Novell Security contact address change

using the addresses [EMAIL PROTECTED] or [EMAIL PROTECTED], your request will be in good hands, and you should expect a prompt response. Kind regards, Roman Drahtmueller. - - | Roman Drahtmüller <[EMAIL PROTECTED]> /

Re: Novell Client login form enables reading and writing from and to the clipboard of the logged-in user

> Suggested Risk Level: Low. > > Type of Risk: Information Leakage, Information Injection, Unauthorized > Access. > > Affected Software: Novell Client for Windows, versions 4.9 and 4.8 (On > windows XP Pro and Windows 2000 Workstation). > This versions are the only one tested, thus other versio

SuSE Security Announcement: wuftpd (SuSE-SA:2003:032)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:wuftpd Announcement-ID:SuSE-SA:2003:032 Date: Thursday, J

SuSE Security Announcement: kernel (SuSE-SA:2003:021)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:kernel Announcement-ID:SuSE-SA:2003:021 Date: Tuesday, Ma

SuSE Security Announcement: sendmail (SuSE-SA:2003:013)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:sendmail, sendmail-tls Announcement-ID:SuSE-SA:2003:013 Date:

SuSE Security Announcement: openssl (SuSE-SA:2003:011)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:openssl Announcement-ID:SuSE-SA:2003:011 Date: Wednesday,

Re: Local root vuln in SuSE 8.0 plptools package

Also hi, > > Hi, > > There is a vulnerability in the plptools (Psion tools) package of SuSE 8.0 > (possibly others; this has not been researched). > > Please see attached advisory for more details. > > Regards, > Carl SuSE Security would like to thank Carl Livitt for his early notice to us on tha

SuSE Security Announcement: samba (SuSE-SA:2002:045)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:samba Announcement-ID:SuSE-SA:2002:045 Date: Wednesday, N

SuSE Security Announcement: mod_ssl, mm (SuSE-SA:2002:028)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:mod_ssl, mm Announcement-ID:SuSE-SA:2002:028 Date: Wedne

SuSE Security Announcement: openssl (SuSE-SA:2002:027)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:openssl Announcement-ID:SuSE-SA:2002:027 Date: Tuesday,

SuSE Security Announcement: squid (SuSE-SA:2002:025)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:squid Announcement-ID:SuSE-SA:2002:025 Date: Tuesday, Ju

SuSE Security Announcement: openssh (SuSE-SA:2002:024)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:openssh Announcement-ID:SuSE-SA:2002:024 Date: Tuesday,

SuSE Security Announcement: bind9/bind9-beta (SuSE-SA:2002:021)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:bind9, bind9-beta Announcement-ID:SuSE-SA:2002:021 Date:

Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0

> From: Stephanie Thomas <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Date: Fri, 20 Jul 2001 17:34:02 -0700 > Subject: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 [...] > PLATFORMS IMPACTED: > > Red Hat Linux 6.1 thru 7.1 > Solaris 2.6 thru 2.8 > HP-UX 10.20 > HP-UX 11.00 > Caldera Linux

Re: xdm cookies fast brute force

> > Current versions of xdm are sensitive to trivial brute force attack if > it is compiled with bad options, mainly HasXdmXauth. > > Without this option, cookie is generated from gettimeofday(2). If you > know starting time of xdm login session, computation of the coookie > just takes a few seco

SuSE Security Announcement: samba (SuSE-SA:2001:021)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:samba Announcement-ID:SuSE-SA:2001:021 Date: Friday, Jun

Re: pmpost - another nice symlink follower

Hi Paul, > From: Paul Starzetz <[EMAIL PROTECTED]> > To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> > Date: Mon, 18 Jun 2001 19:11:20 +0200 > Subject: pmpost - another nice symlink follower > > Hi, > > there is a symlink handling problem in the pcp suite from SGI. The > binary pmpost will follow sym

Re: Qpopper 4.0.3 **** Fixes Buffer Overflow **** (fwd)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > > Qpopper 4.0.3 is available at > . > > > 4.0.3 FIXES A BUFFER OVERFLOW PRESENT IN ALL VERSIONS OF 4.0 -- > PLEASE UPGRADE IMMEDIATELY *** We hope that this information is accurate. Version 4

SuSE Security Announcement: gpg/GnuPG (SuSE-SA:2001:020)

= SuSE's security contact is <[EMAIL PROTECTED]>. The <[EMAIL PROTECTED]> public key is listed below. === Regards, Roman Drahtmueller <[EMAIL PROTECTED]>. -

SuSE Security Announcement: man (SuSE-SA:2001:019)

<[EMAIL PROTECTED]> respectively. === SuSE's security contact is <[EMAIL PROTECTED]>. The <[EMAIL PROTECTED]> public key is listed below. === Regards, Ro

Re: dqs 3.2.7 local root exploit.

> DESCRIPTION: > I found a buffer overflow vunerability on the > /usr/bin/dsh (dqs 3.2.7 > package). > > I really don't know if this bug was discovered > already. if thats right, > then sorry =). No, this is yet unknown to [EMAIL PROTECTED] > If a long line on the first argument is gived, the >

SuSE Security Announcement: kernel (SuSE-SA:2001:18)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:kernel Announcement-ID:SuSE-SA:2001:18 Date: Thursday, M

SuSE Security Announcement: cron (SuSE-SA:2001:17)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:cron-3.0.1-296 Announcement-ID:SuSE-SA:2001:17 (resent) Date:

SuSE Security Announcement: xntp (SuSE-SA:2001:10)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:xntp Announcement-ID:SuSE-SA:2001:10 Date: Monday, April

Kernel Backdoor (April Fool's joke)

-BEGIN PGP SIGNED MESSAGE- To those involved in Linux security: The latest release of "Linux-Magazin", a monthly German magazine that focuses on Linux, contains an article by Mirko Dölle about security problems in the Linux kernel. In particular, the article argues that IP packets could

SuSE Security Announcement: ssh (SuSE-SA:2001:04)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:ssh Announcement-ID:SuSE-SA:2001:04 Date: Friday, Februa

Re: SuSe / Debian man package format string vulnerability

> > styx@SuxOS-devel:~$ man -l %n%n%n%n > > man: Segmentation fault > > styx@SuxOS-devel:~$ > > > > This was on my Debian 2.2 potato system (It doesn't dump core though). > Just for the record: > on a lot of systems (including Debian), 'man' is not suid/sgid anything, and > this doesn't impose a s

Re: SuSe / Debian man package format string vulnerability

> > Hi, > > This issue has been discussed in vuln-dev (2001-01-26), see: > http://www.securityfocus.com/templates/archive.pike?end=2001-01-27&tid=15872 > 4&fromthread=0&start=2001-01-21&threads=1&list=82& > > Posted also on suse security list, and aparently overlooked. Yes, it was overread on [EM

SuSE Security Announcement: bind8 (SuSE-SA:2001:03)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:bind8 Announcement-ID:SuSE-SA:2001:03 Date: Tuesday, Jan

SuSE Security Announcement: shlibs/glibc (SuSE-SA:2001:01)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:glibc (shlibs) Announcement-ID:SuSE-SA:2001:01 Date: Fri

Re: Serious security flaw in SuSE rctab

On Sat, 13 Jan 2001, Paul Starzetz wrote: > From: Paul Starzetz <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Date: Sat, 13 Jan 2001 19:15:51 +0100 > Subject: Serious security flaw in SuSE rctab > > Hi @ll, > > it seems that the problem described below has not been discussed on > Bugtraq. Does