|
|
Colapse all |
Post message
[SecurityOffice] Polycom Video Conference System Management Server Authentication Bypass Vulnerability 2002-12-19 Tamer Sahin (ts securityoffice net) -----BEGIN PGP SIGNED MESSAGE----- Hash: MD5 - --[ Polycom Video Conference System Management Server Authentication Bypass Vulnerability ]-- - --[ Type Design Error - --[ Release Date December 19, 2002 - --[ Product / Vendor The Polycom ViewStation FX set top video system provides TV-quality [ more ] [ reply ] RE: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) 2002-12-20 Shutters, Mike (mshutters titan com) I went ahead and installed the latest 2.81, even though it was dated as you said. After the install I found a file in the Plugins directory named IN_MP3.DLL, which is 132K in size and dated December 16, 2002, 1:55 PM. Perhaps this is the file which created the fix. Unfortunately, I didn't check th [ more ] [ reply ] GLSA: perl 2002-12-20 Daniel Ahlberg (aliz gentoo org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200212-6 - - -------------------------------------------------------------------- PACKAGE : perl SUMMARY : broken safe compartment DATE : 200 [ more ] [ reply ] Re: Cisco IOS EIGRP Network DoS 2002-12-19 Damir Rajnovic (gaus cisco com) -----BEGIN PGP SIGNED MESSAGE----- We can confirm the statement made by FX from Phenoelit in his message "Cisco IOS EIGRP Network DoS" posted on 2002-Dec-19. The EIGRP implementation in all versions of IOS is vulnerable to a denial of service if it receives a flood of neighbor announcements. EIGR [ more ] [ reply ] [Fix] Openwebmail 1.71 remote root compromise 2002-12-19 Dmitry Guyvoronsky (demiurg altaee com) Hello Vendor of the OpenWebMail system had released patch and upgraded `current` sources. More information can be found at: http://sourceforge.net/forum/forum.php?thread_id=782605&forum_id=108435 Patches: http://openwebmail.org/openwebmail/download/cert/patches/SA-02:01/ Current: http://open [ more ] [ reply ] Cisco IOS EIGRP Network DoS 2002-12-19 FX (fx phenoelit de) Hi there, please find attached an advisory about an issue with the Cisco IOS Enhanced IGRP implementation that can be used to cause a network segment wide denial of service condition. Regards FX -- FX <fx (at) phenoelit (dot) de [email concealed]> Phenoelit (http://www.phenoelit.de) 672D 64B2 DE42 [ more ] [ reply ] iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) 2002-12-19 iDEFENSE Labs (labs idefense com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 12.19.02: http://www.idefense.com/advisory/12.19.02.txt Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) December 19, 2002 I. BACKGROUND Easy Software Products' Common Unix Printing System (CUPS) is a [ more ] [ reply ] RE: Password Hole Found In Webshots - (Webshots Confirmed) 2002-12-18 Shutters, Mike (mshutters titan com) From Webshots (confirmed): -----Original Message----- From: support (at) webshots (dot) com [email concealed] [SMTP:support (at) webshots (dot) com [email concealed]] Sent: Wednesday, December 18, 2002 9:33 AM To: Shutters, Mike Subject: Re: Password Hole Found In Webshots [T200212130039] Hello Mike, Thank you for contacting Webshots! Unfortunately the [ more ] [ reply ] Multiple vulnerability in Enceladus Server 2002-12-19 securma massine (securma caramail com) hi Enceladus Server Suite is an Internet/Intranet lightweight Web and FTP Server for Windows, the version 3.9 according to mollensoft "Includes a fix to the directory traversal vulnerability... ( This is a CRITICAL SECURITY UPDATE)" http://www.mollensoft.com/ I found several vulnerability critical c [ more ] [ reply ] WAnewsletter (PHP) 2002-12-19 Frog Man (leseulfrog hotmail com) Informations : °°°°°°°°°°°°°° Website : http://www.phpcodeur.net Versions : 2.0beta -> 2.1.0 Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° newsletter.php 2.1beta -> 2.1.0 : ---------------------------------------------------- if( !empty($HTTP_POST_VARS['action']) ) { $action = [ more ] [ reply ] [CLA-2002:556] Conectiva Linux Security Announcement - openldap 2002-12-19 secure conectiva com br -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : openldap SUMMARY : Several vulnerabilities DA [ more ] [ reply ] [SECURITY] [DSA 213-1] New libpng packages fix buffer overflow 2002-12-19 joey infodrom org (Martin Schulze) RE: Missing admin sql password in Okena StormWatch 2002-12-18 Marcus Gavel (mgavel okena com) <Response from the Okena Team> Background: StormWatch is a security product that uses a central database to hold security configuration information that is used to control a number of security agents. In the text below, the server refers to the StormWatch central database server. The issue report [ more ] [ reply ] Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) 2002-12-19 Dave Ahmad (da securityfocus com) (1 replies) David Mirza Ahmad Symantec 0x26005712 8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12 ---------- Forwarded message ---------- ---------------------------------------------------------------------- Foundstone Research Labs Advisory - FS2002-10 Advisory Name: Multiple Exploitable Bu [ more ] [ reply ] Re: Foundstone Research Labs Advisory - Multiple Exploitable Buffer Overflows in Winamp (fwd) 2002-12-19 David Howe (DaveHowe gmx co uk) Foundstone Research Labs Advisory - Exploitable Windows XP Media Files (fwd) 2002-12-19 Dave Ahmad (da securityfocus com) David Mirza Ahmad Symantec 0x26005712 8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12 ---------- Forwarded message ---------- ---------------------------------------------------------------------- Foundstone Research Labs Advisory - FS2002-11 Advisory Name: Exploitable Windows XP [ more ] [ reply ] Historic blackhat archives exposed 2002-12-18 Pry (pry 8200 org) Our web site (www.8200.org) has opened an interesting section called 'Historical blackhat archives', which includes hacking journals, source code and other goodies, which date back to 1997. Most of the material is very sensitive and is presented to the public for the first time. Our main contributor [ more ] [ reply ] Re: export LD_LIBRARY_PATH in /etc/profile.d/* files 2002-12-18 ant notatla demon co uk (Antonomasia) > > If the desired effect is really to have shared libraries loaded from > > whatever the current directory is, then the administrator should add > > the single dot . to LD_LIBRARY_PATH. > > But isn't a . in LD_LIBRARY_PATH the same as an empty entry. > Or anyway, just as insecure? They mean the [ more ] [ reply ] MDKSA-2002:068-1 - Updated apache packages fix multiple vulnerabilities 2002-12-18 Mandrake Linux Security Team (security linux-mandrake com) |
|
Privacy Statement |
PROGRAM: PHP-Nuke
VENDOR: Fransisco Burzi et al.
HOMEPAGE: http://phpnuke.org/
VULNERABLE VERSIONS: 6.0 (the only supported version)
IMMUNE VERSIONS: 6.0 with my patch applied
LOGIN REQUIRED: no
DESCRIPTION:
"PHP-Nuke is a Web portal and online commu
[ more ] [ reply ]