1116 matches found
Sun Solaris vulnerable to DoS when the Basic Security Module (BSM) is configured to perform auditing of specific classes
Overview There is a vulnerability in Sun Solaris that could allow local users to cause a denial of service when the Basic Security Module BSM is configured to perform auditing of specific audit classes. Description Sun Microsystems describes the Basic Security Module BSM as a "security auditing...
Cross-site scripting vulnerability in SARA v<=4.2.7
XSS Vulnerability in Security Auditor's Research Assistant SARA versions before 5.0.0 Affects: SARA versions 4.2.6 and 4.2.7. Older versions not tested, presumably affected. Related software sharing common ancestry: SATAN 1.1.1 would not run properly on my test platform, but checking the code it...
Advisory 02/2003: emule/xmule/lmule vulnerabilities
e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: eMule/lmule/xmule multiple remote vulnerabilities Release Date: 2003/08/17 Last Modified: 2003/08/17 Author: Stefan Esser [email protected] Application: eMule = 0.29c xmule = 1.4.3, = 1.5.6a lmule = 1.3.1 Severity: Several...
MailEnable POP3 Server remote shutdown !:/ -newest ~ (and previous) bufferoverflow-
My first post, please bare with me. -/-About.-/- I found this problem auditing a webserver, it’s a standard bufferoverflow i guess, but i am not sure how to find all the technical information but if anyone knows what to do i would like to know, if some one have the time to send a brief mail or...
SPIKE version released that detects .HTR and ISAPI overflows (see spike.sourceforge.net)
At long last, SPIKE is once again allowed to be public. This is the fuzzer creation kit I wrote that finds the .HTR and ISAPI overflow vulnerabilities discussed here: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-018.asp and here:...
Weak authentication in iBill's Password Management CGI
Vulnerable Program: ibillpm.pl Perl CGI script Distributed by: iBill Internet Billing Company, http://www.ibill.com Problem: iBill hard codes a weak password for the user management script, ibillpm.pl, installed for clients that use the Password Management system. The weak password is the client'...
Security Advisory: FreeBSD-SA-01:13.sort
============================================================================= FreeBSD-SA-01:13 Security Advisory FreeBSD, Inc. Topic: sort uses insecure temporary files Category: core Module: sort Announced: 2001-01-29 Credits: Discovered during internal auditing Affects: FreeBSD 3.x all releases...
scx-sa-12.txt
============================================================================= Securax-SA-12 Security Advisory belgian.networking.security Dutch ============================================================================= Topic: Remote hiding from accesslog and errorlog Announced: 2000-12-28...
[SECURITY] New version of tcpdump released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman November 20, 2000 - ------------------------------------------------------------------------ Package: tcpdump Vulnerability:...
Ethereal - AFS Buffer Overflow
Ethereal - AFS Buffer Overflow / source: https://www.securityfocus.com/bid/1972/info Ethereal is a network auditing utility originally written by Gerald Combs. A problem exists in the Ethereal package which can allow a remote user to execute code. The problem exists in the AFS packet parsing...
Security Advisory: FreeBSD-SA-00:16.golddig
============================================================================= FreeBSD-SA-00:16 Security Advisory FreeBSD, Inc. Topic: golddig port allows users to overwrite local files Category: ports Module: golddig Announced: 2000-05-09 Credits: Discovered during internal ports collection...
mmdump.pl
Meeting Maker is a networked calendaring/scheduling software package that's estimated to be installed on over 700,000 desktops e.g., see http://www.meetingmaker6.com/presslib/pressrel/mm061499mm6.htm. Meeting Maker is a registered trademark of ON Technology Corporation. Clients send passwords to ...
xfs security issues (fwd)
Hi, I notice xfs the X font server recently hit the news. It seems I never sent the below message on to Bugtraq at least a search doesn't show up much. I'm guessing it's still relevant. This message illustrates that the xfs problem recently mentioned by Michal is but one of many minor...
FreeBSD-SA-00:01.make
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:01 Security Advisory FreeBSD, Inc. Topic: Insecure temporary file handling in make1 Category: core Module: make Announced: 2000-01-19 Affects: All versions before the...
retina.vs.iis4-round2-the.brain.txt
http://www.eeye.com/database/advisories/ad06081999/ad06081999.html Retina vs. IIS4, Round 2 The Brain File The followng is a listing of the Brain.ini file that Retina uses for it's miner module. this is the actual file listing that uncovered the crash in IIS4. We trimed out some variables that ar...
PT-1999-1201 · Microsoft · Windows Nt
Name of the Vulnerable Software and Affected Versions: Windows NT affected versions not specified Description: The issue concerns a Windows NT system's registry audit policy, which does not log an event for success or failure when non-critical registry keys are accessed. Recommendations: At the...