-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDEFENSE Security Advisory 09.30.2002
Buffer Overflow in WN Server
DESCRIPTION
Versions 1.18.2 through 2.0.0 of John FranksÂ’ WN Server application
are suceptible to remote exploition of a buffer overflow that an
attacker could cause arbitrary code
[LoWNOISE] Get Knowledge SunONE Starter Kit - Sun Microsystems/Astaware
by Efrain 'ET' Torres, Colombia 2002.
[EMAIL PROTECTED]
+Disclaimer: blah.
+Product: -SunONE Starter Kit v2.0 (Sun Microsystems)
CD-ROM Version
-ASTAware SearchDisk 2002. (ASTAWARE Technologies
-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: Updated unzip and tar packages fix vulnerabilities
Advisory ID: RHSA-2002:096-24
Issue date:2002-05-20
Updated on:2002-09-18
e-matters GmbH
www.e-matters.de
-= Security Advisory =-
Advisory: Fetchmail remote vulnerabilities
Release Date: 2002/09/29
Last Modified: 2002/09/29
Author: Stefan Esser [[EMAIL PROTECTED]]
[ Illegal Instruction Labs Advisory ]
[-]
Advisory name: XSS bug in Monkey (0.5.0) HTTP server
Advisory number: 14
Application: Monkey (0.5.0) HTTP server
Application author: Eduardo Silva
-BEGIN PGP SIGNED MESSAGE-
__
SuSE Security Announcement
Package:heimdal
Announcement-ID:SuSE-SA:2002:034
Date: Mon Sep
[ Illegal Instruction Labs Advisory ]
[]
Advisory name:Winamp 3 (1.0.0.488) XML parser buffer overflow
vulnerability
Application: Winamp 3 1.0.0.488
Homepage:
On Fri, 27 Sep 2002, Jose Marcio Martins da Cruz wrote:
Some days ago, we're talking about RFC 2046 message fragmentation
vulnerability.
There is another related RFC 2046 vulnerability :
message/external-body message type.
RFC 2046 message/external-body MIME type allows to send messages
VULNERABLE APPLICATION: rogue in FreeBSD (tested on 4.6-RELEASE)
ABOUT APPLICATION: rogue is a fantasy game which is indirectly setgid games
IMPACT: low/medium
EXPLOITATION:
we can be egid=games, with this we can:
1. edit score files in /var/games
2. /var/games use as a storage directory