[SECURITY] [DSA 238-1] New kdepim packages fix several vulnerabilities

2003-01-23 Thread Martin Schulze
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 238-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze January 23rd, 2003

SPRINT ADSL [Zyxel 645 Series Modem]

2003-01-23 Thread [EMAIL PROTECTED]
Thursday, January 23 2003 Sprint FastConnect[insert little registration r here]ADSL provides the Zyxel series of modem/routers to their customers. The problem is all these devices are factory set with default commonly known passwords and logins and include a little http, ftp and telnet

[CLA-2003:561] Conectiva Linux Security Announcement - cvs

2003-01-23 Thread secure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -- PACKAGE : cvs SUMMARY : Update: cvs remote double

IE chain vulnerability

2003-01-23 Thread Alex Loots
Hello list, I have a question regarding the IE certificate chain vulnerability reported in MS02-050. The patch that fixes this vulnerability results in strange behavior of IE when a connection attempt is being made to a website which uses a malicious certificate. I have set up a demo that uses a

SuSE Security Announcement: dhcp (SuSE-SA:2003:0006)

2003-01-23 Thread Thomas Biege
-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:dhcp Announcement-ID:SuSE-SA:2003:0006 Date: Monday, Jan

[SECURITY] [DSA 240-1] New kdegames packages fix several vulnerabilities

2003-01-23 Thread Martin Schulze
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 240-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze January 23rd, 2003

phpLinks mail() abuse Vulnerability

2003-01-23 Thread mindwarper
phpLinks mail() abuse Vulnerability ( By Mindwarper :: [EMAIL PROTECTED] :: ) --- --- -- Vendor Information: -- Homepage : http://www.destiney.com Vendor : Could not be informed (Host not found) Mailed advisory: 09/01/20 Vender Response : None

[security@slackware.com: [slackware-security] New DHCP packages available]

2003-01-23 Thread White Vampire
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Forwarded message from Slackware Security Team [EMAIL PROTECTED] - Return-Path: [EMAIL PROTECTED] Delivered-To: whitvamp@localhost Received: (qmail 6136 invoked from network); 20 Jan 2003 21:37:08 - Received: from localhost

Astaro Security Linux Firewall - HTTP Proxy vulnerability

2003-01-23 Thread Volker Tanger
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greetings! A quite well known (i.e. ancient) type of proxy vulnerability was found in the https proxy of Astaro Security Linux firewall (which is a chrooted yet plain squid btw.) This general problem has been known to be an issue with nearly all

MDKSA-2003:009 - Updated cvs packages fix multiple vulnerabilities

2003-01-23 Thread Mandrake Linux Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mandrake Linux Security Update Advisory Package name: cvs Advisory ID:

[CLA-2003:564] Conectiva Linux Security Announcement - libpng

2003-01-23 Thread secure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -- PACKAGE : libpng SUMMARY : Buffer overflow