|
|
Colapse all |
Post message
[SECURITY] [DSA 261-1] New tcpdump packages fix denial of service vulnerability 2003-03-14 joey infodrom org (Martin Schulze) Protegrity buffer overflow 2003-03-13 sss sss (protegritysecvuln yahoo com) Additional details can be found at http://www.kb.cert.org/vuls/id/247545 There is a company that does encryption of databases called Protegrty. They use extended stored procedures to do the encryption and decryption. I tested 3 of the extended stored procedures and found all 3 vulnerable to buffer [ more ] [ reply ] response to tax software not encrypting tax info 2003-03-13 auto40951 hushmail com -----BEGIN PGP SIGNED MESSAGE----- PivX: I am wondering, is it really the responsibility of every piece of software that handles potentially sensitive info to provide (strong)encryption capabilities? I think the onus of protecting sensitive info should fall on the user in many cases. This obviou [ more ] [ reply ] Security Update: [CSSA-2003-SCO.6] OpenServer 5.0.5 OpenServer 5.0.6 OpenServer 5.0.7 : remote buffer overflow in sendmail (CERT CA-2003-07) 2003-03-13 security sco com To: bugtraq (at) securityfocus (dot) com [email concealed] announce (at) lists.caldera (dot) com [email concealed] scoannmod (at) xenitec.on (dot) ca [email concealed] ________________________________________________________________________ ______ SCO Security Advisory Subject: OpenServer 5.0.5 OpenServer 5.0.6 OpenServer 5.0.7 : remote buffer overflow in sendmail (CERT CA-2003- [ more ] [ reply ] RE: PivX Advisory MK002A Intuit TurboTax Information Disclosure Vulnerability 2003-03-13 Jeremy Epstein (jeremy epstein webmethods com) Calling these "security advisories" is really misleading. I keep some of my financial calculations in Excel spreadsheets and even in text documents. Does that mean you'll be issuing a security advisory on Excel or emacs next? And heaven knows, these files are stored in files on disk drives... will [ more ] [ reply ] [SECURITY] [DSA-260-1] New file package fixes buffer overflow 2003-03-13 Michael Stone (mstone klecker debian org) Nokia SGSN (DX200 Based Network Element) SNMP issue 2003-03-13 @stake Advisories (advisories atstake com) Fwd: CERT Advisory CA-2003-08 Increased Activity Targeting Windows Shares 2003-03-13 Muhammad Faisal Rauf Danka (mfrd attitudex com) *** There is an attachment in this mail. *** _____________________________________________________________ --------------------------- [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- _____________________________________________________________ Select your own custom email a [ more ] [ reply ] Sun ONE (iPlanet) Application Server Connector Module Overflow 2003-03-13 @stake Advisories (advisories atstake com) R7-0011: Lotus Notes/Domino Web Retriever HTTP Status Buffer Overflow 2003-03-13 Rapid 7 Security Advisories (advisory rapid7 com) R7-0012: Lotus Notes/Domino R6-beta PROTOS LDAP Denial of Service Regression 2003-03-13 Rapid 7 Security Advisories (advisory rapid7 com) PivX Advisory MK002A Intuit TurboTax Information Disclosure Vulnerability 2003-03-13 Mike Kristovich (mkristovich pivx com) R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication 2003-03-13 Rapid 7 Security Advisories (advisory rapid7 com) PivX Advisory MK002B H&R Block TaxCut Information Disclosure Vulnerability 2003-03-13 Mike Kristovich (mkristovich pivx com) MDKSA-2003:031 - Updated usermode packages remove insecure shutdown command 2003-03-12 Mandrake Linux Security Team (security linux-mandrake com) Potential PGP signature verification problem? 2003-03-12 Avri Schneider (avri_schneider yahoo com) (1 replies) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I have come across a possible problem in the way PGP handles signature verification. The problem lies in the fact that PGP will strip OLE objects inserted in an e-mail and verify the message signature based only on the text, not infor [ more ] [ reply ] Re: Potential PGP signature verification problem? 2003-03-13 Peter Hanecak (hanecak megaloman com) (1 replies) Re: Potential PGP signature verification problem? 2003-03-14 Florian Weimer (Weimer CERT Uni-Stuttgart DE) @(#)Mordred Labs advisory - Remote DoS in PostgreSQL <= 7.2.2 2003-03-12 sir mordred hushmail com -----BEGIN PGP SIGNED MESSAGE----- //@(#) Mordred Labs advisory 0x0007 Release date: August 26, 2002 Name: Remote DoS condition in PostgreSQL Versions affected: <= 7.2.2 Conditions: entry in a pg_hba.conf file that matches attacker's host. Risk: average Author: Sir Mordred (http://mslabs.iwebland [ more ] [ reply ] NetBSD Security Advisory 2003-003 Buffer Overflow in file(1) 2003-03-12 NetBSD Security Officer (security-officer netbsd org) VPOPMail Account Administration (squirrel mail) version 0.9.7 2003-03-12 error (error lostinthenoise net) Plugin info: http://www.squirrelmail.org/plugin_view.php?id=103 Description: VPOPMail Account Administration The plugin lets the user do the tasks he would be able using qmailadmin change password let mails forward create away messages Notes (from the README): ************* IMPORTANT ********** [ more ] [ reply ] |
|
Privacy Statement |
probably even your local baker... This is a case of Vendor vs. User... I
Thank PivX for helping the Community and WE must help out our users.
You can almost bet the that the users of the Tax program use IE to surf the
intern
[ more ] [ reply ]