prev · 28.05.2008 · next 
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 | |
Calcium web calendar: Reflected XSS
( 91 days 22 hours ago)
Vendor: Brown Bear Software Vendor web page: Product: Calcium web calendar Product web page: Vendor's Product Description: ...
Bypassing URL Authentication and Authorization with HTTP Verb Tampering
( 91 days 22 hours ago)
Internetizens, Many URL authentication and authorization mechanisms make security decisions based on the HTTP verb in the request. Many of these mechanisms work in a counter-intuitive way. This fact, in combination with some oddities in the way that both web and application servers ...
Yahoo sues lottery spammers
( 92 days ago)
Yahoo has filed a lawsuit against spammers it says are using the company's trademarks in an illegal phishing scam.
Confusion mounts over which Flash versions are under attack
( 92 days ago)
Despite initial reports on Tuesday, a new Flash Player exploit being fed to users who visit legitimate Web sites is not really a true zero-day exploit, a SecureWorks researcher said today.
Vulnerability Advisory on OpenSSL
( 92 days 2 hours ago)
Versions affected: 0.9.8f and 0.9.8g Impact: Denial-of-Service (DoS) and buffer overflow conditions. Please view CERT Advisory for more details:
[ MDVSA-2008:107 ] - Updated openssl package fixes denial of service vulnerabilities
( 92 days 2 hours ago)
Mandriva Linux Security Advisory MDVSA-2008:107 Package : openssl Date : May 28, 2008 Affected: 2008.1 Problem Description: Testing using the Codenomicon TLS test suite discovered a flaw in the handling of server name extension data in OpenSSL 0.9.8f and ...
[security bulletin] HPSBUX02334 SSRT071403 rev.2 - HP-UX Running ftp, Remote Denial of Service (DoS)
( 92 days 2 hours ago)
SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01446326 Version: 2 HPSBUX02334 SSRT071403 rev.2 - HP-UX Running ftp, Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2008-05-12 Last Updated: 2008-05-28 ...
[SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses
( 92 days 2 hours ago)
== == Subject: Boundary failure when parsing SMB responses == can result in a buffer overrun == == CVE ID#: CVE-2008-1105 == == Versions: Samba 3.0.0 - 3.0.29 (inclusive) == == Summary: Specifically crafted SMB responses can result == in a heap overflow in the Samba client code. ...
Cisco Security Advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability
( 92 days 2 hours ago)
Cisco Security Advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability Advisory ID: cisco-sa-20080528-cw Revision 1.0 For Public Release 2008 May 28 1600 UTC (GMT) Summary CiscoWorks Common Services contains a vulnerability that could allow a remote attacker to execute arbitrary code. ...
rPSA-2008-0105-1 evolution
( 92 days 2 hours ago)
rPath Security Advisory: 2008-0105-1 Published: 2008-05-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: evolution=conary.rpath.comatrpl:1/2.4.1-2.3-1 rPath Issue Tracking System: References: Description: Previous versions of the evolution package contain a format string ...
Re: CORE-2008-0126: Multiple vulnerabilities in iCal
( 92 days 2 hours ago)
On Tue, 27 May 2008, security curmudgeon wrote: > No mention of CVE-2008-1035 in the [CORE] advisory other than the header > CVE name reference. BID seems to have split the three vulnerabilities, > but given two of them the same CVE. CVE does not have descriptions open ...
[NSG_28-5-08] CA Internet Security Suite 2008 (UmxEventCli.dll/SaveToFile()) remote file corruption poc
( 92 days 2 hours ago)RE: function sleep() in all versions of PHP
( 92 days 2 hours ago)
com com] On Behalf Of Charles Morris > Sent: Tuesday, 27 May, 2008 13:14 > > The reasoning behind this is behind the definition of > vulnerability, and here is a good one: > "a weakness in a system allowing unauthorized action [(NRC91:301; ...
Re: function sleep() in all versions of PHP
( 92 days 2 hours ago)
Charles Morris wrote: > I agree with you that this is a known issue, and that there are ways > around it, however I would in fact call it a vulnerability. That depends upon your threat model. If you are treating maxexecutiontime as protection against malicious ...
rPSA-2008-0178-1 php php-mysql php-pgsql
( 92 days 2 hours ago)
rPath Security Advisory: 2008-0178-1 Published: 2008-05-27 Products: rPath Linux 1 Rating: Critical Exposure Level Classification: Remote System User Deterministic Unauthorized Access Updated Versions: php=conary.rpath.comatrpl:1/4.3.11-15.17-1 php-mysql=conary.rpath.comatrpl:1/4.3.11-15.17-1 php-pgsql=conary.rpath.comatrpl:1/4.3.11-15.17-1 rPath Issue Tracking System: References: Description: ...
RedHat: Critical: samba security and bug fix update
( 92 days 5 hours ago)
LinuxSecurity.com: Updated samba packages that fix a security issue and two bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team.
RedHat: Critical: samba security update
( 92 days 5 hours ago)
LinuxSecurity.com: Updated samba packages that fix a security issue are now available for Red Hat Enterprise Linux 4.5 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team.
RedHat: Critical: samba security update
( 92 days 5 hours ago)
LinuxSecurity.com: Updated samba packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux 3, and Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team.
Slackware: rdesktop
( 92 days 5 hours ago)
LinuxSecurity.com: New rdesktop packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix a security issue caused by using rdesktop to connect to a malicious or compromised RDP server. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [ >>>
]
Gentoo: Roundup Permission bypass
( 92 days 5 hours ago)
LinuxSecurity.com: A vulnerability in Roundup allows for bypassing permission restrictions.
Debian: New Linux 2.6.18 packages fix several vulnerabilities
( 92 days 5 hours ago)
LinuxSecurity.com: Johannes Bauer discovered an integer overflow condition in the hrtimer subsystem on 64-bit systems. This can be exploited by local users to trigger a denial of service (DoS) by causing the kernel to execute an infinite loop.
Five reasons SocGen did not detect that $7 billion fraud
( 92 days 16 hours ago)
You'd think it wouldn't be so easy to lose $7 billion through just one relatively low-level employee's actions, but a report released last week by Paris-based Societe Generale showed that no man, not even a fraudster, is an island.
prev · 28.05.2008 · next
