-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
GENTOO LINUX SECURITY ANNOUNCEMENT 200211-002
- -
PACKAGE : kgpg
SUMMARY : keys generated in wizard have an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have recently completed a white paper reviewing some of the tactics
used in 802.11 wireless LAN discovery applications including
NetStumbler, DStumbler and Wellenreiter.
Abstract:
Wireless LAN discovery through the use of applications such as
Rule #1: Never use timers in IE exploits. :)
When I was developing the exploit I noticed I had to add some delay (using
a timer) because the mk:@MSITStore:C: url was not loaded directly by IE.
If the timer was set to tight I would sometimes receive the error:
This operation can only function in
Multiple Vuln. in Hotfoon.com's Hotfoon4.exe dialer
Hotfoon.com is a popular provider of PC to Phone, PC
to PC Phone,Instant Messaging and Chat services. It's
services are accessed by using a client program,
Hotfoon4.exe(http://www.hotfoon.com/hotfoon4.exe),
which includes the dialer. This is
ezhttpbench.php
eZ httpbench version 1.1(http://developer.ez.no) -
benchmark tool for HTTP pages.
A security vulnerability in the product allows remote
attackers to download any file
on the local system that the eZ httpbench has read
access to.
Vulnerable systems:
eZ httpbench version 1.1
eZ
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
For Immediate Disclosure
== Summary ==
Security Alert: NOVL-2002-2963651
Title: iManager (eMFrame) Buffer Overflow
Date: 08-Oct-2002
Revision: Updates
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This email is in response to the BugTraq posting at
http://online.securityfocus.com/archive/1/299046
There are two issues in the original email which are addressed below.
1) The TCP stack on the PIX is non RFC compliant in responding to TCP packets
=
Advisory: Buffer Overflow in iSMTP Gateway
Software: iSMTP Gateway
Severity: Medium-High
Vendor: Incognito Systems http://www.incognito.com
Systems Affected: Banyan VINES
Version: 5.0.1, ?
Type of Vulnerability: Buffer Overflow
Discovered by: K.
This new HTTPOnly security feature would simply stop cookie hijacking
via document.cookie. Nothing else. Which is good, but important to know
the limitations and the risks.
Actually, the change is not in IE - it's lower-level in WinInet, which
IE uses. So any app that uses document.cookie, or,
I have been able to replicate this behavior by scanning the cable
modem's internal IP (192.168.100.1) on my Motorola Surfboard 3100 w/ the
following versions:
Software Version: SB3100-3.2.6-SCM-NOSHELL
Hardware Version: 2
MIB Version: II
GUI Version: 1.0
VxWorks Version: 5.3
Scanning the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 191-2 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 7th, 2002
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDEFENSE Security Advisory 11.11.02:
http://www.idefense.com/advisory/11.11.02.txt
Buffer Overflow in KDE resLISa
November 11, 2002
I. BACKGROUND
KDE is a popular open source graphical desktop environment for Unix
workstations. Its kdenetwork module
On Fri, 8 Nov 2002, Florian Weimer wrote:
Hi,
Sebastian Krahmer [EMAIL PROTECTED] writes:
The SuSE Security Team reviewed critical Perl modules, including
the Mail::Mailer package. This package contains a security hole
which allows remote attackers to execute arbitrary
Worked just fine on Windows NT SP6a + all OS fixes + IE 6.0 Gold.
Doesn't work on Windows 2000 SP3 + IE 6.0 SP1 + all fixes
Worked just fine on Windows XP SP1 + IE 6.0 SP1 + all fixes
Your mileage may vary, but it works on the latest OS/IE combination with all fixes.
Cheers,
Russ - Surgeon
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 193-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 11th, 2002
-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: New PHP packages fix vulnerability in mail function
Advisory ID: RHSA-2002:213-06
Issue date:2002-11-11
Updated on:2002-11-11
INetCop Security Advisory #2002-0x82-001
* Title: Multiple vulnerabilities in Tiny HTTPd.
0x01. Description
Tiny HTTP daemon is web server that do simple very.
Vulnerability and
Author: Magistrat
http://www.blocus-zone.com
magistratblocus-zone com
Date: 11/11/2002
Object: IMG bug in quizz module
risk: Medium-high
advisory url: http://www.blocus-zone.com/modules/news/article.php?storyid=180
-
After having
On Thu, 7 Nov 2002, Justin King wrote:
I would be very interested in major browsers supporting a dead tag with an
optional parameter to be a hash of the data between the opening and closing
dead tag. This tag would indicate that no live elements of HTML be
supported (e.g., JavaScript,
To: [EMAIL PROTECTED] [EMAIL PROTECTED]
[EMAIL PROTECTED] [EMAIL PROTECTED]
__
SCO Security Advisory
Subject:Linux: Preboot eXecution Environment (PXE) server
denial-of-service
20 matches
Mail list logo