Novell ZENworks Patch Management Server SQL injection
Published:		28.10.2005
Source:		BUGTRAQ
SecurityVulns ID:		5393
Type:		remote
Level:		5/10

Affected:

NOVELL : ZENworks Patch Management Server 6.0

Original document

CIRT Advisory, [CIRT.DK] - Novell ZENworks Patch Management Server 6.0.0.52 - SQL injection (28.10.2005)

Discuss:

Read or add your comments to this news (0 comments)

SELinux PAM passwords bruteforcing
Published:		28.10.2005
Source:		FULL-DISCLOSURE
SecurityVulns ID:		5395
Type:		local
Level:		5/10
Description:		There is no delay or logging for invalid password in unix_chkpwd utility.

Affected:

PAM : pam 0.78

Original document

GENTOO, [Full-disclosure] [ GLSA 200510-22 ] SELinux PAM: Local password guessing attack (28.10.2005)

Discuss:

Read or add your comments to this news (0 comments)

Multiple gnump3d MP3 streaming server (multiple vulnerabilities)
Published:		28.10.2005
Source:		BUGTRAQ
SecurityVulns ID:		5394
Type:		remote
Level:		5/10
Description:		Crossite scriptin, directory travrsal.

Affected:

GNUMP3D : gnump3d 3.9

Original document

DEBIAN, [Full-disclosure] [SECURITY] [DSA 877-1] New gnump3d packages fix several vulnerabilities (28.10.2005)

Discuss:

Read or add your comments to this news (0 comments)

fetchmail fetchmailconf race conditions updated since 24.10.2005
Published:		28.10.2005
Source:		BUGTRAQ
SecurityVulns ID:		5385
Type:		local
Level:		5/10
Description:		During configuration file creation there are race conditions file is world readable.

Affected:

FETCHMAIL : fetchmail 6.2

Original document		ma+nomail_(at)_dt.e-technik.uni-dortmund.de, fetchmail security announcement 2005-02 (CVE-2005-3088) (28.10.2005)
		SECUNIA, [SA17293] Fetchmail "fetchmailconf" Password Disclosure Vulnerability (24.10.2005)

Discuss:

Read or add your comments to this news (0 comments)