Section: .. / 0605-advisories /
| /// File Name: |
sa20061.txt |
Description:
|
Secunia Security Advisory - Rubén Santamarta has discovered a vulnerability in Microsoft Windows, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/20061/ | | File Size: | 2709 | | Last Modified: | May 17 01:39:51 2006 |
| MD5 Checksum: | c2bf1a5cf956edc246c263f5c94a4410 |
|
| /// File Name: |
ZDI-06-014.txt |
Description:
|
ZDI-06-014 - The Verisign i-Nav ActiveX Control suffers from a vulnerability that allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2699 | | Related CVE(s): | CVE-2006-2273 | | Last Modified: | May 21 14:40:19 2006 |
| MD5 Checksum: | 40c73a1ed2336599cdb73f5812099633 |
|
| /// File Name: |
sa19986.txt |
Description:
|
Secunia Security Advisory - o.y.6 has discovered a vulnerability in PunBB, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/19986/ | | File Size: | 2696 | | Last Modified: | May 5 05:54:58 2006 |
| MD5 Checksum: | a86ac3186cdb2977ec46cc7bc3dc7918 |
|
| /// File Name: |
sa20239.txt |
Description:
|
Secunia Security Advisory - trueend5 has discovered a vulnerability in phpwcms, which potentially can be exploited by malicious users to compromise a vulnerable system, and by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/20239/ | | File Size: | 2696 | | Last Modified: | May 23 20:47:01 2006 |
| MD5 Checksum: | 8207a5fd5e45e24d2ce0d31356463437 |
|
| /// File Name: |
pathdisclose.txt |
Description:
|
It appears that a slew of various programs written in PHP suffer from full path disclosure issues.
| | Author: | sirdarckcat | | File Size: | 2683 | | Last Modified: | May 21 23:18:38 2006 |
| MD5 Checksum: | ecb326286f7fed997f692b3d2f90bd7b |
|
| /// File Name: |
sa20269.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for php. This fixes two vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20269/ | | File Size: | 2670 | | Last Modified: | May 25 21:12:24 2006 |
| MD5 Checksum: | 8d2db18b15b007c3945cb3310f76d34b |
|
| /// File Name: |
sa20071.txt |
Description:
|
Secunia Security Advisory - Pedro Andújar has reported a vulnerability, and some security issues and weaknesses in e-Business Designer, which can be exploited by malicious people to disclose system information, conduct cross-site scripting attacks, manipulate sensitive information, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20071/ | | File Size: | 2666 | | Last Modified: | May 17 01:39:52 2006 |
| MD5 Checksum: | ae61fe345a063b3840123069b5fefcf4 |
|
| /// File Name: |
ZDI-06-015.txt |
Description:
|
ZDI-06-015 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime media player. The specific flaw exists within the parsing of H.264 content. The implicit trust of a user-supplied size value during a memory copy loop allows an attacker to create an exploitable memory corruption condition. Exploitation requires that an attacker either coerce the target to open a malformed media file or visit a website embedding the malicious file. Versions prior to 7.1 of Apple Quicktime are affected.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2662 | | Related CVE(s): | CVE-2006-1463 | | Last Modified: | May 21 15:15:50 2006 |
| MD5 Checksum: | df19f70a0f598f9afa328427a852326c |
|
| /// File Name: |
sa20046.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for apache. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/20046/ | | File Size: | 2660 | | Last Modified: | May 17 01:39:51 2006 |
| MD5 Checksum: | 4e98d6774f54b9bdb00efa420f62c965 |
|
| /// File Name: |
sa20028.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in various Sophos Anti-Virus products, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20028/ | | File Size: | 2651 | | Last Modified: | May 9 15:56:56 2006 |
| MD5 Checksum: | 3f196b6ee9b060281a16f0a35ee134be |
|
| /// File Name: |
kapda-43.txt |
Description:
|
KAPDA Advisory #43 - PHPWCMS suffers from path disclosure, cross site scripting, and local file inclusion vulnerabilities.
| | Author: | trueend5 | | Homepage: | http://www.KAPDA.ir | | File Size: | 2638 | | Last Modified: | May 23 04:40:15 2006 |
| MD5 Checksum: | b5e815efd15bd11115ca70c46e04ccbd |
|
| /// File Name: |
sa20337.txt |
Description:
|
Secunia Security Advisory - Maksymilian Arciemowicz has discovered a weakness in PHP, which can be exploited by malicious, local users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/20337/ | | File Size: | 2632 | | Last Modified: | May 30 22:22:26 2006 |
| MD5 Checksum: | 4977546a798669d5c0c9aa94ce770dd4 |
|
| /// File Name: |
sa20197.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for phpbb2. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20197/ | | File Size: | 2627 | | Last Modified: | May 23 12:45:46 2006 |
| MD5 Checksum: | 92ee623e412669544a8c11335af8fe92 |
|
| /// File Name: |
sa19973.txt |
Description:
|
Secunia Security Advisory - A vulnerability with an unknown impact has been reported in the Invision Community Blog module for Invision Power Board.
| | Homepage: | http://secunia.com/advisories/19973/ | | File Size: | 2613 | | Last Modified: | May 5 05:54:58 2006 |
| MD5 Checksum: | f2b7e2fecff956e5d36f8ccc9ff6a67a |
|
| /// File Name: |
sa20009.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Rising Antivirus, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/20009/ | | File Size: | 2600 | | Last Modified: | May 30 22:22:26 2006 |
| MD5 Checksum: | 8f201787bd925b49d295df44612e1d6c |
|
| /// File Name: |
sa20347.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Hitachi HITSENSER3, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/20347/ | | File Size: | 2559 | | Last Modified: | May 31 17:33:01 2006 |
| MD5 Checksum: | c61f6195279a02da4d0b8ca40c7cfb7c |
|
| /// File Name: |
sa20210.txt |
Description:
|
Secunia Security Advisory - SGI has issued a patch for SGI Advanced Linux Environment. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, by malicious users to cause a DoS (Denial of Service), manipulate certain information, and compromise a vulnerable system, or by malicious people to use PHP as an open mail relay, gain knowledge of potentially sensitive information, conduct cross-site scripting attacks and script insertion attacks, cause a DoS, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20210/ | | File Size: | 2549 | | Last Modified: | May 25 04:22:54 2006 |
| MD5 Checksum: | 341586239db348f8f176921cb63a75a4 |
|
| /// File Name: |
ZDI-06-016.txt |
Description:
|
ZDI-06-016 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory. Exploitation does not require authentication. Affected are Novell eDirectory version 8.8 and Novell iMonitor version 2.4.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2546 | | Related CVE(s): | CVE-2006-2496 | | Last Modified: | May 24 05:03:24 2006 |
| MD5 Checksum: | 6ca474be94fe39518a6b982b4e055771 |
|
| /// File Name: |
Wavecon-Open-Xchange.txt |
Description:
|
Wavecon Advisory: Open-Xchange versions less than or equal to 0.8.2 defaultuser with /bin/bash and default password.
| | Homepage: | http://www.wavecon.de | | File Size: | 2544 | | Last Modified: | May 29 03:52:26 2006 |
| MD5 Checksum: | 0ccf1216f89f1cdacc1c0b8a2bc0a409 |
|
| /// File Name: |
sa20029.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Exchange Server, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20029/ | | File Size: | 2540 | | Last Modified: | May 9 15:56:56 2006 |
| MD5 Checksum: | 3dba3c83ae8a7d9ce15600a1cd05d366 |
|
| /// File Name: |
glsa-200605-11.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200605-11 - Ruby uses blocking sockets for WEBrick and XMLRPC servers. Versions less than 1.8.4-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2532 | | Last Modified: | May 17 17:32:00 2006 |
| MD5 Checksum: | e8ad98eadea703f883b04dcef7574cb8 |
|
| /// File Name: |
sa20361.txt |
Description:
|
Secunia Security Advisory - Will Dormann has reported a vulnerability in WeOnlyDo wodSFTP, which can be exploited by malicious people to disclose sensitive information and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/20361/ | | File Size: | 2522 | | Last Modified: | May 31 17:33:01 2006 |
| MD5 Checksum: | 6c29220388626e42adbb2abe7fd27255 |
|
| /// File Name: |
msdtcndrallocate.txt |
Description:
|
There is an RPC procedure within the MSDTC interface in msdtcprx.dll that may be called remotely without user credentials in such a way that triggers a denial of service in the Microsoft Distributed Transaction Coordinator (MSDTC) service.
| | Author: | Chen Xiaobo | | File Size: | 2521 | | Related CVE(s): | CVE-2006-0034 | | Last Modified: | May 21 14:46:15 2006 |
| MD5 Checksum: | 640ac3eb8c761abd8d6198b0e364e268 |
|
| /// File Name: |
MDKSA-2006-083.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-083: A race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 2519 | | Last Modified: | May 17 17:49:11 2006 |
| MD5 Checksum: | 13bd5d34120c6931c24b26d65c1f0472 |
|
| /// File Name: |
sa20358.txt |
Description:
|
Secunia Security Advisory - Mustafa Can Bjorn has reported some vulnerabilities in F@cile Interactive Web, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20358/ | | File Size: | 2514 | | Last Modified: | May 29 18:46:46 2006 |
| MD5 Checksum: | 11b0b9d7c2241c93e056a6f42d5d1504 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
