8820 matches found
SECURITY.NNOV: file locking and security
Hello bugtraq, Topic : File locking and security Author : 3APA3A [email protected] Affected software : Windows NT 4.0, Windows 2000 and may be another systems Exploitable : Yes Remotely exploitable : No Category : Design flow Background: Application can lock the file after file description ...
Redhat 7.0 local root (via uucp) (attempt 2)
Affects: RedHat 7.0 possibly others 28 Aug 2001 01:27:24 +1200 uucp vulnerability exposed to vendor 9 Nov 2001 07:14:15 +1300 this makewhatis vulnerability exposed to vendor /usr/sbin/makewhatis An earlier version1 of makewhatis had a fault in the handling of compressed files that allowed executi...
hack-hm-1.0.txt
Sure: Title Hotmail Security Alert Hack HM1.0! 5/10/2000 By: Da Hawaiian HaXorS "Give back da aina!" Disclaimer In no event shall Da Hawaiian HaXorS be held liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in ...
fingerd-cgi.txt
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+++++++++++++++++ ALERT! ALERT! BERKELEY FINGER VULNERABILITY! ALERT! ALERT! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ This is NOT...
more RADIUS authentication attack scenarios
Hello bugtraq, There is also problem with some vendor-specific RADIUS authentication implementation. For example Microsoft has it's specific attributes defined in RFC 2548. These attributes allow MS-CHAP and MS-CHAPv2 authentication via RADIUS. There is design flow in this authentication scenario...
Various problems in Baltimore WebSweeper URL filtering
Tuesday 4 September 2001 Various problems in Baltimore WebSweeper URL filtering ====================================================== Product Background ------------------ WEBSweeper is Baltimore Technologies' Web Content Security solution. It enables customers to implement Content Security...
Various problems in Baltimore's WEBSweeper Script filtering
Sunday 12 August 2001 eDvice Security Services Advisory Various problems in Baltimore's WEBSweeper Script filtering =========================================================== Product Background ------------------- WEBsweeper is Baltimore Technologies' Web Content Security solution. It enables...
Various problems in Ternd Micro AppletTrap Script filtering
Sunday 29 July 2001 Various problems in Ternd Micro AppletTrap Script filtering =========================================================== This is a different advisory than the one we posted on July 9 http://archives.neohapsis.com/archives/bugtraq/2001-07/0129.html. Product Background...
SERIOUS BUG IN PHPNUKE
Yes, phpnuke.org, was contacted.... First take a look at: http://phpnuke.org/user.php?op=userinfo&uname=MegaHz Then, read this................. PHPnuke Bugs. After testing just a few scripts on phpnuke I have noticed the following: Some fields in the registration form allow code and fail to filte...
Softek MailMarshal 4 Trend Micro ScanMail 1.0 - SMTP Attachment Protection Bypass
Softek MailMarshal 4 Trend Micro ScanMail 1.0 - SMTP Attachment Protection Bypass source: https://www.securityfocus.com/bid/3097/info At least two SMTP gateway products have been identified which contain flaws in the handling of restricted filetypes as attachments. An attacker can insert extraneo...
Various problems in Ternd Micro AppletTrap URL filtering
Monday 9 July 2001 eDvice Security Services Advisory - Various problems in Trend Micro AppletTrap URL filtering Product Background ------------------ Trend Micro AppletTrap is a product for blocking malicious Java applets, malicious JavaScript and unsecured ActiveX controls at the gateway. The...
Проблемы с беспроводными устройствами (SNMP authentication flaw, Wired-side SNMP key exposure)
Возможно несанкционированное подключение по 802.11...
IPC@Chip Security
Sentry Research Labs www.sentry-labs.de.vu product: IPC@Chip Beck GmbH vendor informed: 21th of May status: unanswered Note: The demonstration tool and a german version there is also an english download version of this report is available form our website. Siberian...
ASLabs-2001-01: Multiple Security Problems in eEye SecureIIS
=== Alliance Security Labs === === ASLabs-2001-01: Multiple Security Problems in eEye SecureIIS === Advisory ID: ASLabs-2001-01 Vendor: eEye http://www.eEye.com Product: SecureIIS http://www.eeye.com/html/Products/SecureIIS/index.html Versions: v1.0.2 latest available - probably relevant for 1.0....
Security Bulletin MS01-027
---------------------------------------------------------------------- Title: Flaws in Web Server Certificate Validation Could Enable Spoofing Date: 16 May 2001 Software: Internet Explorer Impact: Spoofing of trusted web site Bulletin: MS01-027 Microsoft encourages customers to review the...
def-2001-20: Lotus Domino Multiple DoS
====================================================================== Defcom Labs Advisory def-2001-20 Lotus Domino Multiple DoS Author: Peter Grьndl [email protected] Release Date: 2001-04-11 ======================================================================...
Catastrophic failure of Strip password generation.
Executive summary: If you have ever used Strip for the Palm to generate your passwords, change them. Change them NOW. Strip Secure Tool for Recalling Important Passwords is a nice encrypted password notebook for the Palm; see http://www.zetetic.net/products.html for details. Strip-0.5 also featur...
Дырки в Shareplex (file reading)
Ошибки дизайна в suid root приложениях позволяют прочитать содержимое любых файлов...
Дырки в IBM NetCommerce
Сочетание большого числа дырок в различных продуктах входящих в состав сервера...
PALS Library System WebPALS pals-cgi Multiple Vulnerabilities
The 'pals-cgi' CGI is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...