[EMAIL PROTECTED] wrote:
An attacker who can convince an user to extract a specially crafted
archive can overwrite arbitrary files with the permissions of the user
running gtar. If that user is root, the attacker can overwrite any
file on the system.
Apparently, somebody at FreeBSD thinks "can
===
Ubuntu Security Notice USN-549-1 November 29, 2007
php5 vulnerabilities
CVE-2007-1285, CVE-2007-2872, CVE-2007-3799, CVE-2007-3998,
CVE-2007-4657, CVE-2007-4658, CVE-2007-4660, CVE-2007-4661,
CVE-2007-4662, CVE-2007-4670, CVE-200
On Thu, 29 Nov 2007 14:46:06 +0300, 3APA3A said:
> In order to exploit this vulnerability you need to force victim to run
> attacker-supplied BAT file. It's like forcing user to run
> attacker-supplied .sh script under Unix.
And oddly enough, the *very next mail* from Bugtraq sa
Asterisk Project Security Advisory - AST-2007-026
++
| Product| Asterisk|
|--+-|
Asterisk Project Security Advisory - AST-2007-025
++
| Product| Asterisk|
|--+-|
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory [ERRATA UPDATE]GLSA 200711-20:04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-07:10.gtar Security Advisory
The FreeBSD Project
Topic: g
IRM Security Advisory 025
TIBCO Rendezvous RVD Daemon Remote Memory Leak DoS
Vulnerability Type / Importance: Remote DoS / High
Problem Discovered: 16 April 2007
Vendor Contacted: 16 April 2007
Advisory Published: 29 November 2007
---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-07:09.random Security Advisory
The FreeBSD Project
Topic: R
Dear Rajesh Sethumadhavan,
In order to exploit this vulnerability you need to force victim to run
attacker-supplied BAT file. It's like forcing user to run
attacker-supplied .sh script under Unix. No vulnerability here, except
vulnerability in human. The second scenario is bet
We have found a security exploit in the latest APC firmware versions for there
switched rack PDU products. We have only tested this against the version listed
below on a AP7932 0u 30amp PDU.
Name: rpdu
Version:v3.5.5
Date: 07/18/2007
Time: 11:38:29
Name: aos
Version:
Digital Armaments November-December Hacking Challenge: Diffuse Client
Application
Challenge Pubblication 11.29.2007
http://www.digitalarmaments.com/challenge200711849505.html
I. Details
Digital Armaments officially announce the launch of November-December hacking
challenge.
The challenge
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1409-3 [EMAIL PROTECTED]
http://www.debian.org/security/ Steve Kemp
November 29, 2007
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01290398
Version: 1
HPSBUX02292 SSRT071499 rev.1 - HP-UX Running Apache, Remote Execution of
Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon
as p
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01218087
Version: 1
HPSBMA02283 SSRT071319 rev.1 - HP OpenView Network Node Manager (OV NNM),
Remote Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acte
15 matches
Mail list logo