SecurityFocus

Re: Lotus Domino DOT Bug Allows for Source Code Viewing 2003-02-13
JRedmond ymcastlouis org

"Faz" <faz (at) attbi (dot) com [email concealed]> wrote:
> Through some testing against some Lotus Domino web servers (verified in
version 5 & 6), if you append a period to the end of a non-default Lotus
file type (non .NSF, .NTF, etc) via your browser URL request, you will be
prompted to download the file.

I have been unab

[ more ] [ reply ]

Re: Solaris Signals 2003-02-12
Jon Masters (jonathan jonmasters org)

Hi,

As a couple of people have pointed out off list when we discussed it, the
situation I am basically describing generally comes down to that you
shouldn't stick sensitive information in binaries - that was the
fundamental point - I think I was confusing a couple of things I have been
looking at a

[ more ] [ reply ]

New freeware tools available from WebCohort 2003-02-13
Eyal Udassin (eyal webcohort com)

The following tools are available at www.webcohort.com for free
download:

-----------------------------
ITR (Interactive TCP Relay)
-----------------------------
This tool provides a security-testing environment for non-HTTP
Client/Server applications, similar to that provided by interactive HTTP

[ more ] [ reply ]

[SECURITY] [DSA 250-1] New w3mmee-ssl packages fix cookie information leak 2003-02-13
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 250-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
February 12th, 2003

[ more ] [ reply ]

Getting stored passwords in plain text from CheetaChat 2003-02-13
b0f www.b0f.net (woot_woot_root yahoo co uk)

A bug exists in CheetaChat which lets an attacker with access to the

yaliases.dat

to get users yahoo passwords in plain text.

I. BACKGROUND

CheetaChat is a free and full-featured chatting client that works with

Yahoo! Chat, CheetaServ and Ichat sites. It lets users use solid

tones,fades,

[ more ] [ reply ]

[RHSA-2003:015-05] Updated fileutils package fixes race condition in recursive operations 2003-02-13
bugzilla redhat com

---------------------------------------------------------------------
Red Hat, Inc. Red Hat Security Advisory

Synopsis: Updated fileutils package fixes race condition in recursive operations
Advisory ID: RHSA-2003:015-05
Issue date: 2003-01-21
Updated on:

[ more ] [ reply ]

[RHSA-2003:035-10] Updated PAM packages fix bug in pam_xauth module 2003-02-13
bugzilla redhat com

---------------------------------------------------------------------
Red Hat, Inc. Red Hat Security Advisory

Synopsis: Updated PAM packages fix bug in pam_xauth module
Advisory ID: RHSA-2003:035-10
Issue date: 2003-02-07
Updated on: 2003-02-12
Produc

[ more ] [ reply ]

RE: Security bug in CGI::Lite::escape_dangerous_chars() function 2003-02-13
Hard Coder (hcoder yahoo com)

Hello Ronald and all others

You might be correct with the issue of
escape_dangerous_chars but instead of the technic you
showed

>>open (SM, "|/usr/sbin/sendmail -f rfg $recipient");

I would use

open(SM, "|/usr/sbin/sendmail -oi -t") || die
"sendmail";
...
print SM "To: $recipient\n";

I think an

[ more ] [ reply ]

[CLA-2003:568] Conectiva Linux Security Announcement - mozilla 2003-02-13
secure conectiva com br

HPUX disable buffer overflow vulnerability 2003-02-13
Davide Del Vecchio (dante alighieri org)

=======================================================
HPUX disable buffer overflow vulnerability
=======================================================

Davide Del Vecchio Adv#4

Date: 13/02/2003
Tested on HP-UX B.11.00

Description:

The enable command activates the named printers, enabl

[ more ] [ reply ]

Cross Site Scripting Advisory. 2003-02-12
uk2sec oakey no-ip com

-- MODERATOR --
Edited accordingly, Identified 3 possible vendors.
-- /MODERATOR --

uk2sec Cross Site Scripting Advisory
by c0w_d0g3

uk2sec (at) oakey.no-ip (dot) com [email concealed]

Many many websites run a 'site search' tool on their webpage with a URL
that looks like this:

/search/index.cfm

I am having trouble loc

[ more ] [ reply ]

Re: Security bug in CGI::Lite::escape_dangerous_chars() function 2003-02-12
tee T72 org (1 replies)

Hi Ronald,

Ronald F. Guilmette wrote:
> Below is a trivially simple example of how this security flaw can
> cause a problem, in practice:
>
> =====================================================================
> #!/usr/bin/perl -w
>
> use strict;
> use CGI::Lite;
>
> my $cgi = new

[ more ] [ reply ]

Re: Security bug in CGI::Lite::escape_dangerous_chars() function 2003-02-13
John Madden (weez freelists org)

Lotus Domino DOT Bug Allows for Source Code Viewing 2003-02-12
Faz (faz attbi com)

Through some testing against some Lotus Domino web servers (verified in
version 5 & 6), if you append a period to the end of a non-default Lotus
file type (non .NSF, .NTF, etc) via your browser URL request, you will be
prompted to download the file. This has a possible repercussion of the
ability to

[ more ] [ reply ]

Solaris Signals 2003-02-12
Jon Masters (jonathan jonmasters org) (1 replies)

Hi,

We all know that old chestnut about tracing setuid programs or scripts,
but what about non-setuid scripts which have been installed for users and
given execute only permission. For example, a lot of sites provide scripts
for users to run which perform some admin related function and thus have
u

[ more ] [ reply ]

Re: Solaris Signals 2003-02-13
Frank v Waveren (fvw var cx)

libIM.a buffer overflow vulnerability 2003-02-12
Shiva Persaud (shivapd us ibm com)

CodeCon Registration Deadline Approaching 2003-02-12
Len Sassaman (rabbi abditum com)

CodeCon is fast approaching, and there are only three days left to
register online for CodeCon at the reduced rate.

CodeCon 2.0 is the premier event in 2003 for the P2P, Cypherpunk, and
network/security application developer community. It is a workshop for
developers of real-world applications with

[ more ] [ reply ]

Abyss WebServer Brute Force Vulnerability 2003-02-12
thomas adams (tgadams bellsouth net)

Abyss WebServer Brute Force Vulnerability

Package: Abyss WebServer

Vendor Web Site: http://www.aprelium.com

Versions: All versions <= v1.1.2

Platforms: Linux, Windows

Local: No

Remote: Yes

Fix Available: No(fix in progress)

Vendor Contacted: Sunday, February 09, 2003 6:1

[ more ] [ reply ]

iDEFENSE Security Advisory 02.12.03: Buffer Overflow in AIX libIM.a 2003-02-12
iDEFENSE Labs (labs idefense com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

iDEFENSE Security Advisory 02.12.03:
http://www.idefense.com/advisory/02.12.03.txt
Buffer Overflow in AIX libIM.a
February 12, 2003

I. BACKGROUND

Advanced Interactive eXecutive (AIX) is IBM Corp.'s Unix operating system
implementation, native to pSeri

[ more ] [ reply ]

IRIX IP denial-of-service fixes and tunings 2003-02-12
SGI Security Coordinator (agent99 sgi com)

[RHSA-2003:029-06] Updated lynx packages fix CRLF injection vulnerability 2003-02-12
bugzilla redhat com

---------------------------------------------------------------------
Red Hat, Inc. Red Hat Security Advisory

Synopsis: Updated lynx packages fix CRLF injection vulnerability
Advisory ID: RHSA-2003:029-06
Issue date: 2003-01-28
Updated on: 2003-02-12

[ more ] [ reply ]

[LSD] Codes for Java and JVM security vulnerabilities 2003-02-12
Last Stage of Delirium (contact lsd-pl net)

Hello,

We have finally released the codes for security vulnerabilities in Java Virtual
Machine implementations that were discussed in our Java/JVM security paper.
They can be downloaded from the projects section of our website.

There are two issues that should be cleared out with regard to the re

[ more ] [ reply ]

MDKSA-2002:062-1 - Updated postgresql packages fix various buffer overflows 2003-02-12
Mandrake Linux Security Team (security linux-mandrake com)

Re: Epic Games threatens to sue security researchers 2003-02-11
dave immunitysec com

In-Reply-To: <20030211193135.12389.qmail (at) mail.securityfocus (dot) com [email concealed]>

As a side note, the trojaned map vulnerability has been known to many

people in the security industry for over a year, since certain members of

us are avid UT players, and it came under some intense review. (After

finding the Po

[ more ] [ reply ]

Re: Epic Games threatens to sue security researchers 2003-02-11
Mark Rein (mrein epicgames com)

In-Reply-To: <01ce01c2d1f1$1beebef0$858370d4 (at) wks.jubii (dot) dk [email concealed]>

Thor,

I have sent your company an apology for those completely unfortunate

comments that I sincerely regret. We did provide an official statement

and I was not, at the time, aware that my verbal reaction, in a moment of

shock and s

[ more ] [ reply ]

Security bug in CGI::Lite::escape_dangerous_chars() function 2003-02-11
Ronald F. Guilmette (rfg monkeys com)

SUBJECT
Security bug in CGI::Lite::escape_dangerous_chars() function, part
of the CGI::Lite 2.0 package, and earlier revisions thereof.

SUMMARY
The CGI::Lite::escape_dangerous_chars() function fails to escape
the entire set of special characters that may have significance
to the underlying sh

[ more ] [ reply ]

Re: SPRINT ADSL [Zyxel 645 Series Modem] 2003-02-11
http-equiv (at) excite (dot) com [email concealed] (http-equiv malware com)

FX <fx (at) phenoelit (dot) de [email concealed]> said:

> > ftp> open malware.com
> > Connected to malware.com.
> > 220 Sprint FTP version 1.0 ready at Wed Jan 5 17:20:47 2000
> > User (malware.com:(none)):
> > 331 Enter PASS command
> > Password:
> > 230 Logged in
> > ftp> get rom-0
>
> I'm not sure if this applies to the

[ more ] [ reply ]

Epic Games threatens to sue security researchers 2003-02-11
Thor Larholm (thor pivx com)

On February 5th, Luigi Auriemma of PivX Solutions released a tightly packed
advisory detailing multiple vulnerabilities in the Unreal network gaming
engine developed by Epic Games. These vulnerabilities affect both clients
and servers who are playing the plethora of games that are using the engine,

[ more ] [ reply ]