Section: .. / 0507-advisories /
| /// File Name: |
FreeBSD-SA-05-19.ipsec.txt |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec - IPsec is a security protocol for the Internet Protocol networking layer. It provides a combination of encryption and authentication of system, using several possible cryptography algorithms. A programming error in the implementation of the AES-XCBC-MAC algorithm for authentication resulted in a constant key being used instead of the key specified by the system administrator.
| | Author: | Yukiyo Akisada | | Homepage: | http://www.freebsd.org | | File Size: | 4251 | | Related CVE(s): | CAN-2005-2359 | | Last Modified: | Jul 28 09:00:22 2005 |
| MD5 Checksum: | 4ca733f4e87612fb2d1658c89d2edf18 |
|
| /// File Name: |
FreeBSD-SA-05-18.zlib.txt |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-05:18.zlib - A carefully constructed compressed data stream can result in zlib overwriting some data structures. This may cause applications to halt, resulting in a denial of service; or it may result in an attacker gaining elevated privileges.
| | Homepage: | http://www.freebsd.org | | File Size: | 3940 | | Related CVE(s): | CAN-2005-1849 | | Last Modified: | Jul 28 08:58:50 2005 |
| MD5 Checksum: | f04e1c0ffa62c58fbff1758dd2a9e393 |
|
| /// File Name: |
glsa-200507-26.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200507-26 - GNU Gadu, CenterICQ, Kadu, EKG and libgadu are vulnerable to an integer overflow. Versions less than 2.2.6-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3964 | | Related CVE(s): | CAN-2005-1852 | | Last Modified: | Jul 28 08:37:09 2005 |
| MD5 Checksum: | ab1052b856beb7d0d10837f8a7590396 |
|
| /// File Name: |
dsa-766-1.txt |
Description:
|
Debian Security Advisory DSA 766-1 - A vulnerability has been discovered in webcalendar, a PHP based multi-user calendar, that can lead to the disclosure of sensitive information to unauthorised parties.
| | Homepage: | http://security.debian.org/ | | File Size: | 2986 | | Related CVE(s): | CAN-2005-2320 | | Last Modified: | Jul 28 08:36:59 2005 |
| MD5 Checksum: | 4412e3b58a9fb1a05e67d3fae7cab48d |
|
| /// File Name: |
dsa-765-1.txt |
Description:
|
Debian Security Advisory DSA 765-1 - A buffer overflow was discovered in the handling of the LINEMODE suboptions in telnet clients. Heimdal, a free implementation of Kerberos 5, also contains such a client. This can lead to the execution of arbitrary code when connected to a malicious server.
| | Homepage: | http://security.debian.org/ | | File Size: | 36932 | | Related CVE(s): | CAN-2005-0469 | | Last Modified: | Jul 28 08:36:03 2005 |
| MD5 Checksum: | 3333dc5397a018f7f305b8a410a618d8 |
|
| /// File Name: |
novellBO653.txt |
Description:
|
The Novell GroupWise 6.5.3 client suffers from a remote buffer overflow vulnerability.
| | Author: | Francisco Amato | | Homepage: | http://www.infobyte.com.ar | | File Size: | 3301 | | Last Modified: | Jul 28 08:34:32 2005 |
| MD5 Checksum: | c2c04c614c9052f05cfdff801c554979 |
|
| /// File Name: |
NILESA-20050701.txt |
Description:
|
When the UnixWare 7.x version of the RPC portmapper (rpcbind) receives an invalid portmap request, it falls into a denial of service state and cannot respond.
| | Author: | Yun Jonglim | | Homepage: | http://www.nilesoft.co.kr | | File Size: | 2528 | | Related CVE(s): | CAN-2005-2132 | | Last Modified: | Jul 28 08:32:01 2005 |
| MD5 Checksum: | 1eb5be89cde41bbe4f56ca41a5940a94 |
|
| /// File Name: |
glsa-200507-25.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200507-25 - Neel Mehta and Alex Wheeler discovered that Clam AntiVirus is vulnerable to integer overflows when handling the TNEF, CHM and FSG file formats. Versions less than 0.86.2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2808 | | Last Modified: | Jul 28 08:29:14 2005 |
| MD5 Checksum: | 03a476cb27b0196cd4aa907828b438c9 |
|
| /// File Name: |
glsa-200507-24.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200507-24 - Several vulnerabilities in the Mozilla Suite allow attacks ranging from the execution of javascript code with elevated privileges to information leakage. Versions less than 1.7.10 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4666 | | Last Modified: | Jul 28 08:27:49 2005 |
| MD5 Checksum: | 16e6b46c85bd8d2cddb3efc3df1322c0 |
|
| /// File Name: |
lotus-disclose.txt |
Description:
|
Lotus Domino R5 WebMail versions R5, R6, and possibly R4 are susceptible to a default configuration information disclosure vulnerability.
| | Author: | Leandro Meiners | | Homepage: | http://www.cybsec.com | | File Size: | 4101 | | Last Modified: | Jul 28 08:27:35 2005 |
| MD5 Checksum: | 8bdb1304f210ca33ae05c3806dc3e086 |
|
| /// File Name: |
IBMaccess.txt |
Description:
|
The QCWLICON.exe and QCTRAY.exe binaries in IBM Access software allow anyone read access to the configuration of all connections.
| | Author: | Sylvain ROGER | | Homepage: | http://www.solucom.fr | | File Size: | 622 | | Last Modified: | Jul 28 08:17:12 2005 |
| MD5 Checksum: | 4013cb85d8d739864c6ecbc47bddbd78 |
|
| /// File Name: |
SPIbad.txt |
Description:
|
SPIDynamics WebInspect is susceptible to cross-application scripting attacks.
| | Author: | 3APA3A | | File Size: | 4159 | | Last Modified: | Jul 28 08:14:18 2005 |
| MD5 Checksum: | 4be16eabb1f4eeeb426edd19f4051175 |
|
| /// File Name: |
aresFileshare11.txt |
Description:
|
Remote exploitation of a buffer overflow vulnerability in Ares FileShare 1.1 could allow execution of arbitrary code.
| | Author: | Kozan, ATmaCA | | Homepage: | http://www.spyinstructors.com | | File Size: | 2469 | | Last Modified: | Jul 28 08:01:55 2005 |
| MD5 Checksum: | 9f8531c7ad4ee83dcb611769af317c7f |
|
| /// File Name: |
glsa-200507-23.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200507-23 - Kopete contains an internal copy of libgadu and is therefore subject to several input validation vulnerabilities in libgadu. Versions less than 3.4.1-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3161 | | Related CVE(s): | CAN-2005-1852 | | Last Modified: | Jul 28 07:52:38 2005 |
| MD5 Checksum: | 80d4a5d16ae62b0fcc165725ece0ccd0 |
|
| /// File Name: |
glsa-200507-22.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200507-22 - The Gentoo Linux Security Audit Team discovered that the sandbox utility was vulnerable to multiple TOCTOU (Time of Check, Time of Use) file creation race conditions. Versions less than 1.2.11 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2355 | | Last Modified: | Jul 28 07:52:12 2005 |
| MD5 Checksum: | d714908c4e980e691f90b3f29352f347 |
|
| /// File Name: |
glsa-200507-21.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200507-21 - fetchmail does not properly validate UIDs coming from a POP3 mail server. The UID is placed in a fixed length buffer on the stack, which can be overflown. Versions less than 6.2.5.2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2701 | | Related CVE(s): | CAN-2005-2335 | | Last Modified: | Jul 28 07:51:51 2005 |
| MD5 Checksum: | 8dc31d9667f9a16608485901c38ebd87 |
|
| /// File Name: |
clamav.pdf |
Description:
|
Clam AntiVirus (ClamAV) versions 0.86.1 and below suffer from remote heap overflows.
| | Author: | Neel Mehta, Alex Wheeler | | File Size: | 21601 | | Last Modified: | Jul 28 07:47:41 2005 |
| MD5 Checksum: | f9508af9cf88b63143dc1098b4e7655f |
|
| /// File Name: |
bedatecRealchat.txt |
Description:
|
Realchat version 3.5.1b fails to properly authenticate any logins allowing for user impersonation.
| | Author: | Andreas Beck | | Homepage: | http://www.bedatec.de/ | | File Size: | 3647 | | Last Modified: | Jul 28 07:28:56 2005 |
| MD5 Checksum: | 292651db262bcf3159bbd5181c2566b4 |
|
| /// File Name: |
GoodTechRCPT.txt |
Description:
|
GoodTech versions 5.15 and below (and 5.16 evaluation) suffer from stack overflow vulnerabilities in the handling of the RCPT TO input.
| | Author: | Raphael Rigo | | File Size: | 4440 | | Last Modified: | Jul 28 07:26:49 2005 |
| MD5 Checksum: | e0392310bbb1cacca9ba5a4300dc364d |
|
| /// File Name: |
sa16243.txt |
Description:
|
Secunia Security Advisory - FreeBSD has issued an update for zlib. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) against a vulnerable application.
| | Homepage: | http://secunia.com/advisories/16243/ | | File Size: | 2268 | | Last Modified: | Jul 28 07:02:10 2005 |
| MD5 Checksum: | 5b893aa8f428e2fd763f47eb19f5b2c3 |
|
| /// File Name: |
sa16237.txt |
Description:
|
Secunia Security Advisory - ArCaX-ATH has discovered a vulnerability in PNG Counter, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/16237/ | | File Size: | 2101 | | Last Modified: | Jul 28 07:02:10 2005 |
| MD5 Checksum: | 6bca785f69e22e3fb6aad695ab5049e9 |
|
| /// File Name: |
sa16235.txt |
Description:
|
Secunia Security Advisory - zatuzik has reported a security issue in Hosting Controller, which can be exploited by malicious users to gain knowledge of certain sensitive information.
| | Homepage: | http://secunia.com/advisories/16235/ | | File Size: | 2187 | | Last Modified: | Jul 28 07:02:10 2005 |
| MD5 Checksum: | 243d3ca4484b211872f68c430e856683 |
|
| /// File Name: |
sa16226.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in McAfee WebShield e250, which can be exploited by malicious people to bypass the user authentication.
| | Homepage: | http://secunia.com/advisories/16226/ | | File Size: | 2086 | | Last Modified: | Jul 28 07:02:10 2005 |
| MD5 Checksum: | 261ae07dafab4bb4e9a6631b6987772c |
|
| /// File Name: |
sa16224.txt |
Description:
|
Secunia Security Advisory - Lostmon has reported some vulnerabilities in BMForum Plus!, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/16224/ | | File Size: | 2638 | | Last Modified: | Jul 28 07:02:10 2005 |
| MD5 Checksum: | ae0680413a06bd283ce26452386bf973 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
