Re: Enomaly ECP/Enomalism: Silent update remote command execution vulnerability

2009-02-16 Thread lars
We've just released an update to Enomaly ECP (v 2.2.2) that addresses this issue. This update removes a fallback feature implemented some time ago which was found to have escaped our usual rigorous QA process. Although no users experienced any security issues, a potential security vulnerability

Re: SEP(Symantec) Bug

2009-02-16 Thread secure
Symantec has reviewed the issue that was reported with smc.exe crashing from the command line. We have confirmed that an improperly formatted command line can cause the user mode process to crash. However, the privileged service process is unaffected. The client machine maintained full

[security bulletin] HPSBPI02398 SSRT080166 rev.2 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files

2009-02-16 Thread security-alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01623905 Version: 2 HPSBPI02398 SSRT080166 rev.2 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files NOTICE: The

Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh (redux)

2009-02-16 Thread Sam Johnston
Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh (redux) Synopsis All versions of Enomaly ECP/Enomalism[1] before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for CVE-2008-4990[2] and CVE-2009-0390[3] in 2.1.1 and 2.2 were found

[SECURITY] [DSA 1725-1] New websvn packages fix information leak

2009-02-16 Thread Thijs Kinkhorst
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1725-1 secur...@debian.org http://www.debian.org/security/ Thijs Kinkhorst February 15, 2009

[UPRSN] Ubuntu Privacy Remix 8.04r3 fixes security issues

2009-02-16 Thread Ubuntu Privacy Remix Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ### UPR Security Notice UPRSN-08_03 January 16, 2009 several vulnerabilities ### Ubuntu Privacy Remix (UPR), based on Ubuntu

[waraxe-2009-SA#072] - Multiple Vulnerabilities in RavenNuke 2.3.0

2009-02-16 Thread come2waraxe
[waraxe-2009-SA#072] - Multiple Vulnerabilities in RavenNuke 2.3.0 === Author: Janek Vind waraxe Date: 16. February 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-72.html Description of

[ MDVSA-2009:037 ] bind

2009-02-16 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:037 http://www.mandriva.com/security/

RFI Bug

2009-02-16 Thread Dr . linux
ViArt Shop 3.6 Remote File Include BUG FreeDownload : http://www.viart.com/tracking_downloads.php?fn=viart_shop-3.6.zip #FOUND BY : Dr-Linux #Mail : dr.li...@gmx.net include_once($root_folder_path.includes/common.php); include_once($root_folder_path

[ MDVSA-2009:038 ] blender

2009-02-16 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:038 http://www.mandriva.com/security/

[ MDVSA-2009:039 ] gedit

2009-02-16 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:039 http://www.mandriva.com/security/