Section: .. / 0601-advisories /
| /// File Name: |
sa18277.txt |
Description:
|
Secunia Security Advisory - FX has reported some vulnerabilities in BlackBerry Enterprise Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18277/ | | File Size: | 2936 | | Last Modified: | Jan 3 03:31:52 2006 |
| MD5 Checksum: | 32890ec79a92af763fbf90779b535a92 |
|
| /// File Name: |
NetBSD-SA2006-001.txt |
Description:
|
NetBSD Security Advisory 2006-001 - The kernfs filesystem does not validate file offsets properly and a userlevel non-privileged process can read arbitrary kernel memory locations.
| | Homepage: | http://www.NetBSD.org/Security/ | | File Size: | 2929 | | Last Modified: | Jan 10 05:53:04 2006 |
| MD5 Checksum: | 7c3395740681de7aea30a35cf4e00e2b |
|
| /// File Name: |
sa18496.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for albatross. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18496/ | | File Size: | 2920 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 7281bd2f89053443849db55ea735d601 |
|
| /// File Name: |
EEYEB-20051229.txt |
Description:
|
eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in QuickTime Player. There is a stack overflow in the way QuickTime processes qtif format files. An attacker can create a qtif file and send it to the user via email, web page, or qtif file with activex and can directy overflow a function pointer immediately used so it can bypass any stack overflow protection in systems such as xp sp2 and 2003 sp1.
| | Author: | Fang Xing | | Homepage: | http://www.eeye.com/ | | File Size: | 2869 | | Related CVE(s): | CAN-2005-3713 | | Last Modified: | Jan 15 16:29:29 2006 |
| MD5 Checksum: | fd3c67532e14fda9f8c490bc19e11c82 |
|
| /// File Name: |
glsa-200601-03.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-03 - Patrice Fournier discovered that HylaFAX runs the notify script on untrusted user input. Furthermore, users can log in without a password when HylaFAX is installed with the pam USE-flag disabled. Versions less than 4.2.3-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2867 | | Last Modified: | Jan 8 06:33:52 2006 |
| MD5 Checksum: | 83ffe9f2f439954f90015fa3ca4bd7b0 |
|
| /// File Name: |
sa18593.txt |
Description:
|
Secunia Security Advisory - Two security issues and a vulnerability have been reported in WebLogic Portal, which potentially can be exploited by malicious people to disclose sensitive information and bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/18593/ | | File Size: | 2858 | | Last Modified: | Jan 25 07:44:12 2006 |
| MD5 Checksum: | ccbf504856da23e8e789d1f7a70a7607 |
|
| /// File Name: |
msvc-featurebug.txt |
Description:
|
MSVC 6.0 run file bug - Generally authors offer code as a project with source, headers, and msvc project files if it is a fairly big project. Most users will simply open up the project.dsw file, ( especialy if it says to do so in a readme.txt or other compiler instructions ) which in turn loads the project.dsp files, which provides the compiler directives. A malicious attacker could embed commands to be executed in the project files, and execute any local code of his choosing.
| | Author: | Morning Wood | | Homepage: | http://exploitlabs.com/ | | Related Exploit: | msvc-featurebug-POC.zip | | File Size: | 2853 | | Last Modified: | Jan 26 07:03:41 2006 |
| MD5 Checksum: | 0c248cd49ab8ad3ee57aa294c53a01a9 |
|
| /// File Name: |
MDKSA-2006-001.txt |
Description:
|
Mandriva Linux Security Advisory - Javier Fernandez-Sanguino Pena discovered that tkdiff created temporary files in an insecure manner.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2853 | | Last Modified: | Jan 5 02:21:02 2006 |
| MD5 Checksum: | 243e1d1eeb639190ce02517b9df55036 |
|
| /// File Name: |
sa18431.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in PHP, which can be exploited by malicious people to conduct HTTP response splitting attacks, potentially conduct cross-site scripting attacks, and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18431/ | | File Size: | 2843 | | Last Modified: | Jan 14 06:07:24 2006 |
| MD5 Checksum: | 958514ce06fef3f65859a977ebde53a3 |
|
| /// File Name: |
sa18293.txt |
Description:
|
Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered two vulnerabilities and a security issue in TinyPHPForum, which can be exploited by malicious people to conduct script insertion attacks and disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/18293/ | | File Size: | 2818 | | Last Modified: | Jan 6 18:58:29 2006 |
| MD5 Checksum: | 4d1619e16bb9e48c56fe7542bc40feb1 |
|
| /// File Name: |
sa18503.txt |
Description:
|
Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix various vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable or a user's system.
| | Homepage: | http://secunia.com/advisories/18503/ | | File Size: | 2815 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 21273823a6fb68160aa1771f94c561b2 |
|
| /// File Name: |
sa18370.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18370/ | | File Size: | 2793 | | Last Modified: | Jan 12 01:49:01 2006 |
| MD5 Checksum: | 13dff9141b4eaa22c5be846c56ae840d |
|
| /// File Name: |
sa18474.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for tuxpaint. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
| | Homepage: | http://secunia.com/advisories/18474/ | | File Size: | 2770 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 46d776141aed2f14da10c9198e294889 |
|
| /// File Name: |
sa18141.txt |
Description:
|
Secunia Security Advisory - ovt has reported a vulnerability in Cisco Secure ACS (Access Control Server), which potentially can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/18141/ | | File Size: | 2763 | | Last Modified: | Jan 4 05:21:16 2006 |
| MD5 Checksum: | f676e5fde0ac0a99add5510bee275f91 |
|
| /// File Name: |
sa18590.txt |
Description:
|
Secunia Security Advisory - Peter Winter-Smith of NGSSoftware has reported a vulnerability in Red Hat Directory Server and Red Hat Certificate System, which can be exploited by malicious, local users to gain escalated privileges and potentially by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18590/ | | File Size: | 2745 | | Last Modified: | Jan 27 07:43:36 2006 |
| MD5 Checksum: | 4f4ad7080931938d39a30a2c8c89da7d |
|
| /// File Name: |
sa18478.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18478/ | | File Size: | 2744 | | Last Modified: | Jan 19 03:04:53 2006 |
| MD5 Checksum: | f92053dddac7fa95cc257a6e3b0a69f5 |
|
| /// File Name: |
glsa-200601-11.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-11 - Maksim Orlovich discovered an incorrect bounds check in kjs when handling URIs. Versions less than 3.4.3-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2742 | | Last Modified: | Jan 25 09:31:02 2006 |
| MD5 Checksum: | 9a77663768cfd3a1f5ad681c82f30094 |
|
| /// File Name: |
glsa-200601-12.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-12 - Christophe Truc discovered that Trac fails to properly sanitize input passed in the URL. Versions less than 0.9.3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2734 | | Last Modified: | Jan 27 07:46:19 2006 |
| MD5 Checksum: | 20d6daeceb53b5ef8cbcb604eb1c34df |
|
| /// File Name: |
sa18288.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Blue Coat WinProxy, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18288/ | | File Size: | 2732 | | Last Modified: | Jan 6 18:58:29 2006 |
| MD5 Checksum: | a8e44e40c657331746573a0ac12e1c56 |
|
| /// File Name: |
sa18489.txt |
Description:
|
Secunia Security Advisory - Mandrake has issued an update for hylafax. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and by malicious users to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18489/ | | File Size: | 2726 | | Last Modified: | Jan 19 03:04:53 2006 |
| MD5 Checksum: | 57aec1b62257e40b2a22b20613e0fd8d |
|
| /// File Name: |
sa18314.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported HylaFAX, which can be exploited by malicious people to bypass certain security restrictions and by malicious users to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18314/ | | File Size: | 2718 | | Last Modified: | Jan 6 18:58:29 2006 |
| MD5 Checksum: | 7edd89a4f7d55afd5d8dde9f647bc027 |
|
| /// File Name: |
glsa-200601-05.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-05 - The error logging functions of mod_auth_pgsql fail to validate certain strings before passing them to syslog, resulting in format string vulnerabilities. Versions less than 2.0.3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2707 | | Last Modified: | Jan 11 07:13:31 2006 |
| MD5 Checksum: | c37ba73e107db83794f84cf120c6b92e |
|
| /// File Name: |
rh-servers.txt |
Description:
|
Peter Winter-Smith of NGSSoftware has discovered a high risk vulnerability in Red Hat Directory Server and Red Hat Certificate Server. It is possible that under certain circumstances these flaws could permit an unauthenticated attacker to remotely compromise the Directory or Certificate server, in other circumstances this flaw could facilitate local privilege escalation to root.
| | Author: | NGSSoftware Insight Security Research | | Homepage: | http://www.ngssoftware.com | | File Size: | 2701 | | Last Modified: | Jan 26 10:25:21 2006 |
| MD5 Checksum: | 29d4e8fe239421f630edef10147905a8 |
|
| /// File Name: |
sa17418.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered two security issues in ADOdb, which can be exploited by malicious people to disclose system information, execute arbitrary SQL code, and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/17418/ | | File Size: | 2697 | | Last Modified: | Jan 10 04:51:06 2006 |
| MD5 Checksum: | e059cc6fd802c8e0f83e15031be89f83 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
