It has been brought to our attention that the first problem we disclosed in
our Google advisory ("Tap [eavesdrop] to key presses in the toolbar's search
box") also affects the following toolbars:
Alexa v6.5.11775 from
http://pages.alexa.com/prod_serv/quicktour.html?p=TBMenu_W_t_40_L1
Ask Jeeves
On Sun, Aug 18, 2002 at 09:01:13PM -0400, dvdman wrote:
> /* Proof Of Concept exploit for the Freebsd file descriptors bug. Freebsd
> thought they fixed this months ago well guess again :P Thanks to the
> Freebsd kernel you may now enjoy local root on all freebsd <=4.6 ;) */
[...]
> And Freebsd
Author: Stan Bubrouski
Date: 19 August 2002
Product: Bonsai
Versions Affected: All(Current and CVS all vulnerable)
Severity: Cross Site Scripting is possible in several
places due to a lack of stripping of tags from input.
Some error messages also contain CSS and reveal the
physical path of the Bo
I already brought light on this issue few months back. I contacted the
author through Private Message but never got a reply. The similar issue
also exists in Post Nuke (http://www.postnuke.com). See
http://www.securitytracker.com/alerts/2002/Mar/1003781.html and
http://packetstorm.decept
Hi, I have found a discrepancy between mod_auth and ServerTokens Prod.
Using, openbsd CURRENT , apache 1.3.26, as the example:
I add the following line to the httpd.conf file :
ServerTokens Prod
So, when I try to get the version/modules of apache with the HEAD
method, I obtain as a reply o
To: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
[EMAIL PROTECTED]
__
Caldera International, Inc. Security Advisory
Subject:UnixWare 7.1.1 Open UNIX 8.0.0 : REVISED: rpc.ttdbse
W3C Jigsaw Proxy Server: Cross-Site Scripting Vulnerability
===
Affected:
Jigsaw 2.2.0 and earlier
http://www.w3.org/Jigsaw/RelNotes.html#2.2.0
Fixed:
Jigsaw 2.2.1
http://www.w3.org/Jigsaw/RelNotes.html#2.2.1
Exploit:
http://none
Hi reader,
I would like to inform you about multiple security
vulnerabilities in Microsoft File Transfer
Manager (FTM) ActiveX control used for secure file
delivery to/from Microsoft prior to June 2002.
All known to me vulnerabilities was reported to Microsoft
(to FTM Product Manager and Secu
Hi Folks,
In an effort to cater to the community, I'm pleased to announce the launch
of two new security discussion lists here at SecurityFocus.
Our first new list is aimed at the BSD series of operating systems. This
includes the operating systems NetBSD, FreeBSD, OpenBSD, and BSD/OS. This
wi
[Mantis Advisory/2002-04] Arbitrary code execution vulnerability in Mantis
0. Table of Contents
1. Introduction
2. Summary / Impact analysis
3. Affected versions
4. Workaround / Solution
5. Detailed explanation
6. Credit
7. Contact details
1. Introductio
[Mantis Advisory/2002-02] Limiting output to reporters can be bypassed
0. Table of Contents
1. Introduction
2. Summary / Impact analysis
3. Affected versions
4. Workaround / Solution
5. Detailed explanation
6. Contact details
1. Introduction
Mantis is an Ope
[Mantis Advisory/2002-01] SQL poisoning vulnerability in Mantis
0. Table of Contents
1. Introduction
2. Summary / Impact analysis
3. Affected versions
4. Workaround / Solution
5. Detailed explanation
6. Contact details
1. Introduction
Mantis is an Open Sourc
Good Day. The information below is the same as the security advisory regarding
kerio mail server. Thank YOU!
==CUT===
NSSI-Research Labs Security Advisory
http://www.nssolution.com
"Maximum e-security"
http://nssilabs.nssolution.com
Kerio Mail Serve
/* Proof Of Concept exploit for the Freebsd file descriptors bug. Freebsd
thought they fixed this months ago well guess again :P Thanks to the
Freebsd kernel you may now enjoy local root on all freebsd <=4.6 ;) */
iosmash2.c
Description: Binary data
On Fri, 2002-08-16 at 09:11, robert walker wrote:
> A huge amount of infrastructure is managed remotely via
> SSL and IE these days. It just boggles the mind the
> extent to which the security integrity of that
> infrastructure is now under a cloud unknowing.
Actually, the SSL vulnerability is a
Thanks to IE's liveconnect features the whole applet should be fully
scriptable, decompiling the applet revealed that there is a public load
(String name) function so you probably can get something like this to work
while (true) {
xmldso.load('myexefile.exe');
}
here's another code snipped
-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: Updated libpng packages fix buffer overflow
Advisory ID: RHSA-2002:151-21
Issue date:2002-07-23
Updated on:2002-08-14
Product:
[Mantis Advisory/2002-03] Bug listings of private projects can be viewed
through cookie manipulation
0. Table of Contents
1. Introduction
2. Summary / Impact analysis
3. Affected versions
4. Workaround / Solution
5. Detailed explanation
6. Contact details
1.
[Mantis Advisory/2002-05] Arbitrary code execution and file reading
vulnerability in Mantis
0. Table of Contents
1. Introduction
2. Summary / Impact analysis
3. Affected versions
4. Workaround / Solution
5. Detailed explanation
5.1 Arbitrary code execution
Lynx CRLF Injection
PROGRAM: Lynx
VENDOR: Lynx-Dev List <[EMAIL PROTECTED]>
HOMEPAGE: http://lynx.browser.org/
VULNERABLE VERSIONS: 2.8.4rel.1, 2.8.5dev.8, 2.8.3rel.1, 2.8.2rel.1,
possibly others
IMMUNE VERSIONS: 2.8.4rel.1 with all patches applied
PATCH: ftp://lynx.isc.org/
No so much a bug, more an issue of another default installation setup.
After writing an exploit for the winhelp32, I tested on a pc that had
Tiny 2 installed. As I expected Tiny stopped the outbound connection.
Testing on a Tiny 3 version had no warnings of the outbound connection.
Upon investi
Sir Mordred The Traitor <[EMAIL PROTECTED]> writes:
> --[ How to reproduce:
> psql> select cash_words('-70');
> pgReadData() -- backend closed the channel unexpectedly.
>
> The connection to the server was lost...
>
> --[ Solution:
> Upgrade to version
nCipher Security Advisory No. 5
C_Verify validates incorrect symmetric signatures
-
SUMMARY
---
When C_Verify is called on a symmetric signature, the nCipher PKCS#11
cryptographic library always returns CKR_OK,
FUDforum file access and SQL Injection
PROGRAM: FUDforum
VENDOR: Advanced Internet Designs Inc. <[EMAIL PROTECTED]>
HOMEPAGE: http://fud.prohost.org/
VULNERABLE VERSIONS: 2.0.2, possibly others
IMMUNE VERSIONS: 2.2.0 and above
LOGIN REQUIRED: no (some issues), admin (some issues)
SEVERITY: mediu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
KDE Security Advisory: Konqueror SSL vulnerability
Original Release Date: 2002-08-18
URL: http://www.kde.org/info/security/advisory-20020818-1.txt
0. References
http://online.securityfocus.com/archive/1/286290/2002-07-31/2002-08-06/0
htt
// @(#) Mordred Labs Advisory 0x0001
Release data: 19/08/02
Name: Buffer overflow in PostgreSQL
Versions affected: <= 7.2
Risk: average
--[ Description:
PostgreSQL is an advanced object-relational database management system
that supports an extended subset of the SQL standard, including
transact
NGSSoftware Insight Security Research Advisory
Name:Multiple Remote Buffer Overruns TOMAHAWKS' STEELARROW
Systems Affected: WinNT, Win2K (Not tested on other platforms)
Severity: High Risk
Category: Remote System Buffer Overrun
Vendor URL: http://www.tomahawk.com
Author: M
---
Sentor Torparfar Advisory #001
Title: Insufficient Verification of Client Certificates in IIS 5.0 pre sp3
Date: August 16, 2002
Author: Johan Persson <[EMAIL PROTECTED]>
---
NGSSoftware Insight Security Research Advisory
Name: Arbitrary File Creation/Overwrite with SQL Agent Jobs
Systems: Microsoft SQL Server 2000 and 7
Severity: High Risk
Category: Arbitrary File Creation/Overwrite
Vendor URL: http://www.microsoft.com/
Author: David Litchfield ([EMAIL PROTECTED])
Ad
-BEGIN PGP SIGNED MESSAGE-
=
FreeBSD-SA-02:38.signed-error Security Advisory
The FreeBSD Project
Topic: Boundary ch
30 matches
Mail list logo