Section: .. / 0608-advisories /
| /// File Name: |
dsa-1156-1.txt |
Description:
|
Debian Security Advisory 1156-1 - Ludwig Nussel discovered that kdm, the X display manager for KDE, handles access to the session type configuration file insecurely, which may lead to the disclosure of arbitrary files through a symlink attack.
| | Homepage: | http://www.debian.org/security | | File Size: | 57452 | | Related CVE(s): | CVE-2006-2449 | | Last Modified: | Aug 28 01:38:21 2006 |
| MD5 Checksum: | 652f694967b462111c997d267010f378 |
|
| /// File Name: |
sa21662.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for kdebase. This fixes a vulnerability, which can be exploited by malicious, local users to gain knowledge of sensitive information.
| | Homepage: | http://secunia.com/advisories/21662/ | | File Size: | 53159 | | Last Modified: | Aug 28 09:56:27 2006 |
| MD5 Checksum: | 7f61f0e92dc749584dbd709c67506f5d |
|
| /// File Name: |
USN-331-1.txt |
Description:
|
Ubuntu Security Notice USN-331-1 - A Denial of service vulnerability was reported in iptables' SCTP conntrack module. On computers which use this iptables module, a remote attacker could expoit this to trigger a kernel crash. A buffer overflow has been discovered in the dvd_read_bca() function. By inserting a specially crafted DVD, USB stick, or similar automatically mounted removable device, a local user could crash the machine or potentially even execute arbitrary code with full root privileges. The ftdi_sio driver for serial USB ports did not limit the amount of pending data to be written. A local user could exploit this to drain all available kernel memory and thus render the system unusable.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 43885 | | Related CVE(s): | CVE-2006-2934, CVE-2006-2935, CVE-2006-2936 | | Last Modified: | Aug 17 04:26:43 2006 |
| MD5 Checksum: | cff17b362b4332dec33ae3c99169ad8c |
|
| /// File Name: |
sa21298.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges or by malicious people to cause a DoS.
| | Homepage: | http://secunia.com/advisories/21298/ | | File Size: | 40528 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | 0a6f69e0f43caa17df5fbbffa999e06d |
|
| /// File Name: |
dsa-1139-1.txt |
Description:
|
Debian Security Advisory 1139-1 - It was discovered that the interpreter for the Ruby language does not properly maintain "safe levels" for aliasing, directory accesses and regular expressions, which might lead to a bypass of security restrictions.
| | Homepage: | http://www.debian.org/security | | File Size: | 29384 | | Related CVE(s): | CVE-2006-3694 | | Last Modified: | Aug 17 04:48:48 2006 |
| MD5 Checksum: | 10060bee5ea1505e531710d0081f01f9 |
|
| /// File Name: |
sa21634.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mozilla. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21634/ | | File Size: | 27601 | | Last Modified: | Aug 29 12:55:20 2006 |
| MD5 Checksum: | 0e940896b89fab3affc87a3de6d9fbd9 |
|
| /// File Name: |
sa21337.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for ruby1.6. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/21337/ | | File Size: | 27235 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | 72d6b886cdabf8bf377d7342b5a4e769 |
|
| /// File Name: |
zend_hash_del_key_or_index_vulnerab..> |
Description:
|
Write up discussing the Zend_Hash_Del_Key_Or_Index vulnerability inherent in PHP that has finally been fixed in the latest releases. Upgrading to 4.4.3 or 5.1.4 is suggested.
| | Author: | Stefan Esser | | Homepage: | http://www.hardened-php.net/ | | File Size: | 26958 | | Last Modified: | Aug 18 00:54:40 2006 |
| MD5 Checksum: | c83c217e2b38f09a901fa6e4b83bc31a |
|
| /// File Name: |
sa21233.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for ruby. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/21233/ | | File Size: | 26832 | | Last Modified: | Aug 2 04:14:26 2006 |
| MD5 Checksum: | 4e97c0c6660b53b541dcfec9af26d32c |
|
| /// File Name: |
cisco-sa-20060920-docsis.txt |
Description:
|
Cisco Security Advisory ID cisco-sa-20060920-docsis: DOCSIS Read-Write Community String Enabled in Non-DOCSIS Platforms
| | Homepage: | http://www.cisco.com | | File Size: | 25600 | | Last Modified: | Oct 2 17:44:53 2006 |
| MD5 Checksum: | 6c7da4015bbee346b3c919cf291b80a0 |
|
| /// File Name: |
sa21241.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for apache. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21241/ | | File Size: | 25305 | | Last Modified: | Aug 2 04:14:26 2006 |
| MD5 Checksum: | d4460b6cd3f51694c3d869bc1f409c2b |
|
| /// File Name: |
dsa-1132-1.txt |
Description:
|
Debian Security Advisory 1132-1 - Mark Dowd discovered a buffer overflow in the mod_rewrite component of apache, a versatile high-performance HTTP server. In some situations a remote attacker could exploit this to execute arbitary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 23377 | | Related CVE(s): | CVE-2006-3747 | | Last Modified: | Aug 17 02:56:59 2006 |
| MD5 Checksum: | 3c651cf28d3daf7a9c44548c12d62ad2 |
|
| /// File Name: |
dsa-1146-1.txt |
Description:
|
Debian Security Advisory 1146-1 - In certain application programs packaged in the MIT Kerberos 5 source distribution, calls to setuid() and seteuid() are not always checked for success and which may fail with some PAM configurations. A local user could exploit one of these vulnerabilities to result in privilege escalation. No exploit code is known to exist at this time.
| | Homepage: | http://www.debian.org/security | | File Size: | 22414 | | Related CVE(s): | CVE-2006-3083, CVE-2006-3084 | | Last Modified: | Aug 26 20:23:46 2006 |
| MD5 Checksum: | 6a843f8da829224cf6024f840f325fbd |
|
| /// File Name: |
dsa-1157-1.txt |
Description:
|
Debian Security Advisory 1157-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to the bypass of security restrictions or denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 22183 | | Related CVE(s): | CVE-2006-3694, CVE-2006-1931 | | Last Modified: | Aug 28 01:39:26 2006 |
| MD5 Checksum: | 9ccfc5ff9ada485c3c359e6a278a8227 |
|
| /// File Name: |
sa21284.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for apache2. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21284/ | | File Size: | 21812 | | Last Modified: | Aug 2 23:35:22 2006 |
| MD5 Checksum: | b2c269dbde81fcbe02bb574cfaefef72 |
|
| /// File Name: |
dsa-1162-1.txt |
Description:
|
Debian Security Advisory 1162-1 - Luigi Auriemma discovered several buffer overflows in libmusicbrainz, a CD index library, that allow remote attackers to cause a denial of service or execute arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 21572 | | Related CVE(s): | CVE-2006-4197 | | Last Modified: | Aug 30 04:32:32 2006 |
| MD5 Checksum: | 53e8cc44b8d6412f584b363836fa6393 |
|
| /// File Name: |
USN-334-1.txt |
Description:
|
Ubuntu Security Notice USN-334-1 - Michael Calmer and Marcus Meissner discovered that several krb5 tools did not check the return values from setuid() system calls. On systems that have configured user process limits, it may be possible for an attacker to cause setuid() to fail via resource starvation. In that situation, the tools will not reduce their privilege levels, and will continue operation as the root user.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 21564 | | Related CVE(s): | CVE-2006-3083, CVE-2006-3084 | | Last Modified: | Aug 27 03:26:43 2006 |
| MD5 Checksum: | 652ecb99ebcb7f2582976901906bd9d6 |
|
| /// File Name: |
MDKSA-2006-143.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-143 - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 21168 | | Related CVE(s): | CVE-2006-2613, CVE-2006-2894, CVE-2006-2775, CVE-2006-2776, CVE-2006-2777, CVE-2006-2778, CVE-2006-2779, CVE-2006-2780, CVE-2006-2782, CVE-2006-2783, CVE-2006-2784, CVE-2006-2785, CVE-2006-2786, CVE-2006-2787, CVE-2006-2788, CVE-2006-3677, CVE-2006-3803, CVE-2006-3804, CVE-2006-3806, CVE-2006-3807, CVE-2006-3113, CVE-2006-3801, CVE-2006-3802, CVE-2006-3805, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812 | | Last Modified: | Aug 27 13:51:09 2006 |
| MD5 Checksum: | cc44996693ead6def2d61c4a3d3ffc5c |
|
| /// File Name: |
sa21607.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for mozilla-thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and HTTP response smuggling attacks, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21607/ | | File Size: | 20675 | | Last Modified: | Aug 26 20:18:48 2006 |
| MD5 Checksum: | 734b9e77f50d65587d13e34a17bf2437 |
|
| /// File Name: |
sa21439.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for krb5. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/21439/ | | File Size: | 20652 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | ece8bd1ad43797134d2058ff6d330527 |
|
| /// File Name: |
cisco-sa-20060823-vpn3k.txt |
Description:
|
Cisco Security Advisory - The Cisco VPN 3000 series concentrators are affected by two vulnerabilities when file management via File Transfer Protocol (FTP) is enabled that could allow authenticated or unauthenticated attackers to execute certain FTP commands and delete files on the concentrator.
| | Homepage: | http://www.cisco.com | | File Size: | 20380 | | Last Modified: | Aug 27 19:56:41 2006 |
| MD5 Checksum: | 6c366e24e3668602419ef2d97ed6e62d |
|
| /// File Name: |
sa21657.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for ruby1.8. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/21657/ | | File Size: | 20345 | | Last Modified: | Aug 28 09:56:27 2006 |
| MD5 Checksum: | 0ae6e621853ba03fc2d0f9d23e6aa234 |
|
| /// File Name: |
sa21668.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for libmusicbrainz-2.0. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21668/ | | File Size: | 20070 | | Last Modified: | Aug 30 16:08:37 2006 |
| MD5 Checksum: | 5242974fc2585ce4e396b6e50ec8c07e |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
