Section: .. / 0602-advisories /
| /// File Name: |
SSRT051045.txt |
Description:
|
HPSBUX02097 SSRT051045 rev.2 - HP-UX Running DNS BIND4/BIND8 as Forwarders: Remote Unauthorized Privileged Access - A potential vulnerability has been identified with the HP-UX operating system running DNS BIND4 or BIND8 configured as forwarders. The vulnerability could be exploited remotely to gain unauthorized privileged access to the DNS clients.
| | Author: | HP | | Homepage: | http://www.hp.com | | File Size: | 6972 | | Last Modified: | Feb 17 02:55:07 2006 |
| MD5 Checksum: | a551e0f71713a1904bc52814a7e1a558 |
|
| /// File Name: |
sa18934.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gnupg. This fixes a security issue, which potentially can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/18934/ | | File Size: | 6577 | | Last Modified: | Feb 18 00:46:33 2006 |
| MD5 Checksum: | d491ffa40d366e021b3875ed1605094d |
|
| /// File Name: |
DWL-G700AP.txt |
Description:
|
It is possible to crash the web interface on a D-Link DWL-G700AP by sending it a simple GET request. POC included.
| | Author: | innate | | Homepage: | http://www.excluded.org | | File Size: | 6466 | | Last Modified: | Feb 20 22:51:51 2006 |
| MD5 Checksum: | 54fe1137106d52d891bdb223424243a9 |
|
| /// File Name: |
sa18812.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for noweb. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
| | Homepage: | http://secunia.com/advisories/18812/ | | File Size: | 6319 | | Last Modified: | Feb 13 20:29:16 2006 |
| MD5 Checksum: | 27a64fd055abed9f69881c2e89548687 |
|
| /// File Name: |
MDKSA-2006-044.txt |
Description:
|
Mandriva Linux Security Advisory - A number of vulnerabilities have been discovered and corrected in the Linux 2.4 kernel.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6208 | | Last Modified: | Feb 22 20:39:15 2006 |
| MD5 Checksum: | 62819356af6f80bbb22be6bfc17bea7b |
|
| /// File Name: |
sa18834.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xpdf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18834/ | | File Size: | 6201 | | Last Modified: | Feb 14 21:21:41 2006 |
| MD5 Checksum: | 10839a9e8b484a6c3bde734ca20386b1 |
|
| /// File Name: |
dsa-967-1.txt |
Description:
|
Debian Security Advisory DSA 967-1 - Several security problems have been found in elog, an electonic logbook to manage notes. These include, but are not limited to, code executions flaws, directory traversal attacks, and format string vulnerabilities.
| | Author: | Moritz Muehlenhoff | | Homepage: | http://www.debian.org/security/ | | File Size: | 6171 | | Related CVE(s): | CVE-2006-4439, CVE-2006-0347, CVE-2006-0348, CVE-2006-0597, CVE-2006-0598, CVE-2006-0599, CVE-2006-0600 | | Last Modified: | Feb 13 07:22:00 2006 |
| MD5 Checksum: | ffcfd1a413b374812cd07e288459e1ae |
|
| /// File Name: |
sa18641.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mydns. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18641/ | | File Size: | 6159 | | Last Modified: | Feb 4 15:12:24 2006 |
| MD5 Checksum: | 87f5c4b75c5ba913426a42429c137ac4 |
|
| /// File Name: |
sa18742.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for ipsec-tools. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18742/ | | File Size: | 6091 | | Last Modified: | Feb 7 19:32:22 2006 |
| MD5 Checksum: | 8f0aa5fd2d470f523e267f48f49bd395 |
|
| /// File Name: |
sa18750.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in QNX Neutrino RTOS, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/18750/ | | File Size: | 5873 | | Last Modified: | Feb 9 01:56:34 2006 |
| MD5 Checksum: | 58ee56585bff4c68235346a6dcdc1112 |
|
| /// File Name: |
dsa-972-1.txt |
Description:
|
Debian Security Advisory DSA 972-1 - SuSE researchers discovered heap overflow errors in xpdf, the Portable Document Format (PDF) suite, which is also present in pdfkit.framework, the GNUstep framework for rendering PDF content, and which can allow attackers to cause a denial of service by crashing the application or possibly execute arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 5572 | | Last Modified: | Feb 15 19:42:49 2006 |
| MD5 Checksum: | adce3c55b797bd4d4e672620452bc841 |
|
| /// File Name: |
MDKSA-2006-040.txt |
Description:
|
Mandriva Linux Security Advisory - A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5562 | | Last Modified: | Feb 20 21:30:57 2006 |
| MD5 Checksum: | 250021f9ae91dda4362fb15b757a79f8 |
|
| /// File Name: |
sa18933.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for gnupg. This fixes a security issue, which potentially can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/18933/ | | File Size: | 5400 | | Last Modified: | Feb 20 21:08:24 2006 |
| MD5 Checksum: | 747d22d68869c8277db5b9f81a66fd34 |
|
| /// File Name: |
USN-252-1.txt |
Description:
|
Ubuntu Security Notice USN-252-1 - Tavis Ormandy discovered a potential weakness in the signature verification of gnupg. gpgv and gpg --verify returned a successful exit code even if the checked file did not have any signature at all. The recommended way of checking the result is to evaluate the status messages, but some third party applications might just check the exit code for determining whether or not a signature is valid. These applications could be tricked into erroneously reporting a valid signature.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5389 | | Last Modified: | Feb 20 21:28:09 2006 |
| MD5 Checksum: | bd1ca2294bf9f5f2615f22032099965c |
|
| /// File Name: |
CAID33581.txt |
Description:
|
The following two security vulnerability issues have been identified in the CA Message Queuing (CAM / CAFT) software: CAM is vulnerable to a Denial of Service (DoS) attack when a specially crafted message is received on TCP port 4105. CAM is vulnerable to a Denial of Service (DoS) through the spoofing of CAM control messages.
| | Author: | Ken Williams | | Homepage: | http://supportconnect.ca.com/ | | File Size: | 5322 | | Related OSVDB(s): | 21146,21147 | | Related CVE(s): | CVE-2006-0529, CVE-2006-0530 | | Last Modified: | Feb 2 21:05:35 2006 |
| MD5 Checksum: | 530d396e910f76e817041d822631f2b5 |
|
| /// File Name: |
CAID-33581.txt |
Description:
|
CAID 33581 - CA Message Queuing Denial of Service Vulnerabilities - Summary: The following two security vulnerability issues have been identified in the CA Message Queuing (CAM / CAFT) software: 1) CAM is vulnerable to a Denial of Service (DoS) attack when a specially crafted message is received on TCP port 4105. 2) CAM is vulnerable to a Denial of Service (DoS) through the spoofing of CAM control messages.
| | Author: | Ken Williams | | Homepage: | http://ca.com/ | | File Size: | 5322 | | Last Modified: | Feb 3 01:12:55 2006 |
| MD5 Checksum: | 530d396e910f76e817041d822631f2b5 |
|
| /// File Name: |
sa18681.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in various products within the CA Message Queuing (CAM / CAFT) software, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18681/ | | File Size: | 5321 | | Last Modified: | Feb 2 20:34:25 2006 |
| MD5 Checksum: | c00d40c95cf440b8103910539e64fa18 |
|
| /// File Name: |
TA06-045A.txt |
Description:
|
Technical Cyber Security Alert TA06-045A - Microsoft has released updates that address critical vulnerabilities in Windows, Windows Media Player, and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Author: | CERT | | Homepage: | http://www.us-cert.gov/ | | File Size: | 5247 | | Last Modified: | Feb 15 00:24:54 2006 |
| MD5 Checksum: | 63f2fe31ea7957552c8fec487f461436 |
|
| /// File Name: |
dsa-974-1.txt |
Description:
|
Debian Security Advisory DSA 974-1 - SuSE researchers discovered heap overflow errors in xpdf, the Portable Document Format (PDF) suite, which is also present in gpdf, the GNOME version of the Portable Document Format viewer, and which can allow attackers to cause a denial of service by crashing the application or possibly execute arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 5197 | | Last Modified: | Feb 15 19:54:37 2006 |
| MD5 Checksum: | a361d7fedc4f83d8b94b6050e838fefa |
|
| /// File Name: |
dsa-979-1.txt |
Description:
|
Debian Security Advisory DSA 979-1 - Derek Noonburg has fixed several potential vulnerabilities in xpdf, the Portable Document Format (PDF) suite, which are also present in pdfkit.framework, the GNUstep framework for rendering PDF content.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 5177 | | Last Modified: | Feb 20 21:27:12 2006 |
| MD5 Checksum: | 44046740ceeb508383f329892127745f |
|
| /// File Name: |
tam-file-retrieval.txt |
Description:
|
On December 1st, while conducting a penetration test of a TAM enabled web application, VSR identified a vulnerability in Tivoli Web Server Plug-in which is a component of Tivoli Access Manager (TAM). This flaw allows an authenticated attacker to retrieve files (which reside outside of the web root) from the web server on which the plug-in resides. It is possible to retrieve any file or list any directory which is readable by the web server software.
| | Author: | Virtual Security Research | | Homepage: | http://www.vsecurity.com/ | | File Size: | 5060 | | Last Modified: | Feb 6 04:40:54 2006 |
| MD5 Checksum: | 64cb1200a76e27f71e0e3896bcbaebac |
|
| /// File Name: |
dsa-969-1.txt |
Description:
|
Debian Security Advisory DSA 969-1 - Max Vozeller discovered a vulnerability in scponly, a utility to restrict user commands to scp and sftp, that could lead to the execution of arbitray commands as root. The system is only vulnerable if the program scponlyc is installed setuid root and if regular users have shell access to the machine.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 5045 | | Related CVE(s): | CVE-2005-4532 | | Last Modified: | Feb 14 06:20:23 2006 |
| MD5 Checksum: | d292d1eb12bfc328cf283c1c3d8463b9 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
