Från Bugtraq december år 2002
Några texter från Bugtraq. Nyaste texterna sist:
[ESA-20030430-014] 'tcpdump' multiple vulnerabilities
[SECURITY] [DSA 297-1] New snort packages fix remote root exploits
[RHSA-2003:133-01] Updated man packages fix minor vulnerability
[CLA-2003:635] Conectiva Security Announcement - balsa
[SECURITY] [DSA 296-1] New kdebase packages fix arbitrary command execution
[SECURITY] [DSA 295-1] New pptpd packages fix remote root exploit
Red Hat IA64 products still missing fixes for the ptrace vs kmod vulnerability
[CLA-2003:633] REVISED: Conectiva Security Announcement - glibc
Multiple Vulnerabilities in Splatt Forum 4.0
Dynamic DNS "Spoofing" & IRC
[SECURITY] [DSA 298-1] New EPIC4 packages fix DoS and arbitrary code execution
[RHSA-2003:113-01] Updated mod_auth_any packages available
GLSA: openssh (200305-01)
Mod_Survey SYSBASE vulnerability
Key validity bug in GnuPG 1.2.1 and earlier
Security Update: [CSSA-2003-019.0] OpenLinux: tcp SYN with FIN packets are not discarded
[CLA-2003:639] Conectiva Security Announcement - krb5
CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client
[CLA-2003:640] Conectiva Security Announcement - vnc
Security Update: [CSSA-2003-017.0] OpenLinux: Various serious Samba vulnerabilities
Security Update: [CSSA-2003-018.0] OpenLinux: file command buffer overflow
[SECURITY] [DSA 299-1] New leksbot packages fix improper setuid-root execution
[SECURITY] [DSA 300-1] New Balsa packages fix buffer overflow
[SECURITY] [DSA-301-1] New libgtop packages fix buffer overflow
[SECURITY] [DSA-302-1] New fuzz packages fix buffer overflow
Fw: [rt-users] [rt-announce] RT 1.0.7 vulnerable to Cross Site Scripting attacks
[CLA-2003:643] Conectiva Security Announcement - slocate
SRT2003-05-08-1137 - ListProc mailing list ULISTPROC_UMASK overflow
MDKSA-2003:055 - Updated kopete packages fix vulnerability with GnuPG plugin
Firebird Local exploit
BitchX: Crash when channel modes change
Binary file unzip-2003-05.txt matches
Unix Version of the Pi3web DoS
[RHSA-2003:002-01] Updated KDE packages fix security issues
Security Update: [CSSA-2003-020.0] OpenLinux: kernel kmod/ptrace root exploit
A Phorum's bug...
cdrtools2.0 Format String Vulnerability
Security Update: [CSSA-2003-021.0] OpenLinux: mgetty caller ID buffer overflow and spool perm vulnerabilities
[RHSA-2003:160-01] Updated xinetd packages fix a denial-of-service attack and other bugs
Cdrecord local root exploit.
Buffer overflows in multiple IMAP clients
[RHSA-2003:172-00] Updated 2.4 kernel fixes security vulnerabilities and various bugs
[CLA-2003:648] Conectiva Security Announcement - evolution
[RHSA-2003:174-01] Updated tcpdump packages fix privilege dropping error
[ESA-20030515-017] 'kernel' several bug and security-related fixes.
[ESA-20030515-016] 'gnupg' key validation bug.
MDKSA-2003:057 - Updated MySQL packages fix vulnerability
[ESA-20030515-015] 'sudo' heap corruption vulnerability
MDKSA-2003:056 - Updated xinetd packages fix DoS vulnerability
MDKSA-2003:058 - Updated cdrecord packages fix local root compromise
[RHSA-2003:169-01] Updated lv packages fix vulnerability
[SECURITY] [DSA-305-1] New sendmail packages fix insecure temporary file creation
[SECURITY] [DSA-303-1] New mysql packages fix multiple vulnerabilities
Immunix Secured OS 7+ fileutils update
bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification
[SECURITY] [DSA-304-1] New lv packages fix local privilege escalation
Path Disclosure in Turba of Horde
Remote code execution in ttCMS <=v2.3
[SECURITY] [DSA 306-1] New BitchX packages fix DoS and arbitrary code execution
bazarr slocate
Lot of SQL injection on PHP-Nuke 6.5 (secure weblog!)
Maelstrom Buffer Overflow
[RHSA-2003:175-01] Updated gnupg packages fix validation bug
[CLA-2003:653] Conectiva Security Announcement - bugzilla
MDKSA-2003:059 - Updated lpr packages fix local root vulnerability
MDKSA-2003:058-1 - Updated cdrecord packages fix local root compromise
[slackware-security] GnuPG key validation fix (SSA:2003-141-04)
[slackware-security] EPIC4 security fixes (SSA:2003-141-01)
Security advisory: LSF 5.1 local root exploit
[slackware-security] quotacheck security fix in rc.M (SSA:2003-141-06)
[slackware-security] BitchX security fixes (SSA:2003-141-02)
[slackware-security] glibc XDR overflow fix (SSA:2003-141-03)
[slackware-security] mod_ssl RSA blinding fixes (SSA:2003-141-05)
MDKSA-2003:061 - Updated gnupg packages fix validation bug
MDKSA-2003:060 - Updated LPRng packages fix insecure temporary file vulnerability
[slackware-security] REVISED quotacheck security fix in rc.M (SSA:2003-141-06a)
Potential security vulnerability in Nessus
uml_net bug
PHP source code injection in BLNews
ATM on linux Exploit(les,local)
[RHSA-2003:171-01] Updated CUPS packages fix denial of service attack
SuSE Security Announcement: glibc (SuSE-SA:2003:027)
[CLA-2003:655] Conectiva Security Announcement - BitchX
[CLA-2003:656] Conectiva Security Announcement - netpbm
[RHSA-2003:177-01] Updated up2date and rhn_register clients available
[RHSA-2003:186-01] Updated httpd packages fix Apache security vulnerabilities
[RHSA-2003:145-01] Updated kernel fixes security vulnerabilities and updates drivers
[SECURITY] [ANNOUNCE] Apache 2.0.46 released
Algorimic Complexity Attacks
PHRACK MAGAZINE Call for Papers (#61)
[slackware-security] CUPS DoS vulnerability fixed (SSA:2003-149-01)
Bilaga (bazarr-episode-3.c) till: BAZARR CODE NINER PINK TEAM GO GO GO
[SECURITY] [DSA-307-1] New gps packages fix multiple vulnerabilities
MDKSA-2003:062 - Updated cups packages fix Denial of Service vulnerability
gcc (<3.2.3) implicit struct copy exploit
New php release with security fixes
iDEFENSE Security Advisory 05.30.03: Apache Portable Runtime Denial of Service and Arbitrary Code Execution Vulnerability
Upp en nivå