SecurityFocus

junkbuster 2.0-1 proxy relaying spam 2002-12-23
Andrew Daviel (andrew andrew triumf ca)

I just found a "junkbuster" proxy on a RedHat 6.2 machine
being used to relay spam - a bit ironic, considering the
intention of the program.

This is junkbuster-2.0-1 installed as part of a
"complete install" on RedHat 6.2.
It seems that the default install sets no ACL, no logging,
and starts the

[ more ] [ reply ]

GLSA: kde-3.0.x 2002-12-22
Daniel Ahlberg (aliz gentoo org)

Hyperion FTP Server buffer overflow 2002-12-23
securma massine (securma caramail com)

hi

Hyperion FTP Server (http://www.mollensoft.com/ )is a
powerful, reliable FTP server for Windows 95/98/NT/2000,
and supports all basic FTP commands, and much more, such as
passive mode.
A vulnerability exists in Hyperion Ftp Server (version
2.8.11)which allows a remote
user to execute an arbitrar

[ more ] [ reply ]

zkfingerd remote exploit 2002-12-22
security (security marcetam net)

zkfingerd remote exploit, for syslog() format string mistake.

marcetam

[ more ] [ reply ]

[SECURITY] [DSA 215-1] New cyrus-imapd packages fix remote command execution 2002-12-23
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 215-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
December 23th, 2002

[ more ] [ reply ]

'printenv' XSS vulnerability 2002-12-22
Dr.Tek (tek superw00t com)

***** This writing is part of Malloc() Hackers & Malloc() Security *****

http://www.mallochackers.com

http://www.superw00t.com

************************************************************************

Title: 'printenv' XSS vulnerability

~~~~~

Author: Dr.Tek of Malloc()

[ more ] [ reply ]

Matlab /tmp usage 2002-12-22
Paul Szabo (psz maths usyd edu au)

INTRODUCTION

MATLAB is "The Language of Technical Computing"
http://www.mathworks.com/

PROBLEM

As installed on UNIX machines, matlab uses shell scripts to launch; these
scripts use files in /tmp in an unsafe way.

DETAILS

The matlab script uses /tmp/$$a and may clobber it, allowing an attacker

[ more ] [ reply ]

Re: iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) 2002-12-22
zen-parse (zen-parse gmx net)

Joe Testa (Joe_Testa (at) rapid7 (dot) com [email concealed]) wrote:
> So, it doesn't seem like CUPSd is vulnerable to just any random attacker
> who happens to be passing by. I've tested this against RedHat 8.0's
> 'cups-1.1.15-10.src.rpm', along with ftp.cups.org's v1.1.14 and v1.1.17.

Maybe not just any random attacker.

D

[ more ] [ reply ]

Re: iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) 2002-12-21
Joe Testa (Joe_Testa rapid7 com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> **** ISSUE 4 - Negative Length Memcpy() Calls ****
>
> Negative length memcpy() calls can lead to a denial of service (DoS) and,
> on some platforms, remote root compromise. The following examples
> demonstrate these vulnerabilities:
>
> $ nc -v loc

[ more ] [ reply ]

KDE Security Advisory: Multiple vulnerabilities in KDE 2002-12-21
Dirk Mueller (mueller kde org) (1 replies)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

KDE Security Advisory: Multiple vulnerabilities in KDE
Original Release Date: 2002-12-20
URL: http://www.kde.org/info/security/advisory-20021220-1.txt

0. References

None.

1. Systems affected:

All KDE 2 releases and all KDE 3 releas

[ more ] [ reply ]

Re: KDE Security Advisory: Multiple vulnerabilities in KDE 2002-12-22
fozzy dmpfrance com

XSS and PHP include bug in W-Agora 2002-12-19
xatr0z (xatr0z home nl) (1 replies)

I have found some bugs in W-Agora's forum configuration filesystem. In the
page editform.php, an admin or root user can open any file, with the "PHP
Include bug". A sample of the script:

***editform.php***
<?php
# the script gets the parameter "file", puts ".php" after this, and includes
the file i

[ more ] [ reply ]

Re: XSS and PHP include bug in W-Agora 2002-12-20
Marc Druilhe (mdruilhe w-agora net)

Security Update: [CSSA-2002-059.0] Linux: multiple vulnerabilities in BIND (CERT CA-2002-31) 2002-12-20
security caldera com

To: bugtraq (at) securityfocus (dot) com [email concealed] announce (at) lists.caldera (dot) com [email concealed] security-alerts (at) linuxsecurity (dot) com [email concealed] full-disclosure (at) lists.netsys (dot) com [email concealed]

________________________________________________________________________
______

SCO Security Advisory

Subject: Linux: multiple vulnerabilities in BIND (CERT CA-2002-31)
A

[ more ] [ reply ]

RealNetworks HELIX Server Buffer Overflow Vulnerabilities (#NISR20122002) 2002-12-20
NGSSoftware Insight Security Research (nisr nextgenss com)

NGSSoftware Insight Security Research Advisory

Name: Muliple Buffer overruns RealNetworks Helix Universal Server 9.0
Systems Affected: Windows, FreeBSD, HP-UX, AIX, Linux, Sun Solaris 2.7 &
2.8
Severity: High Risk
Category: Buffer Overrun
Vendor URL: http://www.real.com/
Author: Mark Litch

[ more ] [ reply ]

SuSE Security Announcement: cyrus-imapd (SuSE-SA:2002:048) 2002-12-20
Sebastian Krahmer (krahmer suse de)

GLSA: canna 2002-12-20
Daniel Ahlberg (aliz gentoo org)

[RAZOR] Problems with mkstemp() 2002-12-20
Michal Zalewski (lcamtuf ghettot org)

Common use of 'tmpwatch' utility and its counterparts triggers race
conditions in many applications

Michal Zalewski <lcamtuf (at) razor.bindview (dot) com [email concealed]>, 12/05/2002
Copyright (C) 2002 by Bindview Corporation

1) Scope and exposure info
--------------------------

A common practice of installing

[ more ] [ reply ]

Web server vulnerability in Axis Network Cameras, Video Servers and DVRs 2002-12-20
Axis Product Security (product-security axis com)

Date: 20 December 2002

1. Topic

Web server vulnerability in Axis Network Cameras, Video Servers and
Network Digital Video Recorders.

2. Description

A potential stack buffer overflow has been found in the authentication
code of the modified version of Boa used in some of the embedded
Linux b

[ more ] [ reply ]

[SECURITY] [DSA 214-1] New kdentwork packages fix buffer overflows 2002-12-20
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 214-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
December 20th, 2002

[ more ] [ reply ]

GLSA: wget 2002-12-20
Daniel Ahlberg (aliz gentoo org)

nCipher Advisory #6: Access control defects in PKCS#11 keys 2002-12-20
nCipher Support (technotifications us ncipher com)

nCipher Security Advisory No. 6
Access control defects in PKCS#11 keys
--------------------------------------

SUMMARY
=======

As a function of internal QA testing, nCipher has identified that,
under certain unusual circumstances, keys created by the nC

[ more ] [ reply ]

SPGpartenaires (PHP) 2002-12-20
Frog Man (leseulfrog hotmail com)

Informations :
°°°°°°°°°°°°°°
Version : ? -> 3.0.1
Website : http://www.scripts-php-gratuits.com
Problem : SQL Injection -> Access to member's accounts

PHP Code/Location :
°°°°°°°°°°°°°°°°°°°
modif/ident.php :
--------------------------------------------------
[...]
$sql="SELECT nomsite FROM SPGP

[ more ] [ reply ]

Cisco Security Advisory: Cisco Security Advisory: SSH Malformed Packet Vulnerabilities 2002-12-20
Cisco Systems Product Security Incident Response Team (psirt cisco com)