-BEGIN PGP SIGNED MESSAGE-
__
SGI Security Advisory
Title: rpcbind/fsr_efs/mv/errhook/uux vulnerabilities
Number: 20020903-01-P
Date: October 3, 2002
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 169-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
October, 4th, 2002
This is nothing more than a newly disclosed way of exploiting an old
bug, hardly newsworthy unless you're in the dot slash hacking business. In
the spirit of giving credit where credit is due, I'd like to note that the
bug was originally found by duke (ISS/ADM) of course. This method of
phpLinkat is a free Web-Based link indexing script written in PHP and
runs on MySQL.This product is server is vulnerable to the Cross-Site
Scripting vulnerability would allow attackers to inject HTML and script
codes into the pages and execute it on the clients browser as if it were
-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: Updated packages fix PostScript and PDF security issue
Advisory ID: RHSA-2002:212-06
Issue date:2002-09-25
Updated on:
Product : Cisco SCA 11000 Series Secure Content Accelerator
Product URL : http://www.cisco.com/warp/customer/cc/pd/cxsr/ps2083/
CVE : CAN-2002-0656
Software release: All current releases
Vendor status : PSIRT and TAC notified 2002/09/17, last update 2002/09/24
Patch
BearShare Directory Traversal Issue Resurfaces
Article reference:
http://www.securiteam.com/windowsntfocus/6D0010A5PU.html
SUMMARY
A while back BearShare 2.2.2 was
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Predefined Restriction Tables Allow Calls to
International Operator
Revision 1.0: Final
For Public Release 2002 October 04 15:30 GMT
- ---
Dear bugtraq,
Ikonboard CSS bug via [IMG] tag was reported long time ago for 3.0.x.
The only change in Ikonboard 3.1.1 (at least on sending private
messages) is it checks URL extension to be .gif or .jpg, so
[IMG]javascript:alert(document.cookie).gif[/IMG] still
WinXP Pro(Gold) Insecure System Restore File Permissions
On the Windows XP Professional(Gold), the System Restore files
are not protected properly by NTFS ACL, so every local user can
access these important files.
System Restore files are stored in the System Volume Information
directory, and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
We can confirm the finding made by Matt Zimmerman [EMAIL PROTECTED] for all
older releases of the Cisco Secure Content Accelerator software.
Cisco has released version 3.2.0.20 of Cisco Secure Content Accelerator
software on September 27, 2002
-BEGIN PGP SIGNED MESSAGE-
The program logsurfer was designed to monitor any text-based
logfiles on systems in realtime. For more informations about
logsurfer we refer to
http://www.cert.dfn.de/eng/logsurf/home.html
1. Affected software:
All logsurfer versions including
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenPKG Security AdvisoryThe OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
[EMAIL PROTECTED]
proof of concept code demostrating how we can inject commands on a ptraced
telnet/ssh session, have fun.
[ [EMAIL PROTECTED] ][ http://www.acidlife.com/mayhem/tba/ ]
/*
*
* $Id: onelove.c,v 0.4 2002/10/03 2:10:27 xenion Exp $
*
*
14 matches
Mail list logo