Section: .. / 0601-advisories /
| /// File Name: |
sa18308.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/18308/ | | File Size: | 4622 | | Last Modified: | Jan 6 18:58:29 2006 |
| MD5 Checksum: | 0c6ef4b94ed9d0bf679514117b2b75e7 |
|
| /// File Name: |
sa18433.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for fetchmail. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18433/ | | File Size: | 4608 | | Last Modified: | Jan 14 06:07:24 2006 |
| MD5 Checksum: | ed2c3006e50aadfa8ad9772ab30ec0d5 |
|
| /// File Name: |
USN-235-1.txt |
Description:
|
Ubuntu Security Notice USN-235-1 - Charles Morris discovered a privilege escalation vulnerability in sudo. On executing Perl scripts with sudo, various environment variables that affect Perl's library search path were not cleaned properly. If sudo is set up to grant limited sudo execution of Perl scripts to normal users, this could be exploited to run arbitrary commands as the target user.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4553 | | Related CVE(s): | CVE-2005-4158 | | Last Modified: | Jan 8 06:16:17 2006 |
| MD5 Checksum: | daeb0e42bb6c6f4f3612de4c9a603f73 |
|
| /// File Name: |
MDKSA-2006-020.txt |
Description:
|
Mandriva Linux Security Advisory - The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in ipsec-tools racoon before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4546 | | Last Modified: | Jan 27 08:38:51 2006 |
| MD5 Checksum: | eaa52f05e291fd353a374be6b0bf962e |
|
| /// File Name: |
sa18363.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/18363/ | | File Size: | 4541 | | Last Modified: | Jan 10 04:51:06 2006 |
| MD5 Checksum: | 03ab5138bc88c149309a21e0cb897159 |
|
| /// File Name: |
sa18280.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for cpio. This fixes a vulnerability, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18280/ | | File Size: | 4537 | | Last Modified: | Jan 4 05:21:16 2006 |
| MD5 Checksum: | 882fedbb69acc18785938a3656df1694 |
|
| /// File Name: |
sa18476.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for tuxpaint. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
| | Homepage: | http://secunia.com/advisories/18476/ | | File Size: | 4483 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | e5adb3fa7971d104dc6c8667f10d3cbd |
|
| /// File Name: |
USN-242-1.txt |
Description:
|
Ubuntu Security Notice USN-242-1 - Aliet Santiesteban Sifontes discovered a remote denial of service vulnerability in the attachment handler of mailman. An email with an attachment whose filename contained invalid UTF-8 characters caused mailman to crash. Mailman did not sufficiently verify the validity of email dates. Very large numbers in dates caused mailman to crash.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4374 | | Related CVE(s): | CVE-2005-3573, CVE-2005-4153 | | Last Modified: | Jan 22 00:54:38 2006 |
| MD5 Checksum: | b2f166cc50d43a8c725260c0bad97de9 |
|
| /// File Name: |
sa18529.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in various F-Secure products, which can be exploited by malware to bypass detection or malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18529/ | | File Size: | 4331 | | Last Modified: | Jan 19 18:33:40 2006 |
| MD5 Checksum: | 6e31aa316437e2cb71db1f34d731cffa |
|
| /// File Name: |
USN-234-1.txt |
Description:
|
Ubuntu Security Notice USN-234-1 - Richard Harms discovered that cpio did not sufficiently validate file properties when creating archives. Files with e. g. a very large size caused a buffer overflow.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4314 | | Related CVE(s): | CVE-2005-4268 | | Last Modified: | Jan 3 03:50:58 2006 |
| MD5 Checksum: | aaadcc9c33136e60bc692736218c04e4 |
|
| /// File Name: |
TA06-010A.txt |
Description:
|
Technical Cyber Security Alert TA06-010A - Microsoft has released updates that address critical vulnerabilities in Windows, Outlook, and Exchange. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Homepage: | http://www.us-cert.gov | | File Size: | 4287 | | Related CVE(s): | CVE-2006-0002, CVE-2006-0010 | | Last Modified: | Jan 11 07:17:43 2006 |
| MD5 Checksum: | a93b658e9fa476065cda39f686810137 |
|
| /// File Name: |
sa18436.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gpdf. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18436/ | | File Size: | 4271 | | Last Modified: | Jan 14 06:07:24 2006 |
| MD5 Checksum: | f1c940264ea71d6913adcfbb62acd6a0 |
|
| /// File Name: |
sa18612.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mailman. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18612/ | | File Size: | 4265 | | Last Modified: | Jan 26 11:07:43 2006 |
| MD5 Checksum: | 6f09570443f3f9491b2dd9ef134c1e63 |
|
| /// File Name: |
dsa-930-1.txt |
Description:
|
Debian Security Advisory DSA 930-1 - Ulf Harnhammar from the Debian Security Audit project discovered a format string attack in the logging code of smstools, which may be exploited to execute arbitrary code with root privileges.
| | Author: | Steve Kemp | | Homepage: | http://www.debian.org/security/ | | File Size: | 4230 | | Related CVE(s): | CVE-2006-0083 | | Last Modified: | Jan 10 05:41:57 2006 |
| MD5 Checksum: | e41cb8151709bcee68295233a15fbef9 |
|
| /// File Name: |
glsa-200601-10.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-10 - Adam Gowdiak discovered multiple vulnerabilities in the Java Runtime Environment's Reflection APIs that may allow untrusted applets to elevate privileges. Versions less than 1.4.2.09 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4218 | | Last Modified: | Jan 22 00:56:35 2006 |
| MD5 Checksum: | 864ded9758612470ea0c0852d6d9ffbb |
|
| /// File Name: |
MDKSA-2006-019.txt |
Description:
|
Mandriva Linux Security Advisory - A heap overflow vulnerability was discovered in kjs, the KDE JavaScript interpreter engine. An attacker could create a malicious web site that contained carefully crafted JavaScript code that could trigger the flaw and potentially lead to the arbitrary execution of code as the user visiting the site.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4216 | | Last Modified: | Jan 25 09:34:22 2006 |
| MD5 Checksum: | 975d834c6fff19e2226ddf800dcffdbc |
|
| /// File Name: |
dsa-929-1.txt |
Description:
|
Debian Security Advisory DSA 929-1 - Steve Kemp from the Debian Security Audit project discovered a buffer overflow in petris, a clone of the Tetris game, which may be exploited to execute arbitrary code with group games privileges.
| | Author: | Steve Kemp | | Homepage: | http://www.debian.org/security/ | | File Size: | 4183 | | Related CVE(s): | CVE-2005-3540 | | Last Modified: | Jan 10 05:40:56 2006 |
| MD5 Checksum: | 69b6ace45aaec6bd6cfde7e0cd729e2f |
|
| /// File Name: |
sa18381.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for pound. This fixes two vulnerabilities, which potentially can be exploited by malicious people to conduct HTTP request smuggling attacks and to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18381/ | | File Size: | 4136 | | Last Modified: | Jan 11 06:48:09 2006 |
| MD5 Checksum: | 0457d1d10f91cf068a81a62b6541d2ea |
|
| /// File Name: |
sa18368.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Outlook / Exchange, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18368/ | | File Size: | 4099 | | Last Modified: | Jan 11 06:48:09 2006 |
| MD5 Checksum: | c87b99e958e823cbaee0272623983e14 |
|
| /// File Name: |
MDKSA-2006-023.txt |
Description:
|
Mandriva Linux Security Advisory - Javier Fernandez-Sanguino Pena discovered that the perl Net::SSLeay module used the file /tmp/entropy as a fallback entropy source if a proper source was not set via the environment variable EGD_PATH. This could potentially lead to weakened cryptographic operations if an attacker was able to provide a /tmp/entropy file with known content.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4047 | | Last Modified: | Jan 27 07:52:44 2006 |
| MD5 Checksum: | 2ad28c9ed368d47b676f2bc3b0b6d2b5 |
|
| /// File Name: |
sa18387.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for cups. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18387/ | | File Size: | 4025 | | Last Modified: | Jan 12 01:49:01 2006 |
| MD5 Checksum: | 762903e0db60987413d9f212e1af4194 |
|
| /// File Name: |
sa18328.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Lotus Domino, which potentially can be exploited by malicious users to cause a DoS (Denial of Service), or with unknown impact.
| | Homepage: | http://secunia.com/advisories/18328/ | | File Size: | 4023 | | Last Modified: | Jan 8 03:10:27 2006 |
| MD5 Checksum: | dac2083fd431ce0d83d62dcc09a011a4 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
