- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200612-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:227
http://www.mandriva.com/security/
___
###
Luigi Auriemma
Application: Winamp Web Interface
http://www.flippet.org/wawi/
Versions: <= 7.5.13
Platforms:Windows (Winamp plugin)
Bugs: A] buffer-overflow in Find
==
Secunia Research 08/12/2006
- AOL CDDBControl ActiveX Control "SetClientInfo()" Buffer Overflow -
==
Table of Co
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200612-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200612-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
Too many systems to itemize here rely on the 'unique ID' of an RFID
token to grant access to a system or building, and, in the case that
these tokens are based on 125kHz or 134.2kHz standard tags, many of them
may be vulnerable to relatively simple cloning attacks.
In a way this is nothing new
> List: bugtraq
> Subject:LS-20060908 - Computer Associates BrightStor
> ARCserve Backup
> From: advisories () lssec ! com
> Date: 2006-12-08 21:26:30
>
> LS-20060908
>
[...]
>
> Technical details:
>
> http://www.lssec.com/advisories.html
>
> LSsecurity - LS
Related to the newest MS Word 0-day
http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx
US-CERT Vulnerability Note VU#166700 released today lists the following new
technical detail:
"Microsoft Word fails to properly handle malformed data structures allowing memor
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200612-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
> List: bugtraq
> Subject:LS-20061001 - Computer Associates BrightStor
> ARCserve Backup
> From: advisories () lssec ! com
> Date: 2006-12-08 21:28:39
>
> LS-20061001
>
[...]
>
> Technical details:
>
> http://www.lssec.com/advisories.html
>
> LSsecurity - LSsec.c
One of the links in previous message was erroneous, because MSRC Blog hyperlink
pointed to the wrong URL.
Correction follows:
Microsoft has confirmed that it is a different vulnerability than this issue
reported earlier this week:
http://www.microsoft.com/technet/security/advisory/929433.mspx
==
Secunia Research 11/12/2006
- MailEnable IMAP Service Buffer Overflow Vulnerability -
==
Table of Contents
Affected Software..
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200612-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
Hackers Center Security Group (http://www.hackerscenter.com/)
Doz's Security Advisory
Desc: ShopSite Shopping Cart Multiple XSS
Risk: Medium
ShopSite is the easiest-to-use shopping cart software for small to medium-sized
businesses. ShopSite ecommerce shopping cart is one of the most user-frie
Several updates have been done to "Microsoft Word 0-day Vulnerability FAQ - December
2006, CVE-2006-5994" document during the weekend.
-added information about AV vendor protection
-added information about the state of Internet threat meters
-added several reference hyperlinks
-detailed informat
Hi guys.
This January a couple hundred people from the net-ops world, anti virus,
anti spam, law enforcement, etc. are getting together.
I'd appreciate if any of you can send me input (off list, if not relevant
to generate discussion) on what the security community at large, rather
than just the
New vulnerability in Microsoft Word has been reported.
More details available at SANS Internet Storm Center Diary:
http://isc.sans.org/diary.php?storyid=1925
Microsoft has confirmed that it is a different vulnerability than this issue
reported earlier this week:
http://www.microsoft.com/security
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200612-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory [ERRATA UPDATE]GLSA 200612-03:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
Background
--
Firefox is very popular and secure web browser. Until now, it is used by
millions of people and thousands of internet clubs. One of the great features of
Firefox are extensions. You can use them to create things inside your browser
which are beyond your imagination.
Overview
I'm pleased to announce a new release of RFIDIOt, the open source python
RFID library.
New in this version:
Read/Write Decode/Encode FDX-B (EM4x05 - ISO11784/5 'animal') tags
(to Q5 or Hitag2)
Read/Write Decode/Encode EM4x02 'Unique' tags (to Q5)
Updated GUI for e-passports
Full deta
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:226
http://www.mandriva.com/security/
___
The Web Application Security Consortium is proud to present 'MX Injection:
Capturing and Exploiting
Hidden Mail Servers' written by Vicente Aguilera Diaz of Internet Security
Auditors. In this article
Vicente discusses how an attacker can inject additional commands into an online
web mail appl
D-LINK DWL-2000AP+ with firmware version 2.11 is prone to two remote denial of
service vulnerability because it fails to handle arp flooding.
The first vuln causes the wireless link (802.11) to be resetted and the arp
table to be rebuilded. All clients connected to the AP are disconnected.
This
SUMMARY
Vulnerability found in: IBM WebSphere Host On-Demand (HOD)
Type: Unauthorized, remote access to HOD administration pages
Applies to: Version 6.0, 7.0, 8.0, and 9.0 (possibly 10.0)
Severity Level: High
Exploit Difficulty: Very Low
Initial Vendor Notification: approximately 11/3/2006
Discove
Just clearing stuff out before Christmas.
= ColdFusion MX7 - Multiple Vulnerabilities
=
= Vendor Website:
= http://www.Adobe.com
=
= Affected Software:
= ColdFusion MX7 (and possibly MX6)
=
= Public disclosure on Mond
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200612-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1233-1[EMAIL PROTECTED]
http://www.debian.org/security/ Dann Frazier
December 10th, 2006
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200612-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
30 matches
Mail list logo