Section: .. / 0606-advisories /
| /// File Name: |
sa20796.txt |
Description:
|
Secunia Security Advisory - Moroccan Security Team has discovered two vulnerabilities in Open Guestbook, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/20796/ | | File Size: | 2498 | | Last Modified: | Jun 29 04:11:18 2006 |
| MD5 Checksum: | baa34e571dff31eeb1f4789813925b9b |
|
| /// File Name: |
sa20794.txt |
Description:
|
Secunia Security Advisory - Darren Bounds has discovered a vulnerability in Trend Micro Control Manager, which can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/20794/ | | File Size: | 2444 | | Last Modified: | Jun 29 04:11:18 2006 |
| MD5 Checksum: | 993908cf2b04708839c70c791169bbae |
|
| /// File Name: |
sa20793.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in IBM WebSphere Application Server, where one has an unknown impact and the other can be exploited by malicious people to gain knowledge of sensitive information.
| | Homepage: | http://secunia.com/advisories/20793/ | | File Size: | 2260 | | Last Modified: | Jun 29 04:11:18 2006 |
| MD5 Checksum: | 3dcb542554582af295c4176bf625adb9 |
|
| /// File Name: |
sa20791.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for freetype2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise applications using the library.
| | Homepage: | http://secunia.com/advisories/20791/ | | File Size: | 5400 | | Last Modified: | Jun 29 04:11:18 2006 |
| MD5 Checksum: | 7b9b2ec154c6f90e6fa6a73501bcd720 |
|
| /// File Name: |
sa19480.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a weakness in Opera, which can be exploited to display the SSL certificate from a trusted site on an untrusted site.
| | Homepage: | http://secunia.com/advisories/19480/ | | File Size: | 2341 | | Last Modified: | Jun 29 04:11:18 2006 |
| MD5 Checksum: | c402c2847ad076573bcd8dd129742981 |
|
| /// File Name: |
dsa-1103-1.txt |
Description:
|
Debian Security Advisory 1103-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 40843 | | Related CVE(s): | CVE-2005-3359, CVE-2006-0038, CVE-2006-0039, CVE-2006-0456, CVE-2006-0554, CVE-2006-0555, CVE-2006-0557, CVE-2006-0558, CVE-2006-0741, CVE-2006-0742, CVE-2006-0744, CVE-2006-1056, CVE-2006-1242, CVE-2006-1368, CVE-2006-1523, CVE-2006-1524, CVE-2006-1525, CVE-2006-1857, CVE-2006-1858, CVE-2006-1863, CVE-2006-1864, CVE-2006-2271, CVE-2006-2272, CVE-2006-2274 | | Last Modified: | Jun 27 09:05:51 2006 |
| MD5 Checksum: | d216555ef855960c2344bf35236ce105 |
|
| /// File Name: |
glsa-200606-26.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200606-26 - A bug in EnergyMech fails to handle empty CTCP NOTICEs correctly, and will cause a crash from a segmentation fault. Versions less than 3.0.2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2410 | | Last Modified: | Jun 27 09:02:12 2006 |
| MD5 Checksum: | 9ce47d476ba6b5c0bb080b1c385edd11 |
|
| /// File Name: |
glsa-200606-25.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200606-25 - Andreas Seltenreich has reported a possible heap overflow in the array_push() function in hashcash.c, as a result of an incorrect amount of allocated memory for the ARRAY structure. Versions less than 1.21 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2640 | | Last Modified: | Jun 27 09:01:19 2006 |
| MD5 Checksum: | 6d9528896759c6bf21c2b0d01df1c296 |
|
| /// File Name: |
clarolineXSS.txt |
Description:
|
Claroline version 1.7.7 suffers from cross site scripting vulnerabilities.
| | Author: | bug | | Homepage: | http://securitynews.ir/ | | File Size: | 928 | | Last Modified: | Jun 27 08:59:39 2006 |
| MD5 Checksum: | 7ef2b8a42ef71c4145cb932aef6ac877 |
|
| /// File Name: |
USN-304-1.txt |
Description:
|
Ubuntu Security Notice 304-1 - Evgeny Legerov discovered that GnuPG did not sufficiently check overly large user ID packets. Specially crafted user IDs caused a buffer overflow. By tricking an user or remote automated system into processing a malicious GnuPG message, an attacker could exploit this to crash GnuPG or possibly even execute arbitrary code.
| | Homepage: | http://www.ubuntu.com/ | | File Size: | 6444 | | Related CVE(s): | CVE-2006-3082 | | Last Modified: | Jun 27 08:57:58 2006 |
| MD5 Checksum: | d5f63d3cdec5debb49aa4ddf857953be |
|
| /// File Name: |
planetnews.txt |
Description:
|
Planetnews suffers from a php shell upload vulnerability.
| | Author: | AlpEren, tugr | | Homepage: | http://www.ayyildiz.org | | File Size: | 574 | | Last Modified: | Jun 27 08:55:31 2006 |
| MD5 Checksum: | a4100cd8c25f3ba96833e2605750353a |
|
| /// File Name: |
ERNW-01-2006.txt |
Description:
|
The Online Registration Facility of Algorithmic Research PrivateWire VPN Software does not do proper bounds checking handling normal GET requests. Sending an overly long page or script name, it causes a buffer overflow and an attacker can control the EIP to run arbitrary code on the victims machine.
| | Author: | Michael Thumann | | Homepage: | http://www.ernw.de/ | | File Size: | 1353 | | Last Modified: | Jun 27 08:53:58 2006 |
| MD5 Checksum: | c135ca3824cca6de700edc848227687f |
|
| /// File Name: |
OpenPKG-SA-2006-010.txt |
Description:
|
OpenPKG Security Advisory OpenPKG-SA-2006.010 - According to a vendor security release note, a memory allocation attack possibility exists in the GnuPG cryptography tool, versions 1.4.3 and earlier.
| | Homepage: | http://www.openpkg.org/ | | File Size: | 2336 | | Related CVE(s): | CVE-2006-3062 | | Last Modified: | Jun 27 08:51:56 2006 |
| MD5 Checksum: | f44dc99938f80b89c9a735f9d4cabdd5 |
|
| /// File Name: |
dsa-1102-1.txt |
Description:
|
Debian Security Advisory 1102-1 - Steve Kemp from the Debian Security Audit project discovered that pinball, a pinball simulator, can be tricked into loading level plugins from user-controlled directories without dropping privileges.
| | Homepage: | http://www.debian.org/security | | File Size: | 7109 | | Related CVE(s): | CVE-2006-2196 | | Last Modified: | Jun 27 08:50:41 2006 |
| MD5 Checksum: | 58bb3bb238c3abf013c5f4cb02a5255f |
|
| /// File Name: |
MDKSA-2006-111.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-111 - Mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function. MySQL 4.0.18 in Corporate 3.0 and MNF 2.0 is not affected by this issue.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 5375 | | Related CVE(s): | CVE-2006-3081 | | Last Modified: | Jun 27 08:14:22 2006 |
| MD5 Checksum: | 6b2353153d0fd1792979057de4697bc9 |
|
| /// File Name: |
glsa-200606-24.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200606-24 - A boundary checking error was found in wv2, which could lead to an integer overflow. Versions less than 0.2.3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2426 | | Last Modified: | Jun 27 08:11:39 2006 |
| MD5 Checksum: | 2c4bdfda5d18e136afb3a399bb35561d |
|
| /// File Name: |
CiscoACSvuln.txt |
Description:
|
A vulnerability has been identified in the Cisco Secure ACS session management architecture which could be exploited by an attacker to obtain full administrative access to the web interface and thus all managed assets (routers, switches, 802.1x authenticated networks, etc). Cisco Secure ACS 4.x for Windows is affected. Legacy versions may also be affected.
| | Author: | Darren Bounds | | File Size: | 2061 | | Last Modified: | Jun 27 08:10:11 2006 |
| MD5 Checksum: | 5aaf43665f18bbe036c7431192e32b5d |
|
| /// File Name: |
TMCM-XSS.txt |
Description:
|
The Trend Micro Control Manager is vulnerable to a persistent, unauthenticated cross site scripting attack. Version 3.5 is affected. Earlier versions may also be affected.
| | Author: | Darren Bounds | | File Size: | 1494 | | Last Modified: | Jun 27 08:08:52 2006 |
| MD5 Checksum: | 3ad74878991fd954b861735650b402ab |
|
| /// File Name: |
TLSA-2006-0037.txt |
Description:
|
Trustix Secure Linux Security Advisory #2006-0037 - The Linux kernel and netpbm suffer from multiple vulnerabilities.
| | Homepage: | http://www.trustix.org/ | | File Size: | 4810 | | Last Modified: | Jun 27 08:07:36 2006 |
| MD5 Checksum: | 679622086a2593a94669359b5ab7d321 |
|
| /// File Name: |
SSRT051056.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with the HP-UX kernel. The vulnerability could be exploited by a local user to create a Denial of Service (DoS).
| | Homepage: | http://www.hp.com | | File Size: | 5841 | | Last Modified: | Jun 27 08:04:40 2006 |
| MD5 Checksum: | 779fd0165b7d22fee299fea1ddcbc36e |
|
| /// File Name: |
dsa-1101-1.txt |
Description:
|
Debian Security Advisory 1101-1 - A bug has been discovered in the Courier Mail Server that can result in a number of processes to consume arbitrary amounts of CPU power.
| | Homepage: | http://www.debian.org/security | | File Size: | 62614 | | Related CVE(s): | CVE-2006-2659 | | Last Modified: | Jun 27 07:59:13 2006 |
| MD5 Checksum: | ef5f8b11be7a6024d036cdcecd97319d |
|
| /// File Name: |
MU-200606-01.txt |
Description:
|
A remote buffer overflow condition in Real Helix's RTSP service could allow for arbitrary code execution. The vulnerable code is triggered with the use of a malformed HTTP header. A second vulnerability of equal criticality was also discovered. This bug involved the parsing of HTTP URLs. Affected versions include Real Networks Helix DNA Server 11.0.x and Real Networks Helix DNA Server 10.0.x.
| | Homepage: | http://labs.musecurity.com | | File Size: | 2598 | | Last Modified: | Jun 27 07:27:56 2006 |
| MD5 Checksum: | 2ff856d770db4d9c4768675243cf4958 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
