===
Ubuntu Security Notice USN-410-2 January 25, 2007
tetex-bin vulnerability
CVE-2007-0104
===
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
This advi
rPath Security Advisory: 2007-0021-1
Published: 2007-01-25
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Remote Deterministic Denial of Service
Updated Versions:
bind=/[EMAIL PROTECTED]:devel//1/9.3.4-0.1-1
bind-utils=/[EMAIL PROTECTED]:devel//1/9.3.4-0.1-1
Refe
rPath Security Advisory: 2007-0020-1
Published: 2007-01-25
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Local Root Deterministic Privilege Escalation
Updated Versions:
rmake=/[EMAIL PROTECTED]:devel//1/1.0.3-2-0.1
References:
https://issues.rpath.com/browse/RPL
Source: http://securityreason.com/achievement_securityalert/44
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[PHP 5.2.0 safe_mode bypass (by Writing Mode)]
Author: Maksymilian Arciemowicz (SecurityReason)
Date:
- - Written: 02.12.2006
- - Public: 24.01.2007
SecurityAlert Id: 44
CVE: CVE-2007-044
Whoever this idiot "rixstep_pwnies" is, please get him off this list. I
am sick and tired of reading his rantings.
"Please use this list as the valuable resource we intend it to be."
Another Mac zealot who hides behind anonymity and still feels offended
when called out? Admittedly it is funny B
I - TITLE
Security advisory: Buffer overflow in VSAPI library of Trend Micro VirusWall
3.81 for Linux
II - SUMMARY
Description: Local buffer overflow vulnerability in VSAPI library allows
arbitrary code execution and leads to privilege escalation
Author: Sebastian Wolfgarten (sebastian at wol
A few days ago I sent a mail to the Dexia bank (www.dexia.lu) about
their
website.
They have two logins, one is for the online banking account and one
is for some
kind of members' area. The problem with the "members' login" was that
a) it was
not SSL encrypted and b) it used to send bad user
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200701-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Netragard, L.L.C Advisory* ***
ATMAIL-XRRF-ADVISORY-20061218
Strategic Reconnaissance Team
Title:
---
Earthlink TotalAccess ActiveX Unsafe Methods Vulnerability
Vendor Contacted:
---
now-ish.
Background Info:
---
Earthlink TotalAccess Download Site:
http://www.earthlink.net/software/free/totalaccess/highspeed/
Description:
--
[SNIP]
>
> Description:
> Previous versions of the wget package can crash if they contact a
> malicious FTP server. No further vulnerability is enabled by this
> minor flaw; system security is not threatened in any way.
>
Which might well be a good thing eh? Afterall, if
-=[ADVISORY---]=-
Siteman 2.0.x2
Author: CorryL[EMAIL PROTECTED]
-=[---]=-
-=[+] Appli
Hadn't seen this on here yet.
Lebbeous Weekley
- "Mark Andrews" <[EMAIL PROTECTED]> wrote:
> Internet Systems Consortium Security Advisory.
> BIND 9: dereferencing freed fetch context
> 12 January 2007
>
> Versions affected:
>
> BI
I would say that this would work:
http://addxorrol.blogspot.com/2007/01/one-of-most-amusing-new-features-of.html
It requires expensive software, BinNavi and IDA Pro Advanced, but
anyone equipped with those tools could do it.
I heard that parts of PaiMei work under BSD/Linux, and certainly GPF
and
Hello List(s),
An interesting evolution in the use of professional and social
networking sites as a means to build trust between a spammer /
phisher and their target seems to have recently (within the last
week) taken place on at least one professional networking site (which
shall go unnam
Just before I call Citrix support, anyone know if this exploit works on PS4
R01?
Citrix's own document suggests that R02 is the problem release, however my
guess is that it also works in R01 (as it effects XP and PS3 also, why
wouldnt R01 be affected?).
Cheers.
Col.
On Wed, 24 Jan 2007, Andre Gironda wrote:
> On 1/24/07, Gadi Evron <[EMAIL PROTECTED]> wrote:
> > How many OPK's are being released today.. anyone?
> >
>
> Ovulation Predictor Kits?
>
> OEM Preinstallation Kits?
One Packet Killers
>
> -dre
>
___
Fu
- Original Message -
From: "Andre Gironda" <[EMAIL PROTECTED]>
To: "Kevin Graham" <[EMAIL PROTECTED]>
Cc: ; ;
<[EMAIL PROTECTED]>
Sent: Wednesday, January 24, 2007 11:38 PM
Subject: Re: [c-nsp] Cisco Security Advisory: Crafted IP Option
Vulnerability
> I would say that this would work:
rPath Security Advisory: 2007-0019-1
Published: 2007-01-25
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Indirect User Deterministic Denial of Service
Updated Versions:
gtk=/[EMAIL PROTECTED]:devel//1/2.8.6-9.7-1
References:
http://www.cve.mitre.org/cgi-bin/cvena
19 matches
Mail list logo