-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
/*
* Mon Sep 2 17:45:04 2002
*
* |SaMaN| aka Mert <[EMAIL PROTECTED]>
*
* Information : Anyone can kill SWS Web Server v0.1.0 remotely.
*
* Proof of Concept Exploit for SWS Web Server v0.1.0
*
* SWS homepage : http://www.linuxprogramlama.c
NGSSoftware has just published a paper on Threat Profiling Microsoft SQL
Server. For those that would like a copy you can do so here:
http://www.nextgenss.com/papers/tp-SQL2000.pdf
Cheers,
The NGSSoftware Insight Security Research team.
NGSSoftware Insight Security Research Advisory
Name: Windows .NET Server (RC1) and MSDE
Systems: Windows .NET Server (RC1) and MSDE 2000
Severity: High Risk
Category: Configuration
Vendor URL: http://www.microsoft.com/
Author: David Litchfield ([EMAIL PROTECTED])
Advisory URL: http://www.ngssoftw
NGSSoftware Insight Security Research Advisory
Name: sp_MSSetServerPropertiesn and sp_MSsetalertinfo
Systems: Microsoft SQL Server 2000
Severity: Low Risk
Category: Configuration
Vendor URL: http://www.microsoft.com/
Author: David Litchfield ([EMAIL PROTECTED])
Advisory URL:
http://www.ngssoftwar
===
Outlook S/MIME Vulnerability 09/02/02
Mike Benham <[EMAIL PROTECTED]>
http://www.thoughtcrime.org
===
Abstract
Outlook's S/MIME implementation is vulnerabl
For your reading pleasure I have attached some of the communication
between myself and CERT regarding the issues recently released at:
ftp://ftp1.support.compaq.com/public/unix/v5.1/T64V51B19-C0136901-15143-ES-20020817.txt
We are in the process of making our formal advisories out of these
"
Hi,
Microsoft's IE has a feature of storing login passwords for future use. With
(at least) IE 6 on Win2k SP3 (as well as others, see below,) if you see the
login screen with tag, and the cached password apears as astrisks, if you
stand at the beginning of the string and Ctrl+Shift+Right Arrow t
Using a private beta build, I have been unsuccessful in trying to
reproduce this particular problem, so it appears they have fixed the
problem, in solitude.
--
Sincerely - Venlig hilsen
Michael <[EMAIL PROTECTED]>
-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: Updated scrollkeeper packages fix tempfile vulnerability
Advisory ID: RHSA-2002:186-07
Issue date:2002-08-19
Updated on:2002-08
Radmin is a very fast, very powerful remote administrator server available
on Win95 and above. Radmin is used by help desks and fortune 500 clients
worldwide.
This software gives the user the ability to remotely monitor, control and
transfer files to and from his remote client via a password pro
Null HTTPd is a simple HTTP server that runs on Win32/Unix systems. It is
quite basic, but offers good CGI support. A vulnerability in Null HTTPd may
allow cross-site scripting via a 404 page:
http://localhost/a?x=alert(document.URL)
You have to place this in the query string so that it doesn'
Release date: September 2 2002
Author : Spybreak ([EMAIL PROTECTED])
Package : Scrollkeeper
Version : 0.3.4, 0.3.11
Severity: Medium to High
Vendor homepage : scrollkeeper.sourceforge.net
Status : vendor contacted
Problem : Insecure creation
12 matches
Mail list logo