Hello all,
Today, Sun released an advisory (47815) about how the lockd can be used to
cause a DoS of NFS. However they did not provide any details about how the
lockd can be killed to trigger this. See
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F47815zone_32=category%3Asecurity
In-Reply-To: [EMAIL PROTECTED]
We have been unable to reproduce NSSI#8217;s findings using the information
they supplied. We communicated our inability to verify the test results
to NSSI and continue to test possible scenarios.
Bottom line:
1) The alleged behavior does not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 178-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
October 17th, 2002
Hi,
exist rumors about this exploit since 3 months. The archive aparently explores
an imperfection in the TCP Sync (i dont know details about problem). Due
to rumors, exist more two exploits for the problem (maybe fake).
Some forums like ByteRage's PRIVATE forum was dicussing it in private (it
is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
GENTOO LINUX SECURITY ANNOUNCEMENT 200210-003
- -
PACKAGE : ggv
SUMMARY : buffer overflow
EXPLOIT : local
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 177-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
October 17th, 2002
NGSSoftware Insight Security Research Advisory
Name: Microsoft SQL Server Webtasks privilege elevation
Systems: Microsoft SQL Server 2000 and 7
Severity: High Risk
Vendor URL: http://www.microsoft.com/
Author: David Litchfield ([EMAIL PROTECTED])
Advisory URL:
In-Reply-To: [EMAIL PROTECTED]
From: Peter Pentchev ([EMAIL PROTECTED])
Subject: Re: *BSD remote kernel-level (TCP/IP stack)
vulnerability! - ABFrag.c
Newsgroups: fa.freebsd.bugs
Date: 2002-09-23 07:04:01 PST
On Sun, Sep 22, 2002 at 03:51:54PM +0300,
[EMAIL PROTECTED] wrote:
Hello,
Can any one enlighten me on this statement in the PGP Corporation Beta
License Agreement?
YOU HEREBY EXPRESSLY CONSENT TO PGP'S PROCESSING OF YOUR PERSONAL DATA
(WHICH MAY BE COLLECTED BY PGP OR ITS DISTRIBUTORS) ACCORDING TO PGP'S
CURRENT PRIVACY POLICY.
This is one of those touchy
On Thu, Oct 17, 2002 at 05:50:10AM +0800, Zero-X ScriptKiddy wrote:
The file phptonuke.php from myphpnuke allows Remote File Retrieving.
Exploit Example:
http://website.com/phptonuke.php?filnavn=/etc/passwd
This is not really a specific vulnerability in the application, but a more
general
-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: New kernel fixes local security issues
Advisory ID: RHSA-2002:206-12
Issue date:2002-09-23
Updated on:2002-10-15
Product:
-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: New kernel fixes local security issues
Advisory ID: RHSA-2002:205-15
Issue date:2002-09-20
Updated on:2002-10-15
Product:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Trustix Secure Linux Security Advisory #2002-0068
Package name: kernel
Summary: New upstream version
Date: 2002-10-17
Affected versions: TSL 1.1,
-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: New kernel 2.2 packages fix local vulnerabilities
Advisory ID: RHSA-2002:210-06
Issue date:2002-09-23
Updated on:2002-10-10
In-Reply-To: [EMAIL PROTECTED]
We've determined that the dynamic initialization feature of the ClearPath
MCP environment is contributing to the high processor utilization and
excessive log entries. To solve this, the customer can either disable the
dynamic initialization feature for those
Le jeu 17/10/2002 à 22:55, huang po a écrit :
Even if it were true, it would be very much more harder to write so
that it would affect *different* OS's: the differences in the TCP
stacks are not that large, but significant for at least this purpose.
I completly agree this point.
For now, only
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Trustix Secure Linux Security Advisory #2002-0069
Package name: apache
Summary: New upstram version
Date: 2002-10-17
Affected versions: TSL 1.1,
Hello,
if you read the introduction, PGP means the company, the program is
,,SOFTWARE'' in the agreement. So your personal data means the
personal data, you will provide to the PGP company, not that one,
that you give to the SOFTWARE. So it's quite clear, what's your
personal data.
On Wed, 16 Oct 2002, Mike Scher wrote:
1) The accounts (manuf and diag) are clearly present in the config and
easily seen with 'show running-conf' or 'show startup-conf'
They are also documented in the Cajun guides, usually they just say 'don't
touch these accounts'
2) They are system
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Oct 17, 2002 at 07:44:29PM +0200, Martin Schulze wrote:
Package: pam
Vulnerability : serious security violation
Problem-Type : remote
Debian-specific: no
Distributions : unstable only
Paul Aurich and
Samuele Giovanni
20 matches
Mail list logo