Network Security News – Wednesday, March 23, 2005 Events
SOGo Arbitrary User Information Disclosure
Scalable OGo (SOGo) contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to insecure permissions, which will disclose sensitive information resulting in a loss of confidentiality.. Read more at osvdb.org/14675
Nortel Contivity VPN Client Local Password Disclosure Weakness
Nortel Contivity VPN Client provides client functionality for accessing Contivity VPN gateways.Nortel Contivity VPN Client for Microsoft Windows platforms is reported p…. Read more at securityfocus.com/bid/12871?ref=rss
Microsoft Windows Local Denial Of Service Vulnerability
It is reported that Microsoft Windows XP Service Pack 1 is prone to a local denial of service vulnerability.The issue is reported to manifest when an raw IP over IP soc…. Read more at securityfocus.com/bid/12870?ref=rss
NetWin SurgeMail Multiple Remote Unspecified Vulnerabilities
NetWin SurgeMail is a complete email server application. It supports a webmail interface for remote email access. It can be implemented on Microsoft Windows, Linux, App…. Read more at securityfocus.com/bid/12866?ref=rss
Kayako ESupport Index.PHP Multiple Parameter Cross-Site Scripting Vulnerability
Kayako ESupport is a web-based support and help desk application. It is written in PHP. Kayako ESupport is prone to a cross-site scripting vulnerability. This issue is …. Read more at securityfocus.com/bid/12868?ref=rss
Phorum HTTP Response Splitting Vulnerability
Phorum is a freely available web based content management system. It is implemented in PHP using an SQL database back-end and will run on Unix and Unix variants as well a…. Read more at securityfocus.com/bid/12869?ref=rss
DeleGate Multiple Unspecified Buffer Overflow Vulnerabilities
DeleGate is a multi-purpose application level gateway available for multiple platforms. DeleGate will proxy multiple protocols, HTTP, FTP, NNTP, SMTP, POP, Telnet, SOCKS,…. Read more at securityfocus.com/bid/12867?ref=rss
Security Development Lifecycle Whitepaper Available
Sender: Michael Howard [mikehow at microsoft dot com]. Read more at securityfocus.com/archive/1/394002?ref=rss
root-equivalent groups
Sender: [psz at maths dot usyd dot edu dot au]. Read more at securityfocus.com/archive/1/393997?ref=rss
Re: Possible windows+python bug
Sender: azurIt [azurit at pobox dot sk]. Read more at securityfocus.com/archive/1/393996?ref=rss
Re: [ISN] How To Save The Internet
Sender: Jason Coombs [jasonc at science dot org]. Read more at securityfocus.com/archive/1/393998?ref=rss
Leave a Reply