Critical: Red Hat Security Advisory: evolution security update

Updated evolution packages that fix a format string bug are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. A...

Evolution: Format string vulnerability

Background Evolution is a GNOME groupware application. Description Ulf Harnhammar from Secunia Research discovered a format string error in the emfmultipartencrypted function in the file mail/em-format.c when reading certain data e.g. the "Version:" field from an encrypted e-mail. Impact A remote...

DSA-1512-1 evolution - remote code execution

Bulletin has no description...

Evolution format string vulnerability

Format string vulnerability on encrypted mail parsing...

CVE-2008-0581

Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /password switch and specifies an arbitrary program in the /command switch...

CVE-2008-0581

Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /password switch and specifies an arbitrary program in the /command switch...

CVE-2008-0581

CVE-2008-0581 involves Geert Moernaut LSrunasE and describes a local privilege escalation where a user can obtain the encrypted password from a batch file and then create a modified batch file that uses the /password switch to supply that password and the /command switch to run an arbitrary progr...

[SECURITY] Fedora 7 Update: python-paramiko-1.7.1-3.fc7

Paramiko a combination of the esperanto words for "paranoid" and "friend" is a module for python 2.3 or greater that implements the SSH2 protocol for se cure encrypted and authenticated connections to remote machines. Unlike SSL a ka TLS, the SSH2 protocol does not require heirarchical certificat...

[SECURITY] Fedora 8 Update: python-paramiko-1.7.1-3.fc8

Paramiko a combination of the esperanto words for "paranoid" and "friend" is a module for python 2.3 or greater that implements the SSH2 protocol for se cure encrypted and authenticated connections to remote machines. Unlike SSL a ka TLS, the SSH2 protocol does not require heirarchical certificat...

CVE-2007-6330

Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames and passwords to the client in a 1 cleartext or 2 weakly encrypted format to support client-side login authentication, which makes it easier for remote attackers to obtain database access by capturing credentials via a...

Citrix NetScaler Web Management Cookie Weakness

Citrix NetScaler Web Management Cookie Weakness Product: Citrix NetScaler http://www.citrix.com/lang/English/ps2/index.asp Background: For most web application logins a user fills out an HTTP form, which sets up the user with a session cookie. The cookie content is merely a session ID, which allo...

Security collection: help your hand three exploits tools-vulnerability warning-the black bar safety net

We are talking about here is some for creating security tools and exploits program Security Platform. Security experts to perform penetration tests, system administrators can verify whether the patch has been installed, manufacturers can perform regression testing. First, the Metasploit Framework...

Ubuntu 5.04 / 5.10 / 6.06 LTS : gnupg vulnerability (USN-332-1)

Evgeny Legerov discovered that gnupg did not sufficiently check the validity of the comment and a control field. Specially crafted GPG data could cause a buffer overflow. This could be exploited to execute arbitrary code with the user's privileges if an attacker can trick an user into processing ...

CVE-2003-1423

Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords...

Datagram Transport Layer Security Detection

The remote service is encrypted using Datagram Transport Layer Security DTLS, which provides communications privacy for datagram protocols. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid27057; scriptversion"1.16"; scriptsetattributeattribute:"pluginmodificationdate"...

CVE-2004-2703

The CVE-2004-2703 entry concerns Clearswift MIMEsweeper 5.0.5, upgraded from MAILsweeper SMTP versions, where remote data that is encrypted within a mail message can bypass scanning and be marked as Clean rather than Encrypted. This describes the affected product/function (MIMEsweeper 5.0.5 after...

[SECURITY] Fedora 7 Update: ntfs-3g-1.913-2.fc7

The ntfs-3g driver is an open source, GPL licensed, third generation Linux NTFS driver. It provides full read-write access to NTFS, excluding access to encrypted files, writing compressed files, changing file ownership, access right. Technically it=E2=80=99s based on and a major improvement to th...

Information disclosure

RemoteDocs R-Viewer before 1.6.3768 stores encrypted RDZ file data in unencrypted temporary files, which allows local users to obtain sensitive information by reading the temporary files...

CVE-2007-4751

RemoteDocs R-Viewer before 1.6.3768 stores encrypted RDZ file data in unencrypted temporary files, which allows local users to obtain sensitive information by reading the temporary files...

Samurai download and Samurai articles of the exploit-vulnerability warning-the black bar safety net

One injection vulnerability You can fast forward to see First just point a software download The official update to 2. 4, but the official himself then, but there are also vulnerabilities Oh The download address of the Copy to the next kid inside, I changed%6 9 See? there is no change before is n...