-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: Updated Tcl/Tk packages fix local vulnerability
Advisory ID: RHSA-2002:148-06
Issue date:2002-07-22
Updated on:2002-08-12
Produ
CERN Proxy Server: Cross-Site Scripting Vulnerability
=
Affected:
CERN HTTPD 3.0A
http://www.w3.org/Daemon/Activity.html
Vendor Status:
CERN httpd team ([EMAIL PROTECTED]) was notified on Aug 10, 2001 but
they did not respond.
Exploi
TinySSL is an open source, compact (125k jar), SSLv3 client
implementation written in Java (1.1+). Version 1.02 and earlier is
vulnerable to the attack posted last week by Mike Benham:
http://online.securityfocus.com/archive/1/286290
An updated version (1.03) has been posted which fixes thi
-BEGIN PGP SIGNED MESSAGE-
_
SGI Security Advisory
Title: Bulk Data Services (BDS) vulnerability
Number: 20020804-01-P
Date: August 12, 2002
Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG
K. Jallad, J. Katz, and B. Schneier
We recently noted that PGP and other e-mail encryption protocols are, in
theory, highly vulnerable to chosen-ciphertext attacks in which the recipient
of the e-mail acts as an unwitting "decryp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
For Immediate Disclosure
== Summary ==
Security Alert: NOVL-2002-2963081
Title: Novell iManager (eMFrame 1.2.1) DoS Attack
Date: 12 Aug 2002
Revision: 1
http://theregister.co.uk/content/4/26620.html
[]
I've not tested this on IE because several researchers posting to Benham's
BugTraq thread
(http://online.securityfocus.com/archive/1/286895/2002-08-08/2002-08-14/1)
have confirmed the behavior. But I did test it on Mozilla 0.9.4, which Benh
-- Forwarded message --
Date: Sun, 11 Aug 2002 17:09:03 -0400
From: Niels Provos <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: OpenBSD Security Advisory: Select Boundary Condition
-BEGIN PGP SIGNED MESSAGE-
OpenBSD Security Adv
This is a follow-up to my previous advisory:
http://online.securityfocus.com/archive/1/286290/2002-07-31/2002-08-06/0
Thanks to everyone who helped verify the vulnerability.
I've written a small tool (sslsniff) that demonstrates the severity of
this vulnerability in a real-world setting. It pe
Hi,
There is a security risk with catsnmp catalog (in
$ORACLE_HOME/rdbms/admin)
which is shipped with 8i/9i releases.
--
Details : this file drop and recreate user dbsnmp with default
password
"dbsnmp" and give him some database privileges.
For 8i releases, these privileges are mostly g
On Fri, Aug 09, 2002 at 05:44:27PM -0400, Mike Chambers wrote:
> The linux and solaris updates will be avaliable later today.
>
> You will be able to download it at:
> www.macromedia.com/go/getflashplayer/
I've downloaded this fixed version, but it seems to be vulnerable to
something I've disco
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 148-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
August 12th, 2002
- ---
-BEGIN PGP SIGNED MESSAGE-
__
SuSE Security Announcement
Package:i4l
Announcement-ID:SuSE-SA:2002:030
Date: Mon Aug 12 1
***ENTERCEPT RICOCHET ADVISORY***
Date: Monday, August 12, 2002
Issue: Multi-Vendor CDE ToolTalk Database Server Remote Buffer Overflow
Vulnerability
DETAILS:
The ToolTalk component allows applications to communicate with each other
via remote procedure calls (RPC) acros
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Cisco VPN Client Multiple Vulnerabilities
Revision 1.0
For Public Release 2002 August 12 UTC 1500
--
Contents
Summary
Affected Produc
15 matches
Mail list logo
