Hi Mike and the list,
That is one side of an issue I have described in
http://online.securityfocus.com/archive/1/273101
http://online.securityfocus.com/archive/1/273101
I have to admit, your message captures attention much better than mine. All
for good, if that will be fixed.
The issue
Dear All,
The issue of vulnerabilities in event-driven systems has been mentioned
last month (7th July 2002) in the vuln-dev mailling list at
http://online.securityfocus.com/archive/82/280912/2002-07-04/2002-07-10/0
Perhaps vuln-dev is not that popular as bugtraq :'(. Time to switch
To: [EMAIL PROTECTED] [EMAIL PROTECTED]
[EMAIL PROTECTED] [EMAIL PROTECTED]
__
Caldera International, Inc. Security Advisory
Subject:Linux: local off by one in cvsd
Advisory number:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 147-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
August 8th, 2002
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mandrake Linux Security Update Advisory
Package name: util-linux
Advisory
Macromedia Shockwave Flash Malformed Header Overflow
Release Date: August 8, 2002
Severity:
High (Remote Code Execution)
Systems Affected:
Macromedia Shockwave Flash - All Versions;
Unix and Windows; Netscape and Internet Explorer
Description:
While working on some pre-release eEye Retina
Sun(TM) ONE / iPlanet Web Server 4.1 and 6.0 Remote Buffer Overflow
Release Date: August 8, 2002
Severity:
High (Remote SYSTEM/ROOT)
Systems Affected:
iPlanet 6.0 and prior
Description:
A vulnerability in transfer chunking can be exploited to remotely execute
code of an attacker's choice on a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Cisco PSIRT would like clarify the issue raised in the following
iDEFENSE Security Advisory.
The installation script for the linux-iscsi drivers on Cisco's worldwide
web site (http://www.cisco.com/) and the corresponding mirrored
At 06:15 PM 8/7/2002, Atsushi Nishimura wrote:
--
SNS Advisory No.55
Eudora 5.x for Windows Buffer Overflow Vulnerability rev.2
Problem first discovered: 6 Jun 2002
Published: 5 Aug 2002
Last revised: 8 Aug 2002
-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: Updated bind packages fix buffer overflow in resolver library
Advisory ID: RHSA-2002:133-13
Issue date:2002-07-01
Updated on:
Unix version is still vulnerable as Macromedia didnt
updated its Flash plugin for Unix systems.
__
Do You Yahoo!?
HotJobs - Search Thousands of New Jobs
http://www.hotjobs.com
On Thu, Aug 08, 2002 at 05:26:20PM -0700, Marc Maiffret wrote:
Vendor Status:
Macromedia has released a patch for this vulnerability, available at:
http://www.macromedia.com/v1/handlers/index.cfm?ID=23293Method=FullTitle=M
-BEGIN PGP SIGNED MESSAGE-
For Immediate Disclosure
=== SUMMARY
Title: Apache 2.0 vulnerability affects non-Unix platforms
Date: 9th August 2002
Revision: 2
Product Name: Apache HTTP server 2.0
OS/Platform: Windows, OS2, Netware
From Developer:
Falcon Web Server is running under Windows NT/2000/XP as well as Windows
95/98. It supports ISAPI and WinCGI, and it is a fully functional web
server which is capable of running a small / medium scale website of about
50-80 hits per minute. The real advantage of Falcon Web
On Wed, 7 Aug 2002, Alex Loots wrote:
Hi Mike,
I visited your demo at https://www.thoughtcrime.org. It appears that Thawte is
the TTP instead of Verisign. Does this make any difference for example the
certificate extensions?
First of all, https://www.thoughtcrime.org is NOT the demo site.
So, unless I'm mistaken, there's no way to patch MS Desktop Engine for
this bug. Unless someone can point out a way to get it to SP2, since the
SQL Server SP2 installer won't work for it.
Also, does anyone find it odd that you have to literally copy a dll over
another dll to apply the hotfix?
16 matches
Mail list logo
