Displaying 20 results from an estimated 27 matches for "secunia".
Did you mean:
secunda
2004 Aug 06
3
(Fwd) [SA11578] Icecast Basic Authorization Denial of Service
For those who haven't yet received this warning yet.
Anybody from the core can tell about the background and possible
fixes?
<p>Regards,
Stefan
------- Forwarded message follows -------
Date sent: Wed, 12 May 2004 13:50:17 +0200
To: secunia_security_advisories@stefan-neufeind.de
Subject: [SA11578] Icecast Basic Authorization Denial of Service Vulnerability
From: Secunia Security Advisories <sec-adv@secunia.com>
<p>TITLE:
Icecast Basic Authorization Denial of Service Vulnerability
SECUNIA ADVISORY ID:
S...
2009 Sep 19
3
sieve security problem
hi , anybody knows more about this ?
http://secunia.com/advisories/36698/
http://secunia.com/advisories/36629/
http://secunia.com/advisories/36713/
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
2005 Apr 05
1
Secunia / Firefox Javascript "Arbitrary Memory Exposure" test
I just confirmed the following bug on my firefox.
http://secunia.com/advisories/14820/
Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050219 Firefox/1.0
(I think my firefox is a month or two behind, from ports, but the
advisary indicates both 1.0.1 and 1.0.2 are effected.)
FreeBSD localhost 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18...
2008 May 28
4
CVE-2008-1105 - Boundary failure when parsing SMB responses
...ct as a client during operations such as
== printer notification and domain authentication,
== this issue affects both Samba client and server
== installations.
==
==========================================================
===========
Description
===========
Secunia Research reported a vulnerability that allows for
the execution of arbitrary code in smbd. This defect is
is a result of an incorrect buffer size when parsing SMB
replies in the routine receive_smb_raw().
==================
Patch Availability
==================
A patch addressing this defect ha...
2006 Nov 28
1
GNU Tar vulnerability
Please, note: http://secunia.com/advisories/23115/
A port maintainer CC'ed.
--
Dixi.
Sem.
2007 Dec 10
1
[SECURITY] Buffer overrun in send_mailslot()
...= can trigger a boundary error in the domain
== controller GETDC mail slot support which
== can be remotely exploited to execute arbitrary
== code.
==
==========================================================
===========
Description
===========
Secunia Research reported a vulnerability that allows for
the execution of arbitrary code in nmbd. This defect is
only be exploited when the "domain logons" parameter has
been enabled in smb.conf.
==================
Patch Availability
==================
A patch addressing this defect has been...
2005 May 07
0
kernel disclosures
Version 4.x users ,
ERIFY ADVISORY:
http://secunia.com/advisories/15261/
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-05:07/ldt4.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-05:07/ldt4.patch.asc
VERIFY ADVISORY:
http://secunia.com/advisories/15260/
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-05:06/iir.patch
ftp://ftp.freebsd.o...
2007 Oct 08
5
3.1.1 RC4?
Keir,
I noticed that a Shadow patch went into the 3.1.1 staging tree today.
Does this mean that we should expect a 4th release candidate before the
3.1.1 release tag is official?
If so - how much testing time are you going to give that release
candidate before deciding whether a release tag, or another RC round is
appropriate?
Ben Guthro
_______________________________________________
2006 Oct 21
4
CentOS 3.8 Kernel Update with NVIDIA Video Card
I need some advice. I updated the kernel but when I restarted my
computer I got the following error message:
--
I cannot start the X server (your graphical interface). It is likely
that it is not set up correctly. ... Failed to load the NVIDIA kernel
module!
--
I've started my computer using the old kernel. I found out that there's
a new nvidia driver so I will also update it.
2005 Apr 21
6
Information disclosure?
Hello,
For some reason, I thought little about the "clear" command today..
Let's say a privileged user (root) logs on, edit a sensitive file (e.g,
a file containing a password, running vipw, etc) .. then runs clear and
logout. Then anyone can press the scroll-lock command, scroll back up
and read the sensitive information.. Isn't "clear" ment to clear the
2008 May 28
0
[SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses
...ct as a client during operations such as
== printer notification and domain authentication,
== this issue affects both Samba client and server
== installations.
==
==========================================================
===========
Description
===========
Secunia Research reported a vulnerability that allows for
the execution of arbitrary code in smbd. This defect is
is a result of an incorrect buffer size when parsing SMB
replies in the routine receive_smb_raw().
==================
Patch Availability
==================
A patch addressing this defect ha...
2007 Nov 15
0
[SECURITY] CVE-2007-5398 - Remote Code Execution in Samba's nmbd
...server, a client can send a series of name
== registration request followed by a specific
== name query request packet and execute
== arbitrary code.
==
==========================================================
===========
Description
===========
Secunia Research reported a vulnerability that allows for
the execution of arbitrary code in nmbd. This defect may
only be exploited when the "wins support" parameter has
been enabled in smb.conf.
==================
Patch Availability
==================
A patch addressing this defect has been...
2007 Dec 10
0
[SECURITY] Buffer overrun in send_mailslot()
...= can trigger a boundary error in the domain
== controller GETDC mail slot support which
== can be remotely exploited to execute arbitrary
== code.
==
==========================================================
===========
Description
===========
Secunia Research reported a vulnerability that allows for
the execution of arbitrary code in nmbd. This defect is
only be exploited when the "domain logons" parameter has
been enabled in smb.conf.
==================
Patch Availability
==================
A patch addressing this defect has been...
2007 Sep 29
1
security bugs (?)
...cvs.py/gentoo-x86/net-misc/rsync/files/rsync-2.6.9-stats-fix.patch
http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/rsync/files/rsync-2.6.9-fname-obo.patch
And while they seem "trusted" enough to me (present in many packages
such as Gentoo, FreeBSD and other; in bug lists such as Secunia...), I
am no rsync deep code knower, and I still wonder why there's no mention
in this mailing list or the homepage? Do the actual authors of rsync
think that those bugs has never been exploitable? If that's so, please
confirm it, thanks =)
Lapo
2007 Nov 15
0
[SECURITY] CVE-2007-5398 - Remote Code Execution in Samba's nmbd
...server, a client can send a series of name
== registration request followed by a specific
== name query request packet and execute
== arbitrary code.
==
==========================================================
===========
Description
===========
Secunia Research reported a vulnerability that allows for
the execution of arbitrary code in nmbd. This defect may
only be exploited when the "wins support" parameter has
been enabled in smb.conf.
==================
Patch Availability
==================
A patch addressing this defect has been...
2013 Aug 14
1
SA54438
http://secunia.com/advisories/54438/
Since I already got 3 private mails about this, here's the same reply for everyone (actually updated, now that I looked at the code):
This was a v2.2-only bug. And it isn't really a DoS.. It only caused the one pop3 process to crash in assert, which was handling only...
2006 Jul 28
2
Ruby vulnerability?
Hi,
FYI, Red Hat released an advisory today about a vulnerability in Ruby. So
far it doesn't appear in the VuXML, but am I correct in presuming it will
soon?
https://rhn.redhat.com/errata/RHSA-2006-0604.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694
cheers,
-- Joel Hatton --
Infrastructure Manager | Hotline: +61 7 3365 4417
AusCERT - Australia's national
2004 Dec 27
4
Found security expliot in port phpBB 2.0.8 FreeBSD4.10
I think, there is a neat exploit in the phpbb2.0.8 because I found my home
page defaced one dark morning. The patch for phpBB is here.
http://www.phpbb.com/downloads.php
The excerpt of the log is attached.
I believe the link to the described exploit is here.
http://secunia.com/advisories/13239
The defacement braggen page is here filter to show the exploited FreeBSD
machines that aneurysm.inc has defaced
http://www.zone-h.org/en/defacements/filter/filter_defacer=aneurysm.inc/filter_system=FreeBSD/page=1/
2005 Jul 07
1
[Fwd: [Full-disclosure] [ GLSA 200507-05 ] zlib: Buffer overflow]
Has Centos been tested for this yet?
-------- Original Message --------
Subject: [Full-disclosure] [ GLSA 200507-05 ] zlib: Buffer overflow
Date: Wed, 06 Jul 2005 16:23:20 +0200
From: Thierry Carrez <koon at gentoo.org>
Organization: Gentoo Linux
To: gentoo-announce at lists.gentoo.org
CC: full-disclosure at lists.grok.org.uk,
bugtraq at securityfocus.com, security-alerts at
2007 Sep 27
6
Security + Rails =Joke?
Hi,
http://dev.rubyonrails.org/ticket/8453
http://dev.rubyonrails.org/ticket/8371
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3227
I came across the above by accident. While I am subscribed to the so
called rails security list where supposed announcement of security
issues were to be posted, neither of the above problem made the list.
While I use rails a lot and like it, the above