Section: .. / 0603-advisories /
| /// File Name: |
cclientBypass.txt |
Description:
|
A vulnerability in c-client library versions 2000, 2001, and 2004 allows mail_open to be used as a vector to open a stream to local files, bypassing safemode and open_basedir restrictions.
| | Author: | ced.clerget | | File Size: | 1923 | | Last Modified: | Mar 2 11:24:27 2006 |
| MD5 Checksum: | 0a71614874baf47976e877dc979dc501 |
|
| /// File Name: |
CodeScan-ASPPortal.txt |
Description:
|
ASPPortal version 3.00 is susceptible to more than ten SQL injection vulnerabilities.
| | Author: | CodeScan | | Homepage: | http://www.codescan.com/ | | File Size: | 3250 | | Last Modified: | Mar 15 05:25:45 2006 |
| MD5 Checksum: | c860d8901642d841f974a0fee1c82f05 |
|
| /// File Name: |
CodeScan-Horde.txt |
Description:
|
Horde versions 3.09 and below suffer from a unauthenticated arbitrary file reading vulnerability.
| | Author: | CodeScan | | Homepage: | http://www.codescan.com/ | | File Size: | 3787 | | Last Modified: | Mar 15 05:26:52 2006 |
| MD5 Checksum: | 466ded4592eec15dbe5071b09396dbf2 |
|
| /// File Name: |
Contrexx.txt |
Description:
|
Contrexx CMS versions greater than or equal to v1.0.8 are vulnerable to XSS.
| | Author: | Shabgard Security Team | | Homepage: | http://www.shabgard.org | | File Size: | 532 | | Last Modified: | Mar 21 23:46:52 2006 |
| MD5 Checksum: | 06ac712a17a55db96b92dc938647cfe0 |
|
| /// File Name: |
CORE-2006-0124.txt |
Description:
|
Core Security Technologies Advisory ID: CORE-2006-0124 - Cross-Site Scripting in Verisigns haydn.exe CGI script: A cross-site scripting vulnerability found in Verisigns haydn.exe could allow an attacker to execute scripting code in the machine of a user within the user's web browser with the same trust level as that of the site hosting the haydn.exe file (this is usually a trusted site, since it is used to enroll, revoke or validate certificates).
| | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 6962 | | Last Modified: | Mar 23 22:18:30 2006 |
| MD5 Checksum: | 3e07374c4cb9157b78fca5d6ec1510a3 |
|
| /// File Name: |
CORE-2006-0327.txt |
Description:
|
Core Security Technologies - Corelabs Advisory CORE-2006-0327: IAXclient is an open source library that implements the IAX2 VoIP protocol used by the Asterisk IP PBX and several VoIP software phones. Two vulnerabilities have been found in the library that may grant attackers remote execution of arbitrary code on systems using software packages that rely on it to implement the IAX2 protocol support.
| | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 11904 | | Last Modified: | Jun 11 05:39:19 2006 |
| MD5 Checksum: | b509af5b58e8d1eea0fc3bcc0d0619e9 |
|
| /// File Name: |
CT22-03-2006.txt |
Description:
|
Computer Terrorism (UK) :: Incident Response Centre :: Security Advisory :: CT22-03-2006 :: Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution
| | Homepage: | http://www.computerterrorism.com | | File Size: | 2403 | | Last Modified: | Mar 24 00:14:29 2006 |
| MD5 Checksum: | 8076d7f717f3b054472ae37e45b6b7ed |
|
| /// File Name: |
cutenews1.4.1.txt |
Description:
|
cutenews 1.4.1 allows any user to access arbitrary files due to lack of sanitization of the "archive" parameter.
| | Author: | h e | | Homepage: | http://hamid.ir/security | | File Size: | 2442 | | Last Modified: | Mar 24 00:07:27 2006 |
| MD5 Checksum: | fc853dcc2c44970a467e6d441b701a60 |
|
| /// File Name: |
CVE-2006-0745.txt |
Description:
|
CVE-2006-0745 - Local privilege escalation in X.Org server 1.0.0 and later and X11R6.9.0 and X11R7.0. When parsing arguments, the server takes care to check that only root can pass the options -modulepath, which determines the location to load many modules providing server functionality from, and -logfile, which determines the location of the logfile. Normally, these locations cannot be changed by unprivileged users.
| | Author: | Daniel Stone | | Related Exploit: | xmodulepath.tgz | | File Size: | 2691 | | Last Modified: | Mar 22 00:11:27 2006 |
| MD5 Checksum: | 60642fac47808949f86849e0c0176071 |
|
| /// File Name: |
dccDoS.txt |
Description:
|
Certain Linksys (and possibly Netgear) routers will reset an IRC connection when a malformed DCC request is received.
| | Author: | Cade Cairns | | File Size: | 753 | | Last Modified: | Mar 6 10:50:17 2006 |
| MD5 Checksum: | 1223cbc8305c5a0c74421fcdae4de570 |
|
| /// File Name: |
DMA-2006-0313a.txt |
Description:
|
DMA[2006-0313a] - Apple OSX Mail.app RFC1740 Real Name Buffer Overflow - After applying Security Update 2006-001 Mail.app becomes vulnerable to a buffer overflow that may be triggered via a properly formatted MIME Encapsuled Macintosh file. Sending a file in the AppleDouble format with a long Real Name entry will invoke the overflow. Reading through RFC1740 should provide enough information to trigger the issue. The overflow is triggered by the file that contains the AppleDouble header information.
| | Author: | Kevin Finisterre | | Homepage: | http://www.digitalmunition.com/DMA[2006-0313a].txt | | Related Exploit: | SuperTastey.pl | | File Size: | 7854 | | Last Modified: | Mar 14 23:24:53 2006 |
| MD5 Checksum: | ecf75713c657587ff99ac0445f2f3d28 |
|
| /// File Name: |
DRUPAL-SA-2006-001.txt |
Description:
|
Drupal security advisory - If you use menu.module to create a menu item, the page you point to will be accessible to all, even if it is an admin page.
| | Author: | Uwe Hermann | | Homepage: | http://www.hermann-uwe.de | | File Size: | 1890 | | Last Modified: | Mar 14 23:08:43 2006 |
| MD5 Checksum: | 41bef9b37bbb459f57ed2c0c86afb5c1 |
|
| /// File Name: |
DRUPAL-SA-2006-002.txt |
Description:
|
Drupal security advisory - Some user input sanity checking was missing. This could lead to possible cross-site scripting (XSS) attacks.
| | Author: | Uwe Hermann | | Homepage: | http://www.hermann-uwe.de | | File Size: | 1946 | | Last Modified: | Mar 14 23:09:15 2006 |
| MD5 Checksum: | 0d0fc2357d0647f1a7f5e682c944eded |
|
| /// File Name: |
DRUPAL-SA-2006-003.txt |
Description:
|
Drupal security advisory - If someone creates a clever enough URL and convinces you to click on it, and you later log in but you do not log off then the attacker may be able to impersonate you.
| | Author: | Uwe Hermann | | Homepage: | http://www.hermann-uwe.de | | File Size: | 2204 | | Last Modified: | Mar 14 23:17:42 2006 |
| MD5 Checksum: | 82c398f3b206cdd5cf52c14c0c661178 |
|
| /// File Name: |
DRUPAL-SA-2006-004.txt |
Description:
|
Drupal security advisory - Linefeeds and carriage returns were not being stripped from email headers, raising the possibility of bogus headers being inserted into outgoing email. This could lead to Drupal sites being used to send unwanted email.
| | Author: | Uwe Hermann | | Homepage: | http://www.hermann-uwe.de | | File Size: | 2038 | | Last Modified: | Mar 14 23:18:10 2006 |
| MD5 Checksum: | 23c5f84801e924d2557127a4cb280e67 |
|
| /// File Name: |
dsa-1000-1.txt |
Description:
|
Debian Security Advisory DSA 1000-1 - An algorithm weakness has been discovered in Apache2::Request, the generic request library for Apache2 which can be exploited remotely and cause a denial of service via CPU consumption.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 5654 | | Last Modified: | Mar 14 23:37:55 2006 |
| MD5 Checksum: | 9df2c945ce0f6f9181855d129e92144a |
|
| /// File Name: |
dsa-1001-1.txt |
Description:
|
Debian Security Advisory DSA 1001-1 - It was discovered that Crossfire, a multiplayer adventure game, performs insufficient bounds checking on network packets when run in "oldsocketmode", which may possibly lead to the execution of arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 12521 | | Last Modified: | Mar 14 23:37:20 2006 |
| MD5 Checksum: | a381cfe35262e005f058d5ea58f5251d |
|
| /// File Name: |
dsa-1002-1.txt |
Description:
|
Debian Security Advisory DSA 1002-1 - Several security related problems have been discovered in webcalendar, a PHP based multi-user calendar.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 3439 | | Last Modified: | Mar 15 21:11:12 2006 |
| MD5 Checksum: | 971484367b13850321ac1f97d0dc5f14 |
|
| /// File Name: |
dsa-1003-1.txt |
Description:
|
Debian Security Advisory DSA 1003-1 - Eric Romang discovered that xpvm, a graphical console and monitor for PVM, creates a temporary file that allows local attackers to create or overwrite arbitrary files with the privileges of the user running xpvm.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 7508 | | Last Modified: | Mar 17 01:17:56 2006 |
| MD5 Checksum: | 7b8aef2a0aed77a4615239f8e1a4fe0a |
|
| /// File Name: |
dsa-1004-1.txt |
Description:
|
Debian Security Advisory DSA 1004-1 - Simon Kilvington discovered that specially crafted PNG images can trigger a heap overflow in libavcodec, the multimedia library of ffmpeg, which may lead to the execution of arbitrary code. The vlc media player links statically against libavcodec.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 43913 | | Last Modified: | Mar 17 01:18:42 2006 |
| MD5 Checksum: | 0d3b0cc434959f68c8db09bf943d99f0 |
|
| /// File Name: |
dsa-1005-1.txt |
Description:
|
Debian Security Advisory DSA 1005-1 - Simon Kilvington discovered that specially crafted PNG images can trigger a heap overflow in libavcodec, the multimedia library of ffmpeg, which may lead to the execution of arbitrary code. xine-lib includes a local copy of libavcodec.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 7005 | | Last Modified: | Mar 21 22:43:38 2006 |
| MD5 Checksum: | 877cefa2220f34d9d8acb7a9f768970b |
|
| /// File Name: |
dsa-1006-1.txt |
Description:
|
Debian Security Advisory DSA 1006-1 - "kcope" discovered that the wzdftpd FTP server lacks input sanitising for the SITE command, which may lead to the execution of arbitrary shell commands.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 12991 | | Last Modified: | Mar 21 22:44:11 2006 |
| MD5 Checksum: | 3bdfb10502cb28476e9df81a709123c7 |
|
| /// File Name: |
dsa-1007-1.txt |
Description:
|
Debian Security Advisory DSA 1007-1 - The Drupal Security Team discovered several vulnerabilities in Drupal, a fully-featured content management and discussion engine.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 3505 | | Last Modified: | Mar 21 22:44:42 2006 |
| MD5 Checksum: | a963dd30f332efc75de87f312ee6daeb |
|
| /// File Name: |
dsa-1008-1.txt |
Description:
|
Debian Security Advisory DSA 1008-1 - Marcelo Ricardo Leitner noticed that the current patch in DSA 932 (CVE-2005-3627) for kpdf, the PDF viewer for KDE, does not fix all buffer overflows, still allowing an attacker to execute arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 46364 | | Last Modified: | Mar 21 22:45:26 2006 |
| MD5 Checksum: | 0981a3d6e4b059d40efc719732870855 |
|
| /// File Name: |
dsa-1009-1.txt |
Description:
|
Debian Security Advisory DSA 1009-1 - A buffer overflow has been discovered in the crossfire game which allows remote attackers to execute arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 12228 | | Last Modified: | Mar 21 22:40:53 2006 |
| MD5 Checksum: | 8f97ddf7d46a6a94600fa734981429a6 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
