo tripbit org)


[ more ]  [ reply ]
[SECURITY] [DSA-348-1] New traceroute-nanog packages fix integer overflow 2003-07-14
Matt Zimmerman (mdz debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 348-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
July 11th, 2003

[ more ]  [ reply ]
StarSiege: Tribes DoS 2003-07-14
st0ic (st0ic fsix net) (1 replies)
Advisory Name: "Starsiege: Tribes" DoS
Release Date: 07/14/2003
Discovered: 06/09/2003
Application: Tribes.exe
Platform: PC with Windows 2k; others not tested
Severity: High
Discovery: JadaCyruS <jadacyrus (at) fsix (dot) net [email concealed]>
Author: st0ic <st0ic (at) fsix (dot) net [email concealed]>
Vendor: Sierra Entertainment - http://www.sierra.com/

[ more ]  [ reply ]
Re: StarSiege: Tribes DoS 2003-07-14
Mascot (mascot mascot dyndns org) (1 replies)
Re: StarSiege: Tribes DoS 2003-07-14
Davis Ray Sickmon, Jr (midryder midnightryder com)
[sec-labs] Remote Denial of Service vulnerability in NeoModus Direct Connect 1.0 build 9 2003-07-14
sec-labs team (noreply sec-labs hack pl)

sec-labs team proudly presents:

Remote DoS vulnerability in NeoModus Direct Connect 1.0 build 9
and probably newest version.
by Lord YuP
13/07/2003

I. BACKGROUND

Direct Connect is a windows (i've found also a linux version but
i don't have time to

[ more ]  [ reply ]
(Page 1644 of 1748)  < Prev  1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus