SecurityFocus

Announce: Browser Security Test Released 2003-02-04
Alla Bezroutchko (alla scanit be)

Scanit announces the release of the Browser Security Test, an online
automatic test for web browser security vulnerabilities. It is available
at http://www.scanit.be/bcheck/

Browser Security Test is a one stop security assessment for web
browsers. It gives an immediate report on discovered vulne

[ more ] [ reply ]

FreeBSD Security Advisory FreeBSD-SA-03:01.cvs 2003-02-04
FreeBSD Security Advisories (security-advisories freebsd org)

[RHSA-2003:025-20] Updated 2.4 kernel fixes various vulnerabilities 2003-02-04
bugzilla redhat com

---------------------------------------------------------------------
Red Hat, Inc. Red Hat Security Advisory

Synopsis: Updated 2.4 kernel fixes various vulnerabilities
Advisory ID: RHSA-2003:025-20
Issue date: 2003-01-24
Updated on: 2003-02-03
Produc

[ more ] [ reply ]

Putting the "NSA Data Overwrite Standard" Legend to Death... 2003-02-04
Jonathan G. Lampe (jonathan stdnet com) (1 replies)

OK, I'm sure this one will start a flame war, but...I work for a vendor
whose products overwrite files when "deleting" them as a way of protecting
old data. Lately several customers have been asking for "NSA" or "DoD"
standard overwrites, usually with a value of 3, 7 or 9. (Our response to
the

[ more ] [ reply ]

Re: Putting the "NSA Data Overwrite Standard" Legend to Death... 2003-02-04
Simple Nomad (thegnome nmrc org)

Re: Preventing exploitation with rebasing 2003-02-04
Dave Aitel (dave immunitysec com)

If only there was some way to get the addresses that a remote RPC
program used for its variables, which would tell us what segments were
valid. Perhaps page 49 of "DCE/RPC over SMB" by Luke Kenneth Casson
Leighton (hi Luke!) will help us out.

"Pointers.

The best way to think of the NDS represnta

[ more ] [ reply ]

RE: Preventing exploitation with rebasing 2003-02-03
Anonymous (xxxxxx xxxxxxxx securityfocus com)

> -----Original Message-----
> From: David Litchfield [mailto:david (at) ngssoftware (dot) com [email concealed]]
> Sent: Tuesday, February 04, 2003 12:09 AM
> To: bugtraq (at) securityfocus (dot) com [email concealed]; ntbugtraq (at) listserv.ntbugtraq (dot) com [email concealed];
> vulnwatch (at) vulnwatch (dot) org [email concealed]
> Subject: Preventing exploitation with rebasing
>

> So how easy is it to

[ more ] [ reply ]

GLSA: qt-dcgui 2003-02-04
Daniel Ahlberg (aliz gentoo org)

Opera: What's Next (GM#005-OP) 2003-02-04
GreyMagic Software (security greymagic com)

GreyMagic Security Advisory GM#005-OP
=====================================

By GreyMagic Software, Israel.
04 Feb 2003.

Available in HTML format at http://security.greymagic.com/adv/gm005-op/.

Topic: Opera: What's Next.

Discovery date: 28 Jan 2003.

Affected applications:
======================

[ more ] [ reply ]

Weak password protection in WebSphere 4.0.4 XML configuration export 2003-02-04
Jan P. Monsch (jan monsch csnc ch)

#############################################################
#
# COMPASS SECURITY http://www.csnc.ch/
#
#############################################################
#
# Topic: WebSphere Advanced Server Edition 4.0.4
# Subject: Insufficient Password Protection in

[ more ] [ reply ]

Majordomo info leakage, all versions 2003-02-04
Marco van Berkum (m v berkum obit nl)

------------------------------------------------------------------------
-------
Title : Majordomo info leakage (all versions)
Date : 03/02/2003
Article by : Marco van Berkum (m.v.berkum (at) obit (dot) nl [email concealed])
Bug finder : Jakub Klausa (jacke@bofh.

[ more ] [ reply ]

Opera Images (GM#004-OP) 2003-02-04
GreyMagic Software (security greymagic com)

GreyMagic Security Advisory GM#004-OP
=====================================

By GreyMagic Software, Israel.
04 Feb 2003.

Available in HTML format at http://security.greymagic.com/adv/gm004-op/.

Topic: Opera Images.

Discovery date: 29 Jan 2003.

Affected applications:
======================

Opera

[ more ] [ reply ]

Sniffing Opera's Tracks (GM#006-OP) 2003-02-04
GreyMagic Software (security greymagic com)

GreyMagic Security Advisory GM#006-OP
=====================================

By GreyMagic Software, Israel.
04 Feb 2003.

Available in HTML format at http://security.greymagic.com/adv/gm006-op/.

Topic: Sniffing Opera's Tracks.

Discovery date: 29 Jan 2003.

Affected applications:
==================

[ more ] [ reply ]

Phantom of the Opera (GM#003-OP) 2003-02-04
GreyMagic Software (security greymagic com)

GreyMagic Security Advisory GM#003-OP
=====================================

By GreyMagic Software, Israel.
04 Feb 2003.

Available in HTML format at http://security.greymagic.com/adv/gm003-op/.

Topic: Phantom of the Opera.

Discovery date: 29 Jan 2003.

Affected applications:
=====================

[ more ] [ reply ]

Opera's Security Model is Highly Vulnerable (GM#002-OP) 2003-02-04
GreyMagic Software (security greymagic com)

GreyMagic Security Advisory GM#002-OP
=====================================

By GreyMagic Software, Israel.
04 Feb 2003.

Available in HTML format at http://security.greymagic.com/adv/gm002-op/.

Topic: Opera's Security Model is Highly Vulnerable.

Discovery date: 14 Nov 2002.

Affected applications

[ more ] [ reply ]

RE: Tech Article: HTTP Content Filter Analysis - Finjan SurfinGate V5.6 2003-02-04
Menashe Eliezer (menashe finjan com)

Finjan Response to Compass Security's
"HTTP/S Content Filter Analysis - Finjan SurfinGate V5.6"
Dated January 27, 2003

Finjan Software, the leading provider of proactive content security
management solutions for global companies, is pleased to be recognized by
Compass Security as one of the leadin

[ more ] [ reply ]

MDKSA-2003:013 - Updated MySQL packages fix DoS vulnerability 2003-02-03
Mandrake Linux Security Team (security linux-mandrake com)

MDKSA-2003:012 - Updated vim packages fix arbitrary command execution vulnerability 2003-02-03
Mandrake Linux Security Team (security linux-mandrake com)