[ MDVSA-2008:234 ] kernel

2008-11-22 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:234 http://www.mandriva.com/security/

Adobe Flash Multiple Vulnerabilities

2008-11-22 Thread iSEC Partners
iSEC Partners Security Advisory - 2008-01-flash Adobe Flash Multiple Vulnerabilities Vendor: Adobe, Inc. Vendor URL: http://www.adobe.com Versions affected: Flash Player 9.0.124.0 and earlier, AIR 1.1, Flash CS4 Professional, Flash CS3 Profess

[SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack

2008-11-22 Thread svrt
Vulnerability in WireShark 1.0.4 for DoS Attack 1. General Information On Nov 2008, Security Vulnerability Research Team of Bkis (SVRT-Bkis) has detected a vulnerability underlying WireShark 1.0.4 (lastest version). The flaw is in the function processing SMTP protocol and enables hacker to perf

Re: Re: MS Internet Explorer 7 Denial Of Service Exploit

2008-11-22 Thread craig
On Konqueror 3.5.9, what happens is that this childish code builds a huge string, eats memory, causes swapping, and finally blows away Konq. Linux and X and everything else stay up and recover nicely. (Gentoo/AMD64X2/3G mem) This isn't an exploit -- at least not on Linux -- it's just kiddie st

[SECURITY] [DSA 1668-1] New hf packages fix execution of arbitrary code

2008-11-22 Thread Steve Kemp
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1668-1 [EMAIL PROTECTED] http://www.debian.org/security/ Steve Kemp November 22, 2008

rPSA-2008-0324-1 gvim vim vim-minimal

2008-11-22 Thread rPath Update Announcements
rPath Security Advisory: 2008-0324-1 Published: 2008-11-22 Products: rPath Appliance Platform Linux Service 1 rPath Appliance Platform Linux Service 2 rPath Linux 1 rPath Linux 2 Rating: Minor Exposure Level Classification: Indirect User Deterministic Unauthorized Access Update

rPSA-2008-0327-1 httpd mod_ssl

2008-11-22 Thread rPath Update Announcements
rPath Security Advisory: 2008-0327-1 Published: 2008-11-22 Products: rPath Appliance Platform Linux Service 2 rPath Linux 2 Rating: Minor Exposure Level Classification: Indirect User Deterministic Weakness Updated Versions: [EMAIL PROTECTED]:2/2.2.9-2-0.1 [EMAIL PROTECTED]:2/2.

rPSA-2008-0328-1 httpd mod_ssl

2008-11-22 Thread rPath Update Announcements
rPath Security Advisory: 2008-0328-1 Published: 2008-11-22 Products: rPath Appliance Platform Linux Service 1 rPath Linux 1 Rating: Minor Exposure Level Classification: Remote Deterministic Denial of Service Updated Versions: [EMAIL PROTECTED]:1/2.0.63-0.4-1 [EMAIL PROTECTED]:1

Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability

2008-11-22 Thread zimpel
Please remove this wrong report (no crash happens as reported and Pi3Web version 2.013 doesn't exist at all!!!) and inform all sites copying information from your site about the removal. I am very disapointed about the fact, that such reports are published without contacting software vendors