Next Page >>
transmission
> a.k.a. c0d3r/c0d3rZ/corelanc0d3r on various forums
> ____________________________________________________
>
>
>
> This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose, copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments.
________________________________________
Hotmail: Trusted email with powerful SPAM protection. Sign up now.
This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose, copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments.
===========================================================
Ubuntu Security Notice USN-885-1 January 14, 2010
transmission vulnerabilities
CVE-2009-1757, CVE-2010-0012
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 8.10
f.close
This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose, copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments.
a.k.a. c0d3r/c0d3rZ/corelanc0d3r on various forums
____________________________________________________
This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose, copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments.
We wish to thank Michel Dubois for his cooperation in fixing the bugs we
reported in a timely manner.
This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose, copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Transmission: Multiple vulnerabilities
Date: June 01, 2010
Bugs: #309831
ID: 201006-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Mandriva Linux Security Advisory MDVSA-2010:013
http://www.mandriva.com/security/
_______________________________________________________________________
Package : transmission
Date : January 18, 2010
Affected: 2009.1
_______________________________________________________________________
Problem Description:
Debian Security Advisory DSA-1967-q security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
January 07, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : transmission
Vulnerability : directory traversal
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2010-0012
Mandriva Linux Security Advisory MDVSA-2010:014
http://www.mandriva.com/security/
_______________________________________________________________________
Package : transmission
Date : January 18, 2010
Affected: 2010.0
_______________________________________________________________________
Problem Description:
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
-----------------------------------------
This transmission may contain information that is privileged,
confidential, legally privileged, and/or exempt from disclosure
under applicable law. If you are not the intended recipient, you
are hereby notified that any disclosure, copying, distribution, or
use of the information contained herein (including any reliance
thereon) is STRICTLY PROHIBITED. Although this transmission and
Infiltrated Networks Vulnerability Disclosure
TCP/IP is broken
Overview TCP/IP
Transmission Control Protocol/Internet Protocol is the basic
communication language or protocol of the Internet. It can also be used
as a communications protocol in a private network (either an intranet or
an extranet). When you are set up with direct access to the Internet,
your computer is provided with a copy of the TCP/IP program just as
every other computer that you may send messages to or get information
AppArmor Chat: irc.oftc.net/#apparmor
-----------------------------------------
This transmission may contain information that is privileged,
confidential, legally privileged, and/or exempt from disclosure
under applicable law. If you are not the intended recipient, you
are hereby notified that any disclosure, copying, distribution, or
use of the information contained herein (including any reliance
thereon) is STRICTLY PROHIBITED. Although this transmission and
See you next year!
This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version.
CVE-2009-0626 has been assigned to this vulnerability.
SSLVPN sessions cause a memory leak in the device
+------------------------------------------------
A device configured for SSLVPN may leak transmission control blocks
(TCBs) when processing an abnormally disconnected SSL session.
Continued exploitation may result in the device depleting its memory
resources and result in a crash of the device. Authentication is
"not" required to exploit this vulnerability.
Level 19, 2 Market Street Sydney NSW 2000
GPO BOX 2551 Sydney NSW 2001
Fax +61 2 9993 9497
http://www.bdo.com.au/
The information in this email and any attachments is confidential. If you are not the named addressee you must not read, print, copy, distribute, or use in any way this transmission or any information it contains. If you have received this message in error, please notify the sender by return email, destroy all copies and delete it from your system.
Any views expressed in this message are those of the individual sender and not necessarily endorsed by BDO Kendalls. You may not rely on this message as advice unless subsequently confirmed by fax or letter signed by a Partner or Director of BDO Kendalls. It is your responsibility to scan this communication and any files attached for computer viruses and other defects. BDO Kendalls does not accept liability for any loss or damage however caused which may result from this communication or any files attached. A full version of the BDO Kendalls disclaimer, and our Privacy statement, can be found on the BDO Kendalls website at http://www.bdo.com.au/ or by emailing mailto:administrator@bdo.com.au.
BDO Kendalls is a national association of separate partnerships and entities. Liability limited by a scheme approved under Professional Standards Legislation.
-----Original Message-----
> Fax +61 2 9993 9497
> http://www.bdo.com.au/
>
> The information in this email and any attachments is confidential. If
> you are not the named addressee you must not read, print, copy,
> distribute, or use in any way this transmission or any information it
> contains. If you have received this message in error, please notify
the
> sender by return email, destroy all copies and delete it from your
> system.
>
#######################################
ShakaCon III Crew
Hawaii: Home of Sun, Surf, and C Shells
#######################################
This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version.
****************************************
***BEGIN THOTCON TRANSMISSION***********
What: THOTCON 0x1
When: Friday, April 23, 2010
Where: TBA - 1 Week Prior to Conference
Call For Papers Opens: October 1, 2009
Call for Papers Closes: January 1, 2010
*** ABOUT ******************************
Hello, folks,
The United Kingdom's Centre for the Protection of National
Infrastructure has just released the document "Security Assessment of
the Transmission Control Protocol (TCP)", on which I have had the
pleasure to work during the last few years.
The motivation to produce this document is explained in the Preface of
the document as follows:
information is prohibited and may be unlawful. If you are not the
intended recipient and have received this message in error, please
inform the sender and delete this mail and any attachments.
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
--
Regards,
Daryl Tester
"Scheme is an exotic sports car. Fast. Manual transmission. No radio.
Common Lisp is Howl's Moving Castle."
-- Steve Yegge, comparing Lisp families to cars.
parameters defined in the Host Requirements RFCs. After obtaining
parameters via DHCP, a DHCP client should be able to exchange packets with
any other host in the Internet. The TCP/IP stack parameters supplied by
DHCP are listed in Appendix A of the corresponding RFC. Not all of these
parameters are required for a newly initialized client. A client and
server may negotiate for the transmission of only those parameters
required by the client or specific to a particular subnet. DHCP allows but
does not require the configuration of client parameters not directly
related to the IP protocol. DHCP also does not address registration of
newly configured clients with the Domain Name System (DNS).
"We selected MIMEsweeper because of its policy-based content security, advanced threat and remote management and its ability to integrate with virtually any third-party anti-virus tool"
----------------------------------------------------------------
Clearswift monitors, controls and protects all its messaging traffic in compliance with its corporate email policy using Clearswift products.
Find out more about Clearswift, its solutions and services at http://www.clearswift.com
This communication is confidential and may contain privileged information intended solely for the named addressee(s). It may not be used or disclosed except for the purpose for which it has been sent. If you are not the intended recipient, you must not copy, distribute or take any action in reliance on it. Unless expressly stated, opinions in this message are those of the individual sender and not of Clearswift. If you have received this communication in error, please notify Clearswift by emailing support@clearswift.com quoting the sender and delete the message and any attached documents. Clearswift accepts no liability or responsibility for any onward transmission or use of emails and attachments having left the Clearswift domain.
This footnote confirms that this email message has been swept by MIMEsweeper for Content Security threats, including computer viruses.
information is prohibited and may be unlawful. If you are not the
intended recipient and have received this message in error, please
inform the sender and delete this mail and any attachments.
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: Manchester Technology Centre,
Oxford Road, Manchester, M1 7EF with Company Number 04225835 and
Hash: SHA256
Hello, folks,
In February this year the UK CPNI published the document "Security
Assessment of the Transmission Control Protocol (TCP)" (available at:
http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf)
Earlier this year we published an IETF Internet-Draft version of this
document (available at:
http://www.gont.com.ar/drafts/tcp-security/draft-gont-tcp-security-00.txt)
CVE Id : CVE-2010-0726
Debian Bug : 572417
It was discovered that tdiary, a communication-friendly weblog system,
is prone to a cross-site scripting vulnerability due to insuficient
input sanitising in the TrackBack transmission plugin.
For the stable distribution (lenny), this problem has been fixed in
version 2.2.1-1+lenny1.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5034
Description:
Previous versions of the elinks package are vulnerable to an Information
Exposure when submitting POST requests to an https URL for which a proxy
has been defined. This vulnerability may lead to cleartext transmission
of sensitive data that should have been protected by TLS.
Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html
Fax +61 2 9993 9497
www.bdo.com.au
Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within those States and Territories of Australia where such legislation exists.
The information in this email and any attachments is confidential. If you are not the named addressee you must not read, print, copy, distribute, or use in any way this transmission or any information it contains. If you have received this message in error, please notify the sender by return email, destroy all copies and delete it from your system.
Any views expressed in this message are those of the individual sender and not necessarily endorsed by BDO Kendalls. You may not rely on this message as advice unless subsequently confirmed by fax or letter signed by a Partner or Director of BDO Kendalls. It is your responsibility to scan this communication and any files attached for computer viruses and other defects. BDO Kendalls does not accept liability for any loss or damage however caused which may result from this communication or any files attached. A full version of the BDO Kendalls disclaimer, and our Privacy statement, can be found on the BDO Kendalls website at http://www.bdo.com.au or by emailing administrator@bdo.com.au.
BDO Kendalls is a national association of separate partnerships and entities.
information is prohibited and may be unlawful. If you are not the
intended recipient and have received this message in error, please
inform the sender and delete this mail and any attachments.
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
and socket buffers are dependent on mbufs for their storage.
Data can be embedded directly in mbufs, or mbufs can instead reference
external buffers. The sendfile(2) system call uses external mbuf storage
to directly map the contents of a file into a chain of mbufs for
transmission purposes. The mbuf object supports a read-only flag that
must be honored to prevent modification or writes to buffer data in
cases like these.
II. Problem Description
Next Page>>
|
