BugTraq Mode:
(Page 1663 of 1748)  < Prev  1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668  Next >
Maelstrom Buffer Overflow 2003-05-18
Luca Ercoli (luca ercoli inwind it)


Maelstrom is an arcade game. There is a buffer overflow vulnerability in

Maelstrom which allow local attacker

arbitrary code execution.

Vulnerable systems: Maelstrom 3.0.6

Maelstrom 3.0.5

Example:

[lucae@linux]$ gdb /usr/bin/Maelstrom

GNU gdb 5.2.1-2mdk (Mandrake Linux)

C

[ more ]  [ reply ]
[SECURITY] [DSA 306-1] New BitchX packages fix DoS and arbitrary code execution 2003-05-19
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 306-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
May 19th, 2003

[ more ]  [ reply ]
RE: Hersmen Contact 2003-05-19
Simpelaar, Marco (msimpela foxboro com)
Chris,

I think you mean Hirschmann, correct?

The website is www.hirschmann.com which has email feedback via
http://www3.hirschmann.de/maile.php3

Marco

-----Original Message-----
From: Chris Knipe [mailto:cknipe (at) megalan.co (dot) za [email concealed]]
Sent: vrijdag 16 mei 2003 18:53
To: bugtraq (at) securityfocus (dot) com [email concealed]
Subject

[ more ]  [ reply ]
RE: PalmOS ICMP flood DoS. 2003-05-19
Jay D. Thomson (jdthomson mobile-secure com)

Shaun,

PalmOS isn't the only mobile device operating system that is vulnerable
to flooding attacks like this. Caleb Sima of SPI Dynamics has
discovered a highly effective SMS flood that will render most PocketPC
and Symbian based devices, as well as almost every modern cellphone
unusable. In add

[ more ]  [ reply ]
Security Vulnerabilities in MediaBase Apache and PHP on IRIX 2003-05-19
SGI Security Coordinator (agent99 sgi com)
-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______
SGI Security Advisory

Title : Security Vulnerabilities in MediaBase Apache and PHP
Number : 20030502-01-I
Date : May 19, 2003
Reference: Kasenna Supp

[ more ]  [ reply ]
bazarr slocate 2003-05-19
bazarr (at) ziplip (dot) com [email concealed] (bazarr ziplip com)
dis advisory contains many a ascii diagram so it is attached in .txt

-bazarr

[ more ]  [ reply ]
Remote code execution in ttCMS <=v2.3 2003-05-17
ScriptSlave gmx net
Advisory name: Remote code execution in ttCMS 2.2.0/2.2.1
Application: ttCMS v2.3 (and older versions)
Vendor: www.ttcms.com
Status: Vendor was contacted but didn't reply - after posting about another
hole on his forums, my account was banned
Impact: Attacker can execute arbitrary php code
Platform

[ more ]  [ reply ]
Automatic Harvesting of AOL Instant Messenger Screen Names! 2003-05-16
cyber_flash hotmail com


Hi,

See my demo source code (masm32):

www.geocities.com/cyber_flash5/aimhol.zip

If you have problems downloading, please send me an email.

A simple 2x30 search returned approx. 6000 screen names!

My CONCERN is what would one do with all these screen names/data?!

Maybe create Spam/V

[ more ]  [ reply ]
PHP-Nuke code injection in Yearly Stats at Statistics module 2003-05-17
Lorenzo Manuel Hernandez Garcia-Hierro (security lorenzohgh com)


-------

Product: PHP-Nuke

Vendor: Francisco Burci

Versions Vulnerable:

6.0 without patches ,

6.0 with index.php and mainfile.php patches.

5.5 with patches ( all resting script tags)

No vulnerable:

6.0 with mainfile.php patch for block url tags inclusions ( not all ).

5.5 with script t

[ more ]  [ reply ]
Buffer overflow vulnerability found in MailMax version 5 2003-05-17
0x36 (release 0x36 org)
____ ,_____ __
/ \ |___ / / / Buffer Overflow Vulnerability
( /\ ) / / / / __ Found in MailMax Version 5
( \/ ) \ / ,_\ \ ( ( \ \ http://www.smartmax.com
\____/ / \ |____\ \_\_/_/ matrix at 0x36.org
ooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooO

[ more ]  [ reply ]
Path Disclosure in Turba of Horde 2003-05-17
Lorenzo Manuel Hernandez Garcia-Hierro (security lorenzohgh com) (1 replies)


There is a path disclosure in status.php of Turba module at Horde 2.1,

you get this:

Fatal error: Call to a member function on a non-object

in /opt/local/apache/htdocs/horde/turba/status.php on line 12

NOTE: i observed that this only occur in Turba....

[ more ]  [ reply ]
Re: Path Disclosure in Turba of Horde 2003-05-17
Anil Madhavapeddy (anil recoil org)
[SECURITY] [DSA-304-1] New lv packages fix local privilege escalation 2003-05-16
Matt Zimmerman (mdz debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 304-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
May 15th, 2003

[ more ]  [ reply ]
[OpenPKG-SA-2003.029] OpenPKG Security Advisory (gnupg) 2003-05-16
OpenPKG (openpkg openpkg org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]
bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification 2003-05-16
NetExpress (netexpress tiscali it) (1 replies)
Product bsbsdftpd-6.0-ssl-0.6.1-1 http://bsdftpd-ssl.sc.ru/

During a pen-test we have notice how is easy to identify valid users on
vulnerable systems, through a simple timing attack.

When I try to connect to ftp without ssl using a unreal user with bad
password I get
immediatly response of incor

[ more ]  [ reply ]
Re: bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification 2003-05-16
Damian Gerow (damian sentex net) (2 replies)
Re: bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification 2003-05-17
Mika Boström (bostik lut fi)
Re: bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification 2003-05-16
NetExpress (netexpress tiscali it)
Snowblind Web Server: multiple issues 2003-05-16
euronymous (just-a-user yandex ru)
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=
topic: Snowblind Web Server: multiple issues
product: Snowblind Web Server v1.0
vendor: www.snowblind.net
risk: high
date: 05/16/2k3
tested platform: Windows 98 Second Edition
discovered by: euronymous /F0KP
advisory urls: http://f0kp.iplus.ru/bz/0

[ more ]  [ reply ]
Immunix Secured OS 7+ fileutils update 2003-05-16
Immunix Security Team (security wirex com)
-----------------------------------------------------------------------
Immunix Secured OS Security Advisory

Packages updated: fileutils
Affected products: Immunix OS 7.0, 7+
Bugs fixed: CAN-2002-0435
Date: Fri May 16 2003
Advisory ID: IMNX-2003-7+-010-01
Author: Seth Arnold <sarnold (at) wirex (dot) c [email concealed]

[ more ]  [ reply ]
Venturi Client 2.1 confirmed as open relay [Verizon Wireless Mobile Office] 2003-05-16
Josh Steinhurst (j securityfocus steinhurst net)


Product: [Fourelle|Venturi Wireless] Venturi Client

(all versions prior to 2.2)

Brief Description: Acts as an open proxy for protocols

including SMTP.

Description: Venturi Client is a multi-protocol proxy

that operates in conjunction with a proprietary

transcoding server. It inserts itse

[ more ]  [ reply ]
Hersmen Contact 2003-05-16
Chris Knipe (cknipe megalan co za)
Does anyone have a web site / contact for Hersmen by any chance? They
manufacture industrial switches, based in Germany if I'm not mistaken...

--
me

[ more ]  [ reply ]
EzPublish Directory XSS Vulnerability 2003-05-16
Ferruh Mavituna (ferruh mavituna com)
------------------------------------------------------
EzPublish "Directory" XSS Vulnerability
------------------------------------------------------

------------------------------------------------------
About Ezpublish;
------------------------------------------------------
PHP Based Content Mana

[ more ]  [ reply ]
Microsoft Solution for Securing Wireless LANs now available 2003-05-16
Michael Howard (mikehow microsoft com)
Microsoft is pleased to announce the release of _Solution for Securing
Wireless LANs_.

This prescriptive guide addresses today's wireless network
vulnerabilities, and provides a reference implementation of certificate
services for securing WLANS, which is suited for organizations of
several hundred

[ more ]  [ reply ]
[SECURITY] [DSA-303-1] New mysql packages fix multiple vulnerabilities 2003-05-16
Matt Zimmerman (mdz debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 303-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
May 15th, 2003

[ more ]  [ reply ]
[SECURITY] [DSA-305-1] New sendmail packages fix insecure temporary file creation 2003-05-16
Matt Zimmerman (mdz debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 305-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Matt Zimmerman
May 15th, 2003

[ more ]  [ reply ]
[RHSA-2003:169-01] Updated lv packages fix vulnerability 2003-05-16
bugzilla redhat com
---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated lv packages fix vulnerability
Advisory ID: RHSA-2003:169-01
Issue date: 2003-05-16
Updated on: 2003-05-16
Product: Red Hat Linu

[ more ]  [ reply ]
MDKSA-2003:058 - Updated cdrecord packages fix local root compromise 2003-05-15
Mandrake Linux Security Team (security linux-mandrake com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name: cdrecord
Advisory ID:

[ more ]  [ reply ]
(Page 1663 of 1748)  < Prev  1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus