Section: .. / 0608-advisories /
| /// File Name: |
apacheRewrite.txt |
Description:
|
An off-by-one flaw exists in the Rewrite module, mod_rewrite, as shipped with Apache 1.3 since 1.3.28, 2.0 since 2.0.46, and 2.2 since 2.2.0.
| | Homepage: | http://www.apache.org | | File Size: | 4339 | | Related CVE(s): | CVE-2006-3747 | | Last Modified: | Aug 3 00:52:29 2006 |
| MD5 Checksum: | 453afd5a9140b8331824e3923dd5ea53 |
|
| /// File Name: |
MDKSA-2006-149.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-149 - MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. MySQL 4.1 before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4330 | | Related CVE(s): | CVE-2006-4031, CVE-2006-4226 | | Last Modified: | Aug 27 20:43:19 2006 |
| MD5 Checksum: | 66ab953c93b3e80e41742c49f9fedb13 |
|
| /// File Name: |
sa21614.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or cause a DoS (Denial of Service), and by malicious people to cause a DoS.
| | Homepage: | http://secunia.com/advisories/21614/ | | File Size: | 4306 | | Last Modified: | Aug 28 09:56:27 2006 |
| MD5 Checksum: | 41bd7605c6b11d28e3138e07df47c3b3 |
|
| /// File Name: |
pocketpc.txt |
Description:
|
MMS composer versions 1.5.5.6 and 2.0.0.13 suffer from multiple buffer overflows in the MMS parsing code allowing for arbitrary code execution and denial of service conditions.
| | Author: | Collin Mulliner, Prof. Giovanni Vigna | | File Size: | 4272 | | Last Modified: | Aug 26 20:53:56 2006 |
| MD5 Checksum: | 01dc07778157ff02b13172b0749cec35 |
|
| /// File Name: |
sa21457.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21457/ | | File Size: | 4240 | | Last Modified: | Aug 17 00:44:27 2006 |
| MD5 Checksum: | 4194e66e9293132122a258f7f23d1da3 |
|
| /// File Name: |
secunia-pctools.txt |
Description:
|
Secunia Research has discovered a security issue in PC Tools AntiVirus version 2.1.0.51, which can be exploited by malicious, local users to gain escalated privileges. Successful exploitation allows execution of arbitrary commands with SYSTEM privileges.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4191 | | Related CVE(s): | CVE-2006-3114 | | Last Modified: | Aug 17 04:24:12 2006 |
| MD5 Checksum: | e5c6f2efe658a81837c507849131ace7 |
|
| /// File Name: |
myspace.txt |
Description:
|
Myspace.com appears to have a worm propagating via user pages.
| | Author: | Matthew Wollenweber | | File Size: | 4173 | | Last Modified: | Aug 28 23:02:42 2006 |
| MD5 Checksum: | 5dc702af1a82b665f4cf519e20f3c8d5 |
|
| /// File Name: |
CAID-34509.txt |
Description:
|
CAID 34509 - CA eTrust Antivirus WebScan versions 1.1.0.1047 and below are susceptible to arbitrary code execution flaws.
| | Author: | Ken Williams | | Homepage: | http://ca.com/ | | File Size: | 4172 | | Last Modified: | Aug 17 23:40:24 2006 |
| MD5 Checksum: | 567e78dd512f3c4337f7f492afd501da |
|
| /// File Name: |
cms-g3.txt |
Description:
|
The G3 Content Management Framework suffers from a cross site scripting flaw in its search functionality.
| | Author: | Stefan Friedli | | File Size: | 4152 | | Last Modified: | Aug 17 03:49:09 2006 |
| MD5 Checksum: | 81d458862f19cf944775b68f3f697ed6 |
|
| /// File Name: |
brainzbof.txt |
Description:
|
libmusicbrainz versions 2.1.2 and below and versions SVN 8406 and below suffer from multiple buffer overflows.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org | | Related Exploit: | brainzbof.zip | | File Size: | 4146 | | Last Modified: | Aug 26 23:10:32 2006 |
| MD5 Checksum: | fd048f832137cc0a65069cfa4e7819fc |
|
| /// File Name: |
sa21417.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21417/ | | File Size: | 4138 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | 3b1047a772010a22ea82517bbe3752ef |
|
| /// File Name: |
hordeXSS.txt |
Description:
|
The Horde Framework and Horde IMP systems are susceptible to cross site scripting attacks in index.php. Flaws are verified in Horde versions 3.0.4 through 3.1.2 and IMP versions prior to 4.1.3.
| | Author: | Marc Ruef | | Homepage: | http://www.scip.ch/ | | File Size: | 4063 | | Last Modified: | Aug 27 03:36:20 2006 |
| MD5 Checksum: | 80cc6ee76eadd40659315f14aec856ba |
|
| /// File Name: |
symantecOddity.txt |
Description:
|
Symantec Anti-Virus Corporate Edition clients controlled via the Symantec System Center Console do not follow the "Download product updates using LiveUpdate" setting.
| | Author: | Chris Faigle | | File Size: | 4055 | | Last Modified: | Aug 27 13:46:42 2006 |
| MD5 Checksum: | 9a844e2941a9fdf3b554b0424c572981 |
|
| /// File Name: |
SYM06-015_signed.txt |
Description:
|
Symantec Security Advisory - Symantec discovered a security issue in Symantec's Veritas NetBackup 6.0 PureDisk Remote Office Edition. An unauthorized user with access to the network and the server hosting the management interface can potentially bypass the management interface authentication to gain access and elevate their privileges on the system.
| | Homepage: | http://www.symantec.com/ | | File Size: | 4027 | | Last Modified: | Aug 27 13:48:09 2006 |
| MD5 Checksum: | c26fa8cff8eac26b4e16da77ddcc62c2 |
|
| /// File Name: |
sa21394.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21394/ | | File Size: | 4000 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | ba8226f8c477c0a1bff92a165f354e1a |
|
| /// File Name: |
c051114-003.txt |
Description:
|
Corsaire Security Advisory - The VMware ESX Server product will allow a local attacker to read users' (including root's) passwords under certain conditions.
| | Author: | Stephen de Vries | | File Size: | 3990 | | Related CVE(s): | CVE-2005-3620 | | Last Modified: | Aug 17 01:34:55 2006 |
| MD5 Checksum: | f313bf44df34ab80460c041e8be230d4 |
|
| /// File Name: |
TA06-214A.txt |
Description:
|
Technical Cyber Security Alert TA06-214A - Apple has released Security Update 2006-004 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser, Mail, and other products. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Impacts of other vulnerabilities include bypass of security restrictions and denial of service.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3976 | | Last Modified: | Aug 17 04:16:35 2006 |
| MD5 Checksum: | 1d3003988033ca51cbe1b4e15a3319cd |
|
| /// File Name: |
mptho.txt |
Description:
|
OpenMPT versions 1.17.02.43 and below suffer from various buffer and heap overflows.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org | | Related Exploit: | mptho.zip | | File Size: | 3973 | | Last Modified: | Aug 26 21:05:15 2006 |
| MD5 Checksum: | fec3f50ed2e3e2dea43391fc0504b170 |
|
| /// File Name: |
hordeXSS-2.txt |
Description:
|
The Horde Framework and Horde IMP systems are susceptible to cross site scripting attacks in search.php. Flaws are verified in Horde versions 3.0.4 through 3.1.2 and IMP versions prior to 4.1.3.
| | Author: | Marc Ruef | | Homepage: | http://www.scip.ch/ | | File Size: | 3939 | | Last Modified: | Aug 27 03:36:55 2006 |
| MD5 Checksum: | ca31bf019478f3037931e27060c2470b |
|
| /// File Name: |
sa21388.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21388/ | | File Size: | 3930 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | 4c949a906d92337029cefcfb259c36f7 |
|
| /// File Name: |
MDKSA-2006-134.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-134 - A number of flaws were discovered in the safe-level restrictions in the Ruby language. Because of these flaws, it would be possible for an attacker to create a carefully crafted malicious script that could allow them to bypass certain safe-level restrictions.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 3924 | | Related CVE(s): | CVE-2006-3694 | | Last Modified: | Aug 3 01:29:25 2006 |
| MD5 Checksum: | 338076608796ef8d5fb388bfdbbac023 |
|
| /// File Name: |
sa21581.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Sun Solaris, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/21581/ | | File Size: | 3855 | | Last Modified: | Aug 26 20:18:48 2006 |
| MD5 Checksum: | 5c3e3ce462ad05feb28a70ffd15d0ebc |
|
| /// File Name: |
TSRT-06-05.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of the Computer Associates eTrust AntiVirus WebScan ActiveX component that suffers from an automatic update code execution flaw.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3815 | | Related CVE(s): | CVE-2006-3976, CVE-2006-3977 | | Last Modified: | Aug 18 01:14:42 2006 |
| MD5 Checksum: | 5921bdcdd3a3863bd470dd9e1e7bfd01 |
|
| /// File Name: |
sa21459.txt |
Description:
|
Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges, or by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21459/ | | File Size: | 3782 | | Last Modified: | Aug 17 00:44:27 2006 |
| MD5 Checksum: | 68ed9d83b3a2950a3681870259a85294 |
|
| /// File Name: |
sa21441.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for krb5. This fixes a security issue, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/21441/ | | File Size: | 3748 | | Last Modified: | Aug 17 00:44:27 2006 |
| MD5 Checksum: | 236e7b998cd4f8a35310b6c8c0da99d3 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
