[RHSA-2002:262-07] New kernel fixes local denial of service issue

- Red Hat, Inc. Red Hat Security Advisory Synopsis: New kernel fixes local denial of service issue Advisory ID: RHSA-2002:262-07 Issue date:2002-09-23 Updated on:2002-11-16

NBActiveX Sure ActiveX Big Vulnerability

*** Lorenzo Hernandez garcia-hierro Webmaster of LORENZOHGH.COM LHGHPRODS PROGRAMACIÓN TIENDA ONLINE. *** NBActiveX Sure ActiveX New Vulnerability Dear firends, INTODUCTION This vulnerability is an important failure because the malicious

[SECURITY] [DSA 197-1] New sqwebmail packages fix local information exposure

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 197-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze November 15th, 2002

Re: Bind 8 bug experience

There is an alternative to this insanity. It's called djbdns, and it is proven secure, and proven reliable. I've been using it in production for a year now, and performance has been flawless. Thousands of other administrators will offer the same assessment. BIND is a security mess - that's an

bind 8 info update regarding ISS

Upfront, Like to recognize that ISS has been doing a great job at finding very critical but obscure vulnerabilities in popular services. I'm guessing that there has been alot of other security experts that have audited the source code of Bind, SSH, etc and overlooked the discrepencies that ISS

patch for named buffer overflow now available (fwd)

-- Forwarded message -- Date: Thu, 14 Nov 2002 19:12:41 -0700 From: Todd C. Miller [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: patch for named buffer overflow now available A patch for the named buffer overflow is now available. The bug could allow an attacker to execute

Re: When scrubbing secrets in memory doesn't work

On Thu, Nov 14, 2002 at 02:44:58AM -0800, Michael Wojcik composed: Scrubbing is clearly no more than a best-effort attempt to make it more difficult to retrieve sensitive data from memory. I think it's of dubious value, frankly, and this thread has probably prompted more discussion than it

[tcpdump-announce] initial comments on trojan attack (fwd)

-- Forwarded message -- Date: Fri, 15 Nov 2002 19:40:47 -0500 From: Michael Richardson [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [tcpdump-announce] initial comments on trojan attack -BEGIN PGP SIGNED MESSAGE- 1) the machine hosting

MailEnable POP3 Server remote shutdown !:/ -newest ~ (and previous) bufferoverflow-

(My first post, please bare with me.) -/\-About.-/\- I found this problem auditing a webserver, it’s a standard bufferoverflow i guess, but i am not sure how to find all the technical information but if anyone knows what to do i would like to know, if some one have the time to send a

TFTPD32 Buffer Overflow Vulnerability (Long filename)

Advisory available at: http://www.securiteam.com/windowsntfocus/6C00C2061A.html TFTPD32 Buffer Overflow Vulnerability (Long filename) --- SUMMARY http://tftpd32.jounin.net TFTPD32 is a Freeware TFTP server for Windows 9x/NT/XP. It provides

Re: When scrubbing secrets in memory doesn't work

Richard Moore [EMAIL PROTECTED] writes: It's worth noting that on systems such as linux and solaris, it is easy to avoid the paging problem by locking the process into memory. Locking into memory does NOT mean avoid paging. AFAIK, there are operating systems in which memory which has been

[CLA-2002:549] Conectiva Linux Security Announcement - dhcpcd

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -- PACKAGE : dhcpcd SUMMARY : Characters expansion