[SECURITY] [DSA 159-1] New Python packages fix insecure temporary file use

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 159-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze August 28th, 2002

Origin of downloaded files can be spoofed in MSIE

OVERVIEW Microsoft Internet Explorer contains a flaw which allows the origin of a file shown in the download dialog to be spoofed. A download can be initiated automatically by a web site or a mail message. If Internet Explorer thinks the file isn't suitable to be opened directly,

Re: Security side-effects of Word fields

In-Reply-To: [EMAIL PROTECTED] Could you use this in say a network environtment? change this around a bit to get files that someone else has access to, but you dont? ie: { IF { INCLUDETEXT { IF { DATE } = { DATE } \\servername\usershare\a.txt c:\\a.txt } \* MERGEFORMAT } = \*

RE: White paper: Exploiting the Win32 API.

All of this brings up a couple of questions for me: 1. As I understand it, all this can be avoided by applying the simple, longtime standard maxim of trust no input, correct? (If correct, this leads me to murmur rhetorically Have today's developers no discipline?) 2. If the above is

iDEFENSE Security Advisory: Linuxconf locally exploitable buffer overflow

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 iDEFENSE Security Advisory 08.28.2002 Linuxconf locally exploitable buffer overflow vulnerability DESCRIPTION A vulnerability exists in linuxconf which if the LINUXCONF_LANG environment variable processes at least 964 bytes of data, a buffer

Re: iDEFENSE Security Advisory: Linuxconf locally exploitablebuffer overflow

Hmm. A default run of sharefuzz finds this bug, which I then told Mandrake about (as they are one of the few distributions that actually does distribute it +s) back in January or so. Course, they never fixed it, which goes to show you that sometimes the Open Source method is NOT the best method.

RE: White paper: Exploiting the Win32 API.

-Original Message- From: Rothe, Greg (G.A.) [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 27, 2002 10:00 AM To: 'Paul Starzetz'; Andrey Kolishak; [EMAIL PROTECTED] Subject: RE: White paper: Exploiting the Win32 API. All of this brings up a couple of questions for me: 1.

SWServer 2.2 directory traversal bug

## Auriemma Luigi, PivX security advisory Application: SWServer (http://www.geocities.com/tlhome2000/swserver.html) Version: 2.2 and previous Bug: Directory traversal bug Risk (high): An attacker can

Webmin Vulnerability Leads to Remote Compromise (RPC CGI)

Reference: http://www.securiteam.com/unixfocus/5CP0R1P80G.html Webmin Vulnerability Leads to Remote Compromise (RPC CGI) SUMMARY http://www.webmin.com Webmin is a web-based interface for system administration for

Manipulating Microsoft SQL Server Using SQL Injection

Hi All, I just posted a short white paper on Microsoft SQL Server and SQL Injection titled Manipulating Microsoft SQL Server Using SQL Injection at: http://www.appsecinc.com/news/briefing.html#inject14 The paper was written and researched by Cesar Cerrudo ([EMAIL PROTECTED]). All comments

Microsoft Terminal Server Client Buffer Overrun (A082802-1)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Microsoft Terminal Server Client Buffer Overrun Release Date: 08/28/2002 Application: Microsoft

Re: Kerio Mail Server Multiple Security vulnerabilities

Hi. This is a straight forward answer to what Mr. Jaroslav Snajdr of Kerio.com mail server dev is claiming that kerio mail server is not vulnerable. To clear things up and let the people judge. by the way Mr. Snajdr im recieving emails that they confirmed that the vulnerability in ur

Yet another SMB dos concept code

Here is a patch to samba-2.2.5, after patch and compile, you can use smbclient to test the windows machine. $ smbclient -L \\IP_ADDR -huagang --- source/libsmb/clirap.c.old Tue Aug 27 21:35:58 2002 +++ source/libsmb/clirap.c Tue Aug 27 21:31:28 2002 -237,8 +237,10