lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 May 2005 14:44:33 +0200 From: class <ad@...ss101.org> To: Full-Disclosure <Full-Disclosure@...ts.grok.org.uk>, "vulnwatch@...nwatch.org" <vulnwatch@...nwatch.org>, "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com> Subject: BakBone NetVault last warning -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As a recall, there is now two months, the Hat-Squad has published 2 high security risks still UNPATCHED for BakBone NetVault 6.x/7.x all versions. In an Open Letter: http://phx.corporate-ir.net/phoenix.zhtml?c=67723&p=irol-newsArticle&t=Regular&id=704547& Bakbone announce a new NetVault Q4 2005, and a new MACOSX version. My suggestion to BakBone is to review their whole code because Im aware that another Heap overflow has been found by a friend without to be published. We won't republish this warning as soon as BakBone choosed to wake up, but we recommand to assest BakBone products if you are seeking for security bugs, this is a nice peace of cheese. BakBone NetVault 6.x/7.x Remote Heap Buffer Overflow advisory class101.org/netv-remhbof.pdf BakBone NetVault 6.x/7.x Remote Heap Buffer Overflow exploit class101.org/36/55/op.php BakBone NetVault 6.x/7.x Local Stack Buffer Overflow advisory class101.org/netv-locsbof.pdf BakBone NetVault 6.x/7.x Local Stack Buffer Overflow exploit class101.org/36/55/op.php -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) iD8DBQFCgf4vLyZ8K9aT7rARAqu3AJ411cU2YZkRcOwFfRlF1PMLWvFaRACdGAvo belmxbd7Z/peu5L154pS02k= =hHqE -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists