-BEGIN PGP SIGNED MESSAGE-
CERT Advisory CA-2002-18 OpenSSH Vulnerabilities in Challenge Response
Handling
Original release date: June 26, 2002
Last revised: --
Source: CERT/CC
A complete revision history can be found at the end of this file.
Systems Affected
* Open
Eg;
http://www.anyhost.com/cgi-bin/htsearch.cgi?words=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E
(all URLS must be on one line)
Apologies if this is a known issue.
Apologies also for posting about XSS, too, but
this is not an isolated website, but a commonly
used service.
=
1. Versions affected:
All versions of OpenSSH's sshd between 2.9.9 and 3.3
contain an input validation error that can result in
an integer overflow and privilege escalation.
OpenSSH 3.4 and later are not affected.
OpenSSH 3.2 and later prevent privilege e
Dear subscribers,
I regret to inform those who have not noticed already that there have been
significant delays in distribution of Bugtraq traffic. This was due
to severe problems that we have been having with lists.securityfocus.com
and our two outgoing mailservers. It could not have come at a
Product: mod_ssl - http://www.modssl.org/
Date: 06/24/2002
Summary: Off-by-one in mod_ssl 2.4.9 and earlier
By: Frank Denis - [EMAIL PROTECTED]
-
DESCRIPTION
---
-BEGIN PGP SIGNED MESSAGE-
__
SuSE Security Announcement
Package:openssh
Announcement-ID:SuSE-SA:2002:023
Date: Tue Jun 2
We are pleased to announce that the first release of
the Open Web Application Security Project “Guide to
Building Secure Web Applications” is now online in
both pdf (1.67Mb) and HTML.
The Guide covers various web application security
topics from architecture to preventing attack
specifics l
Hello all,
I have no idea if this is the most current version of this application, I
found it while browsing packetstormsecurity earlier. For all I know it may
not even be kept current anymore.
Anyhow... bad call to syslog() is the culprit. I'm to lazy to code an
exploit for this at the mom
-BEGIN PGP SIGNED MESSAGE-
-
Debian Security Advisory DSA-134-2 [EMAIL PROTECTED]
http://www.debian.org/security/Michael Stone
June 25, 2002
- ---
On Mon, Jun 24, 2002 at 08:08:12PM -0400, ari wrote:
> Given the similarities with certain other security issues, i'm surprised
> this hasn't been discussed earlier. If it has, people simply haven't
> paid it enough attention.
if you setup restricted accounts with restricted shells and allow
unr
To: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
__
Caldera International, Inc. Security Advisory
Subject:UnixWare 7.1.1 Open UNIX 8.0.0 : dtprintinfo buffer overflow
with Help
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- --
PACKAGE : openssh
SUMMARY : Remote vulnerability in O
Dell Server Agents prior to v4.5 (installed from Dell OpenManage Applications
CD v2.x) run Apache, but are they vulnerable?.
They listen on port 7273 and will answer if you point a browser at them.
Dell Server Agents v4.5 or later (installed from Dell OpenManage System
Management CD v3.x) d
Hi,
Does apache-scalp.c work against your OpenBSD or FreeBSD system or not.
Either way it would be nice to know that you have some signed_exec code
acting as an additional security layer to stop unauthorized binaries if
not by denial at least then warning of their existence in Real Time.
Our si
Please find advisory attached.
Mark Lastdrager
--
Pine Internet BV :: tel. +31-70-3111010 :: fax. +31-70-3111011
PGP 0xFF0EA728 fpr 57D2 CD16 5908 A8F0 9F33 AAA3 AFA0 24EF FF0E A728
Today's excuse: Radial Telemetry Infiltration
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Product:
Acrobat Reader version "x86 linux 5.0.5 Apr 25 2002 11:55:36"
(Other UNIX versions probably also affected, see Comments.)
Problem and exploit:
Acroread creates or overwrites the file /tmp/AdobeFnt06.lst.UID, and
changes its permissions to wide open (mode 666); it also follows
symlinks
Given the similarities with certain other security issues, i'm surprised
this hasn't been discussed earlier. If it has, people simply haven't
paid it enough attention.
This problem is not necessarily ssh-specific, though most telnet daemons
that support environment passing should already be con
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mandrake Linux Security Update Advisory
Package name: openssh
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
_
SGI Security Advisory
Title: pmpost vulnerability
Number: 20010601-01-I
Date: June 24, 2002
Reference: SGI S
On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote:
> There is an upcoming OpenSSH vulnerability that we're working on with
> ISS. Details will be published early next week.
>
> However, I can say that when OpenSSH's sshd(8) is running with priv
> seperation, the bug cannot be exploit
Sharity Cifslogin Buffer Overflow (arguments)
=
Author:
** Alex Hernandez <[EMAIL PROTECTED]> (C) 2002
** Thanks all the people from Spain and Argentina.
** Greets to: Paco Spain, Gabriel M, L.martins.
** Thanks friends for all ur help Zillion
-BEGIN PGP SIGNED MESSAGE-
-
Debian Security Advisory DSA-134-2 [EMAIL PROTECTED]
http://www.debian.org/security/ Wichert Akkerman
June 25, 2002
- ---
Hi folks,
I've written a paper on runtime patching of database server code, which can
be found here:
http://www.ngssoftware.com/papers/violating_database_security.pdf
It discusses "runtime patching" exploits, specifically in the context of
Microsoft SQL Server 2000, but the techniques apply to
-BEGIN PGP SIGNED MESSAGE-
Internet Security Systems Security Advisory
June 26, 2002
OpenSSH Remote Challenge Vulnerability
Synopsis:
ISS X-Force has discovered a serious vulnerability in the default
installation of OpenSSH on the OpenBSD operating system. OpenSSH is a
free version of
The following line of code will crash IE when the OS is Windows 2000 or
Windows XP.
I alerted Microsoft. They replied that it is not a security
vulnerability according to their policy:
= Begin MS reply
"Suppose a flaw in a web browser could be m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ppp-design found the following design error in phpsquidpass:
Details
- ---
Product: phpsquidpass
Affected Version: 0.11 and maybe all versions before
Immune Version: 0.2
OS affected: all OS with php
Vendor-URL: http://sourceforge.net/projects/ph
Summary:
In a business website which is made by Salescart, all
customer records
related to that website are reachable. All database
can be hide to
shop.mdb file, in fpdb directory. Any user can be
reach this database whithous permission.
There are some special informations this database and
the
27 matches
Mail list logo