|
|
Colapse all |
Post message
serious vulnerability present. all doomed. over. 2003-04-01 Security Experts, Liability Limited (throwaway dione ids pl) NSFOCUS SA2003-02: Solaris lpq Stack Buffer Overflow Vulnerability 2003-03-31 NSFCOSU Security Team (security nsfocus com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security Advisory(SA2003-02) Topic: Solaris lpq Stack Buffer Overflow Vulnerability Release Date: 2003-3-31 CVE CAN ID: CAN-2003-0091 Affected system: =================== Sun Solaris 2.5.1 (SPARC/x86) Sun Solaris 2.6 (SPARC/x86) Sun Solari [ more ] [ reply ] [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail) 2003-03-30 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] [DDI-1012] Malformed request causes denial of service in HP Instant TopTools 2003-03-31 Erik Parker (erik parker digitaldefense net) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ ---- Digital Defense Inc. Security Advisory DDI-1012 labs (at) digitaldefense (dot) net [email concealed] http://www.digitaldefense.net/ - --------------------------------------------------------------- [ more ] [ reply ] Security issues in D-Link DSL-300/DSL-300G+ Broadband Modem/Router 2003-03-31 Arhont Information Security (infosec arhont com) Arhont Ltd - Information Security Company Arhont Advisory by: Andrei Mikhailovsky (www.arhont.com) Advisory: D-Link DSL Broadband Modem/Router Router Model Name: D-Link DSL-300G/DSL-300G+ Model Specific: Other models might be vulnerable as well Manufacturer site: http://www.dlink.c [ more ] [ reply ] OpenSSH 3.6 released (fwd) 2003-03-31 Jonas Eriksson (je sekure net) New OpenSSH version.. Regards, Jonas Eriksson ---------- Forwarded message ---------- Date: Mon, 31 Mar 2003 14:48:52 +0200 From: Markus Friedl <markus (at) openbsd (dot) org [email concealed]> To: announce (at) openbsd (dot) org [email concealed] Subject: OpenSSH 3.6 released OpenSSH 3.6 has just been released. It will be available from the mirrors li [ more ] [ reply ] NSFOCUS SA2003-03: Solaris dtsession Heap Buffer Overflow Vulnerability 2003-03-31 NSFCOSU Security Team (security nsfocus com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security Advisory(SA2003-03) Topic: Solaris dtsession Heap Buffer Overflow Vulnerability Release Date: 2003-03-31 CVE CAN ID: CAN-2003-0092 Affected system: =================== Sun Solaris 2.5.1 (SPARC/x86) Sun Solaris 2.6 (SPARC/x86) Sun [ more ] [ reply ] CGI Citys CCLOG and CCGuestbook Script Injection Vulns Fixed!!! 2003-03-31 BrainRawt . (brainrawt hotmail com) Dear Bugtraq Readers, Peter Go from CGI-City has confirmed that the script injection vulns found in CCLOG and CCGuestbook have been fixed. The latest (fixed) versions of these two scripts can be downloaded from the following links. http://www.icthus.net/CGI-City/scr_cgicity.shtml#CCLOG and htt [ more ] [ reply ] Vulnerability in News/îÏ×ÏÓÔÉ 2003-03-31 Over_G (overg mail ru) Product: News Version: 1.0 OffSite: http://xonix.ru Problem: Add news -------------------------------------- You may add news without autorization. http://[target]/admin/script.php?data=ENTER_THIS_YOUR_NEWS. example: http://[target]/admin/script.php?data=script.php?data=<? system($cmd) ?> then o [ more ] [ reply ] Positive Technologies Security Advisory 2003-0307: DoS-attack in Kerio WinRoute Firewall 2003-03-31 Dmitry Maksimov (dmaksimov ptsecurity ru) [SCSA-014] Remote Denial of Service Vulnerability in EZ Server 2003-03-31 Grégory Le Bras (gregory lebras security-corporation com) ====================================================================== Security Corporation Security Advisory [SCSA-014] Remote Denial of Service Vulnerability in EZ Server ====================================================================== PROGRAM: EZ Server HOMEPAGE: http://www.html [ more ] [ reply ] Sendmail: -1 gone wild 2003-03-29 Michal Zalewski (lcamtuf ghettot org) CVE: CAN-2003-0161 CERT: VU#897604 ******************************************************** *** FORCED RELEASE -- VENDOR NOTIFIED AS OF 03/18/03 *** ******************************************************** There is a vulnerability in Sendmail versions 8.12.8 and prior. The address parser p [ more ] [ reply ] [security (at) slackware (dot) com [email concealed]: [slackware-security] Sendmail buffer overflow fixed] 2003-03-29 White Vampire (whitevampire mindless com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----- Forwarded message from Slackware Security Team <security (at) slackware (dot) com [email concealed]> ----- Return-Path: <owner-slackware-security (at) bob.slackware (dot) com [email concealed]> Delivered-To: whitvamp@localhost Received: (qmail 7993 invoked from network); 25 Mar 2003 17:44:33 -0000 Rec [ more ] [ reply ] [security (at) slackware (dot) com [email concealed]: [slackware-security] Samba buffer overflow fixed] 2003-03-29 White Vampire (whitevampire mindless com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----- Forwarded message from Slackware Security Team <security (at) slackware (dot) com [email concealed]> ----- Return-Path: <owner-slackware-security (at) bob.slackware (dot) com [email concealed]> Delivered-To: whitvamp@localhost Received: (qmail 18002 invoked from network); 25 Mar 2003 19:18:43 -0000 Re [ more ] [ reply ] CGI-City's CCLOG Script Injection Vulns 2003-03-29 BrainRawt . (brainrawt hotmail com) CGI-City's CCLOG USER-AGENT and REFERER Script Injection Vulnerabilities Discovered By BrainRawt (brainrawt (at) hotmail (dot) com [email concealed]) About CCLOG: ------------------ CC Log is a very simple logging script which logs the hits to a single web page. This script is typically useful for logging the hits to the main [ more ] [ reply ] CGI-City's CCGuestBook Script Injection Vulns 2003-03-29 BrainRawt . (brainrawt hotmail com) CGI-City's CCGuestBook Script Injection Vulnerabilities Discovered By BrainRawt (brainrawt (at) hotmail (dot) com [email concealed]) About CCGuestBook: ------------------ CC Guestbook is a simple guestbook program that is very easy to configure and install. It features a notification facility which sends an email alert to the [ more ] [ reply ] sendmail 8.12.9 available 2003-03-29 Claus Assmann ca+announce (at) sendmail (dot) org [email concealed] (ca+announce sendmail org) (1 replies) -----BEGIN PGP SIGNED MESSAGE----- Sendmail, Inc., and the Sendmail Consortium announce the availability of sendmail 8.12.9. It contains a fix for a critical security problem discovered by Michal Zalewski whom we thank for bringing this problem to our attention. Sendmail urges all users to either [ more ] [ reply ] Justice Guestbook 1.3 vulnerabilities 2003-03-29 euronymous (just-a-user yandex ru) =:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: Justice Guestbook 1.3 vulnerabilities product: Justice Guestbook 1.3 vendor: http://www.justice-media.de risk: high date: 03/29/2k3 discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/017.en.txt http://f0k [ more ] [ reply ] |
|
Privacy Statement |
.--------------------------------------------------.
| S.E.L.L. -- ADVISORY NUMBER 4F4E45 -- .L.L.E.S |
| ------------------------------------------------ |
| April 1, 2003 |
|
[ more ] [ reply ]