NSOADV-2009-001: Symantec ConsoleUtilities ActiveX Control Buffer Overflow

_ Security Advisory NSOADV-2009-001 _ _ Title: Symantec ConsoleUtilities ActiveX Control Buffer Overflow Severity: C

Re: /proc filesystem allows bypassing directory permissions on

On Mon 2009-11-02 18:53:19, Martin Rex wrote: > Jim Paris wrote: > > > > > Therefor it's totally of no influence what you do with the original > > > directory permission. File access has nothing to do with directory > > > permissions...! > > > > Right. However the whole point of this discussion

Re: /proc filesystem allows bypassing directory permissions on

Jim Paris wrote: > > > Therefor it's totally of no influence what you do with the original > > directory permission. File access has nothing to do with directory > > permissions...! > > Right. However the whole point of this discussion is that that is a > non-obvious point, there was no other wa

Re: {PRL} Multiple Panda Security Products Local Privilege Escalation Vulnerability

Dear Protek Research Lab, I have a deja-vu. http://securityvulns.ru/Odocument175.html Same problem existed since 2006. With same reaction (total ignorance) from Panda developers. --Saturday, October 31, 2009, 5:24:38 PM, you wrote to bugtraq@securityfocus.com: PRL> ###

[SECURITY] [DSA 1925-1] New proftpd-dfsg packages fix SSL certificate verification weakness

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1925-1 secur...@debian.org http://www.debian.org/security/ Steffen Joeris October 31, 2009

[USN-853-1] Firefox and Xulrunner vulnerabilities

=== Ubuntu Security Notice USN-853-1 October 31, 2009 firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1 vulnerabilities CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3371, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, C

[SECURITY] [DSA 1924-1] New mahara packages fix several vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1924-1 secur...@debian.org http://www.debian.org/security/ Steffen Joeris October 31, 2009

ACROS Security: HTML Injection in Oracle WebLogic Server Console (ASPR #2009-10-30-1)

=[BEGIN-ACROS-REPORT]= PUBLIC = ACROS Security Problem Report #2009-10-30-1 - ASPR #2009-10-30-1: HTML Injection in Oracle WebLogic Server Consol

Reminder for DeepSec 2009 Conference

== DeepSec In-Depth Security Conference 2009 "TripleSec" == This is a reminder for the third DeepSec conference, taking place between 17th and 20th November at the Imperial Riding School Renaissance Hotel. == Schedule == The schedule of all presentations can be found on our web site: https://dee

Re: TwonkyMedia Server Multiple Cross-Site Scripting Vulnerabilities

I'm Product Manager for the company that makes TwonkyMedia software. According to our lead developer, this issue has already been addressed on our next release. - Rick

{PRL} Multiple Panda Security Products Local Privilege Escalation Vulnerability

# Application:  Panda Global Protection 2010           Panda Internet Security 2010                Platforms:    Windows XP Professional SP & windows Vista SP1 Exploitation: Local Privilege Escalation Date: