CORE Security Technologies
http://www.corest.com
Vulnerability Report For Linksys Devices
Date Published: 2002-12-02
Last Update: 2002-12-02
Advisory ID: CORE-20021005
Bugtraq ID: None currently assigned.
CVE: None currently assigned.
Title: Remotely exploitable Buffer overflows and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mandrake Linux Security Update Advisory
Package name: WindowMaker
Advisory
We found the same vulnerabilty and reported to the vender on 9 Aug 2002.
Since the vender reported that this problem has been addressed, we have
decided to release this advisory after confirming the fix.
---
On 13 Nov 2002 19:39:12 -
Andrei Mikhailovsky [EMAIL PROTECTED] wrote:
Arhont
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Netfilter Core Team Security Advisory
Subject:
Local Netfilter / IPTables IP Queue PID Wrap Flaw
Released:
December 3, 2002.
Effects:
Under limited circumstances, an unprivileged local user may be able
Poisonous Style for Dialog window turns the zone off.
(that's all is the end of file if you are in a hurry)
[tested]
MSIEv6(CN version)
Patch: Q312461,Q328790(MS02-066)
{IEXPLORE.EXE file version: 6.0.2600.}
{MSHTML.DLL file version: 6.00.2600.}
[demo]
at
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=
topic: SquirrelMail v1.2.9 XSS bugs
product: SquirrelMail v1.2.9
vendor: www.squirrelmail.org
risk: low
date: 12/3/2k2
discovered by: euronymous /F0KP /HACKRU Team
advisory url: http://f0kp.iplus.ru/bz/008.txt
Hey guys,
A while back there was that directory traversal exploit for the Zeroo
webserver. (http://lonerunner.cfxweb.net)
Here is a proof of concept code, enjoy.
/*
* zeroo httpd remote directory traversal exploit
* proof of concept
* hehe, just a copy and paste from my other directory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 202-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
December 3rd, 2002
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Just an update on this.
Solution:
Upgrade to Linux kernels 2.4.20 (stable), and 2.5.32 (development).
Someone has pointed out that the recommended 2.4.20 kernel has an ext3
data corruption bug (which fortunately will not affect most users).
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mandrake Linux Security Update Advisory
Package name: pine
Advisory ID:
10 matches
Mail list logo