--
__
Qualys Security Advisory QSA-2002-12-04
December 4th, 2002
Apache/Tomcat Denial Of Service And Information Leakage Vulnerability
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 204-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
December 5th, 2002
Following the release of the cumulative MS02-066 patch from the previous
week, Microsoft has released yet another cumulative patch for Internet
Explorer - MS02-068, which can be found at
http://www.microsoft.com/technet/security/bulletin/MS02-068.asp
The sole vulnerability that MS02-068 patches
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Circa 2002-12-02 10:03:20 -0800 dixit Muhammad Faisal Rauf Danka:
: CERT Advisory CA-2002-34 Buffer Overflow in Solaris X Window Font Service
:
:Original release date: November 25, 2002
:Last revised: --
:Source: CERT/CC
:
:A
INSERT ASCII BANNER AND ADVERTISING HERE
PRODUCT.
akfingerd (http://synflood.at/akfingerd/)
EXPLOIT-ID.
ECSC Ltd. Official K-R4d E-Security Advertisory.
KR4D-VULN-ID-0-000-000-000-000-000-000-000-001
IMPORTANT SOUNDING DESCRIPTION.
Akfingerd is a 'secure' finger server used by noone blah blah..
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Greetings!
A quite well known (i.e. ancient) type of proxy vulnerability was
found for TrendMicro's InterScan VirusWall V3.6 This general problem
has been known to be an issue with plain HTTP proxies like the Squid
for ages (e.g.
-BEGIN PGP SIGNED MESSAGE-
__
SGI Security Advisory
Title: BIND Name Server DNS Spoofing Vulnerability
Number : 20021203-01-A
Date : December 5, 2002
Reference: CERT
-BEGIN PGP SIGNED MESSAGE-
__
SGI Security Advisory
Title: Samba Security Vulnerability
Number : 20021204-01-I
Date : December 5, 2002
Reference: CVE CAN-2002-1318
Reference:
Hello :)
here is the code
html
body
form method=post name=search
action=http://target/search.php?mode=searchuser;
input type=hidden name=search_username value=/
/form
SCRIPT
Hello Euronymous,
On Monday, December 02, 2002, euronymous wrote...
topic: SquirrelMail v1.2.9 XSS bugs
product: SquirrelMail v1.2.9
vendor: www.squirrelmail.org
risk: low
date: 12/3/2k2
discovered by: euronymous /F0KP /HACKRU Team
advisory url: http://f0kp.iplus.ru/bz/008.txt
On October 15th, Redhat sent a post to BugTraq advising users of Xinetd
to upgrade to 2.3.9-0.xx
Their latest post (3rd December) advises people to upgrade to
2.3.7-4.xx
Can anyone from RedHat please comment on what people who have already
got 2.3.9 installed should do from here? Do we need to
Hello,
I've attached an exploit that will allow an attacker to gain remote
root access on Cobalt RaQ's which have the security hardening package
installed (SHP).
the official patch for this problem can be found here :
Hi everyone,
Hi.
I want to provide some additional information about the recently
discovered traceroute-ng flaw. I decided to disclose to details right
now because I do not believe that the flaw is easily exploitable.
1) The vulnerablilty.
The patch provided by vendors like SuSE is not
On 4 Dec 2002, Dan Rowles wrote:
On October 15th, Redhat sent a post to BugTraq advising users of Xinetd
to upgrade to 2.3.9-0.xx
Their latest post (3rd December) advises people to upgrade to
2.3.7-4.xx
Can anyone from RedHat please comment on what people who have already
got 2.3.9
Hello Seth,
Thanks for taking the time to comment about this issue.
1. As you may noticed, I used the term privileged users. Stopping
service is enabled for the members of the local power users as well, so
the problem range is wider.
2. I will sharpen my point: You are absolutely correct about
On Wed, Dec 04, 2002 at 04:40:29PM +0100,
Wana Thomas [EMAIL PROTECTED] is thought to have said:
Solution
Exim developers have been informed and a patch will be
ready shortly.
Philip Hazel, the author of Exim, released patches for 4.10 and 3.36 on the
exim-users list earlier
[Bugtraq moderator: Please approve this post rather than my previous one.
The archive link in that post munges the patches. Thanks]
On Wed, Dec 04, 2002 at 04:40:29PM +0100,
Wana Thomas [EMAIL PROTECTED] is thought to have said:
Solution
Exim developers have been informed and a
17 matches
Mail list logo