Taking advantage from the ALCATEL Speed Touch Pro backdoor and configuration
problems, it is possible to obtain a full priv
access to the router and launch several attack against the internal LAN
thanks to the NAT/PAT feature often made available.
If the router is telnetable it means that ip
At 03:20 PM 4/22/2001, Len Budney wrote:
WFTP is the Win/NT FTP server by Alun Jones
Incorrect. WFTP was a short-lived FTP _client_, by someone else
entirely. _WFTPD_ is the Windows (all versions) FTP server by Texas
Imperial Software.
The latest version of WFTPD is vulnerable to a buffer
It works on
Oracle 8 servers running Windows NT 4.0 (SP6)
and does not require any
authentication credentials to succeed. I have not
tried it on any other versions
or platforms.
It works against Oracle 8.0.5 running on linux as
well...
Tib
-BEGIN PGP SIGNED MESSAGE-
=
FreeBSD-SA-01:37 Security Advisory
FreeBSD, Inc.
Topic: slrn
-BEGIN PGP SIGNED MESSAGE-
=
FreeBSD-SA-01:36 Security Advisory
FreeBSD, Inc.
Topic: samba ports
Actually, problem was fixed in Mercury 1.48, but no advisory was issued
and older versions are still in wide use. All Mercury-based servers
should be immediately updated.
My colleague reports that NetWare servers running Mercury 1.48 crash
happily.
--
Atro Tossavainen (Mr.) /
HP Support Information Digests
===
o IT Resource Center World Wide Web Service
---
If you subscribed through the IT Resource Center and
Would anyone happen to know the security contact(email
address or webpage form) for lucent firewall's?
The proper contact for Lucent's Firewall and VPN product is:
[EMAIL PROTECTED]
Security advisories and vulnerability reports should be addressed to this
address for prompt response.
Does anyone know anything about the vulnerability found by the group LSD in
the x86 systems ? That has helped them to win the Argus Event ?
http://www.argus-systems.com/events/infosec/#Rules
I would like to study this.
[ Advisory for Perl Web Server]
[ Site: http://perlwebserver.sourceforge.net ]
[ by nemesystm of the DHC ]
[ (http://dhcorp.cjb.net - [EMAIL PROTECTED]) ]
[ ADV-0113]
/-|=[explanation]=|-\
Perl Web
[ Advisory for NetCruiser 0.1.2.8 ]
[ Netcruiser is made by Netcuiser Software]
[ Site: http://www.netcruiser-software.com]
[ by nemesystm of the DHC ]
[ (http://dhcorp.cjb.net - [EMAIL PROTECTED]) ]
[ ADV-0110
I think they are talking about the USER_LDT vulnerability posted on NetBSD
site. This what gave it away:
(1) The USER_LDT is a Kernel Level syscall Vulnerability and requires a
local user account to be executed.
(2) It only effects I386 systems. Including Solaris as the advisory states.
Majid
On Sun, May 07, 2000 at 11:44:14AM +0100, Cyber Hunter wrote:
Does anyone know anything about the vulnerability found by the group LSD in
the x86 systems ? That has helped them to win the Argus Event ?
http://www.argus-systems.com/events/infosec/#Rules
I would like to study this.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Linux-Mandrake Security Update Advisory
Package name: hylafax
Date:
On Sun, 22 Apr 2001, Rebecca Kastl wrote:
From the su man page:
-, -l, --login
make the shell a login shell
If the shell is not a login shell, then /etc/profile nor any .*shrc
scripts are processed
Correction: In the case of bash, if the '-' or '-l' option to
Donaldson, Matthew wrote:
I disagree. You might not like the design behind it, but that does not mean
there isn't any. Just because it is not in a kernel module doesn't mean it
is inherently un-designed and bad. In fact, a lot of thought has gone into
its design.
Perhaps instead of
I was reminded of this again recently because a Notes user on another
list complained that a list control message they sent was bounced.
That list processer reads its commands from the Subject: line and
it turned out that the combination of Notes client and Notes SMTP
gateway happily sent a
Rebecca Kastl wrote:
On Fri, 20 Apr 2001, Drew Jones wrote:
Problem:
Users of Redhat 7 may have their umask set insecurely while acting
as root.
Maybe I'm missing something here, but isn't the problem with su, not
/etc/profile?
su(1) on ATT-derived Unixes fix this: there's a file
18 matches
Mail list logo