MSIEv6 % encoding - Konqueror 3.0.3 also vulnerable

Hello, Test page for Konqueror is at: http://pp.siedziba.pl/2f/ I have also tested it with Mozilla 1.0 (Gecko/20020829) and Galeon 1.2.5 (Gecko/20020606) and found not vulnerable - the script throws Permission denied to get property HTMLDocument.body exception. -- Piotr Pawow

Foundstone Labs Advisory - Remotely Exploitable Buffer Overflow in PGP

Foundstone Labs Advisory - 090502-PCRO Advisory Name: Remotely Exploitable Buffer Overflow in PGP Release Date: September 5, 2002 Application: PGP Corporate Desktop 7.1.1 Platforms: Windows 2000/XP Severity: Remote code execution and plaintext passphrase disclosure

Rapid 7 Advisory R7-0005: ZMerge Insecure Default ACLs

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Rapid 7, Inc. Security Advisory Visit http://www.rapid7.com/ to download NeXpose(tm), our advanced vulnerability scanner. Linux and Windows

zero-width gif: exploit PoC for NS6.2.3 (fixed in 7.0) [Was: GIFsGood, Flash Executable Bad]

On Tue Sep 03 2002, Blue Boar wrote: This is one of my favorite vulnerabilities: http://online.securityfocus.com/bid/1503 It's an overflow in the JPEG handler in Netscape. I don't know of one for GIFs off the top of my head, but the same principle applies. If there's a viewer with a bug,

Veritas Backup Exec opens networks for NetBIOS based attacks?

Veritas Backup Exec opens networks for NetBIOS based attacks? By: Geoff Craig, Adrian Romo Company: Quilogy http://www.quilogy.com Currently, we are working with a customer that has moved to Active Directory and is using Backup Exec 8.5 to backup all servers and domain controllers from a

Re: Security side-effects of Word fields

In-Reply-To: [EMAIL PROTECTED] Hey, Woody, can this exploit parse environment variables? In WOW #7.42, you say the mitigating factor is that Alice has to know the precise name of the file she wants to retrieve, but your example of c:\Documents and Settings\Woody\Local

UPDATE: (Was Veritas Backup Exec opens networks for NetBIOS based attacks?)

Thanks to a few people who have sent later Veritas articles that show that there is RestrictAnonymous=1 support, but ONLY with version 8.6. Here are those articles for those who may be interested. http://seer.support.veritas.com/docs/238618.htm http://seer.support.veritas.com/docs/239739.htm

RE: Veritas Backup Exec opens networks for NetBIOS based attacks?

Check Document 239739, this was modified in version 8.6 http://seer.support.veritas.com/docs/239739.htm Snip Support for the Restrict Anonymous option was added to Backup Exec version 8.6. NOTE: Versions of Backup Exec prior to 8.6, do not support enabling Restrict Anonymous end Snip Regards,

Re: MSIEv6 % encoding - Konqueror 3.0.3 also vulnerable

On Fre, 06 Sep 2002, Piotr Paw?ow wrote: Test page for Konqueror is at: http://pp.siedziba.pl/2f/ This is actually not related to the % encoding problem in IE, but a general regression that was introduced in KDE 3.0.3 release. Below is the fix which has been tested and committed to CVS

[SECURITY] [DSA 162-1] New ethereal packages fix buffer overflow

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 162-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze September 6th, 2002

MDKSA-2002:054-1 - gaim update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mandrake Linux Security Update Advisory Package name: gaim Advisory ID:

Next-hop scanning for open firewall ports

Thinking about ways to figure out how to get through firewalls, the following attack occurred to me. The technique is similar to firewalking (Goldsmith) and to IP ID reverse scanning (Antirez). I call it next-hop scanning, because it operates by interrogating a router after the firewall, not the