the qmail-smtpd-auth patch is a commonly used patch to qmail which allows
the qmail-smtpd program to support the AUTH extension, by specifying a
checkpassword program on the command line. the homepage for the patch is:
http://members.elysium.pl/brush/qmail-smtpd-auth/
the patch modifies
Hello,
I was reading the IE chromeless window vulnerabilities thread and thought
maybe I could add some proof of concept to this discussion.
This very simple demo:
http://www.systemintegra.com/ie-fullscreen/
shows how system password could be captured thanks to Internet Explorer
working in
---
ERA IT Solutions AGhttp://www.era-it.ch
Security Advisory - xfstt-1.4 vulnerability - 11/07/2003
---
1. Vulnerability description
2. Impact
3.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- --
PACKAGE : ucd-snmp
SUMMARY : Remote heap overflow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- --
PACKAGE : mpg123
SUMMARY : Local buffer overflow
-BEGIN PGP SIGNED MESSAGE-
__
SuSE Security Announcement
Package:nfs-utils
Announcement-ID:SuSE-SA:2003:031
Date: Tue Jul
There are remotely exploitable flaws in Citadel/UX BBS software. See
attached advisory for details and links to updated packages.
Regards,
Carl
Security Vulnerability Advisory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 350-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
July 15th, 2003
Hi all.
I can confirm this behaviour for the following product:
Asus AAM 6330BI, firmware version 71238a11
This device is for example delivered by the german DSL-provider NetCologne.
cw wrote:
If the inbuilt webserver is activated, anyone on the local network
can get the full user/pass list from
On Mon, Jul 14, 2003 at 07:45:38PM +0100, cw wrote:
Asus have been notified but haven't even acknowledged yet alone mentioned a fix.
If the inbuilt webserver is activated, anyone on the local network
can get the full user/pass list from the router without any identification
It's far worse
On Tue, 15 Jul 2003 14:01:34 +0100, Ben Wheeler wrote:
It's far worse than that, if the state in which my router was
supplied is typical. As I received it, the webserver was enabled by
default, *and* was accessible from the internet as well as the
local network.
I too got my router from
Hello,
behind my DSL-router Teledat 530 I have a Windows-box with a Norton
Firewall 2003. The Symantec security scan on
http://security.symantec.com/ssc/ (I think a normal portscan) lets the
router crash - reboot is required.
The vendor (Deutsche Telekom) told me to uninstall Norton Firewall
In-Reply-To: [EMAIL PROTECTED]
Apple has released a Security Update for MacOS X 10.2.6 which
addresses this problem. Info available here:
http://docs.info.apple.com/article.html?artnum=120232
Any user can inject html code when create a new post.
The bug are in the post icon:
lt;img src=icon.gif etc.gt;
If you create a personalized form with this code:
icon.gifgt;lt;scriptgt;alert('bug');lt;scriptgt;lt;any
tag=
the final code of the post icon is:
lt;img
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] nfs-utils packages replaced (SSA:2003-195-01b)
New nfs-utils packages are available for Slackware 8.1, 9.0, and -current
to replace the ones that were issued yesterday. A bug in has been fixed
in utils/mountd/auth.c that could
The story about the insecure Diebold electronic voting system recently
forwarded to Bugtraq was certainly disturbing, but here's something even
worse (though some of it is old news):
The Federal Bureau of Investigation administers the Communications
Assistance to Law Enforcement Act
Build in release mode, not debug otherwise it will crash.
/* tac0tac0.c - pay no attention to the name, long
story...
*
*
*
* Author: Maceo
* Modified to take advantage of CAN-2003-0496 Named
Pipe Filename
* Local Privilege Escalation Found by @stake. Use with
their advisory
*
17 matches
Mail list logo
