> -Original Message-
> From: NGSSoftware Insight Security Research
> [mailto:[EMAIL PROTECTED]]
> Sent: Monday, July 08, 2002 17:33
> To: [EMAIL PROTECTED]
> Subject: New Paper: Microsoft SQL Server Passwords
>
>
> Hi all, I've written a paper on how users' passwords, or
> rather their
Sun iPlanet Web Server Remote File Viewing Vulnerability
Vendor:
Sun Microsystems
Product:
iPlanet Web Server 6.0 SP2
iPlanet Web Server 4.1 SP9
Netscape Enterprise Server 3.6
Platforms:
Windows 2000
Windows NT
On Mon, 8 Jul 2002, Kurt Seifried wrote:
> For example you can limit the amount of memory that user "bob" is allowed to
> use:
>
> user hardmemlock 4096
Uhhh... not quite. Linux kernel does not really provide a nice way of
enforcing per-user limits by default, IIRC (unless s
Kurt Seifried wrote:
>>Solution: no temporary solution yet, there should be a global per user
>>file limit, the reserved file descriptors should be given out under
>>another uid/euid policy. The NR_RESERVED_FILES limit seems to me to be
>>really low.
>>
>>
>
>Huh. Simply limit users, PAM prov
ALERT: Working Resources BadBlue #2
Vendor Notified: July 8, 2002
Working Resources have been informed of a
pair of denial of service conditions in
the BadBlue PWS.
The first vulnerability lies in the way a
GET request is handled. A specially
crafted GET request can crash the target
server.
Al
Kurt Seifried wrote:
>The available limits are:
>
> core -- Limits the core file size (KB); usually set to 0 for most users to
>prevent core dumps.
> data -- Maximum data size (KB).
> fsize -- Maximum file size (KB).
> memlock -- Maximum locked-in-memory address space (KB).
> nofile -- Maxim
DoS exploit for previously discussed issues in Shambala Server 4.5.
--
/***
* Daniel Nyström, Telhack 026 Inc. *
***/
http://www.SweSec.tk
http://www.telhack.tk
/ shambalax.c **
-BEGIN PGP SIGNED MESSAGE-
__
SuSE Security Announcement
Package:squid
Announcement-ID:SuSE-SA:2002:025
Date: Tuesday, Ju
Title: Watchguard Firebox Dynamic VPN Configuration Protocol DoS
BUG-ID: 2002030
Released: 9th Jul 2002
Problem:
A malicious user can crash the Dyna
NGSSoftware Insight Security Research Advisory
Name: iPlanet Search Buffer Overflow
Systems: iWS 6.0 and iWS 4.1
Severity: High Risk (if Search enabled)
Category: Remote Buffer Overrun Vulnerability
Vendor URL: http://www.iplanet.com/
Author: David Litchfield ([EMAIL PROTECTED])
Advisory URL: htt
| Greetings,
|
| This is a local exploit for a format string vulnerability in
| /usr/bin/artswrapper on Red Hat Linux release 7.2 (Enigma).
The first mail with the above subject was obviously a fake
and not written by me.
Thank you.
kanix.
11 matches
Mail list logo