-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mandrake Linux Security Update Advisory
Package name: postfix
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 363-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
August 3rd, 2003
Good morning list, ,--. ,--.
\ /-~-\ /
=== )' a a `(
1. Posfix 1.1.12 remote DoS (CAN-2003-0540) .( ,---. ),
Starting with todays release of OpenPKG 1.3 (see press release
http://www.openpkg.org/press/PR-004-openpkg-1.3.html for more details)
the (one year old) OpenPKG 1.1 release becomes deprecated.
Following our community commitment to provide security updates for the
last two releases, the OpenPKG
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-03:08.realpath Security Advisory
The FreeBSD Project
Topic:
not a big deal, but after viewing the debian advisory for xtokkaetama; BID
found at http://www.securityfocus.com/bid/8312. i took a quick look at
the source, and noticed an overlooked buffer overflow that occurs later in
the program. the overflow is a result of the -nickname command line
Program description:
---
Password Safe is a tool that allows you to have a different password
for all the different programs and websites that you deal with,
without actually having to remember all those usernames and passwords.
Originally created by Bruce Schneier's Counterpane Labs, Password
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mandrake Linux Security Update Advisory
Package name: php
Advisory ID:
-INTRO-
All versions of Invisions Board have a flaw in their
input filtering that allows an attacker to completely
mess up Invision's display and in one case I managed to
change the URL of some of the forums links, which could
be used to refer users to fake login sites to collect
passwords etc.
Uytkownik Janusz Niewiadomski napisa:
This bug may be non-exploitable if size of the buffer is greater than
MAXPATHLEN characters. This may occur for example if wu-ftpd is compiled
with some versions of Linux kernel where PATH_MAX (and MAXPATHLEN
accordingly) is defined to be exactly 4095
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 361-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
August 1st, 2003
-BEGIN PGP SIGNED MESSAGE-
__
SuSE Security Announcement
Package:postfix
Announcement-ID:SuSE-SA:2003:033
Date: Mon Aug
I succeeded in RedHat Linux (x86) wu-2.6.2(1), 2.6.2(2), 2.6.1, 2.6.0. (Most version).
This is never fake.
Excellent Advisory was already announced (2003/07/31):
http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt
This information was very useful to me.
I'm thankful to them.
This works well
-BEGIN PGP SIGNED MESSAGE-
NetBSD Security Advisory 2003-010
=
Topic: remote panic in OSI networking code
Version:NetBSD-current: source prior to May 26, 2003
NetBSD 1.6.1: affected
On 01.08 19:47, Vijay Jagdale wrote:
Have we had enough methods yet? Check another embarrassingly easy way:
lt;scriptgt;for (i in document.all.tags);lt;/SCRIPTgt;
do you mean
scriptfor (i in document.all.tags);/SCRIPT
or exactly that one you wrote? my msie 6.0.2800.1106 crashed on the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
++
| Guardian Digital Security Advisory August 04, 2003 |
| http://www.guardiandigital.comESA-20030804-019
ZH2003-5SA (security advisory): Windows beta webserver for pocket pc: full
remote access.
Published: 03/08/2003
Released: 03/08/2003
Name: Windows beta webserver for pocket pc: full remote access
Issue: Remote attackers have full access to pocket pc.
Author: G00db0y SyS64738
Contact
On Tue, Jul 29, 2003 at 11:36:18PM +0300, Jouko Pynnonen wrote:
OVERVIEW
There is a buffer overflow vulnerability in the Solaris runtime linker,
/lib/ld.so.1. A local user can gain elevated privileges if there are
any dynamically linked, executable SUID/SGID programs in the
brought to you by:
--
kid : [EMAIL PROTECTED]
and
farp : [EMAIL PROTECTED]
#gcc -o dcom_scanz dcom_scanz.c
# ./dcom_scanz
usage: dcom-isvuln target-ip [--debug]
# ./dcom_scanz 10.1.1.25
[+] Connecting to 10.1.1.25
[+] Sending DCERPC, Bind: call_id: 9 UUID: REMACT
[+]
---
Product: PHP Authentication Suit for DreamWeaver
Vendor: Macromedia
Versions:
VULNERABLE
- DreamWeaver MX 6.0
- All the PHP Auth systems created with this
- Variables : ALL LIKE accessdenied
NOT VULNERABLE
- ?
-
Description:
The PHP User
Vijay Jagdale [EMAIL PROTECTED] wrote:
Have we had enough methods yet? Check another embarrassingly easy way:
lt;scriptgt;for (i in document.all.tags);lt;/SCRIPTgt;
didn't crash my unpatched XP pro UK with IE 6.0.2600,
grts
thijs
--
have fun wis your opterun, SNUFFx86
-BEGIN PGP SIGNED MESSAGE-
NetBSD Security Advisory 2003-011
=
Topic: off-by-one error in realpath(3)
Version:NetBSD-current: source prior to August 4, 2003
NetBSD 1.6.1: affected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- --
PACKAGE : wget
SUMMARY : Buffer overflow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- --
PACKAGE : postfix
SUMMARY : Remote denial of service
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Red Hat Security Advisory
Synopsis: New postfix packages fix security issues.
Advisory ID: RHSA-2003:251-01
Issue date:2003-08-04
25 matches
Mail list logo