|
|
Colapse all |
Post message
SuSE Security Announcement: KDE lanbrowser vulnerability (SuSE-SA:2002:042) 2002-11-12 Olaf Kirch (okir suse de) ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 and BIND8 (fwd) 2002-11-12 Dave Ahmad (da securityfocus com) David Mirza Ahmad Symantec 0x26005712 8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12 ---------- Forwarded message ---------- Return-Path: <alert-admin (at) iss (dot) net [email concealed]> Delivered-To: da (at) securityfocus (dot) com [email concealed] Received: (qmail 800 invoked from network); 12 Nov 2002 17:04:55 -0000 Received: from a [ more ] [ reply ] xoops Quizz Module IMG bug 2002-11-11 magistrat (magistrat blocus-zone com) Author: Magistrat http://www.blocus-zone.com magistrat@blocus-zone com Date: 11/11/2002 Object: IMG bug in quizz module risk: Medium-high advisory url: http://www.blocus-zone.com/modules/news/article.php?storyid=180 ----------------------------------------------------- After having h [ more ] [ reply ] Security Update: [CSSA-2002-044.0] Linux: Preboot eXecution Environment (PXE) server denial-of-service attacks 2002-11-11 security caldera com To: bugtraq (at) securityfocus (dot) com [email concealed] announce (at) lists.caldera (dot) com [email concealed] security-alerts (at) linuxsecurity (dot) com [email concealed] full-disclosure (at) lists.netsys (dot) com [email concealed] ________________________________________________________________________ ______ SCO Security Advisory Subject: Linux: Preboot eXecution Environment (PXE) server denial-of [ more ] [ reply ] RE: A technique to mitigate cookie-stealing XSS attacks 2002-11-11 Michael Howard (mikehow microsoft com) >>This new HTTPOnly security feature would simply stop cookie hijacking via document.cookie. Nothing else. Which is good, but important to know the limitations and the risks. Actually, the change is not in IE - it's lower-level in WinInet, which IE uses. So any app that uses document.cookie, or, sa [ more ] [ reply ] RE: How to execute programs with parameters in IE - Sandblad advisory #10 2002-11-10 Russ (Russ Cooper rc on ca) Worked just fine on Windows NT SP6a + all OS fixes + IE 6.0 Gold. Doesn't work on Windows 2000 SP3 + IE 6.0 SP1 + all fixes Worked just fine on Windows XP SP1 + IE 6.0 SP1 + all fixes Your mileage may vary, but it works on the latest OS/IE combination with all fixes. Cheers, Russ - Surgeon Gener [ more ] [ reply ] iDEFENSE Security Advisory 11.11.02: Buffer Overflow in KDE resLISa 2002-11-11 David Endler (dendler idefense com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 11.11.02: http://www.idefense.com/advisory/11.11.02.txt Buffer Overflow in KDE resLISa November 11, 2002 I. BACKGROUND KDE is a popular open source graphical desktop environment for Unix workstations. Its kdenetwork module c [ more ] [ reply ] [SECURITY] [DSA 193-1] New klisa packages fix buffer overflow 2002-11-11 joey infodrom org (Martin Schulze) Re: SuSE Security Announcement: perl-MailTools (SuSE-SA:2002:041) 2002-11-11 Sebastian Krahmer (krahmer suse de) On Fri, 8 Nov 2002, Florian Weimer wrote: Hi, > Sebastian Krahmer <krahmer (at) suse (dot) de [email concealed]> writes: > > > The SuSE Security Team reviewed critical Perl modules, including > > the Mail::Mailer package. This package contains a security hole > > which allows remote attackers to execute arbitrary [ more ] [ reply ] [RHSA-2002:213-06] New PHP packages fix vulnerability in mail function 2002-11-11 bugzilla redhat com RE: Motorola Cable Modem DOS 2002-11-10 Dan Taylor Jr. (slash darkhaven net) I have been able to replicate this behavior by scanning the cable modem's internal IP (192.168.100.1) on my Motorola Surfboard 3100 w/ the following versions: Software Version: SB3100-3.2.6-SCM-NOSHELL Hardware Version: 2 MIB Version: II GUI Version: 1.0 VxWorks Version: 5.3 Scanning the external [ more ] [ reply ] [SECURITY] [DSA 191-2] New squirrelmail packages fix problem in options page 2002-11-11 joey infodrom org (Martin Schulze) Multiple vulnerabilities in Tiny HTTPd 2002-11-11 dong-h0un U (xploit hackermail com) ======================================== INetCop Security Advisory #2002-0x82-001 ======================================== * Title: Multiple vulnerabilities in Tiny HTTPd. 0x01. Description Tiny HTTP daemon is web server that do simple very. Vulnerability and executable vulnerability that [ more ] [ reply ] Timing the Application of Security Patches for Optimal Uptime 2002-11-10 Crispin Cowan (crispin wirex com) This paper has been published at the USENIX LISA 2002 conference <http://www.usenix.org/events/lisa02/>, and is available for download here <http://wirex.com/%7Ecrispin/time-to-patch-usenix-lisa02.ps.gz>. Timing the Application of Security Patches for Optimal Uptime Steve Beattie, Seth Ar [ more ] [ reply ] benchmark tool for HTTP pages. 2002-11-10 Tacettin Karadeniz (tacettinkaradeniz yahoo com) ezhttpbench.php eZ httpbench version 1.1(http://developer.ez.no) - benchmark tool for HTTP pages. A security vulnerability in the product allows remote attackers to download any file on the local system that the eZ httpbench has read access to. Vulnerable systems: eZ httpbench version 1.1 eZ ht [ more ] [ reply ] Multiple Vuln. in Hotfoon.com's Hotfoon4.exe dialer 2002-11-10 S G Masood (sgmasood yahoo com) Multiple Vuln. in Hotfoon.com's Hotfoon4.exe dialer Hotfoon.com is a popular provider of PC to Phone, PC to PC Phone,Instant Messaging and Chat services. It's services are accessed by using a client program, Hotfoon4.exe(http://www.hotfoon.com/hotfoon4.exe), which includes the dialer. This is claim [ more ] [ reply ] Buffer Overflow in iSMTP Gateway 2002-11-11 K. K. Mookhey (cto nii co in) ================================================= Advisory: Buffer Overflow in iSMTP Gateway Software: iSMTP Gateway Severity: Medium-High Vendor: Incognito Systems http://www.incognito.com Systems Affected: Banyan VINES Version: 5.0.1, ? Type of Vulnerability: Buffer Overflow Discovered by: K. K. [ more ] [ reply ] Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection 2002-11-11 Joshua Wright (Joshua Wright jwu edu) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have recently completed a white paper reviewing some of the tactics used in 802.11 wireless LAN discovery applications including NetStumbler, DStumbler and Wellenreiter. Abstract: Wireless LAN discovery through the use of applications such as NetStu [ more ] [ reply ] GLSA: kgpg 2002-11-10 Daniel Ahlberg (aliz gentoo org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200211-002 - - -------------------------------------------------------------------- PACKAGE : kgpg SUMMARY : keys generated in wizard have an em [ more ] [ reply ] Re: How to execute programs with parameters in IE - Sandblad advisory #10 2002-11-08 hysterix1 aol com (1 replies) In-Reply-To: <006001c28704$a3c1ef10$a600a8c0@LocalHost> Doesnt work on my, yours or Andreas. I get a "This operation can only function in HTML Help". Also i since i have debugging on, I get a line 0 permission denied error from IE. location.replace('mk:@MSITStore:C:') Only that line cod [ more ] [ reply ] Re: How to execute programs with parameters in IE - Sandblad advisory #10 2002-11-10 Andreas Sandblad (sandblad acc umu se) RhinoSoft Serv-U FTP Anonymous Remote DoS Vulnerability 2002-11-06 [secondmotion]-Matt Thompson (matt secondmotion com) |
|
Privacy Statement |
________________________________________________________________________
______
SuSE Security Announcement
Package: kdenetwork
Announcement-ID: SuSE-SA:2002:042
Date: Tue Nov
[ more ] [ reply ]