SonicWALL SSL-VPN Appliance Format String Vulnerability <!– Envelope-to: email@address Delivery-date: Fri, 29 May 2009 19:43:06 +0100 Received: from outgoing.securityfocus.com ([205.206.231.26] helo=outgoing2.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1MA72n-0005qs-Te for email@address; Fri, 29 May 2009 19:43:06 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id B755D14408F; Fri, 29 May 2009 11:35:15 -0600 [...]
Posts Tagged ‘Mail’
increased Backdoor.Coreflood infections
increased Backdoor.Coreflood infections Posted by auto319326_at_hushmail.com on May 29 Is anyone else seeing an increasing in Backdoor.Coreflood infections on their network? I have not yet been able to pinpoint the infection vector. Has anyone seen coreflood being dropped by a specific set of web pages? Cheers, Tim URL: http://seclists.org/incidents/2009/May/0001.html
Microsoft DirectShow Remote Code Execution Vulnerability
Microsoft DirectShow Remote Code Execution Vulnerability Summary: Fortinet’s FortiGuard Global Security Research Team investigates a vulnerability in Microsoft DirectX (DirectShow) through a specially crafted QuickTime media file. Impact: Remote Code Execution. Affected Software: DirectX 7.0 on Microsoft Windows 2000 Service Pack 4 DirectX 8.1 on Microsoft Windows 2000 Service Pack 4 DirectX 9.0 on Microsoft [...]
Novell Groupwise fails to properly sanitize emails.
Novell Groupwise fails to properly sanitize emails. <!– Envelope-to: email@address Delivery-date: Thu, 28 May 2009 23:56:57 +0100 Received: from outgoing.securityfocus.com ([205.206.231.26] helo=outgoing2.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M9oWv-0000ZN-8y for email@address; Thu, 28 May 2009 23:56:57 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id BE38C1439D6; Thu, 28 May 2009 15:16:51 [...]
Achievo 1.3.4 – XSS Vulnerability
[InterN0T] Achievo 1.3.4 – XSS Vulnerability <!– Envelope-to: email@address Delivery-date: Thu, 28 May 2009 22:47:35 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M9nRn-0007×5-Lo for email@address; Thu, 28 May 2009 22:47:35 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 8866D237224; Thu, 28 May 2009 15:20:46 -0600 [...]
Firefox Denial of Service (Keygen)
[TZO-27-2009] Firefox Denial of Service (Keygen) <!– Envelope-to: email@address Delivery-date: Thu, 28 May 2009 20:46:55 +0100 Received: from outgoing.securityfocus.com ([205.206.231.26] helo=outgoing2.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M9lZ1-0004Rq-7A for email@address; Thu, 28 May 2009 20:46:55 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id AB551143D35; Thu, 28 May 2009 13:43:40 -0600 [...]
utils
rPSA-2009-0092-1 ntp ntp-utils <!– Envelope-to: email@address Delivery-date: Thu, 28 May 2009 16:14:57 +0100 Received: from outgoing.securityfocus.com ([205.206.231.26] helo=outgoing2.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M9hJp-0006Wx-Lx for email@address; Thu, 28 May 2009 16:14:57 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id 065D81439E1; Thu, 28 May 2009 09:05:18 -0600 (MDT) Mailing-List: contact [...]
4113
4113 BAT/Agent.NBW, PDF/Exploit.Pidief.ONK, Win32/Adware.Antivirus2008 (2), Win32/Adware.Coolezweb (2), Win32/Adware.InternetAntivirus (5), Win32/Adware.SystemSecurity (4), Win32/Agent.NXT, Win32/Agent.PHC, Win32/Agent.PKT (2), Win32/Agent.WPI (4), Win32/AutoRun.Agent.OG, Win32/AutoRun.Agent.OH, Win32/AutoRun.Agent.OI, Win32/AutoRun.FakeAlert.AF (3), Win32/AutoRun.KS, Win32/AutoRun.VB.DQ, Win32/Boberog.AC, Win32/Dialer.NHP (2), Win32/Hupigon.NPB, Win32/Hupigon.NPC, Win32/Injector.PH, Win32/Injector.PI, Win32/IRCBot.ADZ (2), Win32/KeyLogger.BitLogic, Win32/NetPass (2), Win32/Obfuscated.NCY, Win32/Olmarik.HG (4), Win32/Poebot, Win32/Prosti.NCL (2), Win32/PSW.LdPinch.NJG, Win32/PSW.WOW.NKO (2), Win32/PSW.YahooPass.NAD (2), Win32/PSWTool.IEPassView.NAD, Win32/PSWTool.MailPassView.150, Win32/PSWTool.PassFox.111 (2), Win32/Rustock.NIH, Win32/Rustock.NIK, Win32/Sohanad.BM, Win32/Sohanad.NEJ, [...]
Dutch cat skinner publishes critics’ personal details
Dutch cat skinner publishes critics’ personal details The Dutch “artist” who in 2004 turned her pussy into a handbag under the performance art title “My dearest cat Pinkeltje (2004)” has published personal details of those who emailed her expressing their disgust. Tinkebell’s My dearest catKatinka Simonse, aka Tinkebell, copped a veritable shitstorm of e-abuse for [...]
Firefox (all?) Denial ofService through unclamped loop (SVG)
Re: [TZO-26-2009] Firefox (all?) Denial ofService through unclamped loop (SVG) Posted by OTB on May 28 Sure, you say that now, but wait until I maliciously entice you to click on my BROWSER-HANGING SVG OF DEATH!!!!!!! Chris Evans wrote: > On Wed, May 27, 2009 at 12:03 PM, Thierry Zoller <Thierry_at_zoller.lu > <mailto:Thierry_at_zoller.lu>> wrote: > [...]
Understanding Microsoft’s KB971492 IIS WebDAV Vuln
New paper: Understanding Microsoft’s KB971492 IIS WebDAV Vuln <!– Envelope-to: email@address Delivery-date: Wed, 27 May 2009 22:28:52 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M9Qg8-0000My-E2 for email@address; Wed, 27 May 2009 22:28:52 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id E968C236F94; Wed, 27 May 2009 [...]
[TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
Re[2]: Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) <!– Envelope-to: email@address Delivery-date: Wed, 27 May 2009 20:49:48 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M9P8G-000753-Ez for email@address; Wed, 27 May 2009 20:49:48 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id [...]
User-assisted execution of arbitrary code
[ GLSA 200905-09 ] libsndfile: User-assisted execution of arbitrary code <!– Envelope-to: email@address Delivery-date: Wed, 27 May 2009 20:19:31 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M9Oew-0006Yj-QS for email@address; Wed, 27 May 2009 20:19:30 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 9BD6F236FF8; Wed, 27 [...]
3rd Call – Deadline Extended
[IMF 2009] 3rd Call – Deadline Extended <!– Envelope-to: email@address Delivery-date: Wed, 27 May 2009 16:47:57 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M9LMD-0001y2-Mw for email@address; Wed, 27 May 2009 16:47:57 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 0470A2370CE; Wed, 27 May 2009 09:37:49 [...]
[TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG) <!– Envelope-to: email@address Delivery-date: Wed, 27 May 2009 16:38:57 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M9LDV-0001oD-En for email@address; Wed, 27 May 2009 16:38:57 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 697C7236FAE; [...]
