CERT Advisory CA-2002-18 OpenSSH Vulnerabilities in Challenge Response

-BEGIN PGP SIGNED MESSAGE- CERT Advisory CA-2002-18 OpenSSH Vulnerabilities in Challenge Response Handling Original release date: June 26, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected * Open

XSS in HTDIG

Eg; http://www.anyhost.com/cgi-bin/htsearch.cgi?words=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E (all URLS must be on one line) Apologies if this is a known issue. Apologies also for posting about XSS, too, but this is not an isolated website, but a commonly used service. =

OpenSSH Security Advisory (adv.iss)

1. Versions affected: All versions of OpenSSH's sshd between 2.9.9 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. OpenSSH 3.4 and later are not affected. OpenSSH 3.2 and later prevent privilege e

Administrivia: Recent list delays

Dear subscribers, I regret to inform those who have not noticed already that there have been significant delays in distribution of Bugtraq traffic. This was due to severe problems that we have been having with lists.securityfocus.com and our two outgoing mailservers. It could not have come at a

Apache mod_ssl off-by-one vulnerability

Product: mod_ssl - http://www.modssl.org/ Date: 06/24/2002 Summary: Off-by-one in mod_ssl 2.4.9 and earlier By: Frank Denis - [EMAIL PROTECTED] - DESCRIPTION ---

SuSE Security Announcement: OpenSSH (SuSE-SA:2002:023)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:openssh Announcement-ID:SuSE-SA:2002:023 Date: Tue Jun 2

Now Online OWASP Guide to Building Secure Web Applications

We are pleased to announce that the first release of the Open Web Application Security Project “Guide to Building Secure Web Applications” is now online in both pdf (1.67Mb) and HTML. The Guide covers various web application security topics from architecture to preventing attack specifics l

Formatstring Vulnerability in decfingerd 0.7

Hello all, I have no idea if this is the most current version of this application, I found it while browsing packetstormsecurity earlier. For all I know it may not even be kept current anymore. Anyhow... bad call to syslog() is the culprit. I'm to lazy to code an exploit for this at the mom

[SECURITY] [DSA-134-3] Unknown OpenSSH remote vulnerability

-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-134-2 [EMAIL PROTECTED] http://www.debian.org/security/Michael Stone June 25, 2002 - ---

Re: ssh environment - circumvention of restricted shells

On Mon, Jun 24, 2002 at 08:08:12PM -0400, ari wrote: > Given the similarities with certain other security issues, i'm surprised > this hasn't been discussed earlier. If it has, people simply haven't > paid it enough attention. if you setup restricted accounts with restricted shells and allow unr

Security Update: [CSSA-2002-SCO.30] UnixWare 7.1.1 Open UNIX 8.0.0 : dtprintinfo buffer overflow with Help search

To: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] __ Caldera International, Inc. Security Advisory Subject:UnixWare 7.1.1 Open UNIX 8.0.0 : dtprintinfo buffer overflow with Help

[CLA-2002:500] Conectiva Linux Security Announcement - openssh

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -- PACKAGE : openssh SUMMARY : Remote vulnerability in O

Apache Chunked Vulnerability on Many Dell Servers running NT?

Dell Server Agents prior to v4.5 (installed from Dell OpenManage Applications CD v2.x) run Apache, but are they vulnerable?. They listen on port 7273 and will answer if you point a browser at them. Dell Server Agents v4.5 or later (installed from Dell OpenManage System Management CD v3.x) d

Re: apache-scalp.c

Hi, Does apache-scalp.c work against your OpenBSD or FreeBSD system or not. Either way it would be nice to know that you have some signed_exec code acting as an additional security layer to stop unauthorized binaries if not by denial at least then warning of their existence in Real Time. Our si

Remote buffer overflow in resolver code of libc

Please find advisory attached. Mark Lastdrager -- Pine Internet BV :: tel. +31-70-3111010 :: fax. +31-70-3111011 PGP 0xFF0EA728 fpr 57D2 CD16 5908 A8F0 9F33 AAA3 AFA0 24EF FF0E A728 Today's excuse: Radial Telemetry Infiltration -BEGIN PGP SIGNED MESSAGE- Hash: SHA1

Acrobat reader 5.05 temp file insecurity

Product: Acrobat Reader version "x86 linux 5.0.5 Apr 25 2002 11:55:36" (Other UNIX versions probably also affected, see Comments.) Problem and exploit: Acroread creates or overwrites the file /tmp/AdobeFnt06.lst.UID, and changes its permissions to wide open (mode 666); it also follows symlinks

ssh environment - circumvention of restricted shells

Given the similarities with certain other security issues, i'm surprised this hasn't been discussed earlier. If it has, people simply haven't paid it enough attention. This problem is not necessarily ssh-specific, though most telnet daemons that support environment passing should already be con

MDKSA-2002:040 - openssh update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mandrake Linux Security Update Advisory Package name: openssh Advisory ID:

IRIX pmpost vulnerability

-BEGIN PGP SIGNED MESSAGE- _ SGI Security Advisory Title: pmpost vulnerability Number: 20010601-01-I Date: June 24, 2002 Reference: SGI S

Re: Upcoming OpenSSH vulnerability

On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote: > There is an upcoming OpenSSH vulnerability that we're working on with > ISS. Details will be published early next week. > > However, I can say that when OpenSSH's sshd(8) is running with priv > seperation, the bug cannot be exploit

Sharity Cifslogin Buffer Overflow (arguments)

Sharity Cifslogin Buffer Overflow (arguments) = Author: ** Alex Hernandez <[EMAIL PROTECTED]> (C) 2002 ** Thanks all the people from Spain and Argentina. ** Greets to: Paco Spain, Gabriel M, L.martins. ** Thanks friends for all ur help Zillion

[SECURITY] [DSA-134-2] Unknown OpenSSH remote vulnerability

-BEGIN PGP SIGNED MESSAGE- - Debian Security Advisory DSA-134-2 [EMAIL PROTECTED] http://www.debian.org/security/ Wichert Akkerman June 25, 2002 - ---

New Paper - Violating Database Enforced Security Mechanisms

Hi folks, I've written a paper on runtime patching of database server code, which can be found here: http://www.ngssoftware.com/papers/violating_database_security.pdf It discusses "runtime patching" exploits, specifically in the context of Microsoft SQL Server 2000, but the techniques apply to

ISS Advisory: OpenSSH Remote Challenge Vulnerability

-BEGIN PGP SIGNED MESSAGE- Internet Security Systems Security Advisory June 26, 2002 OpenSSH Remote Challenge Vulnerability Synopsis: ISS X-Force has discovered a serious vulnerability in the default installation of OpenSSH on the OpenBSD operating system. OpenSSH is a free version of

A DoS against IE in W2K and XP? You Make the Call...

The following line of code will crash IE when the OS is Windows 2000 or Windows XP. I alerted Microsoft. They replied that it is not a security vulnerability according to their policy: = Begin MS reply "Suppose a flaw in a web browser could be m

phpsquidpass: unauthorized user deleting

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ppp-design found the following design error in phpsquidpass: Details - --- Product: phpsquidpass Affected Version: 0.11 and maybe all versions before Immune Version: 0.2 OS affected: all OS with php Vendor-URL: http://sourceforge.net/projects/ph

Salescart vuln.

Summary: In a business website which is made by Salescart, all customer records related to that website are reachable. All database can be hide to shop.mdb file, in fpdb directory. Any user can be reach this database whithous permission. There are some special informations this database and the