RE: Cisco PIX embryonic state machine 1b data DoS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Response == This is Cisco PSIRT's response to the statements made by Arhont Ltd.- Information Security in their messages: Cisco PIX embryonic state machine 1b data DoS and Cisco PIX embryonic state machine TTL(n-1) DoS both posted

[FLSA-2006:168264-1] Updated XFree86 packages fix security issues

- Fedora Legacy Update Advisory Synopsis: Updated XFree86 packages fix security issues Advisory ID: FLSA:168264-1 Issue date:2006-03-07 Product: Red Hat Linux, Fedora Core Keywords:

[FLSA-2006:168264-2] Updated X.org packages fix security issue

- Fedora Legacy Update Advisory Synopsis: Updated X.org packages fix security issue Advisory ID: FLSA:168264-2 Issue date:2006-03-07 Product: Fedora Core Keywords: Bugfix

[FLSA-2006:168516] Updated pcre packages fix a security issue

- Fedora Legacy Update Advisory Synopsis: Updated pcre packages fix a security issue Advisory ID: FLSA:168516 Issue date:2006-03-07 Product: Red Hat Linux, Fedora Core Keywords:

[FLSA-2006:176751] Updated gpdf package fixes security issues

- Fedora Legacy Update Advisory Synopsis: Updated gpdf package fixes security issues Advisory ID: FLSA:176751 Issue date:2006-03-07 Product: Fedora Core Keywords: Bugfix

[ MDKSA-2006:053 ] - Updated freeciv packages fix DoS vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2006:053 http://www.mandriva.com/security/

CanSecWest/core06 Vancouver April 3-7

The call for papers is now closed and the proposals have been reviewed for the CanSecWest/core06 Applied Technical Security Conference held on April 5-7 2006 at the Mariott Renaissance Harbourside in Vancouver, B.C. Canada. The selected submissions are : An hour of Rap and Comedy about SAP -

[security bulletin] HPSBTU02100 SSRT050979 rev.1 - HP Tru64 UNIX IPSEC/ISAKMP Remote Denial of Service (DoS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00602119 Version: 1 HPSBTU02100 SSRT050979 rev.1 - HP Tru64 UNIX IPSEC/ISAKMP Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as

[eVuln] EKINboard 'img' BBCode XSS Cookie 'username' SQL Injection Vulnerabilities

New eVuln Advisory: EKINboard 'img' BBCode XSS Cookie 'username' SQL Injection Vulnerabilities http://evuln.com/vulns/88/summary.html Summary eVuln ID: EV0088 Software: EKINboard Sowtware's Web Site: http://www.ekinboard.com/ Versions: 1.0.3 Critical Level:

Re: [CORRECTIONS AND ADDITIONS ]Azbb v1.1.00 Cross-Site Scripting

The mentioned issue, ie passing script via the form, will only affect the USER who is doing it. JavaScripts are client side scripts. It has no effect on the AZbb, the server or the forum.

Re: AVG 7 granting Everyone Full Control to updated files... even its drivers

Grisoft issued a fix for the Problem, wich installs with the latest Update: --- AVG Anti-Virus Update --- (03/08/2006) ** AVG Anti-Virus 7.1 ** --- information about Update --- Update Summary: * fix for the

textfileBB = 1.0 Multiple XSS

ORIGIONAL: http://notlegal.ws/textfilebbmessanger.txt software: textfileBB vendors website: http://tfbb.jcink.com/ versions: = 1.0 class: remote status: unpatched exploit: available solution: not available discovered by: retard

capi4hylafax insecure manipulation with tmp files

capi4hylafax suite (http://freshmeat.net/projects/capi4hylafax/ ) is addon for hylafax fax server (http://www.hylafax.org/) vulnerable: capi4hylafax-01.03.00 /probably others/ in capi4hylafax-01.03.00/src/faxrecv/faxrecv.cpp : #ifdef GENERATE_DEBUGSFFDATAFILE dwarning (DebugSffDataFile ==

Re: PHP-based CMS mass-exploitation

On Tue, 7 Mar 2006, Daniel Bonekeeper wrote: 83.84.14X.XXX - - [06/Mar/2006:18:18:12 -0500] GET

[KAPDA::#32] - d2kBlog 1.0.3 Multiple Vulnerabilities

KAPDA New advisory Vulnerable products : d2kBlog = 1.0.3 Vendor: http://www.d2ksoft.com/ Risk: Medium Vulnerabilities: SQL_Injection , Script Insertion Date : Found : 2006/01/01 Vendor Contacted : 2006/01/02 Release Date : 2006/03/08 About D2KBlog :

[SECURITY] [DSA 988-1] New squirrelmail packages fix several vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 988-1 [EMAIL PROTECTED] http://www.debian.org/security/ Moritz Muehlenhoff March 8th, 2006

a worm for mediaWiki??

Hi, i've noticed a strange thing on MediaWiki that i used sometimes. The highlight word on the varius articoles on mediaWiki was replace with strange string like this: NaodW29-pre1dc0e53c28ac067d0016 For look this on google see here: http://www.google.com/search?hl=enlr=q=NaodW29btnG=Search

HR Block contact - SOLVED

Thanks to everyone that helped with this one. I was able to get the issue resolved and a patch is forthcoming. -Fixer *From:* Fixer [mailto:[EMAIL PROTECTED] *Sent:* Tue 2/21/2006 11:27 AM *To:*

Re: a worm for mediaWiki??

\vitamona\ [EMAIL PROTECTED] wrote on 03/08/2006 02:40:43 PM: The highlight word on the varius articoles on mediaWiki was replace with strange string like this: NaodW29-pre1dc0e53c28ac067d0016 This is due to changes in PHP 4.4.1 and 5.1.0RC, and was fixed in MediaWiki version 1.5.2:

18 ways to escalate privileges in Zone Labs ZoneAlarm Security Suite build 6.1.744.000

Summary: 18 ways to escalate privileges in Zone Labs ZoneAlarm Security Suite build 6.1.744.000 (http://www.zonelabs.com/) Details: During Windows startup the TrueVector service (vsmon.exe - an integral piece of most Zone Labs products) is set to startup automatically. The TrueVector service runs

[ MDKSA-2006:054 ] - Updated kdegraphics packages fixes overflow vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2006:054 http://www.mandriva.com/security/