Cotygodniowe dziury 29 VII 2002
Blues
blues w ds6.pg.gda.pl
Pon, 29 Lip 2002, 11:41:38 CEST
Tym razem jest mało ciekawie.
To chyba poprawione
7. Mailman
Vendor: GNU [multiple authors]
Some additional input validation vulnerabilities were reported
in the Mailman mailing list software. A remote user could conduct
cross-site scripting attacks against Mailmain users.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2002/Jul/1004844.html
Chyba warto u nas się zastawnowić nad przejściem na betę gadziny.. :-/
12. Mozilla Browser
Vendor: Mozilla.org
An information disclosure vulnerability was reported in the
Mozilla browser. A remote user can create code that, when run on a
target user's Mozilla browser, will be able to read other cookies
from the browser.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2002/Jul/1004839.html
To jest niepokojące troche..
26. OpenSSH
Vendor: OpenSSH.org
A vulnerability was reported in the SSH1/SSH2 interoperability
code in several secure shell (SSH) implementations. A remote user
that can conduct a 'man-in-the-middle' attack may be able to obtain
a user's login username and password.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2002/Jul/1004818.html
Poprawione :)
32. Php
Vendor: PHP Group
A vulnerability was reported in PHP in the processing of
multipart/form-data. A remote user could cause the server to crash
or possibly execute arbitrary code on the server.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2002/Jul/1004810.html
--
---------------------------------
pozdr. Paweł Gołaszewski
---------------------------------
CPU not found - software emulation...
Więcej informacji o liście dyskusyjnej pld-devel-pl