-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 292-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
April 22nd, 2003

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : tcpdump
SUMMARY : Several vulnerabilities
DAT

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 291-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
April 22nd, 2003

[ more ]  [ reply ]

Product Description

AN HTTPd is a relatively small, powerful web server designed for Windows
systems. It supports ISAPI, CGI, SSI, and several other powerful
technologies (such as isolated worker processes) usually only seen in
production servers. More information on AN HTTPd is available at
http

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Next Generation Security Technologies
http://www.ngsec.com
Security Advisory

Title: YABB SE, remote command execution.
ID: NGSEC-2003-5
Application: YA

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200304-05
- - - ---------------------------------------------------------------------

PACKAGE : snort
SUMMARY : Multiple

[ more ]  [ reply ]

> -----Original Message-----
> From: Dave Aitel [mailto:dave (at) immunitysec (dot) com [email concealed]]

> Also found and demonstrated by dildog at defcon 3 years ago. So don't
> hold your breath waiting for that patch.

You don't need to wait. This is prevented with NTLM v.2, which shipped
with Windows NT 4.0 SP4 in Octobe

[ more ]  [ reply ]

PTNews v1.7.7 - Access to administrator functions without authentification

.oO Overview Oo.
PTNews v1.7.7 - Access to administrator functions without authentification
Discovered on 2003, April, 7th
Vendor: PTNews - http://www.openbg.net/ptsite/

PT News is a simple news system. This is lite solut

[ more ]  [ reply ]

In-Reply-To: <20030416195550.2126.qmail (at) www.securityfocus (dot) com [email concealed]>

>*Description*

>Microsoft Internet Explorer 6.0 (other versions not tested) is

>vulnerable to a DoS when specially crafted html is present on a page.

>The vulnerability is in the processing of the OBJECT tag.

A *year-old* DoS.

[ more ]  [ reply ]

Product Description

mod_ntlm is an Apache module (originially designed for Apache 1.3, now
available for Apache 2.0) that provides the ability for Apache services to
authenticate users via the NTLM authentication technology that is largely
specific to Microsoft IIS.

Home page: http://www.sourcefor

[ more ]  [ reply ]

Date:
20.04.2003

Subject:
MPCSoftWeb Guest Book vulnerabilities.

Description:
This Guest Book is designed to be easy to use and configure,
it uses a Microsoft Access 2000 database to store the messages.
It has a number of features: emoticons and text formatting,
a profanity or unwanted word fil

[ more ]  [ reply ]

Background
-------------------

Acer Travelmate 600, 800 series notebooks include a smartcard reader, two smartcards and a security application called Platinum Secure. The smart card security system should prevent access to the console while the smartcard is not present or when password has not b

[ more ]  [ reply ]

Monkey HTTP Daemon Remote Buffer Overflow

ABSTRACT

"Monkey is a Web server written in C that works under Linux. This is an open
source project based on the HTTP/1.1 protocol. The objective is to develop
a fast, efficient, small and easy to configure web server."

(quote from http://monkeyd.source

[ more ]  [ reply ]

BadBlue Arbitrary Administrative Actions Vulnerability

I. Synopsis

Author: Matthew Murphy (mattmurphy (at) kc.rr (dot) com [email concealed])
Release Date: April 20, 2003
Vendor References:
* http://www.badblue.com
* http://www.badblue.com/down.htm
Affected Systems: BadBlue 2.15 and prior
Risk: High
Issue: A vulnerability e

[ more ]  [ reply ]

Race Condition in Windows XP Service Control Manager Service Shutdown
Mechanism

ABSTRACT

"The Windows XP Professional operating system is the best choice for
businesses of all sizes. Windows XP Professional integrates the strengths of
Windows 2000 Professional, such as standards-based security, ma

[ more ]  [ reply ]

Also found and demonstrated by dildog at defcon 3 years ago. So don't
hold your breath waiting for that patch.

Dave Aitel
Immunity, Inc.
http://www.immunitysec.com/

On 19 Apr 2003 13:24:33 -0000
<seclab (at) ce.aut.ac (dot) ir [email concealed]> wrote:

>
>
> Detailed information:
> http://seclab.ce.aut.ac.ir/vreport.htm
>

[ more ]  [ reply ]

Hello,

Nothing to add again, just a trivial IE crash.
http://www.sztolnia.pl/hack/TrivialIECrash2/TrivialIECrash2.html

I checked the net and haven't found any other sysmon.ocx
vulnerability, except this one http://www.ussrback.com/labs57.html
but this one uses different CLSID.
Thx to Richard Mo

[ more ]  [ reply ]

Detailed information:

http://seclab.ce.aut.ac.ir/vreport.htm

Summary

=======

Microsoft uses SMB Protocol for ?File and Printer sharing service? in all

versions of Windows. Upon accessing a network resource, NTLM

Authentication is used to authenticate the client on the server. When a

lo

[ more ]  [ reply ]

hello bugtraq,

Here is an exploit for a recently discovered vulnerability in PoPToP
PPTP server under Linux. Versions affected are all prior to
1.1.4-b3 and 1.1.3-20030409.
The exploit is capable of bruteforcing the RET address to find our
buffer in the stack. Upon a successfull run it brings up a

[ more ]  [ reply ]

BACKGROUND

-----------

Xinetd is a popular inetd replacement. Shortly after the 2.3.9 release in

September 2002, it was realized that xinetd was leaking file descriptors.

That problem turned out to be that file descriptors were not always being

closed whenever a connection was rejected.

[ more ]  [ reply ]

On Mon, 2003-04-07 at 12:06, Nicolas Gregoire wrote:
>
> Editors status
> ==============
>
> - eEye Retina Scanner :
> Work in progress on the editor side ...

For your information, Retina has been fixed in version 4.9.84.
The eEye Spida scanner has been updated too (now in version 1.0.2).

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : vixie-cron
SUMMARY : Local vulnerability
DATE

[ more ]  [ reply ]

Description:

The BadWord-(Script-)Filter can be tricked by adding the Tab-Char (0x09)

into the script command. This may lead to CrossSite-Scripting.

Exploit:

[img]jav asc ript:alert%28document.cookie%29[/img]

Vendor:

Has been contacted on 15. April.

Patch:

Available

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name: kde3
Advisory ID:

[ more ]  [ reply ]

Adam,
If you paste the code within the object tag you specified into a rich text
html email, MSIMN will crash:

<>
id=crash
classid="clsid:00022613-0000-0000-C000-000000000046"
width=1
height=1
<>

Outlook Express 6 [6.00.2800.1106] will crash with the following error:

--------
MSIMN.exe - Appl

[ more ]  [ reply ]

Regards
--------
Muhammad Faisal Rauf Danka

*** There is an attachment in this mail. ***

_____________________________________________________________
---------------------------
[ATTITUDEX.COM]
http://www.attitudex.com/
---------------------------

_____________________________________________

[ more ]  [ reply ]

.:: Decription ::.

Web Wiz Forums, the free award winning ASP bulletin board system is

available in a boxed version with link removal code.

.:: Vendor ::.

http://www.webwizguide.info

.:: Problem ::.

By default all passwords are kept on admin/wwforum.mdb

Example: http://www.target.com/

[ more ]  [ reply ]

Liu Die Yu wrote:
>
> i cracked restriction of 'zone' in mozilla.
> ("that's all" is the end of file if you are in a hurry)
>
> [tested]
> OS:"Windows Server 2003"
>
> NETSCAPE Ver String: "Mozilla/5.0 (Windows; U; Windows NT 5.2; zh-CN;
> rv:1.0.1) Gecko/20020823 Netscape/7.0 "
> (downloaded on

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 288-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
April 17th, 2003

[ more ]  [ reply ]

This is a known flaw see:
http://www.securitytracker.com/alerts/2002/Jun/1004618.html

Cheers

Rich.

Adam [ckkl] wrote:
> Hello,
>
> Nothing to add, just a trivial IE crash.
> http://www.sztolnia.pl/hack/TrivialIECrash/TrivialIECrash.html
>
> Best Regards
> Adam Blaszczyk
> reverser, coder, write

[ more ]  [ reply ]