-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] GnuPG key validation fix (SSA:2003-141-04)

A key validation bug which results in all user IDs on a given key
being treated with the validity of the most-valid user ID on that
key has been fixed with the release of GnuPG 1.2.2.

W

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] glibc XDR overflow fix (SSA:2003-141-03)

An integer overflow in the xdrmem_getbytes() function found in the glibc
library has been fixed. This could allow a remote attacker to execute
arbitrary code by exploiting RPC service tha

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] EPIC4 security fixes (SSA:2003-141-01)

New EPIC4 packages are available to fix security problems found
by Timo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client.
Under certain circumstances, a malicious IRC server could cau

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] BitchX security fixes (SSA:2003-141-02)

New BitchX packages are available to fix security problems found
by Timo Sirainen. BitchX is an IRC (Internet Relay Chat) client.
Under certain circumstances, a malicious IRC server could

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mod_ssl RSA blinding fixes (SSA:2003-141-05)

An upgrade for mod_ssl to version 2.8.14_1.3.27 is now available.
This version provides RSA blinding by default which prevents an
extended timing analysis from revealing details of the

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] quotacheck security fix in rc.M (SSA:2003-141-06)

An upgraded sysvinit package is available which fixes a problem with
the use of quotacheck in /etc/rc.d/rc.M. The original version of
rc.M calls quotacheck like this:

echo "

[ more ]  [ reply ]

Hello.
This is WsMp3d remote exploit.

Thanks.

--

/*
**
** [*] Title: Remote Heap Corruption Overflow vulnerability in WsMp3d (Again)
** [+] Exploit: 0x82-Remote.WsMp3d.again.c
**
** [+] Description --
**
** WsMp3d is webserver daemon that can enjoy mp3. (shoutcast-server)
** There is WsMp3 Heap

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name: cdrecord
Advisory ID:

[ more ]  [ reply ]

According to Demarc Puresecure's Website;

Demarc PureSecureTM is a one of a kind, Total Intrusion Detection
System (TIDS), which provides an unsurpassed level of comprehensive
security. For the first time you will be able to reliably prevent,
detect, and deter internal and external th

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name: lpr
Advisory ID:

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : bugzilla
SUMMARY : Cross site scripting and t

[ more ]  [ reply ]

---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated gnupg packages fix validation bug
Advisory ID: RHSA-2003:175-01
Issue date: 2003-05-20
Updated on: 2003-05-20
Product: Red Hat

[ more ]  [ reply ]

CSS bug allowing in session id stealing.. advisory attached.

--
+ Microsoft doesn't believe in free() code.

[ more ]  [ reply ]

Tuesday, 20 May, 2003

Silent delivery and installation of an executable on a target
computer. No client input other than opening an email or newsgroup
post.

This can be achieved with the default setting of Outlook Express:
RESTRICTED ZONE.

Technically the following never worked, cannot work

[ more ]  [ reply ]

Telhack 026 Inc. Security Advisory - #4
_________________________________________

Name: Blackmoon FTP Server 2.6 Free Edition
Impact: Medium
Date: May 21 / 2003
_________________________________________

Daniel Nyström a.k.a. excE <exce (at) netwinder (dot) nu [email concealed]>

_I N F O_

BlackMoon FTP Server is an FTP dae

[ more ]  [ reply ]

==========================================
INetCop Security Advisory #2003-0x82-017.b
==========================================

* Title: Remote Heap Corruption Overflow vulnerability in WsMp3d (Again)

0x01. Description

WsMp3d is webserver daemon that can enjoy mp3. (shoutcast-server)
The

[ more ]  [ reply ]

==========================================
INetCop Security Advisory #2003-0x82-017.a
==========================================

* Title: WsMP3d Directory Traversing Vulnerability

0x01. Description

WsMp3d is daemon that can enjoy mp3.
This daemon can approach in web, directory traversing

[ more ]  [ reply ]

BadBlue Remote Administrative Access Vulnerability

I. Synopsis

Affected Systems:
* BadBlue 1.7
* BadBlue 2.0
* BadBlue 2.1
* BadBlue 2.2
Immune Systems:
* BadBlue 2.3

NOTE: BadBlue 1.6 and prior may be impacted; these systems were not tested.

Risk: High (Remote LocalSystem Co

[ more ]  [ reply ]

hey, it's maelort.pl.
#!/usr/bin/perl
# kokanin/DSR, gid games crap for /usr/ports/games/maelstrom -server bug
found by
# Luca Ercoli. This (ret/offset/shellcode) is made for FreeBSD 4.8-RELEASE.
# maelstrom-3.0.5 Asteroids-style game for X Window System
# shellcode by eSDee, he's cool. AV crap

[ more ]  [ reply ]

-------

Product: PHP-Nuke

Vendor: Francisco Burzi

Versions Vulnerable:

Francisco Burzi PHP-Nuke 6.0

Francisco Burzi PHP-Nuke 6.5 RC3

Francisco Burzi PHP-Nuke 6.5 RC2

Francisco Burzi PHP-Nuke 6.5 RC1

Francisco Burzi PHP-Nuke 6.5 FINAL

Francisco Burzi PHP-Nuke 6.5 BETA 1

Francisco Burzi P

[ more ]  [ reply ]

-------

Product: PHP-Nuke

Vendor: F.Burzi

Module: PHP-Banner Exchange

Version: 1.2

-------

Accessing directly to the PHP Banner Exchange module and without a

specified file :

http://[target]/modules/phpbannerexchange/

( phpbannerexchange module directory )

you get this:

Wa

[ more ]  [ reply ]

Issue :

Blue screen in Windows

Tested versions :

W2000 Server Sp3 with IE 6.0 Sp1
XP Pro with IE 6.0

Vendor status :

MS is investigating the issue but as they spent months to just acknowledge
it I decided to publish it

Description :

With Internet Explorer you can make calls using netmeetin

[ more ]  [ reply ]

Advisory name: SQL Injection-Bug in ttForum (all versions)
Application: ttForum - all versions
Vendor: www.ttforum.com
Status: Vendor of ttForum was contacted but didn't reply
Impact: Attacker can get Administrator-rights on forum
Platform(s): any

Technical description:
----------------------

Ever

[ more ]  [ reply ]

Local exploit for /usr/bin/Maelstrom due to insufficient bounds checking of the -player cmd line arg.

See attached proof-of-concept exploit.

-akcess
--
______________________________________________
http://www.linuxmail.org/
Now with e-mail forwarding for only US$5.95/yr

Powered by Outblaze

[ more ]  [ reply ]

Every year, 127 Research chooses an interesting topic, presenting it to
our correspondants just to keep them up-to-date with our vastly
increasing prowess and drive. This year will be the first we bring the
public our yearly analysis. Focused on topics that challenge an
analyst's skill, 127 Day rel

[ more ]  [ reply ]

Cesar FTP v0.99g (latest version)
an FTP Server by http://www.aclogic.com/
it saves the ftp password in file:
c:\Program Files\CesarFTP\settings.ini
in plaintext:

....
Password= "lalala"
Login= "megahz"
Name= "megahz"
....

Discovered by MegaHz
www.megahz.org
megahz (at) megahz (dot) org [email concealed]
www.cyhackportal.co

[ more ]  [ reply ]