Section: .. / 0605-advisories /
| /// File Name: |
websitebaker.txt |
Description:
|
WebsiteBaker CMS allows for injection of HTML and javascript.
| | Author: | Nomenumbra | | File Size: | 265 | | Last Modified: | May 6 18:17:31 2006 |
| MD5 Checksum: | 3d3fc53d87798f28202ccf161090c8c4 |
|
| /// File Name: |
visionsource.txt |
Description:
|
VisionSource CMS versions 0.6 and below suffer from cross site scripting flaws.
| | Author: | Nomenumbra | | File Size: | 285 | | Last Modified: | May 6 18:16:47 2006 |
| MD5 Checksum: | 21402d32ef0f38fd2ddb5784a9558a4d |
|
| /// File Name: |
passmasterflex.txt |
Description:
|
PassMasterFlex suffers from cross site scripting flaws.
| | Author: | Nomenumbra | | File Size: | 706 | | Last Modified: | May 6 18:16:08 2006 |
| MD5 Checksum: | ac7b2a9c3822f79b12032f9bbe492dcd |
|
| /// File Name: |
mybloggie213.txt |
Description:
|
myBloggie versions 2.1.3 and below suffer from cross site scripting flaws.
| | Author: | Nomenumbra | | File Size: | 281 | | Last Modified: | May 6 18:15:36 2006 |
| MD5 Checksum: | 805a44e276ee6fdde7fbc37f6a8ef7d0 |
|
| /// File Name: |
flexcustomer.txt |
Description:
|
FlexCustomer versions 0.0.4 and below suffer from SQL injection flaws.
| | Author: | Nomenumbra | | File Size: | 576 | | Last Modified: | May 6 18:14:36 2006 |
| MD5 Checksum: | b9b212a5876cdc7ad4ad8d0800e94399 |
|
| /// File Name: |
chipmunkBoard.txt |
Description:
|
ChipmunkBoard suffers from SQL injection flaws.
| | Author: | Nomenumbra | | File Size: | 670 | | Last Modified: | May 6 18:14:05 2006 |
| MD5 Checksum: | ae6c3d383fb2e41489fee263c51fb6a0 |
|
| /// File Name: |
chipmunkBlogger.txt |
Description:
|
ChipmunkBlogger suffers from a lack of input sanitizing.
| | Author: | Nomenumbra | | File Size: | 540 | | Last Modified: | May 6 18:03:22 2006 |
| MD5 Checksum: | e4ba1ba131b06536efa0a4ee1c4cd68f |
|
| /// File Name: |
glsa-200605-05.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200605-05 - An integer overflow was found in the receive_xattr function from the extended attributes patch (xattr.c) for rsync. The vulnerable function is only present when the acl USE flag is set. Versions less than 2.6.8 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2791 | | Last Modified: | May 6 17:59:00 2006 |
| MD5 Checksum: | 16d674c3c70b0043059e552b75673328 |
|
| /// File Name: |
cirt-43-advisory.pdf |
Description:
|
A vulnerability has been found in an ActiveX object distributed as part of TDC' Microsoft CSP suite. The vulnerability allows code execution on any client machine that has the component installed if the user navigates to an attacker-created website.
| | Author: | Dennis Rand | | Homepage: | http://www.cirt.dk | | File Size: | 270168 | | Related CVE(s): | CVE-2006-1172 | | Last Modified: | May 6 17:53:54 2006 |
| MD5 Checksum: | 95e200f8b61a5782e57d22b2dc53c55b |
|
| /// File Name: |
CAID-34013.txt |
Description:
|
CAID 34013 - A potential vulnerability issue exists in our CAIRIM LMP solution for z/OS. CAIRIM is delivered as part of CA's z/OS Common Services, and the LMP component provides licensing services to many of CA's z/OS solutions. IBM Global Services discovered an integrity problem, which could be exploited by an expert user of a z/OS system that utilizes CA's CAIRIM LMP component. We worked with IBM Global Services to understand the nature of the problem and to make certain that the remedy we have now provided addresses the problem completely.
| | Author: | Ken Williams | | Homepage: | http://ca.com/ | | File Size: | 9599 | | Last Modified: | May 6 17:50:18 2006 |
| MD5 Checksum: | 9ab24c9ae1d5ec47ce2be89ca9649849 |
|
| /// File Name: |
webcalEnumerate.txt |
Description:
|
WebCalendar is susceptible to user enumeration flaws.
| | Author: | David Maciejak | | File Size: | 700 | | Last Modified: | May 6 17:36:44 2006 |
| MD5 Checksum: | 556f03dfc448cde1165e0384291d7ef0 |
|
| /// File Name: |
042006-001-ISA-LM.txt |
Description:
|
There is a log manipulation vulnerability in Microsoft ISA Server 2004, which when exploited will enable a malicious user to manipulate the Destination Host parameter of the log file.
| | Author: | Noam Rathaus | | Homepage: | http://www.beyondsecurity.com/ | | File Size: | 1527 | | Last Modified: | May 6 17:13:44 2006 |
| MD5 Checksum: | 9ad61be6d42463284ad103337f60d21b |
|
| /// File Name: |
loveyouBypass.txt |
Description:
|
It appears that Panda Antivirus and ClamAV may be susceptible to bypass for the "I Love You" virus when a simple variable is changed.
| | Author: | Joxean Koret | | File Size: | 1747 | | Last Modified: | May 6 17:11:03 2006 |
| MD5 Checksum: | 641c0a2fb4b91e21d1b15bc2410c7f9d |
|
| /// File Name: |
USN-280-1.txt |
Description:
|
Ubuntu Security Notice 280-1 - The Render extension of the X.org server incorrectly calculated the size of a memory buffer, which led to a buffer overflow. A local attacker could exploit this to crash the X server or even execute arbitrary code with root privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 95741 | | Related CVE(s): | CVE-2006-1526 | | Last Modified: | May 6 17:08:37 2006 |
| MD5 Checksum: | 8c18a8d0c4ccceff2f41787ca29bc684 |
|
| /// File Name: |
USN-281-1.txt |
Description:
|
Ubuntu Security Notice 281-1 - Multiple vulnerabilities have been discovered in the Linux 2.6 kernel. The sys_mbind() function did not properly verify the validity of the 'maxnod' argument. A local user could exploit this to trigger a buffer overflow, which caused a kernel crash. The SELinux module did not correctly handle the tracer SID when a process was already being traced. A local attacker could exploit this to cause a kernel crash. Al Viro discovered a local Denial of Service in the sysfs write buffer handling. By writing a block wit h a length exactly equal to the processor's page size to any writable file in /sys, a local attacker could cause a kernel crash. John Blackwood discovered a race condition with single-step debugging multiple processes at the same time. A local attacker could exploit this to crash the system. This only affects the amd64 platform. Marco Ivaldi discovered a flaw in the handling of the ID number of IP packets. This number was incremented after receiving unsolicited TCP SYN-ACK packets. A remote attacker could exploit this to conduct port scans with the 'Idle scan' method (nmap -sI), which bypassed intended port scan protections. Pavel Kankovsky discovered that the getsockopt() function, when called with an SO_ORIGINAL_DST argument, does not properly clear the returned structure, so that a random piece of kernel memory is exposed to the user. This could potentially reveal sensitive data like passwords or encryption keys. A buffer overflow was discovered in the USB Gadget RNDIS implementation. While creating a reply message, the driver did not allocate enough memory for the reply structure. A remote attacker could exploit this to cause a kernel crash. Alexandra Kossovsky discovered an invalid memory access in the ip_route_input() function. By using the 'ip' command in a particular way to retrieve multicast routes, a local attacker could exploit this to crash the kernel.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 88963 | | Related CVE(s): | CVE-2006-0557, CVE-2006-1052, CVE-2006-1055, CVE-2006-1066, CVE-2006-1242, CVE-2006-1343, CVE-2006-1368, CVE-2006-1525 | | Last Modified: | May 6 17:07:56 2006 |
| MD5 Checksum: | 86c4e4a8a74cce0a7462b38366038f87 |
|
| /// File Name: |
dsa-1051-1.txt |
Description:
|
Debian Security Advisory 1051-1 - Several security related problems have been discovered in Mozilla Thunderbird. This advisory addresses those issues.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security | | File Size: | 22370 | | Related CVE(s): | CVE-2005-2353, CVE-2005-4134, CVE-2006-0292, CVE-2006-0293, CVE-2006-0296, CVE-2006-0748, CVE-2006-0749, CVE-2006-0884, CVE-2006-1045, CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, CVE-2006-1723, CVE-2006-1724, CVE-2006-1727, CVE-2006-1728, CVE-2006-1729, CVE-2006-1730, CVE-2006-1731, CVE-2006-1733, CVE-2006-1734, CVE-2006-1735, CVE-2006-1736, CVE-2006-1737, CVE-2006-1738, CVE-2006-1739, CVE-2006-1740, CVE-2006-1741, CVE-2006-1742, CVE-2006-1790 | | Last Modified: | May 6 17:02:29 2006 |
| MD5 Checksum: | 4f79a008194185391d4a9f470c3c33c6 |
|
| /// File Name: |
REWTERZ-20060504.txt |
Description:
|
rewterz has discovered a critical vulnerability in Sami FTP Server. This vulnerability may allow a remote attacker to overwrite memory with user controlled data and execute arbitrary code in the context of the user who executed the Sami FTP Server.
| | Author: | Muhammad Ahmed Siddiqui | | File Size: | 1894 | | Last Modified: | May 6 16:59:36 2006 |
| MD5 Checksum: | c5b48ad96b00b79ca3df6cef7cbbf7d9 |
|
| /// File Name: |
REWTERZ-20060503.txt |
Description:
|
rewterz has discovered a critical vulnerability in XM Easy Personal FTP Server. This vulnerability may allow a remote attacker to overwrite memory with user controlled data and execute arbitrary code in the context of the user who executed the XM Easy Personal FTP Server.
| | Author: | Muhammad Ahmed Siddiqui | | File Size: | 1903 | | Last Modified: | May 6 16:59:04 2006 |
| MD5 Checksum: | 010e946a41ea0284393f472e585ee40d |
|
| /// File Name: |
USN-279-1.txt |
Description:
|
Ubuntu Security Notice 279-1 - Jayesh KS discovered that the nasl_split() function in the NASL (Nessus Attack Scripting Language) library did not check for a zero-length separator argument, which lead to an invalid memory allocation. This library is primarily used in the Nessus security scanner; a remote attacker could exploit this vulnerability to cause the Nessus daemon to crash.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4202 | | Related CVE(s): | CVE-2006-2093 | | Last Modified: | May 6 16:53:57 2006 |
| MD5 Checksum: | f71099bc40e5058fd03cb9af1c23da60 |
|
| /// File Name: |
USN-278-1.txt |
Description:
|
Ubuntu Security Notice 278-1 - Marcus Meissner discovered a race condition in gdm's handling of the ~/.ICEauthority file permissions. A local attacker could exploit this to become the owner of an arbitrary file in the system. When getting control over automatically executed scripts (like cron jobs), the attacker could eventually leverage this flaw to execute arbitrary commands with root privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 3125 | | Related CVE(s): | CVE-2006-1057 | | Last Modified: | May 6 16:53:08 2006 |
| MD5 Checksum: | a81bc1d285f5b1f4ad45cbd513d73d11 |
|
| /// File Name: |
dsa-1050-1.txt |
Description:
|
Debian Security Advisory 1050-1 - Ulf Harnhammar and an anonymous researcher from Germany discovered a vulnerability in the protocol code of freshclam, a command line utility responsible for downloading and installing virus signature updates for ClamAV, the antivirus scanner for Unix. This could lead to a denial of service or potentially the execution of arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security | | File Size: | 15443 | | Related CVE(s): | CVE-2006-1989 | | Last Modified: | May 6 16:41:44 2006 |
| MD5 Checksum: | 1cb33ea7e8677948aa99d8148ab45a95 |
|
| /// File Name: |
USN-277-1.txt |
Description:
|
Ubuntu Security Notice 277-1 - Tavis Ormandy and Andrey Kiselev discovered that libtiff did not sufficiently verify the validity of TIFF files. By tricking an user into opening a specially crafted TIFF file with any application that uses libtiff, an attacker could exploit this to crash the application or even execute arbitrary code with the application's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6028 | | Related CVE(s): | CVE-2006-2024, CVE-2006-2025, CVE-2006-2026, CVE-2006-2120 | | Last Modified: | May 6 16:40:36 2006 |
| MD5 Checksum: | 2e67228960ffb16bdba3cd30dc48123b |
|
| /// File Name: |
SUSE-SA-2006-023.txt |
Description:
|
SUSE Security Announcement SUSE-SA-2006-023 - Miscalculation of a buffer size in the X Render extension of the X.Org X11 server could potentially be exploited by users to cause a buffer overflow and run code with elevated privileges.
| | Homepage: | http://www.suse.com | | File Size: | 12752 | | Related CVE(s): | CVE-2006-1526 | | Last Modified: | May 6 16:39:45 2006 |
| MD5 Checksum: | c743b3e72176faf26e5266ed60a8f4c3 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
