|
|
Colapse all |
Post message
[SECURITY] [DSA-310-1] New xaos packages fix improper setuid-root execution 2003-06-09 Matt Zimmerman (mdz debian org) Etherleak information leak in Windows Server 2003 drivers 2003-06-09 NGSSoftware Insight Security Research (nisr nextgenss com) NGSSoftware Insight Security Research Advisory Name: Etherleak information leak in Windows Server 2003 drivers Systems Affected: Windows Server 2003 (all versions) Severity: Low/Medium Risk Vendor URL: http://www.microsoft.com/windowsserver2003/ Author: Chris Paget (chrisp (at) ngssoftware (dot) com [email concealed]) Date: 9t [ more ] [ reply ] Cross-Platform Browser vulnerabilities - Critical 2003-06-07 meme-boi (meme-boi nothotmail org) Background: Once upon a time in the far off land of 1997 dwelled horrible cross platform browser vulnerabilities that threatened every user of the internet. Pioneers of Java Security Model exploitation such as Ben Mesander,Dan Brumleve, & Georgi Guninski showed us wonderful methods of loading arb [ more ] [ reply ] IE-object tag longtype exploit 2003-06-07 Alumni (alumni ok kz) #!/usr/bin/perl #=synopsis # 06/06/03 - Proof of concept exploit by Sir Alumni (alumni (at) ok (dot) kz [email concealed]) # IE-Object longtype dynamic call oferflow # [...] # url://<$shellcode><'/'x48><jmp %ptr_sh> # the flaw actually exists in URLMON.DLL when converting backslashes # to wide char, # this can [ more ] [ reply ] man[v1.5l] catalog format strings patch. 2003-06-07 Vade 79 (v9 fakehalo deadpig org) forgot to make a patch for the original posting of the exploit. the patch will keep the functionality, while eliminating exploitation possibilities. original exploit ref: http://www.securityfocus.com/archive/1/323821/2003-05-28/2003-06-03/0 bash# tar -zxvf man.src.tgz bash# patch -p0 < [ more ] [ reply ] [SECURITY] [DSA-308-1] New gzip packages fix insecure temporary file creation 2003-06-07 Matt Zimmerman (mdz debian org) [SECURITY] [DSA-309-1] New eterm packages fix buffer overflow 2003-06-07 Matt Zimmerman (mdz debian org) Speak Freely <=7.5 multiple remote and local vulnerabilities (the Hackademy Audit) 2003-06-07 Fozzy (fozzy dmpfrance com) --[ Summary ]-- Speak Freely is a free and open-sourced software used for efficient and secure (encrypted) voice communication over the Internet. It was written by John Walker, and runs on Windows and Unix. Homepage : http://www.fourmilab.ch/speakfree/ During a source code audit, the Hackademy st [ more ] [ reply ] atftpd bug 2003-06-06 gz (techieone softhome net) Hello, sorry for my poor english. After the mail of Rick Patel about atftpd on vuln-dev ml http://www.securityfocus.com/archive/82/323886/2003-06-02/2003-06-08/0 I investigated a little the bug and found in tftpd_file.c (line 320) int tftpd_send_file(struct thread_data *data) { ... char [ more ] [ reply ] zenTrack Remote Command Execution Vulnerabilities 2003-06-06 farking i-ownur info (1 replies) Subject: zenTrack Remote Command Execution Vulnerabilities Author: farking (farking (at) i-ownur (dot) info [email concealed]) Product: zenTrack 2.4.1 (latest) and below Vendor: http://zendocs.phpzen.net/zentrack / http://sourceforge.net/projects/zentrack/ Status: Vendor contacted (27/05/2003) Location: http://farking [ more ] [ reply ] NOVL-2003-2966181 - HTTPSTK DOS 2003-06-06 Security (at) securityfocus (dot) com [email concealed], Alerts (at) securityfocus (dot) com [email concealed],Novell (at) securityfocus (dot) com [email concealed], Inc. (secure novell com) NOVL-2003-2966205 - iChain 2.2 Field Patch 1a 2003-06-06 Security (at) securityfocus (dot) com [email concealed], Alerts (at) securityfocus (dot) com [email concealed],Novell (at) securityfocus (dot) com [email concealed], Inc. (secure novell com) Multiple Buffer Overflow Vulnerabilities Found in MERCUR Mail server v.4.2 (SP2) - IMAP protocol 2003-06-06 Dennis Rand (der infowarfare dk) linux)zblast/xzb[v1.2]: local buffer overflow. (games) 2003-06-05 Vade 79 (v9 fakehalo deadpig org) note much explaination needed, simple overflow. vade79 -> fakehalo.deadpig.org -> fakehalo -- xxzb.c -- /* (linux)zblast/xzb[v1.2]: local buffer overflow. by: v9[v9 (at) fakehalo.deadpig (dot) org [email concealed]]. zblast/xzb is a common svgalib/X game, included on www.svgalib.org's program downloads: [ more ] [ reply ] BAZARR LOCAL ROOT AGAIN. HI GUYS. DONT READ THIS 2003-06-05 bazarr (at) ziplip (dot) com [email concealed] (bazarr ziplip com) (1 replies) Re: BAZARR LOCAL ROOT AGAIN. HI GUYS. DONT READ THIS 2003-06-06 Benjamin A. Okopnik (ben callahans org) MDKSA-2003:064 - Updated kon2 packages fix buffer overflow vulnerability 2003-06-05 Mandrake Linux Security Team (security linux-mandrake com) Re: Tripbit Advisory TA-2003-05 Buffer Overflow Vulnerability in Pi3 Web Server v2.0.2 Beta 1 2003-06-05 Holger Zimmermann (zimpel users sourceforge net) In-Reply-To: <3EDBB632.4030000 (at) tripbit (dot) org [email concealed]> The problem has been encountered with the Win32 version of Pi3Web 2.0.2 beta 1, a pre-released beta for public testing. As I determined, it is not necessary, to have specific configuration options set in order to reproduce the exploit (maybe dependen [ more ] [ reply ] Monkey Http Daemon 2003-06-05 Martin (broadcast o0 dyndns org) After reading the PHP XSS "exploit" (I dont know if it qualifies as one) in phpinfo(), I found out that on the default page of the Monkey Http Daemon, there is a Test of Supports section. Two links are included: http://whateverhost/php/index.php and http://whateverhost/cgi-bin/test.pl index.php j [ more ] [ reply ] OpenSSH remote clent address restriction circumvention 2003-06-05 Mike Harding (mvh welkyn com) Welkyn Security Advisory SA-2003060400 Synopsis: SSH "from=" and "user@hosts" restrictions spoofable via reverse DNS for numerically specified IP addresses. Issue Date: June 4, 2003 Software Affected: OpenSSH 3.6.1 and earlier Vendor notified: May 24, 2003. Vendor response: See workarounds, b [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 310-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
June 8th, 2003
[ more ] [ reply ]