|
|
Colapse all |
Post message
[VSA0308] Half-Life AMX-Mod remote (root) hole 2003-02-26 VOID.AT Security (asdf asdf com) [void.at Security Advisory VSA0308 - mailto:crew at void dot at] AMX[1] is a plugin for the "Half-Life Server", hosting the most popular online game today, "Counter-Strike", among others. Overview ======== Due to a format string bug in AMX, it is possible for a remote attacker who knows the rcon- [ more ] [ reply ] [VSA0307] Battlefield 1942 remote DoS 2003-02-26 VOID.AT Security (asdf asdf com) [void.at Security Advisory VSA0307 - mailto:crew at void dot at] Battlefield 1942 is a game (c) by Electronic Arts[1]. Overview ======== By sending a specially crafted packet to the bf1942-server remote administration port, an attacker can cause the server to crash. It *could* even be possible [ more ] [ reply ] Security Patchs for PHP Products #2 2003-02-26 Frog Man (leseulfrog hotmail com) Here is a new list of security patchs for some security holes in PHP products (by phpSecure team & others). The most of the security holes have been published on securityfocus (vuln-dev or bugtraq). - SPGpartenaires 3.0.1 : http://www.phpsecure.org/index.php?id=65&zone=pDl More details : ht [ more ] [ reply ] SuSE Security Announcement: openssl (SuSE-SA:2003:011) 2003-02-26 Roman Drahtmueller (draht suse de) Re: Netscape 6/7 crashes by a simple stylesheet... 2003-02-25 dwm (dwm althea taco com) jux (at) beer (dot) com [email concealed] wrote: > Hi, I'm new here so I don't know if I posted this in the correct list... > I've found out that some simple CSS-code can crash Netscape 6 and 7. > This is a simple html-page containing this code: while we're on the subject...just this week I reported to Netscape that this sim [ more ] [ reply ] Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II 2003-02-25 http-equiv (at) excite (dot) com [email concealed] (http-equiv malware com) (1 replies) Tuesday, February 25, 2003 We are delighted to learn that the original self-executing html file, from June 1 2002 is now fixed with the most current of the many patches for the Internet Explorer series of browsers. See: http://online.securityfocus.com/archive/1/275126 Regrettably. The follo [ more ] [ reply ] Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II 2003-02-25 Jens Knoell (jens ing twinwave net) VERITAS Software Technical Advisory (fwd) 2003-02-25 Dave Ahmad (da securityfocus com) David Mirza Ahmad Symantec "sabbe dhamma anatta" 0x26005712 8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12 ---------- Forwarded message ---------- Return-Path: <Technical_Services (at) maillist.support.veritas (dot) com [email concealed]> Delivered-To: da (at) mail.securityfocus (dot) com [email concealed] Received: (qmail 5016 invoked b [ more ] [ reply ] Re: Netscape 6/7 crashes by a simple stylesheet... 2003-02-25 jim r halfpenny britishairways com Hi, I tested this on Mozilla 1.1 on Mandrake 8.2. It doesn't crash, but Mozilla's CPU usage rises to > 95%. The browser becomes slow but remains responsive and the offending window/tab can be closed to restore normal service. Regards, Jim Halfpenny Hi, I'm new here so I don't know if I posted [ more ] [ reply ] RE: Ericsson HM220dp ADSL modem Insecure Web Administration Vulne rability 2003-02-25 Johan Kölhi (EAB) (Johan Kolhi etx ericsson se) On behalf of Peter Linder, Technical Director, Ericsson Ethernet Broadband Access: On February 11 a report was issued on BugTraq related to Ericsson's DSL modem HM 220. The initial report included some statements that could be misinterpreted and in order to avoid any further confusion on this su [ more ] [ reply ] Re: Riched20.DLL attribute label buffer overflow vulnerability 2003-02-25 Marc Ruef (marc ruef computec ch) In-Reply-To: <7353719955.20030218113659 (at) SECURITY.NNOV (dot) RU [email concealed]> Hi! >Can't reproduce it on riched20.dll v.3.0 (5.30.23.1200) under NT. It seems that my Windows XP Professional with riched20.dll v3.0 5.30.23.1211 is not vulnerable too. In http://www.securityfocus.com/bid/6874/discussion/ the fo [ more ] [ reply ] PHP code injection in CuteNews 2003-02-25 Over_G (overg mail ru) PHP source code injection in CuteNews Informations : =============================================== Script : CuteNews v0.88 Offical site : http://air.langame.net/ =============================================== PHP Scripts : =============================================== shownews.php : if(!$ [ more ] [ reply ] [ESA-20030225-006] WebTool session ID spoofing vulnerability. 2003-02-25 EnGarde Secure Linux (security guardiandigital com) Netscape 6/7 crashes by a simple stylesheet... 2003-02-25 jux beer com (2 replies) Hi, I'm new here so I don't know if I posted this in the correct list... I've found out that some simple CSS-code can crash Netscape 6 and 7. This is a simple html-page containing this code: <html> <body> <div style="position:absolute;"> <div style="position:absolute; overflow:scr [ more ] [ reply ] Re: Netscape 6/7 crashes by a simple stylesheet... 2003-02-25 John Wofford (jwofford mail mste uiuc edu) (1 replies) Re: Netscape 6/7 crashes by a simple stylesheet... 2003-02-26 Peter Lindgren (Peter Lindgren tidsredovisning se) MDKSA-2003:022 - Updated vnc packages fix cookie vulnerability 2003-02-24 Mandrake Linux Security Team (security linux-mandrake com) nCipher Advisory #7: Unexpected copies of imported software keys 2003-02-25 nCipher Support (technotifications us ncipher com) |
|
Privacy Statement |
The GOnicus System Administrator is a PHP based administration tool
for managing accounts/systems in LDAP databases.
Project homepage : http://www.gonicus.de
II. DESCRIPTION
A remote attacker can inject into GOsa arbitrary PHP code
that executes under the privileges of the underly
[ more ] [ reply ]