similar to: Fwd: Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!)

Displaying 20 results from an estimated 1000 matches similar to: "Fwd: Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!)"

2004 Sep 17
1
Fwd: FreeBSD kernel buffer overflow
Can anyone provide more details about the posting below ? >Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm >List-Id: <bugtraq.list-id.securityfocus.com> >List-Post: <mailto:bugtraq@securityfocus.com> >List-Help: <mailto:bugtraq-help@securityfocus.com> >List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> >List-Subscribe:
2004 Aug 06
2
[dizznutt@my.security.nl: icecast 1.3.11 remote shell/root exploit - #temp]
Contrary to the report, this only affect 1.3.x version of icecast, not _all_ versions. But this is a serious problem and I do hope you all took my advice last time and aren't running icecast as root. I'll try to have a patch today. jack. ----- Forwarded message from dizznutt@my.security.nl ----- Date: Tue, 2 Apr 2002 07:51:55 +0000 (GMT+00:00) From: dizznutt@my.security.nl To:
1999 Jul 30
0
Linux 2.2.10 ipchains Advisory (fwd)
---------- Forwarded message ---------- Received: from lists.securityfocus.com (lists.securityfocus.com [216.102.46.4]) by blues.jpj.net (right/backatcha) with SMTP id VAA15167 for <trevor@JPJ.NET>; Tue, 27 Jul 1999 21:17:48 -0400 (EDT) Received: (qmail 28179 invoked from network); 27 Jul 1999 19:14:06 -0000 Received: from lists.securityfocus.com (216.102.46.4) by lists.securityfocus.com
1999 Nov 23
0
DoS with sysklogd, glibc (Caldera) (fwd)
Hi, This advisory has a bit more than the Red Hat one.... Roger. ----- Forwarded message from Alfred Huger ----- >>From owner-bugtraq@SECURITYFOCUS.COM Mon Nov 22 18:49:41 1999 Approved-By: aleph1@SECURITYFOCUS.COM Message-ID: <Pine.GSO.4.10.9911220906250.11753-100000@www.securityfocus.com> Date: Mon, 22 Nov 1999 09:08:08 -0800 X-Reply-To: Alfred Huger
2004 Feb 17
0
OpenSSH 3.7 released (fwd)
Since there never was an answer on the secureshell at securityfocus.com list to this question, I thought I'd ask you guys on your own list and maybe I'll even get an answer. If the answer involves PAM in any way, then the most obvious question becomes "what about IRIX, Tru64, or any other platforms whose login procedure does not have PAM?". ----- Forwarded message from Atro
2000 Oct 02
0
(from BugTraq) openssh2.2.p1 - Re: scp file transfer hole
X-PMC-CI-e-mail-id: 13726 Hi, I have been a successful user of Openssh for some time. I am attaching two articles from BugTraq. Hopefully, they show exactly the security problems reported in the BugTraq mailing list. [Pity that no one seemed to have bothered to contact the mailing list(s) for openssh development.] I am not sure what the right fixes would be. But at least, people need to be
2002 Mar 22
1
Is OpenSSH vulnerable to the ZLIB problem or isn't it?
SSH.COM says their SSH2 is not vulnerable to the ZLIB problem even though they use the library (details below). Can OpenSSH say the same thing? In either case, it seems like there ought to be an openssh-unix-announce message about what the situation is. I may have missed it, but I don't believe there was one. Yes, openssh doesn't have its own copy of zlib source but it would still be
2004 Dec 03
1
[BUGTRAQ] rssh and scponly arbitrary command execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [This came over BUGTRAQ this morning. Note the call for volunteers vis-a-vis rssh.] - ----- Forwarded message from Jason Wies <jason at xc.net> ----- List-Id: <bugtraq.list-id.securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe at securityfocus.com> To: bugtraq at securityfocus.com Cc: rssh-discuss at
2000 Aug 18
0
[RHSA-2000:052-04] Zope update
--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Zope update Advisory ID: RHSA-2000:052-04 Issue date: 2000-08-11 Updated on: 2000-08-18 Product: Red Hat Powertools Keywords: Zope Cross references: N/A
2001 Feb 08
0
[CORE SDI ADVISORY] SSH1 CRC-32 compensation attack detector vulnerability
CORE SDI http://www.core-sdi.com SSH1 CRC-32 compensation attack detector vulnerability Date Published: 2001-02-08 Advisory ID: CORE-20010207 Bugtraq ID: 2347 CVE CAN: CAN-2001-0144 Title: SSH1 CRC-32 compensation attack detector vulnerability Class: Boundary Error Condition Remotely Exploitable: Yes Locally Exploitable: Yes Release Mode:
2004 Jun 28
2
Security Vulnerability in Asterisk
The following is pasted from SecurityFocus Newsletter #254: ------------------------- Asterisk PBX Multiple Logging Format String Vulnerabilities BugTraq ID: 10569 Remote: Yes Date Published: Jun 18 2004 Relevant URL: http://www.securityfocus.com/bid/10569 Summary: It is reported that Asterisk is susceptible to format string vulnerabilities in its logging functions. An attacker may use these
2008 Nov 22
0
[patch] [vuxml] net/wireshark: fix DoS in SMTP dissector
>Submitter-Id: current-users >Originator: Eygene Ryabinkin >Organization: Code Labs >Confidential: no >Synopsis: [patch] [vuxml] net/wireshark: fix DoS in SMTP dissector >Severity: serious >Priority: high >Category: ports >Class: sw-bug >Release: FreeBSD 7.1-PRERELEASE i386 >Environment: System: FreeBSD 7.1-PRERELEASE i386 >Description: Today the DoS
2003 Sep 17
0
Fwd: [Full-Disclosure] Sendmail 8.12.9 prescan bug (a new one) [CAN-2003-0694]
More patch-o-rama :-( ---Mike >From: Michal Zalewski <lcamtuf@dione.ids.pl> >To: bugtraq@securityfocus.com, <vulnwatch@securityfocus.com>, > <full-disclosure@netsys.com> >X-Nmymbofr: Nir Orb Buk >Subject: [Full-Disclosure] Sendmail 8.12.9 prescan bug (a new one) >[CAN-2003-0694] >Sender: full-disclosure-admin@lists.netsys.com >X-BeenThere:
2002 Jun 24
2
Upcoming OpenSSH vulnerability
On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote: > Date: Mon, 24 Jun 2002 15:00:10 -0600 > From: Theo de Raadt <deraadt at cvs.openbsd.org> > Subject: Upcoming OpenSSH vulnerability > To: bugtraq at securityfocus.com > Cc: announce at openbsd.org > Cc: dsi at iss.net > Cc: misc at openbsd.org > > There is an upcoming OpenSSH vulnerability that
2002 Jun 24
2
Upcoming OpenSSH vulnerability
On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote: > Date: Mon, 24 Jun 2002 15:00:10 -0600 > From: Theo de Raadt <deraadt at cvs.openbsd.org> > Subject: Upcoming OpenSSH vulnerability > To: bugtraq at securityfocus.com > Cc: announce at openbsd.org > Cc: dsi at iss.net > Cc: misc at openbsd.org > > There is an upcoming OpenSSH vulnerability that
2000 Apr 12
0
[SECURITY] RHSA-2000:009-02.text: New gpm packages available
-----BEGIN PGP SIGNED MESSAGE----- - --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: gpm Advisory ID: RHSA-2000:009-02 Issue date: 2000-04-07 Updated on: 2000-04-10 Product: Red Hat Linux Keywords: gpm gpm-root gid 0 priviledge Cross references: N/A -
1999 Nov 30
0
serious Qpopper 3.0 vulnerability (fwd)
Recieved this email on BugTraq today. Take the necessary precautions. ---------- Forwarded message ---------- Date: Tue, 30 Nov 1999 01:53:11 +0100 From: Mixter <mixter@NEWYORKOFFICE.COM> To: BUGTRAQ@SECURITYFOCUS.COM Subject: serious Qpopper 3.0 vulnerability Greetings, There is a remote buffer overflow in the qpop 3.0 server code that can lead to remote root compromise. Exploit
2002 Apr 20
0
Buffer overflow in OpenSSH 2.2.0-3.1.0
Hi! I just saw this on bugtraq. Does someone have more details about this? Subject: OpenSSH 2.2.0 - 3.1.0 server contains a locally exploitable buffer overflow From: Marcell Fodor <m.fodor at mail.datanet.hu> Date: 19 Apr 2002 22:42:51 -0000 (Sat 01:42 EEST) To: bugtraq at securityfocus.com effect: local root vulnerable services: -pass Kerberos IV TGT -pass AFS Token bug
2004 Aug 06
0
icecast security
> maybe an outdated question: there was a message on the > securityfocus mailing list (bugtraq) today (and several month before) > about a remote buffer overflow in icecast v1.3.10 (which seems to be a > package in debian). > does this affect 1.3.11 too or is the version at > http://www.icecast.org/download.html fixed? Point me to a url at bugtraq where I can read a description
2007 Apr 24
0
Asterisk Project Security Adivsory Process
Recent events, including vulnerabilities that were reported and the subsequent discussions about how they were handled, have made those of us that manage Asterisk development decide that it is time for the Asterisk project to have a formal security vulnerability and advisory reporting process. Over the next few weeks we will begin to formalize and document this process on the asterisk.org