Local root vulnerability found in exim 4.x (and 3.x)

Overview A local root vulnerability has been discovered in Exim 4.x (4.10 verified and exploit available) and in Exim 3.x (3.35 verified). Impact -- The vulnerability can only be exploited by the admin user of exim, who is determined by compiled-in values. Thus the RISK of this

SAP database local root via symlink

Hey folks, During an evaluation of the SAP database for linux I located a security issue in one of their suid binaries. This issue is a symlink attack against a binary that makes an execve call to a file in your current directory. The details of this issue are outlined below. You should be

[SECURITY] [DSA 203-1] New smb2www packages fix arbitrary command execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 203-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze December 4th, 2002

[CLA-2002:551] Conectiva Linux Security Announcement - pine

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -- PACKAGE : pine SUMMARY : Denial of Service (DoS) DATE

Windows XP Disclosure of Registered AP Information

-- SNS Advisory No.60 Windows XP Disclosure of Registered AP Information Problem first discovered: 30 Aug 2002 Published: 4 Dec 2002 http://www.lac.co.jp/security/english/snsadv_e/60_e.html

[RHSA-2002:220-40] Updated KDE packages fix security issues

- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated KDE packages fix security issues Advisory ID: RHSA-2002:220-40 Issue date:2002-11-27 Updated on:2002-12-04 Product:

[RHSA-2002:254-05] Updated Webalizer packages fix vulnerability

- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated Webalizer packages fix vulnerability Advisory ID: RHSA-2002:254-05 Issue date:2002-12-04 Updated on:2002-12-04 Product:

Buffer Overflow Vulnerability in X Font Server on IRIX

-BEGIN PGP SIGNED MESSAGE- __ SGI Security Advisory Title: Buffer Overflow Vulnerability in X Font Server Number : 20021202-01-I Date : December 4, 2002 Reference: CERT

Multiple Vulnerabilities in BIND Name Service Daemon on IRIX

-BEGIN PGP SIGNED MESSAGE- __ SGI Security Advisory Title: Multiple Vulnerabilities in BIND Name Service Daemon Number : 20021201-01-P Date : December 4, 2002 Reference: CERT

Sygate Personal Firewall can be shut down without a need to supply a password - although one is required

Tested and affected software: Sygate Personal Firewall 5.0 build 1150s (The free version) installed on Windows XP Pro with SP1 Summary: Sygate personal firewall has an option to ask for a password before entering various sections of the application or making some actions (like moving between

Security Update: [CSSA-2002-054.0] Linux: exploitable memory leak in ypserv

To: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] __ SCO Security Advisory Subject:Linux: exploitable memory leak in ypserv Advisory number:

Security Update: [CSSA-2002-055.0] Linux: RPC XDR buffer overflow

To: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] __ SCO Security Advisory Subject:Linux: RPC XDR buffer overflow Advisory number: