Bugtraq (bugtraq) Mailing List

[ GLSA 200812-07 ] Mantis: Multiple vulnerabilities

Tue, 2 Dec 2008 18:55:03 +0100

Posted by Robert Buchholz on Dec 2

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200812-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

[ GLSA 200812-02 ] enscript: User-assisted execution of arbitrary code

Tue, 2 Dec 2008 18:28:07 +0100

Posted by Robert Buchholz on Dec 2

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200812-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

[ GLSA 200812-04 ] lighttpd: Multiple vulnerabilities

Tue, 2 Dec 2008 18:33:06 +0100

Posted by Robert Buchholz on Dec 2

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200812-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

[ GLSA 200812-05 ] libsamplerate: User-assisted execution of arbitrary code

Tue, 2 Dec 2008 18:40:19 +0100

Posted by Robert Buchholz on Dec 2

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200812-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

[ GLSA 200812-06 ] libxml2: Multiple vulnerabilities

Tue, 2 Dec 2008 18:42:03 +0100

Posted by Robert Buchholz on Dec 2

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200812-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

[ GLSA 200812-03 ] IPsec-Tools: racoon Denial of Service

Tue, 2 Dec 2008 18:30:56 +0100

Posted by Robert Buchholz on Dec 2

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200812-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

[ GLSA 200812-01 ] OptiPNG: User-assisted execution of arbitrary code

Tue, 2 Dec 2008 18:25:54 +0100

Posted by Robert Buchholz on Dec 2

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200812-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

[USN-683-1] Imlib2 vulnerability

Tue, 02 Dec 2008 11:24:02 -0500

Posted by Marc Deslauriers on Dec 02

===========================================================
Ubuntu Security Notice USN-683-1 December 02, 2008
imlib2 vulnerability
CVE-2008-5187
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
...

Cpanel fantastico Privilege Escalation quotModSec and PHP restriction Bypassquot

Mon, 1 Dec 2008 18:07:03 -0700

Posted by l1un_at_hotmail.com on Dec 1

('binary' encoding is not supported, stored as-is) Script : Cpanel 11.x
bug : language.php [edite file]
exploit=Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass"

safemode off , mod_security off Disable functions : All NONE ,access root folder

...

Re: binlogin gives root to group utmp

1 Dec 2008 17:35:20 -0000

Posted by 0xjbrown41_at_gmail.com on Dec 1

('binary' encoding is not supported, stored as-is) I'm glad you finally seemed to make the 'bug' fixing team of Debian aware of security issues. I'm just glad I personally haven't seem this much scrutiny from the security team or my faith in Debian maintainers in all areas would significantly...

Dates for SyScan09

Tue, 02 Dec 2008 20:16:44 +0800

Posted by organiser_at_syscan.org on Dec 02

dear all

There will be 4 SyScan'09 conferences next year in 4 different exciting
countries in Asia. They are as follows:

SyScan'09 Shanghai: 14th and 15th May 2009
SyScan'09 Hong Kong: 19th and 20th May 2009
SyScan'09 Singapore: 2nd and 3rd July July 2009
SyScan'09 Taiwan: 7th and 8th July...

[SECURITY] [DSA 1676-1] New flamethrower packages fix denial of service

Mon, 1 Dec 2008 15:49:35 -0700

Posted by dann frazier on Dec 1

------------------------------------------------------------------------
Debian Security Advisory DSA-1676-1 security_at_debian.org
http://www.debian.org/security/ dann frazier
December 01, 2008 http://www.debian.org/security/faq
...

[USN-682-1] libvorbis vulnerabilities

Mon, 01 Dec 2008 12:11:59 -0500

Posted by Marc Deslauriers on Dec 01

===========================================================
Ubuntu Security Notice USN-682-1 December 01, 2008
libvorbis vulnerabilities
CVE-2008-1419, CVE-2008-1420, CVE-2008-1423
===========================================================

A security issue affects the following...

[USN-681-1] ImageMagick vulnerability

Mon, 01 Dec 2008 12:11:08 -0500

Posted by Marc Deslauriers on Dec 01

===========================================================
Ubuntu Security Notice USN-681-1 December 01, 2008
imagemagick vulnerability
CVE-2008-1096
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS...

[BMSA 2008-09] Two buffer overflow vulnerabilities in Rumpus v6.0

Mon, 1 Dec 2008 23:56:19 +0700

Posted by Nam Nguyen on Dec 1

BLUE MOON SECURITY ADVISORY 2008-09
===================================

:Title: Two buffer overflows in Maxum Rumpus
:Severity: Critical
:Reporter: Blue Moon Consulting
:Products: Maxum Rumpus v6.0
:Fixed in: 6.0.1

Description
-----------

Rumpus turns any Mac into a file transfer server....