-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 192-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 8th, 2002
In-Reply-To: <006001c28704$a3c1ef10$a600a8c0@LocalHost>
Doesnt work on my, yours or Andreas. I get a "This operation can only
function in HTML Help". Also i since i have debugging on, I get a line 0
permission denied error from IE.
location.replace('mk:@MSITStore:C:')
Only that line co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
secondmotion-SM-SA-02-03Security Advisory
=
Topic: RhinoSoft Serv-U FTP Anonymous Remo
I've noticed that when accessing Outlook web access (through https) and
opening word attachment the attachment remain in cache.
The cache is still here even after closing browser.
When accessing confidential documents from public computers this present
security risk.
Any way to prevent this cachi
These are some technical details about the security vulnerabilities I've
found in Microsoft's Java implementatation. They were reported to the
vendor mostly during August 2002. Microsoft no longer responds to my
inqueries and doesn't seem to react about these severe vulnerabilities
which affe
I would be very interested in major browsers supporting a tag with an
optional parameter to be a hash of the data between the opening and closing
dead tag. This tag would indicate that no "live" elements of HTML be
supported (e.g., JavaScript, VBScript, embed, object).
I know this has been sugge
Program: Postnuke Rogue release (0.72) (Latest).
HomePage: www.Postnuke.com/.org
Description:
PostNuke is a weblog/Content Management System (CMS). Whilst PostNuke is a fork of
PHP-Nuke, the entire core of the product has been replaced, making it far more secure
and stable, and able to work in
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=
topic: Zeus Admin Server v4.1r2 index.fcgi XSS bug
product: Zeus Admin Server v4.1r2 for linux/x86
vendor: http://www.zeus.co.uk
risk: very low (authorisation required)
date: 11/8/2k2
discovered by: euronymous /F0KP /HACKRU Team
advisory urls: http
Mark Litchfield writes:
>
> Does any one have or know of a security contact within www.real.com, as I
> have a serious issue to report. Tried the website, only have technical
> support and the web forms don't allow for much content.
At one of the BOF forums at LISA 2002, a representative from CE
Security Advisory 05.11.02:
Title : Cisco PIX SSH/telnet DOS vulnerability CSCdy51810
Reporter : Nils Reichen LANexpert SA
Affected software : PIX OS 6.2.2 (and probably old version)
Risk : High
Date : November 5, 2002
URL: Full description should be posted in few days on
http://www.gia
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
At Dienstag, 5. November 2002 23:13 Michael Howard wrote:
> During the Windows Security Push in Feb/Mar 2002, we noticed an
> 'interesting' anomaly with code to scrub passwords that looks like this:
>
> bool DoSensitiveStuff() {
> bool fOK = fals
-BEGIN PGP SIGNED MESSAGE-
__
SGI Security Advisory
Title: Potential Denial of Service Vulnerability in RPC-based libc
Number : 20021103-01-P
Date : November 7, 2002
Reference:
In-Reply-To: <1036008147.22818.31.camel@ryans>
I wasn't able to reproduce this on an SB4200 running SB4200-0.4.4.0-SCM06-
NOSH firmware. What version of NMAP are you using?
Also, when you said "Simply nmap'ing the cable user's IP address, ie:
># nmap -sS -p 1-1024 12.x.x.x", which IP addres
-BEGIN PGP SIGNED MESSAGE-
Hiya,
I was wondering if anyone could post a stack trace of this to me or to the group, as
it would be very useful in testing..
Thanks.
-BEGIN PGP SIGNATURE-
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/v
-BEGIN PGP SIGNED MESSAGE-
NetBSD Security Advisory 2002-024
=
Topic: IPFilter FTP proxy
Version:NetBSD-current: source prior to September 20, 2002
NetBSD 1.6: affected
Quoting [EMAIL PROTECTED]:
>In-Reply-To: <[EMAIL PROTECTED]>
>>>Possibly vulnerable, not tested, OEM Version from GlobalSunTech:
>>>D-Link DWL-900AP+ B1 version 2.1 and 2.2
>>The D-Link DWL-900AP+ B1 2.1 isn't affected.
> I'm sorry, this device IS vulnerable, I believe AL
* Tom Knienieder
| Possibly vulnerable, not tested, OEM Version from GlobalSunTech:
| D-Link DWL-900AP+ B1 version 2.1 and 2.2
2.2 seems vulnerable, but has different offsets.
sendto(3, "gstsearch", 9, 0, {sin_family=AF_INET,
sin_port=htons(27155),
sin_addr=inet_addr("2
During the Windows Security Push in Feb/Mar 2002, we noticed an
'interesting' anomaly with code to scrub passwords that looks like this:
bool DoSensitiveStuff() {
bool fOK = false;
const size_t cbPwd = 64;
char szPwd[cbPwd];
if (GetUserPassword(szPwd,cbPwd-1))
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 188-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 5th, 2002
On Fri, Nov 08, 2002 at 12:31:05AM -0800, Mark Litchfield wrote:
> Does any one have or know of a security contact within www.real.com, as I
> have a serious issue to report. Tried the website, only have technical
> support and the web forms don't allow for much content.
http://service.real.com/h
20 matches
Mail list logo