-BEGIN PGP SIGNED MESSAGE-
=
FreeBSD-SA-02:38.signed-error Security Advisory
The FreeBSD Project
Topic: Boundary
NGSSoftware Insight Security Research Advisory
Name: Arbitrary File Creation/Overwrite with SQL Agent Jobs
Systems: Microsoft SQL Server 2000 and 7
Severity: High Risk
Category: Arbitrary File Creation/Overwrite
Vendor URL: http://www.microsoft.com/
Author: David Litchfield ([EMAIL PROTECTED])
---
Sentor Torparfar Advisory #001
Title: Insufficient Verification of Client Certificates in IIS 5.0 pre sp3
Date: August 16, 2002
Author: Johan Persson [EMAIL PROTECTED]
NGSSoftware Insight Security Research Advisory
Name:Multiple Remote Buffer Overruns TOMAHAWKS' STEELARROW
Systems Affected: WinNT, Win2K (Not tested on other platforms)
Severity: High Risk
Category: Remote System Buffer Overrun
Vendor URL: http://www.tomahawk.com
Author:
// (#) Mordred Labs Advisory 0x0001
Release data: 19/08/02
Name: Buffer overflow in PostgreSQL
Versions affected: = 7.2
Risk: average
--[ Description:
PostgreSQL is an advanced object-relational database management system
that supports an extended subset of the SQL standard, including
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
KDE Security Advisory: Konqueror SSL vulnerability
Original Release Date: 2002-08-18
URL: http://www.kde.org/info/security/advisory-20020818-1.txt
0. References
http://online.securityfocus.com/archive/1/286290/2002-07-31/2002-08-06/0
FUDforum file access and SQL Injection
PROGRAM: FUDforum
VENDOR: Advanced Internet Designs Inc. [EMAIL PROTECTED]
HOMEPAGE: http://fud.prohost.org/
VULNERABLE VERSIONS: 2.0.2, possibly others
IMMUNE VERSIONS: 2.2.0 and above
LOGIN REQUIRED: no (some issues), admin (some issues)
SEVERITY: medium
nCipher Security Advisory No. 5
C_Verify validates incorrect symmetric signatures
-
SUMMARY
---
When C_Verify is called on a symmetric signature, the nCipher PKCS#11
cryptographic library always returns
Sir Mordred The Traitor [EMAIL PROTECTED] writes:
--[ How to reproduce:
psql select cash_words('-70');
pgReadData() -- backend closed the channel unexpectedly.
The connection to the server was lost...
--[ Solution:
Upgrade to version 7.2.1.
No so much a bug, more an issue of another default installation setup.
After writing an exploit for the winhelp32, I tested on a pc that had
Tiny 2 installed. As I expected Tiny stopped the outbound connection.
Testing on a Tiny 3 version had no warnings of the outbound connection.
Upon
Lynx CRLF Injection
PROGRAM: Lynx
VENDOR: Lynx-Dev List [EMAIL PROTECTED]
HOMEPAGE: http://lynx.browser.org/
VULNERABLE VERSIONS: 2.8.4rel.1, 2.8.5dev.8, 2.8.3rel.1, 2.8.2rel.1,
possibly others
IMMUNE VERSIONS: 2.8.4rel.1 with all patches applied
PATCH:
[Mantis Advisory/2002-05] Arbitrary code execution and file reading
vulnerability in Mantis
0. Table of Contents
1. Introduction
2. Summary / Impact analysis
3. Affected versions
4. Workaround / Solution
5. Detailed explanation
5.1 Arbitrary code execution
[Mantis Advisory/2002-03] Bug listings of private projects can be viewed
through cookie manipulation
0. Table of Contents
1. Introduction
2. Summary / Impact analysis
3. Affected versions
4. Workaround / Solution
5. Detailed explanation
6. Contact details
-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: Updated libpng packages fix buffer overflow
Advisory ID: RHSA-2002:151-21
Issue date:2002-07-23
Updated on:2002-08-14
Product:
Thanks to IE's liveconnect features the whole applet should be fully
scriptable, decompiling the applet revealed that there is a public load
(String name) function so you probably can get something like this to work
while (true) {
xmldso.load('myexefile.exe');
}
here's another code snipped
On Fri, 2002-08-16 at 09:11, robert walker wrote:
A huge amount of infrastructure is managed remotely via
SSL and IE these days. It just boggles the mind the
extent to which the security integrity of that
infrastructure is now under a cloud unknowing.
Actually, the SSL vulnerability is a
/* Proof Of Concept exploit for the Freebsd file descriptors bug. Freebsd
thought they fixed this months ago well guess again :P Thanks to the
Freebsd kernel you may now enjoy local root on all freebsd =4.6 ;) */
iosmash2.c
Description: Binary data
Good Day. The information below is the same as the security advisory regarding
kerio mail server. Thank YOU!
==CUT===
NSSI-Research Labs Security Advisory
http://www.nssolution.com
Maximum e-security
http://nssilabs.nssolution.com
Kerio Mail Server
[Mantis Advisory/2002-01] SQL poisoning vulnerability in Mantis
0. Table of Contents
1. Introduction
2. Summary / Impact analysis
3. Affected versions
4. Workaround / Solution
5. Detailed explanation
6. Contact details
1. Introduction
Mantis is an Open
[Mantis Advisory/2002-02] Limiting output to reporters can be bypassed
0. Table of Contents
1. Introduction
2. Summary / Impact analysis
3. Affected versions
4. Workaround / Solution
5. Detailed explanation
6. Contact details
1. Introduction
Mantis is an
[Mantis Advisory/2002-04] Arbitrary code execution vulnerability in Mantis
0. Table of Contents
1. Introduction
2. Summary / Impact analysis
3. Affected versions
4. Workaround / Solution
5. Detailed explanation
6. Credit
7. Contact details
1.
Hi Folks,
In an effort to cater to the community, I'm pleased to announce the launch
of two new security discussion lists here at SecurityFocus.
Our first new list is aimed at the BSD series of operating systems. This
includes the operating systems NetBSD, FreeBSD, OpenBSD, and BSD/OS. This
Hi reader,
I would like to inform you about multiple security
vulnerabilities in Microsoft File Transfer
Manager (FTM) ActiveX control used for secure file
delivery to/from Microsoft prior to June 2002.
All known to me vulnerabilities was reported to Microsoft
(to FTM Product Manager and
W3C Jigsaw Proxy Server: Cross-Site Scripting Vulnerability
===
Affected:
Jigsaw 2.2.0 and earlier
http://www.w3.org/Jigsaw/RelNotes.html#2.2.0
Fixed:
Jigsaw 2.2.1
http://www.w3.org/Jigsaw/RelNotes.html#2.2.1
Exploit:
To: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
[EMAIL PROTECTED]
__
Caldera International, Inc. Security Advisory
Subject:UnixWare 7.1.1 Open UNIX 8.0.0 : REVISED:
Hi, I have found a discrepancy between mod_auth and ServerTokens Prod.
Using, openbsd CURRENT , apache 1.3.26, as the example:
I add the following line to the httpd.conf file :
ServerTokens Prod
So, when I try to get the version/modules of apache with the HEAD
method, I obtain as a reply
I already brought light on this issue few months back. I contacted the
author through Private Message but never got a reply. The similar issue
also exists in Post Nuke (http://www.postnuke.com). See
http://www.securitytracker.com/alerts/2002/Mar/1003781.html and
Author: Stan Bubrouski
Date: 19 August 2002
Product: Bonsai
Versions Affected: All(Current and CVS all vulnerable)
Severity: Cross Site Scripting is possible in several
places due to a lack of stripping of tags from input.
Some error messages also contain CSS and reveal the
physical path of the
On Sun, Aug 18, 2002 at 09:01:13PM -0400, dvdman wrote:
/* Proof Of Concept exploit for the Freebsd file descriptors bug. Freebsd
thought they fixed this months ago well guess again :P Thanks to the
Freebsd kernel you may now enjoy local root on all freebsd =4.6 ;) */
[...]
And Freebsd
It has been brought to our attention that the first problem we disclosed in
our Google advisory (Tap [eavesdrop] to key presses in the toolbar's search
box) also affects the following toolbars:
Alexa v6.5.11775 from
http://pages.alexa.com/prod_serv/quicktour.html?p=TBMenu_W_t_40_L1
Ask Jeeves
30 matches
Mail list logo