ASN.1 vulnerability -is- on Win98

Grok Headline matches for ASN.1 vulnerability -is- on Win98

Re: ASN.1 vulnerability -is- on Win98

Re: ASN.1 vulnerability -is- on Win98 02/19/2004 06:15 PM
Joshua Levitsky (Feb 18 2004)

please send me USB drivers of c550 for
win98 SE

please send me USB drivers of c550 for
win98 SE 09/10/2004 08:32 PM
TechTree Sep 11 2004 0:45AM GMT

Running Win98 From Inside Linux

Running Win98 From Inside Linux 12/30/2002 10:45 AM
"...how tough is it to run Win from inside Linux...?"

Lockergnome Download: Index.dat Suite
v2.51 [2.2M] Win98/2k/XP FREE

Lockergnome Download: Index.dat Suite
v2.51 [2.2M] Win98/2k/XP FREE 06/16/2004 12:31 AM
Cleaning your computer is like cleaning your home - the more thoroughly you do it, the easier it is to find your missing cat! Hmmm... bad analogy, I guess, but to keep your computer humming (or purring?) along, a good cleaning regimen is vital. Now how much would you pay for a utility that allows you to not only delete index.dat files, temporary Internet files, temp files, cookies, and history, but also view the index.dat files on your system? $100? $50? Nope! Try 100% FREEware!

i need epson stylus c41sx printer dricve
for win98

i need epson stylus c41sx printer dricve
for win98 08/18/2004 01:32 AM
TechTree Aug 18 2004 5:46AM GMT

Independent Developer Releases Win98 SE
Service Pack

Independent Developer Releases Win98 SE
Service Pack 05/02/2004 02:00 PM

Sun forces final death of Win98, Office
2000, etc

Sun forces final death of Win98, Office
2000, etc 12/08/2003 08:04 AM

MS Win98 support reprieve was move to
block Linux, says Gartner

MS Win98 support reprieve was move to
block Linux, says Gartner 01/16/2004 11:32 AM
Linux tempts those who can't afford XP

Wicked Sun forces final death of Win98,
Office 2000, etc

Wicked Sun forces final death of Win98,
Office 2000, etc 12/08/2003 06:55 AM
But will DARPA keep polluted Java spores for 'research'?

Open source outfit releases
vulnerability for IE vulnerability

Open source outfit releases
vulnerability for IE vulnerability 12/19/2003 01:10 PM
The Register Dec 19 2003 11:57AM ET

Re: NISCC Vulnerability Advisory 236929:
Vulnerability Issues in TCP

Re: NISCC Vulnerability Advisory 236929:
Vulnerability Issues in TCP 05/11/2004 06:04 PM
Florian Weimer (May 11 2004)

NISCC Vulnerability Advisory 236929:
Vulnerability Issues in TCP

NISCC Vulnerability Advisory 236929:
Vulnerability Issues in TCP 04/20/2004 02:16 PM
David Ahmad (Apr 20 2004)

Vulnerability in man < 1.5l

Vulnerability in man < 1.5l 03/13/2003 10:22 AM
Jack Lloyd (Mar 11 2003)

KDE Vulnerability

KDE Vulnerability 08/12/2004 06:18 AM

Direct and Related Links for 'KDE Vulnerability'

“Two vulnerabilities have been discovered in KDE, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. 1) Certain directories and files are created insecurely when a user runs a KDE application outside the KDE environment or as another user. This can be exploited via symlink attacks to overwrite or truncate arbitrary files or prevent KDE applications from accessing certain directories. This vulnerability affects KDE 3.2.3…

802.11 Has DoS Vulnerability

802.11 Has DoS Vulnerability 05/13/2004 08:11 PM
Internet News May 13 2004 11:39PM GMT

PHP Vulnerability N. 1

PHP Vulnerability N. 1 09/15/2004 03:20 PM
Stefano Di Paola (Sep 15 2004)

Vulnerability with XP SP2

Vulnerability with XP SP2 08/18/2004 06:29 AM
Just to bare in mind, Microsoft are dealing with this and are holding off SP2s release on Automatic Update because of it. There's a bug in the implementation of a new security feature; it'd be hard to criticize Microsoft too hard for this problem.

"With Service Pack 2, Microsoft introduces a new security feature which warns users before executing files that originate from an untrusted location (zone) such as the Internet. There are two flaws in the implementation of this feature: a cmd issue and the caching of ZoneIDs in Windows Explorer. The Windows command shell cmd ignores zone information and starts executables without warnings. Virus authors could use this to spread viruses despite the new security features of SP2.

Windows Explorer does not update zone information properly when files are overwritten. So it can be tricked to execute files from the internet without warning."

Heise do concede that it would take a fair amount of user interaction for a virus writer to use this vulnerability. However, as they point out, the powers of social engineering and playing on less IT adept people do mean that it's not that in-conceivable it could happen. With Service Pack 2, Microsoft had clearly been hoping for less vulnerabilities, and will no doubt be disappointed with this news.

View: More info @ Heise.de

Read full story...

Php Vulnerability N. 2

Php Vulnerability N. 2 09/16/2004 01:29 PM
Stefano Di Paola (Sep 15 2004)

[USN-52-1] vim vulnerability

[USN-52-1] vim vulnerability 12/24/2004 12:36 PM
Martin Pitt (Dec 23 2004)

Re: [USN-52-1] vim vulnerability

Re: [USN-52-1] vim vulnerability 12/25/2004 05:09 PM
Liu Die Yu (Dec 23 2004)

[USN-108-1] GDK vulnerability

[USN-108-1] GDK vulnerability 04/06/2005 05:45 PM
Posted by Martin Pitt, Apr 05 2005

IE6 + XP SP2 Vulnerability

IE6 + XP SP2 Vulnerability 09/17/2004 12:37 AM
cns (Sep 15 2004)

PHP CGI Vulnerability

PHP CGI Vulnerability 02/20/2003 10:46 AM
PHP CGI Vulnerability I don't know how many folks are actually doing php as a CGI but if so ... [17-Feb-2003] The PHP Group today announced the details of a serious CGI vulnerability in PHP version 4.3.0. A security update, PHP 4.3.1, fixes the issue. Everyone running affected version of PHP (as CGI) are encouraged to upgrade immediately. The new 4.3.1 release does not include any other changes, so upgrading from 4.3.0 is safe and painless. [_Go_] I have to commend the php team for NOT including any other changes thereby making it much more likely that affected systems get patched. Good going!

Vulnerability in 2.6 and 2.61

Vulnerability in 2.6 and 2.61 03/13/2003 10:15 AM
If you upgraded to 2.6 or 2.61, you need to upgrade immediately to 2.62. There is a security vulnerability in...

Re: Moodle XSS Vulnerability

Re: Moodle XSS Vulnerability 07/17/2004 01:07 PM
Martin Dougiamas (Jul 17 2004)

LDU (land down under) xss vulnerability

LDU (land down under) xss vulnerability 05/29/2004 03:25 PM
tim de gier (May 29 2004)

[USN-107-1] racoon vulnerability

[USN-107-1] racoon vulnerability 04/05/2005 05:38 PM
Martin Pitt

Moodle XSS Vulnerability

Moodle XSS Vulnerability 07/13/2004 12:06 PM
Thomas Waldegger (Jul 13 2004)

IE Vulnerability Flagged

IE Vulnerability Flagged 04/09/2004 03:55 PM
Other Web browsers could also be affected because of a flaw in Internet Explorer's ITS protocol handler, CERT warns.

IMWheel Vulnerability

IMWheel Vulnerability 08/27/2004 09:14 PM

Direct and Related Links for 'IMWheel Vulnerability'

“I)ruid has reported a vulnerability in IMWheel, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges or cause a DoS (Denial of Service)….

XSS vulnerability in Sqwebmail 4.0.4

XSS vulnerability in Sqwebmail 4.0.4 06/21/2004 08:13 PM
Luca Legato (Jun 21 2004)

[USN-104-1] unshar vulnerability

[USN-104-1] unshar vulnerability 04/05/2005 01:36 AM
Martin Pitt

[USN-100-1] cdrecord vulnerability

[USN-100-1] cdrecord vulnerability 03/25/2005 01:50 AM
Martin Pitt (Mar 24 2005)

New Cisco vulnerability

New Cisco vulnerability 04/11/2004 06:24 PM
Australian IT Apr 11 2004 11:17PM GMT

Defending against the OS X help:
vulnerability

Defending against the OS X help:
vulnerability 05/18/2004 03:05 PM

There's a nasty OS X vulnerability under discussion at the moment which lets a web page run a program on your drive by taking advantage of a flaw in the "help:" protocol. There's a non-malicious demonstration of the exploit on this page, and Jay Allen is hosting a discussion on the exploit and ways to avoid it.

To save you from digging through the discussion, the quickest way to defend yourself is to install the More Internet preference pane (mount the DMG, then copy the More Internet.prefPane file to your /Library/PreferencePanes folder or run the "install prefpane" script). Then go to system preferences, launch the "More Internet" panel, select the "help" protocol and use the Change button to assign it to some non-harmful application such as Chess (simply deleting the protocols will not solve the problem). While you're there it's a good idea to add a new protocol called "disk" and assign it to a non-harmful application as well - this prevents malicious sites from being able to auto-mount networked disk images on your system, something which while not exploitable on its own can be used in conjunction with other exploits (like the help: one) to execute arbitrary code.

For those who are interested, it seems the exploit itself is as simple as this:

<a href="help:runscript=MacHelp.help/Contents/Resources/English.lproj/shr d/OpnApp.scpt string=usr:bin:top">click to run 'top'</a>

[USN-49-1] debmake vulnerability

[USN-49-1] debmake vulnerability 12/24/2004 12:36 PM
Martin Pitt (Dec 23 2004)

The vulnerability of Macs

The vulnerability of Macs 12/11/2003 10:49 AM
Discussing what it calls a "significant hole," ABCnews asserts that a security issue affecting both Jaguar and Panther versions of OS X announced last month means that the "Mac OS is just as vulnerable as Microsoft Windows." While no operating system can claim to be perfectly secure, OS X and Unix variants in general are more secure than Windows by design, because Unix was created for a networked, multiple user environment, and Windows was created to operate on...

New Spoofing Vulnerability in IE

New Spoofing Vulnerability in IE 12/17/2004 06:27 PM

WebArtFactory CMS Vulnerability

WebArtFactory CMS Vulnerability 12/17/2003 02:31 PM
Noticias (Dec 16 2003)
Grok Description matches for ASN.1 vulnerability -is- on Win98
GrokA matches for ASN.1 vulnerability -is- on Win98

ASN.1 vulnerability -is- on Win98

The following phrases have been identified by the grok system as matching this entry: