prev · 12.02.2008 · next 
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | ||
[SECURITY] [DSA 1495-1] New nagios-plugins packages fix several vulnerabilities
( 647 days 15 hours ago)
- Debian Security Advisory DSA-1495-1 securityatdebian.org Moritz Muehlenhoff February 12, 2008 - Package : nagios-plugins Vulnerability : buffer overflows Problem type : remote Debian-specific: no CVE Id(s) : CVE-2007-5198 CVE-2007-5623 Several local/remote vulnerabilities have been discovered in two of ...
Hackers camouflage 100% of Web attacks, IBM researcher says
( 647 days 19 hours ago)
Hackers have grown more adept at hiding browser exploits, virtually all of which are now designed to evade detection by security software, according to IBM's X-Force research team.
[ GLSA 200802-06 ] scponly: Multiple vulnerabilities
( 647 days 21 hours ago)
- Gentoo Linux Security Advisory GLSA 200802-06 - - Severity: Normal Title: scponly: Multiple vulnerabilities Date: February 12, 2008 Bugs: #201726, #203099 ID: 200802-06 - Synopsis Multiple vulnerabilities in scponly allow authenticated users to bypass security restrictions. Background ...
[ GLSA 200802-05 ] Gnumeric: User-assisted execution of arbitrary code
( 647 days 21 hours ago)
- Gentoo Linux Security Advisory GLSA 200802-05 - - Severity: Normal Title: Gnumeric: User-assisted execution of arbitrary code Date: February 12, 2008 Bugs: #208356 ID: 200802-05 - Synopsis Several integer overflow vulnerabilities have been reported in ...
Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0
( 647 days 21 hours ago)
jfvanmeteratcomcast.net wrote: # Yes I got the files from there. You can see the changing of the version from the Version tab in the properties of the executables. The version change from 7.4.0.0 for Protection and 1.0.3.0 for the Keys server to 7.4.1.0 and 1.0.4.0. Luigi Auriemma
Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0
( 647 days 21 hours ago)
Were did you get version SafeNet Sentinel Protection and Key Server 7.4.1.0? All i see on the website is 7.4.0, and after I install the patch and reboot, it still shows as version 7.4.0. # Thanks --John Original message From: Luigi Auriemma net wrote: ...
Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0
( 647 days 21 hours ago)
jfvanmeteratcomcast.net wrote: > Interresting, how are you running the Get command? Is safenet > installed on a workstation or server? Here I have Windows XP Pro SP2. All the tests have been made using the raw GET request as I reported in ...
Directory traversal and DoS in WinIPDS G52-33-021
( 647 days 21 hours ago)
Luigi Auriemma Application: Intermate WinIPDS Versions: <= Release 3.3 Revision G52-33-021 Platforms: Windows Bugs: A] directory traversal in web administration B] Denial of Service versus the IPDS port Exploitation: remote Date: 12 Feb 2008 Author: Luigi Auriemma e-mail: aluigiatautistici.org web: aluigi.org 1) Introduction ...
Cacti 0.8.7a Multiple Vulnerabilities
( 647 days 21 hours ago)
Cacti 0.8.7a Multiple Vulnerabilities Name Multiple Vulnerabilities in Cacti Systems Affected Cacti 0.8.7a and possibly earlier versions Severity High Impact (CVSSv2) High (9/10, vector: AV:N/AC:L/Au:N/C:C/I:P/A:P) Vendor Advisory Author Francesco "ascii" Ongaro (ascii AT ush DOT it) ...
LI-countdown SQL Injection Vulnerability
( 647 days 21 hours ago)
Summary Vendor: LI-Scripts Vendor's Web Site: Software: LI-countdown Sowtware's Web Site: Critical Level: Moderate Type: SQL Injection Class: Remote Status: Unpatched PoC/Exploit: Not Available Solution: Not Available Discovered by: Description 1. SQL Injection. Vulnerable script: countdown.php Parameter 'years' is not properly sanitized before being used in SQL ...
cacti -- Multiple security vulnerabilities have been discovered
( 647 days 21 hours ago)
Affected packages: cacti < 0.8.7b Multiple security vulnerabilities have been discovered in Cacti's web interface: * XSS vulnerabilities * Path disclosure vulnerabilities * SQL injection vulnerabilities * HTTP response splitting vulnerabilities References: -- Mario Sergio Candian - Live your dreams and face your fears
FLEA-2008-0007-1 gd
( 647 days 21 hours ago)
Foresight Linux Essential Advisory: 2008-0007-1 Published: 2008-02-11 Rating: Trivial Updated Versions: gd=/conary.rpath.comatrpl:devel//1/2.0.33-4.6-1 group-dist=/foresight.rpath.orgatfl:1-devel//1/1.4.2-0.7-3 References: Description: Previous versions of the gd package are vulnerable to a possible Arbitrary Code Execution attack in which an attacker may use a ...
iDefense Security Advisory 02.12.08: ClamAV libclamav PE File Integer Overflow Vulnerability
( 647 days 21 hours ago)
iDefense Security Advisory 02.12.08 Feb 12, 2008 I. BACKGROUND Clam AntiVirus is a multi-platform GPL anti-virus toolkit. ClamAV is often integrated into e-mail gateways and used to scan e-mail traffic for viruses. It supports virus scanning for a wide variety of packed ...
Unicode buffer-overflow in RPM Remote Print Manager 4.5.1.11
( 647 days 21 hours ago)
Luigi Auriemma Application: RPM Remote Print Manager Versions: <= 4.5.1.11 (tested both the Elite and Select versions) the beta version 5.0.38.0 does NOT seem vulnerable Platforms: Windows Bug: unicode buffer-overflow Exploitation: remote Date: 11 Feb 2008 Author: Luigi Auriemma e-mail: aluigiatautistici.org web: aluigi.org ...
Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0
( 647 days 21 hours ago)
Interresting, how are you running the Get command? Is safenet installed on a workstation or server? --John Original message From: Luigi Auriemma net wrote: > > Hello everyone, was the server rebooted after the patch was installed? > ...
Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0
( 647 days 21 hours ago)
jfvanmeteratcomcast.net wrote: > Hello everyone, was the server rebooted after the patch was installed? Naturally, in fact before the patch I was able to exploit the directory traversal with both slash and backslash while after having applied the fix only when I use the backslash. ...
rPSA-2008-0052-1 kernel
( 647 days 21 hours ago)
rPath Security Advisory: 2008-0052-1 Published: 2008-02-12 Products: rPath Linux 1 rPath Appliance Platform Linux Service 1 Rating: Critical Exposure Level Classification: Local Root Deterministic Privilege Escalation Updated Versions: kernel=conary.rpath.comatrpl:1-vmware/2.6.22.18-0.1-1 kernel=conary.rpath.comatrpl:1/2.6.22.18-0.1-1 kernel=rap.rpath.comatrpath:linux-1/2.6.22.18-1-1 rPath Issue Tracking System: References: Description: ...
Ubuntu: Linux kernel vulnerability
( 647 days 23 hours ago)
LinuxSecurity.com: Wojciech Purczynski discovered that the vmsplice system call did not properly perform verification of user-memory pointers. A local attacker could exploit this to overwrite arbitrary kernel memory and gain root privileges. (CVE-2008-0600)
Foresight: python
( 647 days 23 hours ago)
LinuxSecurity.com: Previous versions of the python package contain an integer overflow in the imageop module which could cause a denial-of-service (crash) or possibly leak sensitive information.
Foresight: firefox
( 647 days 23 hours ago)
LinuxSecurity.com: Multiple vulnerabilities have been fixed in firefox, the most serious of which is thought to allow unauthorized remote execution of abitrary code at the permission level of the user running firefox.
Foresight: imageop
( 647 days 23 hours ago)
LinuxSecurity.com: Previous versions of the python package contain an integer overflow in the imageop module which could cause a denial-of-service (crash) or possibly leak sensitive information.
Foresight: nss_ldap
( 647 days 23 hours ago)
LinuxSecurity.com: Previous versions of nss_ldap contain a race condition that can allow nss_ldap to return the wrong information, allowing for the possibility of improper information disclosure.
Foresight: rsync
( 647 days 23 hours ago)
LinuxSecurity.com: Previous versions of the rsync package contain vulnerabilities in the rsync server, potentially allowing users to bypass security restrictions. Foresight Linux does not, by default, configure the rsync server to run.
[ GLSA 200802-03 ] Horde IMP: Security bypass
( 648 days 4 hours ago)
- Gentoo Linux Security Advisory GLSA 200802-03 - - Severity: Normal Title: Horde IMP: Security bypass Date: February 11, 2008 Bugs: #205377 ID: 200802-03 - Synopsis Insufficient checks in Horde may allow a remote attacker to bypass security restrictions. Background ...
prev · 12.02.2008 · next
