-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - -
GENTOO LINUX SECURITY ANNOUNCEMENT 200303-18
- - -
PACKAGE : evolution
SUMMARY :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - -
GENTOO LINUX SECURITY ANNOUNCEMENT 200303-17
- - -
PACKAGE : kernel
SUMMARY : ptrace
-BEGIN PGP SIGNED MESSAGE-
__
SuSE Security Announcement
Package:ethereal
Announcement-ID:SuSE-SA:2003:019
Date: Friday,
-BEGIN PGP SIGNED MESSAGE-
__
SuSE Security Announcement
Package:file
Announcement-ID:SuSE-SA:2003:017
Date: Friday, Mar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 265-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
March 21st, 2003
##
Applications: Edonkey2000 (http://www.edonkey2000.com)
Overnet (http://www.overnet.com)
Versions: 0.45 and previous versions (only the GUI program)
Platforms:Windows only
Bug: The programs
-BEGIN PGP SIGNED MESSAGE-
__
SuSE Security Announcement
Package:qpopper
Announcement-ID:SuSE-SA:2003:018
Date: Friday,
The patch announced by Microsoft on the 17th March 2003 fixed a security
vulnerability in the core of the Windows 2000 operating system. This flaw
was actively being exploited through WebDAV requests to Microsoft's Internet
Information Server 5. It must be stressed that IIS was simply the attack
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
++
| EnGarde Secure Linux Security Advisory March 21, 2003 |
| http://www.engardelinux.org/ ESA-20030321-010
Has anyone tested these vulnerabilities on NG FP1 or are they strictly
related to FP3?
Eric Hines
-Original Message-
From: Dr. Peter Bieringer [mailto:[EMAIL PROTECTED]
Sent: Friday, March 21, 2003 6:47 AM
To: Maillist Bugtraq; Maillist full-disclosure
Subject: Check Point FW-1 NG FP3
Product : Guestbook tr3.a
Version : First
WebSite : http://www.planetmoon.net
Problem : Viewing passwords file
Description:
In this script passwords are in passwd.txt file
In Shrot, all who want see the passwords can make it.
Exploit:
Sorcerer Update Advisory
Tap Into the Source
Source Name:openssl-0.9.7a
Advisory ID:SORCERER2003-03-21-0
Date:
-
Red Hat Security Advisory
Synopsis: Updated Evolution packages fix multiple vulnerabilities
Advisory ID: RHSA-2003:108-01
Issue date:2003-03-21
Updated on:2003-03-21
Product:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
IRM Security Advisory No. 004
ActiveSync version 3.5 Denial of Service Vulnerability
Vulnerablity Type / Importance: Denial of Service / High
Problem discovered: November 26th 2002
Vendor contacted: November 26th 2002
Release Date: 2003-Mar-21
Package: stunnel
Versions: Stunnel 3.xx = 22
Stunnel 4.xx = 04
Problem type: Key discovery / Information Leakage
Exploit script:None publicly available
Severity: High
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-03:06.opensslSecurity Advisory
The FreeBSD Project
Topic:
Alright. I was just concerned because of the wording Checkpoint used on
their web site.
Prior to the release of NG FP3 HF2...
I'm going to assume they were referring to the HF2 portion of that, and not
FP3
Eric Hines
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL
The daemon was apparently only introduced since FP3
Hines, Eric
Introduction
Picture yourself as a win32 programmer, you were provided with local
administrator rights. You are in charge of developing NT system services,
i.e. applications that do not need opened session to be running. During the
debugging phase, you might need to stop your service prototype.
For $40 or $70, ProtWare's HTML Guardian (http://www.protware.com)
claims to encrypt html code and javascripts, [making] it impossible
to reuse them. Unfortunately, HTML Guardian does not do anything
more than to obfuscate the HTML source code. There is no encryption.
In fact, the JavaScript
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - -
GENTOO LINUX SECURITY ANNOUNCEMENT 200303-16
- - -
PACKAGE : rxvt
SUMMARY : dangerous
Sorcerer Update Advisory
Tap Into the Source
Source Name:mutt-1.4.1i
Advisory ID:SORCERER2003-03-19
Date:
Suresh Ramasubramanian [20/03/03 11:54 +0530]:
INetCop Security Advisory #2003-0x82-014.c
Exploit can succeed manufacturing user's cookie.
Your submission to bugtraq is pretty sketchy - there are no details, nor is
there any proof of concept / sample code.
Thanks to dong-h0un U
Product : SimpleChat!
Version : 1.3
WebSite : http://hot-things.net
Problem : Private info viewing
Description:
In a directory /data/ the file containing the information on users of a
chat lays (taking place in a chat at present), to which any interested
person can receive
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - -
GENTOO LINUX SECURITY ANNOUNCEMENT 200303-15
- - -
PACKAGE : openssl
SUMMARY : timing
Hi all,
interesting for all Check Point FW-1 NG users which have enabled the since
FP3 included syslog daemon.
Peter
(P) (C) 2003 AERAsec Network Services and Security GmbH
URLs:
http://www.aerasec.de/
http://www.aerasec.de/security/advisories/txt/
26 matches
Mail list logo
