[petrilli@digicool.com: [Zope] SECURITY ALERT]

- Forwarded message from Christopher Petrilli <[EMAIL PROTECTED]> - > User-Agent: Microsoft Outlook Express Macintosh Edition - 5.0 (1513) > Date: Tue, 04 Jan 2000 17:12:46 -0500 > Subject: [Zope] SECURITY ALERT > From: Christopher Petrilli <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>, <

Microsoft Security Bulletin (MS00-001)

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. Microsoft Security Bulletin (MS00-001) -

Re: Flaw in 3c59x.c or in Kernel?

Hi! > Using a home grown client/server app, I have been able to easily crash > Linux. The application is a > simple udp sender/receiver. The udp receiver runs on a Linux machine with a > 3c905b Ethernet > card which uses the latest version of the 3c59x.o module (v0.99L), and the > kernel is 2.2.

L0pht Advisory: RH Linux 6.0/6.1, PAM and userhelper

L0pht Security Advisory Advisory Name: PamSlam Advisory Released: [01/04/00] Application: userhelper and PAM on Redhat Linux 6.0/6.1 Severity: A local user can gain root access. Status: Vendor contacted. Fix provided by vend

New Allaire Security Zone Bulletins and KB Article

Dear Allaire Customer -- Several new security issues that may affect ColdFusion customers have come to our attention recently. Please visit the Security Zone at the Allaire Web site to learn about these new issues and what actions you can take to address them:

Re: Hotmail security hole - injecting JavaScript using

Kevin Hecht wrote: > While Hotmail obviously has a filtering hole, should the browser > manufacturers be on the hook here as well, given that javascript: URLs > probably shouldn't be rendered at all by the tag? JavaScript can be used to calculate the URL to open in a IMG tag. n What is more s

Re: irix-soundplayer.sh

In some mail from [EMAIL PROTECTED], sie said: > > > midikeys might not setuid these days but you get the idea... > > Worked fine on Irix 6.4 here... although i had to change csh to sh for some > reason... csh returned permission denied, 4755 and all. I assume the fix is to > take out the suid bit

Re: PHP3 safe_mode and popen()

Kristian Koehntopp [[EMAIL PROTECTED]] a écrit: > PHP3 (http://www.php.net) is a scripting language used in many > webhosting setups. Often in hosting setups so called "safe_mode" > is enabled, which restricts the user in many ways. For example, > in safe_mode you are supposed to be able to execut

FWD: Redhat advisory

Red Hat, Inc. Security Advisory Synopsis: New version of usermode fixes security bug Advisory ID: RHSA-2000:001-01 Issue date: 2000-01-04 Updated on: 2000-01-04 Keywords: root userhelper pam Cross references: 1. Topic: A security bug has been discovered and fixed in

Re: irix-soundplayer.sh

[EMAIL PROTECTED] writes: > > midikeys might not setuid these days but you get the idea... > > Worked fine on Irix 6.4 here... although i had to change csh to sh > for some reason... csh returned permission denied, 4755 and all. I > assume the fix is to take out the suid bit? Or remove/don

The WebTV Email Exploit

Is The Web TV Email Exploit fact or fiction and if so can any one post the explanation of how this thing works and why only WebTV? Thank you. -- 8""8""8 888 8 8 8 e e e 8 e e eee 88 e e 8e 8 8 8

Re: Hotmail security hole - injecting JavaScript using

This is not exactly the case. Hotmail says you do not have JavaScript because you do not have a 'js' hidden form field set to some value ('yes') by a small JavaScript on Hotmail's front-door login form. A simple script written in ELZA (http://phiphi.hypermart.net) will set this one to the correct

[rootshell] Security Bulletin #27

www.rootshell.com Security Bulletin #27 January 2nd, 2000 (Happy New Year!) [ http://www.rootshell.com/ ] (C) 1999-2000 Rootshell - Duplication permitted provided that this advisory is not modififed in any way. -- 01. Intel In

Re: irix-soundplayer.sh... NOT Irix 6.4

My system is Irix 6.2 not 6.4 as stated in previous msg, sorry for the inconvinience... -pda

Re: Flaw in 3c59x.c or in Kernel?

Of all the gin joints in all the towns in all the world, Sonny Parlin had to walk into mine and say: > I sent this once, but it never made it through, here is try number two... > > Using a home grown client/server app, I have been able to easily crash > Linux. The application is a > simple udp se

Re: Hotmail security hole - injecting JavaScript using

I have tested the code included in Georgi's email an it seems that Yahoo's web-based email is also vulnerable. solutions: disable JS   Kevin Hecht <[EMAIL PROTECTED]> wrote: Georgi Guninski wrote:>> Georgi Guninski security advisory #1, 2000>> Hotmail security hole - injecting JavaScript using >

Fw: [CERT Advisory CA-2000-01]

- Forwarded message from CERT Advisory <[EMAIL PROTECTED]> - Date: Mon, 3 Jan 2000 18:12:38 -0500 (EST) From: CERT Advisory <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: CERT Advisory CA-2000-01 Reply-To: [EMAIL PROTECTED] Organization: CERT(R) Coordination Center - +1 412-268-7090

Re: Hotmail security hole - injecting JavaScript using

Hi All - Wanted to let you know that we have developed a fix that eliminates this vulnerability, and have deployed it to all Hotmail servers. We're very sorry for any inconvenience this may have caused. Regards, [EMAIL PROTECTED] -Original Message- From: Georgi Guninski [mailto:[EMA

Re: irix-soundplayer.sh

> midikeys might not setuid these days but you get the idea... Worked fine on Irix 6.4 here... although i had to change csh to sh for some reason... csh returned permission denied, 4755 and all. I assume the fix is to take out the suid bit? -Pda

SHADOW and Y2K Problems

Version 1.6 of the SHADOW intrusion detection system passed through 1/1/00 with no problems. Those with earlier versions had a problem on their sensors. Our suggestion is to fetch the latest version of SHADOW (Version 1.6) from http://www.nswc.navy.mil/ISSEC/CID/shadowForm.html and install it. Fo

Yet another Hotmail security hole - injecting JavaScript in IE using

Georgi Guninski security advisory #2, 2000 Yet another Hotmail security hole - injecting JavaScript in IE using Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski is n

Re: majordomo local exploit

The following patch, built upon code and suggestions submitted by Henrik Edlund, Henrik Nordstrom, and Andrew Brown, is intended to render safe the config file requires, in the seven scripts which use them, in the Majordomo 1.94.4 home directory. It also incorporates Todd Miller's patch of Dec.

Flaw in 3c59x.c or in Kernel?

I sent this once, but it never made it through, here is try number two... Using a home grown client/server app, I have been able to easily crash Linux. The application is a simple udp sender/receiver. The udp receiver runs on a Linux machine with a 3c905b Ethernet card which uses the latest versi

Another search.cgi vulnerability

== #!/bin/csh security advisory Title : Vulnerabilities in the SolutionScripts.com Home Free CGI package. Advisory Ref : csh-adv:04.01.2000-CG

Subscription bomb tracing - feature request.

There have been quite a few subscribe bombs tossed around recently. While it's nice to see that most mailing list admins use confirm requests now, it would be a great help if the confirm requests contained at least the headers of the original request, to aid victims in tracing their attacker(s).

Re: Hotmail security hole - injecting JavaScript using

-BEGIN PGP SIGNED MESSAGE- Hello out there, At 14:34 03.01.00 , Georgi Guninski wrote: >Georgi Guninski security advisory #1, 2000 > >Hotmail security hole - injecting JavaScript using LOWSRC="javascript:"> ... >Workaround: Disable JavaScript this is a good security hint - but no wo

Re: Symlinks and Cryogenic Sleep

> [symlink-paranoia code] > However, consider an average setuid root application, [...]. When > the application reaches the critical section of code between the > lstat and the open, you stop it by sending it a SIGSTOP. If you can send it a SIGSTOP, either you're running as root (in which case

Re: Hotmail security hole - injecting JavaScript using

Georgi Guninski wrote: > > Georgi Guninski security advisory #1, 2000 > > Hotmail security hole - injecting JavaScript using LOWSRC="javascript:"> > > Disclaimer: > The opinions expressed in this advisory and program are my own and not > of any company. > The usual standard disclaimer applies

Re: Symlinks and Cryogenic Sleep

At 21:24 03.01.00 +0100, Olaf Kirch wrote: >Hi all, Hallo Olaf, >when you're dealing with files in /tmp that are supposed to be re-opened >(rather than opened once and then discarded) there's an established >way to do it which goes like this: > > if (lstat(fname, &stb1) >= 0 && S_ISREG(stb1

Re: Symlinks and Cryogenic Sleep

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 09:24 PM 1/3/00 +0100, you wrote: [snip] >When >the application reaches the critical section of code between the >lstat and the open, you stop it by sending it a SIGSTOP. You record >the device and inode number of your /tmp file, remove it, and wa

First Telecom E-conso service totally insecure

First Telecom, a company that provides a pre-paid calling card service in France, Germany and the United Kingdom, offers a service called E-conso which allows subscribers to check the current balance of their account and peruse the history of all calls they made through First Telecom. The WWW for

Re: HPUX Aserver revisited.

" " It is funny that HP fixed their earlier problem in the Oct98 version of " Aserver in the Jun99 version, but they introduced the same problem in a " different way. Aserver -f is used to force the Aserver to replace the I've been working with hp-ux for over 10 years. they've got an unfortunat

PHP3 safe_mode and popen()

PHP3 (http://www.php.net) is a scripting language used in many webhosting setups. Often in hosting setups so called "safe_mode" is enabled, which restricts the user in many ways. For example, in safe_mode you are supposed to be able to execute only programs from a safe_mode_exec_dir, if one is def