[security bulletin] SSRT4741 rev.0 DCE for HP Tru64 UNIX Potential RPC Buffer Overrun Attack

Grok Headline matches for [security bulletin] SSRT4741 rev.0 DCE for HP Tru64 UNIX Potential RPC Buffer Overrun Attack

[security bulletin] SSRT4741 rev.1 DCE
for HP OpenVMS Potential RPC Buffer
Overflow Attack VU#259796, VU#568148,
VU#326746

[security bulletin] SSRT4741 rev.1 DCE
for HP OpenVMS Potential RPC Buffer
Overflow Attack VU#259796, VU#568148,
VU#326746 07/14/2004 01:42 PM
Boren, Rich (SSRT) (Jul 14 2004)

[security bulletin] SSRT4717 rev.0 HP
Tru64 UNIX SSL/TLS Potential Remote
Denial of Service (DoS)

[security bulletin] SSRT4717 rev.0 HP
Tru64 UNIX SSL/TLS Potential Remote
Denial of Service (DoS) 06/15/2004 01:41 PM
Boren, Rich (SSRT) (Jun 14 2004)

[security bulletin] SSRTSSRT4778 Rev.0
Mozilla Application Suite for HP Tru64
UNIX libpng Potential Overflows

[security bulletin] SSRTSSRT4778 Rev.0
Mozilla Application Suite for HP Tru64
UNIX libpng Potential Overflows 08/06/2004 03:14 PM
Boren, Rich (SSRT) (Aug 05 2004)

FW: [security bulletin] SSRT4718 rev.0
HP Tru64 UNIX NTP Integer Overflow

FW: [security bulletin] SSRT4718 rev.0
HP Tru64 UNIX NTP Integer Overflow 07/07/2004 02:41 PM
Boren, Rich (SSRT) (Jul 07 2004)

[Security Bulletin] SSRT4696 rev.0 - HP
Tru64 UNIX TCP Stack Remote Denial of
Service (DoS)

[Security Bulletin] SSRT4696 rev.0 - HP
Tru64 UNIX TCP Stack Remote Denial of
Service (DoS) 12/24/2004 12:36 PM
Boren, Rich (SSRT) (Dec 23 2004)

[Security Bulletin] SSRT4876 rev.0 HP
Tru64 UNIX SWS (Apache) Secure Web
Server Remote

[Security Bulletin] SSRT4876 rev.0 HP
Tru64 UNIX SWS (Apache) Secure Web
Server Remote 12/24/2004 12:36 PM
Boren, Rich (SSRT) (Dec 23 2004)

Microsoft Security Bulletin MS04-028:
Buffer Overrun in JPEG Processing (GDI+)
Could Allow Code Execution (833987)

Microsoft Security Bulletin MS04-028:
Buffer Overrun in JPEG Processing (GDI+)
Could Allow Code Execution (833987) 09/15/2004 01:56 AM
This update resolves a newly-discovered, privately reported vulnerability. A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. The vulnerability is documented in this bulletin in its own section. If a user is logged on with administrator privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

Microsoft Security Bulletin MS03-049:
Buffer Overrun in the Workstation
Service Could Allow Code Execution
(828749)

Microsoft Security Bulletin MS03-049:
Buffer Overrun in the Workstation
Service Could Allow Code Execution
(828749) 11/13/2003 12:36 AM
A security vulnerability exists in the Workstation service that could allow remote code execution on an affected system. This vulnerability results because of an unchecked buffer in the Workstation service. If exploited, an attacker could gain System privileges on an affected system, or could cause the Workstation service to fail. An attacker could take any action on the system, including installing programs, viewing data, changing data, or deleting data, or creating new accounts with full privileges.

"Microsoft Security Bulletin
MS04-028: Buffer Overrun in JPEG
Processing (GDI+) Could Allow Code
Execution (833987)"

"Microsoft Security Bulletin
MS04-028: Buffer Overrun in JPEG
Processing (GDI+) Could Allow Code
Execution (833987)" 09/15/2004 09:31 PM

Microsoft Security Bulletin MS03-051:
Buffer Overrun in Microsoft FrontPage
Server Extensions Could Allow Code
Execution (813360)

Microsoft Security Bulletin MS03-051:
Buffer Overrun in Microsoft FrontPage
Server Extensions Could Allow Code
Execution (813360) 11/13/2003 12:36 AM
This bulletin addresses two new security vulnerabilities in Microsoft FrontPage Server Extensions, the most serious of which could enable an attacker to run arbitrary code on a user's system.

HP patches critical security holes in
Tru64 Unix

HP patches critical security holes in
Tru64 Unix 01/18/2004 11:32 PM
CNET Asia Jan 19 2004 3:48AM GMT

Cisco Security Advisory: Buffer Overrun
in Microsoft Windows 2000 Workstation
Service (MS03-049)

Cisco Security Advisory: Buffer Overrun
in Microsoft Windows 2000 Workstation
Service (MS03-049) 01/01/2005 04:54 AM
Cisco Systems Product Security Incident Response Team (Jan 29 2004)

[security bulletin] SSRT4782 rev. 1
HP-UX CIFS Server potential remote root
access

[security bulletin] SSRT4782 rev. 1
HP-UX CIFS Server potential remote root
access 08/06/2004 01:11 PM
Boren, Rich (SSRT) (Aug 06 2004)

[security bulletin] SSRT4782 rev. 0
HP-UX CIFS Server potential remote root
access

[security bulletin] SSRT4782 rev. 0
HP-UX CIFS Server potential remote root
access 07/27/2004 12:35 PM
Boren, Rich (SSRT) (Jul 27 2004)

[security bulletin] SSRT4785 rev. 0
HP-UX Process Resource Manager (PRM)
potential data corruption

[security bulletin] SSRT4785 rev. 0
HP-UX Process Resource Manager (PRM)
potential data corruption 08/10/2004 12:20 PM
Boren, Rich (SSRT) (Aug 10 2004)

[security bulletin] SSRT3657 rev.3
HP-UX CDE libDtHelp buffer overflow

[security bulletin] SSRT3657 rev.3
HP-UX CDE libDtHelp buffer overflow 09/01/2004 03:03 PM
Boren, Rich (SSRT) (Aug 31 2004)

[SECURITY] [DSA 504-1] New heimdal
packages fix potential buffer overflow

[SECURITY] [DSA 504-1] New heimdal
packages fix potential buffer overflow 05/18/2004 11:52 AM
Martin Schulze (May 18 2004)

[security bulletin] SSRT4779 - rev.0
HP-UX Netscape NSS Library Suite SSLv2
remote buffer overflow

[security bulletin] SSRT4779 - rev.0
HP-UX Netscape NSS Library Suite SSLv2
remote buffer overflow 08/27/2004 01:32 PM
Boren, Rich (SSRT) (Aug 25 2004)

[Security Bulletin] SSRT4867 rev.0
Netscape Directory Server on HP-UX LDAP
remote buffer overflow

[Security Bulletin] SSRT4867 rev.0
Netscape Directory Server on HP-UX LDAP
remote buffer overflow 12/24/2004 12:36 PM
Boren, Rich (SSRT) (Dec 23 2004)

HP Patches Tru64 Unix Vulnerability

HP Patches Tru64 Unix Vulnerability 01/17/2004 10:53 PM
Hewlett-Packard recently discovered and patched a potential hole in its Tru64 Unix OS that could have provided unauthorized access or a denial-of-service attack.

HP Plugs 'Critical' Tru64 UNIX Flaws

HP Plugs 'Critical' Tru64 UNIX Flaws 03/06/2004 02:02 AM
A successful exploit could lead to remote system takeover.

Buffer Overrun in the Workstation
Service

Buffer Overrun in the Workstation
Service 11/11/2003 05:38 PM

Real Player Buffer Overrun Vulnerability

Real Player Buffer Overrun Vulnerability 05/27/2004 09:24 PM
?RealNetworks Inc. has recently been made aware of a security vulnerability that could potentially allow an attacker to run arbitrary code on a user?s machine. The specific exploit was: To fashion an R3T media file to create a “Buffer Overrun” error. While we have not received reports of anyone actually being attacked with this exploit and though the percentage of players with this plug-in is very small, all security vulnerabilities are taken very seriously by RealNetworks Inc. Real has found and fixed the problem?.To ensure that your Player is protected, we recommend installing the update available which will remove the vulnerable plug-in.?

MS04-028: Buffer Overrun in JPEG
Processing (GDI+)

MS04-028: Buffer Overrun in JPEG
Processing (GDI+) 09/15/2004 01:59 AM
Thanks to <b>xStainDx</b> for the heads up.

<b>Microsoft recommends that customers apply the update immediately.</b>

This update resolves a newly-discovered, privately reported vulnerability. A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. The vulnerability is documented in this bulletin in its own section.

If a user is logged on with administrator privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

<u>Maximum Severity Rating</u>: <b>Critical</b>

<u>Recommendation</u>: Customers should apply the update immediately.

<u>Security Update Replacement</u>: None

View: Microsoft Technet

Read full story...

Buffer Overrun in Microsoft FrontPage
Server Extensions

Buffer Overrun in Microsoft FrontPage
Server Extensions 11/11/2003 05:38 PM

Critical: MS04-028: Buffer Overrun in
JPEG Processing (GDI+)

Critical: MS04-028: Buffer Overrun in
JPEG Processing (GDI+) 09/15/2004 04:04 AM

Buffer Overrun in JPEG Processing (GDI+)
Could Allow Code Execution [MS04-028]

Buffer Overrun in JPEG Processing (GDI+)
Could Allow Code Execution [MS04-028] 09/14/2004 04:59 PM
Jérôme (Sep 14 2004)

Vulns: HP Distributed Computing
Environment Buffer Overrun Vulnerability

Vulns: HP Distributed Computing
Environment Buffer Overrun Vulnerability 07/17/2004 04:33 PM
SecurityFocus Jul 17 2004 8:07PM GMT

There is, apparently, a buffer overrun
bug in Microsoft's JPEG handling code

There is, apparently, a buffer overrun
bug in Microsoft's JPEG handling code 09/17/2004 12:57 AM
Wouldn't it be great if you could get attacked just by looking at jpgs .. The Reg provides more details .. theregister

theregister.co.uk/2004/09/15/windows_jpeg_bug
track this site | 4 links

Vulns: Microsoft Windows LSASS Buffer
Overrun Vulnerability

Vulns: Microsoft Windows LSASS Buffer
Overrun Vulnerability 04/17/2004 07:25 PM
SecurityFocus Apr 17 2004 11:12PM GMT

Vulns: Microsoft Windows DCOM RPC
Interface Buffer Overrun Vulnerability

Vulns: Microsoft Windows DCOM RPC
Interface Buffer Overrun Vulnerability 04/10/2004 07:08 PM
SecurityFocus Apr 10 2004 11:20PM GMT

Vulns: Microsoft Windows Private
Communications Transport Protocol Buffer
Overrun Vulnerability

Vulns: Microsoft Windows Private
Communications Transport Protocol Buffer
Overrun Vulnerability 06/12/2004 08:35 PM
SecurityFocus Jun 12 2004 11:12PM GMT

Vulns: Microsoft Windows Program Group
Converter Filename Local Buffer Overrun
Vulnerability

Vulns: Microsoft Windows Program Group
Converter Filename Local Buffer Overrun
Vulnerability 07/10/2004 10:05 PM
SecurityFocus Jul 11 2004 2:07AM GMT

Mkdir buffer overflow vulnerability in
Unix Seventh Edition.

Mkdir buffer overflow vulnerability in
Unix Seventh Edition. 06/03/2004 12:03 PM
Tim Newsham (Jun 02 2004)

Microsoft Security Bulletin MS03-048:
Cumulative Security Update for Internet
Explorer (824145)

Microsoft Security Bulletin MS03-048:
Cumulative Security Update for Internet
Explorer (824145) 11/13/2003 12:36 AM
This is a cumulative update that includes the functionality of all the previously-released updates for Internet Explorer 5.01, Internet Explorer 5.5, and Internet Explorer 6.0. Additionally, it eliminates the following five newly-discovered vulnerabilities.

Microsoft Security Bulletin MS04-025:
Cumulative Security Update for Internet
Explorer (867801)

Microsoft Security Bulletin MS04-025:
Cumulative Security Update for Internet
Explorer (867801) 08/02/2004 01:10 AM
This update resolves several newly discovered public vulnerabilities. Each vulnerability is documented in this bulletin in its own Vulnerability Details section. If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges. Microsoft recommends that customers apply the update immediately.

"Microsoft Security Bulletin MS04-011:
Security Update for Microso..."

"Microsoft Security Bulletin MS04-011:
Security Update for Microso..." 04/16/2004 03:38 AM

UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco
contains a buffer overflow that could be
exploited to gain root privileges.

UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco
contains a buffer overflow that could be
exploited to gain root privileges. 07/31/2004 05:36 AM
please_reply_to_security_at_sco.com (Jul 30 2004)

Potential Security Flaw in Symantec
Gateway Security 360R

Potential Security Flaw in Symantec
Gateway Security 360R 06/09/2004 02:01 PM
Dev Null (Jun 08 2004)
Grok Description matches for [security bulletin] SSRT4741 rev.0 DCE for HP Tru64 UNIX Potential RPC Buffer Overrun Attack
GrokA matches for [security bulletin] SSRT4741 rev.0 DCE for HP Tru64 UNIX Potential RPC Buffer Overrun Attack

[security bulletin] SSRT4741 rev.0 DCE for HP Tru64 UNIX Potential RPC Buffer Overrun Attack

The following phrases have been identified by the grok system as matching this entry: