David Mirza Ahmad
Symantec
0x26005712
8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12
-- Forwarded message --
Return-Path: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Received: (qmail 24024 invoked by alias); 21 Nov 2002 18:36:26 -
Delivered-To: [EMAIL
INetCop Security Advisory #2002-0x82-006
* Title: Remote Heap malloc/free multiple Overflow vulnerability in WSMP3.
0x01. Description
=-=-=-=-=-=-=-=-=
WSMP3d webserver or, is used by
Hi,
In MS02-066 Microsoft claim they've fixed several Cross Domain
Verification problems. Unfortunately, they are not really clear on
which vulnerabilities they fix.
Does anyone know which vulnerability was meant with this:
- Frames Cross Site Scripting: CVE-CAN-2002-1187
The CVE number is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDEFENSE Security Advisory 11.19.02b:
http://www.idefense.com/advisory/11.19.02b.txt
Eudora Script Execution Vulnerability
November 19, 2002
I. BACKGROUND
Qualcomm Inc.'s Eudora is a graphical e-mail client for Windows and
Macintosh. More
We would like to inform you about several security vulnerabilities in Java
Virtual Machine implementations that we have found during our research. These
vulnerabilities affect at least JVMs used in Netscape Communicator and Microsoft
Internet Explorer web browsers. Below you can find their brief
Product Information
acFreeProxy (aka acfp) is an HTTP/1.x proxy for Microsoft Windows
environments. It offers caching, and several other features, and has a
plug-in format designed for extensibility. A flaw in the product may allow
attackers to execute content across domains.
Description
The
acFTP is an open-source FTP daemon for Windows platforms
(http://www.sourceforge.net/projects/acftp) that offers more functionality
than many proprietary servers (including the MS FTP service). The
authentication code of acFTP contains a flaw -- specifically, the server
treats users as logged in
phpNuke Module Vulnerabilities Enable Identity Theft
Systems Affected: phpNuke 6.5b1 and prior (all operating systems)
Risk: High
Impact: Identity Theft/Impersonation/Privilege Elevation
Scenario: Cross-site scripting flaws enabling cookie theft
Description
phpNuke is a popular, and very
David Mirza Ahmad
Symantec
0x26005712
8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12
-BEGIN PGP SIGNED MESSAGE-
ISS X-Force Security Brief
November 25, 2002
Solaris fs.auto Remote Compromise Vulnerability
Synopsis:
ISS X-Force has discovered a vulnerability in the Sun
Informations :
°°
Website : http://webcreator.com02.com
Tested version : 0.1
Problem : Include file
PHP Code/Location :
°°°
news/include/customize.php :
--
?
$langfile = $l;
include $l;
?
--
index.php :
Title: NetScreen Security Alert 51897
Date: 25 November 2002
Description: Predictable TCP Initial Sequence Numbers
Impact: Circumvention of Defined Security Policies
Affected Products: All firewall/VPN appliances and systems
Affected Software Releases: ScreenOS 1.7, 2.6, 2.8, 3.0, 3.1, 4.0
11 matches
Mail list logo