===
=
Security Defence Stdio vulnerability announcement [001]
Riched20.DLL attribute label buffer overflow vulnerability
URL:http:\\www.yoursft.com
Author: Thrkdev
finds date#65306;2003#24180;2#26376;1#26085;
With the release of Honeyd 0.5 over the weekend, I am pleased to also
announce the first Honeyd challenge!
Honeyd is a virtual honeypot running as a small daemon to create
virtual hosts on a network. The hosts can be configured to run
arbitrary services, and their personality can be adapted so
NGSSoftware Insight Security Research Advisory
Name:Oracle unauthenticated remote system compromise
Systems Affected: All platforms; Oracle9i Database Release 2, 9i Release 1,
8i, 8.1.7, 8.0.6
Severity: Critical Risk
Category: Remote System Buffer Overrun
Vendor URL:
[immune advisory] Mulitple vulnerabilities found in BisonFTP
BisonFTP is a FTP daemon used on Microsoft Windows 9x/NT systems.
-[ DESCRIPTION ]
I)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - -
GENTOO LINUX SECURITY ANNOUNCEMENT 200302-05
- - -
PACKAGE : mailman
SUMMARY : cross site scripting
DATE
NGSSoftware Insight Security Research Advisory
Name:Oracle TO_TIMESTAMP_TZ Remote System Buffer Overrun
Systems Affected: All platforms; Oracle9i Database Release 2, 9i Release 1,
8i, 8.1.7, 8.0.6
Severity: High Risk
Category: Remote System Buffer Overrun
Vendor URL:
NGSSoftware Insight Security Research Advisory
Name:Oracle9i Application Server Format String Vulnerability
Systems Affected: All platforms; Oracle9i Application Server Release 9.0.2
Severity: Critical Risk
Category: Format String Vulnerability
Vendor URL:
NGSSoftware Insight Security Research Advisory
Name:Oracle TZ_OFFSET Remote System Buffer Overrun
Systems Affected: All platforms; Oracle9i Database Release 2, 9i Release 1,
8i, 8.1.7, 8.0.6
Severity: High Risk
Category: Remote System Buffer Overrun
Vendor URL:
NGSSoftware Insight Security Research Advisory
Name:Lotus Domino Web Server iNotes Overflow
Systems Affected: Release 6.0
Severity: Critical Risk
Category: Remote System Buffer Overrun
Vendor URL: http://www.lotus.com
Author: Mark Litchfield ([EMAIL PROTECTED])
Date:
NGSSoftware Insight Security Research Advisory
Name:Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability
Systems Affected: Release 6.0
Severity: Critical Risk
Category: Remote System Buffer Overrun
Vendor URL: http://www.lotus.com
Author: Mark Litchfield ([EMAIL
NGSSoftware Insight Security Research Advisory
Name:Lotus iNotes Client ActiveX Control Buffer Overrun
Systems Affected: Release 6.0
Severity: Medium Risk
Category: Remote System Buffer Overrun
Vendor URL: http://www.lotus.com
Author: Mark Litchfield ([EMAIL PROTECTED])
Date: 17th
NGSSoftware Insight Security Research Advisory
Name:ORACLE bfilename function buffer overflow vulnerability
Systems Affected: All platforms; Oracle9i Database Release 2, 9i Release 1,
8i, 8.1.7, 8.0.6
Severity: High Risk
Category: Remote System Buffer Overrun
Vendor URL:
Hi All,
Please note the following correction -
The Notes Client Up-Date can be found at
http://www14.software.ibm.com/webapp/download/search.jsp?q=cat=pf=k=dt=;
go=yrs=ESD-NOTECLNTiS_TACT=S_CMP=sb=r
The Domino Web Server Update can be found at
To: [EMAIL PROTECTED] [EMAIL PROTECTED]
[EMAIL PROTECTED] [EMAIL PROTECTED]
__
SCO Security Advisory
Subject:Linux: Apache mod_dav module format string vulnerability
Advisory
Hello.
I found the little mistake in my exploit source file, Sorry.
It is out of the Exploit routine. (about links of Version.lib)
And I attached the fixed version of it.
Now.
OperaSoftwareASA have not fixed this vulnerability, yet.
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - -
GENTOO LINUX SECURITY ANNOUNCEMENT 200302-06
- - -
PACKAGE : syslinux
SUMMARY : security issues in installer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - -
GENTOO LINUX SECURITY ANNOUNCEMENT 200302-07
- - -
PACKAGE : w3m
SUMMARY : missing HTML quoting
DATE:
/*
Title: /usr/bin/enq and /usr/bin/X11/aixterm exploit in AIX
Vulnerability found by Esa Etelavoun, iDEFFENSE
Author: green([EMAIL PROTECTED]), dragory([EMAIL PROTECTED])
Tested on AIX 4.3.3/RS6000
Reference: lsd-pl.net's exploit
Thanks to wowcode overhead team at
-BEGIN PGP SIGNED MESSAGE-
Mon Feb 17 15:26:06 EST 2003
1. Topic:
BitchX IRC Client
2. Relevant versions:
Vulnerable:
BitchX-75p3
BitchX-1.0c16
BitchX-1.0c19
BitchX-1.0c20cvs
Not Vulnerable:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
PHP Security Advisory: CGI vulnerability in PHP version 4.3.0
Issued on: February 17, 2003
Software: PHP/CGI version 4.3.0
Platforms: All
The PHP Group has learned of a serious security vulnerability in
the CGI SAPI of PHP version
20 matches
Mail list logo