_,'| _.-''``-...___..--';)
/_ \'. __..-' , ,--...--'''
\.`--''' ` /'
`-';' ; ; ;
__...--'' ___...--_..' .;.'
fL (,__'''
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Apache 2.0.47 Released
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the tenth public release of the Apache 2.0
HTTP Server. This Announcement notes the significant changes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 347-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
July 8th, 2003
ZH2003-2SA (security advisory): QShop priviledge escalation
Published: 09/07/2003
Released: 09/07/2003
Name: QShop priviledge escalation
Affected Systems: QShop v2.5 (and older versions?)
Issue: Remote attackers can obtain full access to the remote system
Author: [EMAIL PROTECTED]
In-Reply-To: [EMAIL PROTECTED]
went through the zkfingerd-2.0.2 source after reading this. curious on
exploitation :)... anyways, i am not seeing anywheres in the source where
the msg buffer can allow for direct user input(formats). only static
data/proper formats(including ones that look
--
(BSNS Advisory No.66
(BApache HTTP Server v2 Causes a DoS When Parsing a Type-Map File
(B
(BProblem first discovered on: Thu, 26 Dec 2002
(BPublished on: Wed, 09 Jul 2003
(BReference:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 344-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
July 8th, 2003
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 08 July 2003 8:14 am, Lethalman wrote:
If an admin say this command: '/msg operserv raw
:nickserv join #chan' NickServ join in that chan, ok.
If the command was: '/msg operserv raw : join #chan'
ircd go to SEGFAULT. Why?
*snip*
We can easily reproduce this bug on version 5.0.7 and 5.0.5 on Slackware
Linux and Phoenix and Mozilla browsers. You can choose Netscape or NCSA
compatibile browser in Adobe preferences, and WWWLaunchNetscape and
WWWLaunchNCSA functions.
You should not have problem with this bug. It is quite
In-Reply-To: [EMAIL PROTECTED]
Additional information on how to better protect a ProductCart-powered
store, and specifically on how to avoid unauthorized access to stores
using a MS Access database, is available at this address:
http://www.earlyimpact.com/pdf/ProductCart_Security_Tips.pdf
In
First off I have notified ICQ Inc. three days ago and what I got was
an automatic reply. I have released the exploit to encourage them to
release a new build of ICQ Pro. The vulnerability may be exploited
locally. If it was exploitable remotely make no mistake that I would
wait for a new release
(forwarded)
Subject: [GPM] Black Box Voting
Inside A U.S. Election Vote Counting Program
Tuesday, 8 July 2003, 6:20 pm
Article: Bev Harris
Inside A U.S. Election Vote Counting Program
By Bev Harris*
* Bev Harris is the Author of the soon to be published book Black Box Voting: Ballot
Message of Cau Moura Prado at Jul 5 13:30 ...
CMP Software: ICQ 2003a
CMP Threat: Login password can be bypassed locally
I maybe missed smth but does it mean ICQ 2003a and other mentioned
cache registered user's password regardless of yser's intention or you
guys just run your exploit just after
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Very good.
All one needs to do is ask. After wading through a mountain of childish,
almost fanatical defences of Microsoft and bitter flames for asking
the question, we have a solution from Microsoft today.
- - Forwarded Message from Microsoft
In-Reply-To: [EMAIL PROTECTED]
This security issue ONLY affects ProductCart v1.5 and before. It was fixed
several months ago. Users of ProductCart v1.5 can update their software
free of charge using the following fix, which also addresses the other
recently posted security issues.
From the Realm HOW-TO on the Tomcat 4.0/4.1 documentation pages:
For each of the standard Realm implementations, the user's password (by
default) is stored in clear text. In many environments, this is
undesireable because casual observers of the authentication data can
collect enough
_,'| _.-''``-...___..--';)
/_ \'. __..-' , ,--...--'''
\.`--''' ` /'
`-';' ; ; ;
__...--'' ___...--_..' .;.'
fL (,__'''
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 343-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
July 8th, 2003
Program: terminatorX 3.80
Impact: Users can gain local root
Discovered: jaguar
Writeup and exploits: Andrew Griffiths
1) Background
'terminatorX is a realtime audio synthesizer that allows you to scratch on
digitally sampled audio data (*.wav, *.au, *.ogg, *.mp3, etc.) the way
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 346-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
July 8th, 2003
[I sent this letter on 2003-06-28, but no letters arrived that day,
it seems. A second attempt.]
I see RedHat and Mandrake reactions to the vulnerability
in xpdf reported by Martyn Gilmore. But their updates do
not fix the problem.
They change xpdf, and make it filter out backquotes before
I actually *would* describe the bug below as a logwatch bug.
If you have a uid=0 program calling shell scripts from
data like filenames, those filenames should be sanitized.
It would be easy enough to scan the filename for unexpected
characters and refuse to use them on that basis.
something as
NGSSoftware Insight Security Research Advisory
Name: Microsoft Utility Manager Local Privilege Escalation
Systems Affected: Windows 2000 SP3
Severity: Medium Risk
Vendor URL: http://www.microsoft.com
Authors: Chris Paget [ [EMAIL PROTECTED] ]
Chris Anley [ [EMAIL PROTECTED] ]
[EMAIL PROTECTED] writes:
A urlCommand like the default netscape -remote 'openURL(%s)'
is OK since the %s is protected by single quotes.
How so? Consider an argument of
'`rm -rf /tmp/test`'
This expands to
netscape -remote 'openURL('`rm -rf /tmp/test`')'
where the single
#www.bright-shadows.net#
--#theblacksheeperik#--
affects only CatOS. No other Cisco
products are affected.
This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030709-swtcp.shtml.
Affected Products
=
The CatOS for the following Catalyst models are affected:
* Catalyst 4000 Series including models 2948G
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
We have received several inquiries regarding the advisory, Named
Pipe Filename Local Privilege Escalation that was published by
@stake on 07/08/2003. These answers should clarify where the
vulnerability actually lies so customers can make informed
Does anyone know if any safe sites out there to try to test whether or not
content filtering s/w is behaving as advertised? We simply want to test
things like unsigned ActiveX objects, malicious Java, mobile code, etc
that is SUPPOSE to be stripped out via this software. We want to use a
Application: PalmOS
Operating System: PalmOS
Vendor: Palm(tm)
Versions: ALL
Author: [EMAIL PROTECTED]
-[BACKGROUND]-:
PalmOS includes a pre-installed 'Security'
Application, which allows a Palm enabled device to add
weak security, to hide data and protect the PDA from
casual snoopers. One
A urlCommand like the default netscape -remote 'openURL(%s)'
is OK since the %s is protected by single quotes.
How so? Consider an argument of
'`rm -rf /tmp/test`'
xpdf already filters out single and double quotes, so
these do not occur in arguments.
30 matches
Mail list logo