similar to: Secunia / Firefox Javascript "Arbitrary Memory Exposure" test

I figured that someone reading this list might want to take a look at the proceeding, considering that the version of Snort in FreeBSD ports -is- affected. -----Forwarded Message----- > From: CERT Advisory <cert-advisory@cert.org> > To: cert-advisory@cert.org > Subject: CERT Advisory CA-2003-13 Multiple Vulnerabilities in Snort Preprocessors > Date: 17 Apr 2003 11:30:47 -0400

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Exposed clear text of domain machine == account password in debug logs (log == level >= 5) == CVE ID#: CAN_2006-1059 == == Versions: Samba Samba 3.0.21 - 3.0.21c (inclusive) == == Summary: The winbindd daemon writes the clear text ==

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Exposed clear text of domain machine == account password in debug logs (log == level >= 5) == CVE ID#: CAN_2006-1059 == == Versions: Samba Samba 3.0.21 - 3.0.21c (inclusive) == == Summary: The winbindd daemon writes the clear text ==

We specifically do not update the disk i_size if there are ordered extents outstanding for any area between the current disk_i_size and our ordered extent so that we do not expose stale data. The problem is the check we have only checks if the ordered extent starts at or after the current disk_i_size, which doesn''t take into account an ordered extent that starts before the current

R-helpers, I am hoping to find someone who uses both R and program Stata for GLMs. I am a beginner R user, finding my own way through; learning code etc. at the same time as learning the statistics I need to complete my project. What I have is the code from Stata and am trying to reproduce the same analysis in R - my program of choice. . glm count md ms rf sg, family(poisson)

Hi, I'm hoping that someone will be able to help. I would like to compare how covariates associate with the risk of a binary outcome during two periods. Period 1 will be non-exposure to a treatment and period 2 will be exposure to a treatment. The same individuals will be examined in each group but I want to be able to compare the association of certain covariates between the two groups to

For those who haven't yet received this warning yet. Anybody from the core can tell about the background and possible fixes? <p>Regards, Stefan ------- Forwarded message follows ------- Date sent: Wed, 12 May 2004 13:50:17 +0200 To: secunia_security_advisories@stefan-neufeind.de Subject: [SA11578] Icecast Basic Authorization Denial of Service Vulnerability

hi , anybody knows more about this ? http://secunia.com/advisories/36698/ http://secunia.com/advisories/36629/ http://secunia.com/advisories/36713/ -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure when parsing SMB responses == can result in a buffer overrun == == CVE ID#: CVE-2008-1105 == == Versions: Samba 3.0.0 - 3.0.29 (inclusive) == == Summary: Specifically crafted SMB responses can result == in a heap overflow

Please, note: http://secunia.com/advisories/23115/ A port maintainer CC'ed. -- Dixi. Sem.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure in GETDC mailslot == processing can result in a buffer overrun == == CVE ID#: CVE-2007-6015 == == Versions: Samba 3.0.0 - 3.0.27a (inclusive) == == Summary: Specifically crafted GETDC mailslot requests == can trigger a

Version 4.x users , ERIFY ADVISORY: http://secunia.com/advisories/15261/ ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-05:07/ldt4.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-05:07/ldt4.patch.asc VERIFY ADVISORY: http://secunia.com/advisories/15260/ ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-05:06/iir.patch

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:02.bind Security Advisory The FreeBSD Project Topic: Multiple Denial of Service vulnerabilities in named(8) Category: contrib Module: bind

Keir, I noticed that a Shadow patch went into the 3.1.1 staging tree today. Does this mean that we should expect a 4th release candidate before the 3.1.1 release tag is official? If so - how much testing time are you going to give that release candidate before deciding whether a release tag, or another RC round is appropriate? Ben Guthro _______________________________________________

I need some advice. I updated the kernel but when I restarted my computer I got the following error message: -- I cannot start the X server (your graphical interface). It is likely that it is not set up correctly. ... Failed to load the NVIDIA kernel module! -- I've started my computer using the old kernel. I found out that there's a new nvidia driver so I will also update it.

Hello, For some reason, I thought little about the "clear" command today.. Let's say a privileged user (root) logs on, edit a sensitive file (e.g, a file containing a password, running vipw, etc) .. then runs clear and logout. Then anyone can press the scroll-lock command, scroll back up and read the sensitive information.. Isn't "clear" ment to clear the

http://secunia.com/advisories/54438/ Since I already got 3 private mails about this, here's the same reply for everyone (actually updated, now that I looked at the code): This was a v2.2-only bug. And it isn't really a DoS.. It only caused the one pop3 process to crash in assert, which was handling only the connection that had already disconnected. (Unless you were running a

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Remote code execution in Samba's WINS == server daemon (nmbd) when processing name == registration followed name query requests. == == CVE ID#: CVE-2007-5398 == == Versions: Samba 3.0.0 - 3.0.26a (inclusive) == == Summary: When nmbd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure in GETDC mailslot == processing can result in a buffer overrun == == CVE ID#: CVE-2007-6015 == == Versions: Samba 3.0.0 - 3.0.27a (inclusive) == == Summary: Specifically crafted GETDC mailslot requests == can trigger a

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure when parsing SMB responses == can result in a buffer overrun == == CVE ID#: CVE-2008-1105 == == Versions: Samba 3.0.0 - 3.0.29 (inclusive) == == Summary: Specifically crafted SMB responses can result == in a heap overflow