Från Bugtraq december år 2002

• ZH2003-21SA (security advisory): DcForum+ XSS Vulnerability
• ZH2003-17SA (security advisory): geeeekShop Shopping Cart Path Disclosure
• Xprobe2 0.2rc1 release, white paper release, and Blackhat presentation availability
• Multiple integer overflows in XFree86 (local/remote)
• wu-ftpd-2.6.2 off-by-one remote exploit.
• VMware Workstation 4.0.1 (for Linux systems) vulnerability
• Re: VMware GSX Server 2.5.1 / Workstation 4.0 (for Linux systems) vulnerability
• TSLSA-2003-0030 - stunnel
• TSLSA-2003-0029 - postfix
• SuSE Security Announcement: kernel (SuSE-SA:2003:034)
• SuSE Security Announcement: postfix (SuSE-SA:2003:033)
• [slackware-security] KDE packages updated (SSA:2003-213-01)
• SRT2003-08-11-0729 - Linux based antivirus software contains several local overflows
• Computer Co-location Facility Vulnerabilities
• [RHSA-2003:267-01] New up2date available with updated SSL certificate authority file
• [RHSA-2003:258-01] GDM allows local user to read any file.
• [RHSA-2003:255-01] up2date improperly checks GPG signature of packages
• [RHSA-2003:251-01] New postfix packages fix security issues.
• [RHSA-2003:241-01] Updated ddskk packages fix temporary file vulnerability
• [RHSA-2003:235-01] Updated KDE packages fix security issue
• [RHSA-2003:199-02] Updated unzip packages fix trojan vulnerability
• Postfix: old bugs keep coming back
• Phrack #61 is OUT!
• XSS vulnerability in phpBB
• PCL-0001: Remote Vulnerability in HORDE MTA < 2.2.4
• Linux pam_smb < 1.1.6 login exploit
• Netris client Buffer Overflow Vulnerability.
• Remote denial of service vulnerability in Meteor FTP Version 1.5
• MDKSA-2003:087 - Updated gkrellm packages fix remote arbitrary code executeion vulnerability
• MDKSA-2003:083 - Updated eroaster packages fix temporary file vulnerability
• MDKSA-2003:082 - Updated php packages fix vulnerabilities
• MDKSA-2003:081 - Updated postfix packages fix remote DoS
• MDKSA-2003:073-1 - Updated unzip packages fix vulnerability
• Re: man-db[v2.4.1-]: open_cat_stream() privileged call exploit.
• Linux-sec-uk mailing list
• Immunix Secured OS 7+ wu-ftpd update
• Slight privilege elevation from bin to root in IBM DB2 7.1 - 8.1 all binaries
• [ESA-20030806-020] 'stunnel' signal handler race denial-of-service.
• [ESA-20030804-019] 'postfix' Remote denial-of-service.
• Ecartis 1.0 multiple vulnerabilities
• PST Linux Advisor--------Dsh-0.24.0 in debian has a home env Buffer Overflow Vulnerability
• [Full-Disclosure] [SECURITY] [DSA-373-1] New autorespond packages fix buffer overflow
• [Full-Disclosure] [SECURITY] [DSA-372-1] New netris packages fix buffer overflow
• [SECURITY] [DSA-371-1] New perl packages fix cross-site scripting
• [SECURITY] [DSA-370-1] New pam-pgsql packages fix format string vulnerability
• [SECURITY] [DSA-369-1] New zblast packages fix buffer overflow
• [SECURITY] [DSA-367-1] New xtokkaetama packages fix buffer overflow
• [SECURITY] [DSA-366-1] New eroaster packages fix insecure temporary file creation
• [SECURITY] [DSA-365-1] New phpgroupware package fix several vulnerabilities
• [Full-Disclosure] [SECURITY] [DSA-364-3] New man-db packages fix segmentation fault
• [SECURITY] [DSA-364-2] New man-db packages fix problem with DSA-364-1
• [SECURITY] [DSA-363-1] New postfix packages fix remote denial of service, bounce scanning
• [SECURITY] [DSA-362-1] New mindi packages fix insecure temporary file creation
• [SECURITY] [DSA-361-2] New kdelibs-crypto packages fix multiple vulnerabilities
• [SECURITY] [DSA-361-1] New kdelibs packages fix several vulnerabilities
• [SECURITY] [DSA-360-1] New xfstt packages fix several vulnerabilities
• [SECURITY] [DSA-359-1] New atari800 packages fix buffer overflows
• [SECURITY] [DSA-358-2] New kernel packages fix potential "oops"
• [SECURITY] [DSA-358-1] New kernel source and i386, alpha kernel images fix multiple vulnerabilities
• [SECURITY] [DSA 274-1] New node packages fix remote root vulnerability
• Dropbear SSH Server <= 0.34
• [CLA-2003:727] Conectiva Security Announcement - sendmail
• [CLA-2003:723] Conectiva Security Announcement - openslp
• [CLA-2003:720] Conectiva Security Announcement - lynx
• [CLA-2003:717] Conectiva Security Announcement - postfix
• [CLA-2003:716] Conectiva Security Announcement - wget
• [CLA-2003:715] Conectiva Security Announcement - wu-ftpd
• Postfix 1.1.12 remote DoS / Postfix 1.1.11 bounce scanning
• [SECURITY] Netfilter Security Advisory: NAT Remote DOS (SACK mangle)
• [SECURITY] Netfilter Security Advisory: Conntrack list_del() DoS
• CERT Advisory CA-2003-21 GNU Project FTP Server Compromise
• mod_dosevasive v1.6: Apache DoS Evasive Maneuvers Module
• [SECURITY] [DSA-368-1] New xpcd packages fix buffer overflow

Upp en nivå