|
|
Colapse all |
Post message
axis2400 webcams 2003-02-28 Martin Eiszner (martin websec org) 2002 (at) WebSec (dot) org [email concealed]/Martin Eiszner ================================== Security REPORT axis webcam 2400.? ================================== this document: http://www.websec.org/adv/axis2400.txt.html Product: Axis Webserver for 2400 ?? Vulnerablities: denial of service, information disclosure, non-c [ more ] [ reply ] ftp.exe anf tftp.exe buffer overflows 2003-02-28 Max (rusmir tula net) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello there, ftp.exe and tftp.exe both have the same problem with unchecked hostname length. Description: ftp.exe and tftp.exe do not check the length of hostname parameter before passing it to gethostbyname(). This makes possible to crash the [ more ] [ reply ] Netscape Communicator 4.x sensitive informations in configuration file 2003-02-28 Marc Ruef (marc ruef computec ch) (1 replies) Hi! It seems that I'm one of the last Netscape 4.x users. During my research for using roaming profiles I've checked a file named prefs.js in my netscape folder (C:\Program Files\Netscape\Users\mruef). The following paste shows the IMAP mail part of this configuration file. You can see that the li [ more ] [ reply ] Re: Netscape Communicator 4.x sensitive informations in configuration file 2003-02-28 Byron York (byron benefitrecovery com) JRun: The Easiness of Session Fixation 2003-02-28 Christoph Schnidrig (christoph schnidrig csnc ch) Hi all The the Session-ID Fixation paper available from http://www.acros.si/papers/session_fixation.pdf mentions that JRun accepts abritrary Session-ID's and create new sessions with the proposed Session-ID. This means that it is possible to send the following URL http://foo/bar?jsessionid=foo123 a [ more ] [ reply ] NetPBM, multiple vulnerabilities 2003-02-28 Alan Cox (alan lxorguk ukuu org uk) NetPBM contains large numbers of maths overflow errors, some of which are deeply theoretical as they involve passing 2Gb file names, others of which are straight forward x * y * depth type overflows, of the kind which have shown up in numerous other imaging libraries. Finally there are a couple of s [ more ] [ reply ] [SECURITY] [DSA 256-1] New mhc-utils packages fix predictable temporary file 2003-02-28 joey infodrom org (Martin Schulze) [SECURITY] [DSA 255-1] New tcpdump packages fix denial of service vulnerability 2003-02-27 joey infodrom org (Martin Schulze) Mandrake 9.0 local root exploit 2003-02-27 Priv8 Security (xtc priv8security com) (1 replies) ------------------------------------------------------------------------ ------------------------------------------ Priv8 Security - www.priv8security.com priv8mdk90.tar.gz - Mandrake 9.0 local root exploit Based on Idefense adv. http://www.idefense.com/advisory/01.21.03.txt Greets [ more ] [ reply ] Re: MS-Windows ME IE/Outlook/HelpCenter critical vulnerability 2003-02-27 Fozzy (fozzy dmpfrance com) Hi, My post entitled "MS-Windows ME IE/Outlook/HelpCenter critical vulnerability" was parsed incorrectly by the securityfocus mailing-list manager, giving me a From: adress "fozzy (at) securityfocus (dot) com [email concealed]". My contact e-mail is fozzy (at) dmpfrance (dot) com. [email concealed] I am not, in any way, a member of securityfocus.com. Th [ more ] [ reply ] Invision Power Board (PHP) 2003-02-27 Frog Man (leseulfrog hotmail com) Informations : °°°°°°°°°°°°°° Website : http://www.invisionboard.com -------------------------- Version : 1.0.1 Problem : phpinfo() -------------------------- Version : 1.1.1 Problem : File Including PHP Code/Location : °°°°°°°°°°°°°°°°°°° v1.0.1 : phpinfo.php : ---------- <?php phpinfo(); ?> -- [ more ] [ reply ] iDEFENSE Security Advisory 02.27.03: TCPDUMP Denial of Service Vulnerability in ISAKMP Packet Parsing 2003-02-27 iDEFENSE Labs (labs idefense com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 02.27.03: http://www.idefense.com/advisory/02.27.03.txt TCPDUMP Denial of Service Vulnerability in ISAKMP Packet Parsing February 27, 2003 I. BACKGROUND TCPDUMP is a widely used network debugging tool that prints out the he [ more ] [ reply ] Re: poc zlib sploit just for fun :) 2003-02-27 Ralf S. Engelschall (rse engelschall com) In article <200302241751.25591.kelledin+BTQ (at) skarpsey.dyndns (dot) org [email concealed]> you wrote: > [...] > Attached below is a patch RK and I whipped up yesterday, after I > caught wind of this problem sometime in the afternoon. > [...] Thanks for your efforts. We've reviewed your patch for inclusion into our OpenPK [ more ] [ reply ] ISMAIL (All Versions) Remote Buffer Overrun 2003-02-27 NGSSoftware Insight Security Research (mark ngssoftware com) MS-Windows ME IE/Outlook/HelpCenter critical vulnerability 2003-02-27 Fozzy (at) securityfocus (dot) com [email concealed],[Hackademy Audit]@securityfocus.com (fozzy dmpfrance com) --[ Summary ]-- From the Microsoft Security Bulletin MS03-006: " A security vulnerability is present in the Windows Me version of Help and Support Center [...]. An attacker could exploit the vulnerability by constructing a URL that, when clicked on by the user, would execute code of the attacker's [ more ] [ reply ] MDKSA-2003:025 - Updated webmin packages fix session ID spoofing vulnerability 2003-02-26 Mandrake Linux Security Team (security linux-mandrake com) Buffer Overrun Vulnerability in /sbin/ps on IRIX 2003-02-26 SGI Security Coordinator (agent99 sgi com) [SECURITY] [DSA 254-1] New NANOG traceroute packages fix buffer overflow 2003-02-27 joey infodrom org (Martin Schulze) Ecardis Password Reseting Vulnerability 2003-02-27 Haluk AYDIN (haydin biznet com tr) Hi, I don't know if someone has discovered this before but Ecartis 1.0.0 (former listar) contains a vulnerability that enables an attacker to reset passwords of any user defined on the list server, including the list admins. After logging on as a non-priviledged user, Ecartis enables [ more ] [ reply ] MDKSA-2003:026 - Updated shadow-utils packages fix improper mailspool ownership 2003-02-27 Mandrake Linux Security Team (security linux-mandrake com) ./makeunicode2.py release announcement 2003-02-26 0 0 (daveaitel hotmail com) Immunity, Inc. is pleased to announce the availability of makeunicode2.py - a Python program that will encode arbitrary x86 shellcode into a valid unicode string. This program is available from the BlackHat web site at http://www.blackhat.com/html/win-usa-03/win-usa-03-speakers.html#David%2 0Ait [ more ] [ reply ] RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II 2003-02-26 Dike (Dike tarita co id) (1 replies) Confirmed on IE 5.0 too :( Sorry One Liner, Dike > -----Original Message----- > From: http-equiv (at) excite (dot) com [email concealed] [mailto:http-equiv (at) malware (dot) com [email concealed]] > Sent: Wednesday, February 26, 2003 4:45 AM > To: bugtraq (at) securityfocus (dot) com [email concealed] > Subject: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II > Tuesday, [ more ] [ reply ] Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II 2003-02-28 D'Amato Luigi (luigidamato networkingitalia it) |
|
Privacy Statement |
hola, ...
2002 (at) WebSec (dot) org [email concealed]/Martin Eiszner
=====================
Security REPORT TYPO3
=====================
this document: http://www.websec.org/adv/typo3.html
Product: Typo3 (Version 3.5b5 / Earlier versions are possibly vulnerable too)
Vendor: Typo3 (http://www.typo3.com)
Vendor-Status: kasp
[ more ] [ reply ]