Section: .. / 0605-advisories /
| /// File Name: |
dsa-1047-1.txt |
Description:
|
Debian Security Advisory 1047-1 - A problem has been discovered in resmgr, a resource manager library daemon and PAM module, that allows local users to bypass access control rules and open any USB device when access to one device was granted.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security | | File Size: | 8887 | | Last Modified: | May 1 04:27:08 2006 |
| MD5 Checksum: | c8fff16a132d0ee27e72beb72d211a64 |
|
| /// File Name: |
SYMSA-2006-003.txt |
Description:
|
Symantec Vulnerability Research SYMSA-2006-003 - Cisco Secure ACS 3.x for Windows stores passwords for administrative users in the registry. The passwords are encrypted using the Crypto API Microsoft Base Cryptographic Provider version 1.0. Along with the passwords, ACS also stores the key used to encrypt the information.
| | Author: | Andreas Junestam | | Homepage: | http://www.symantec.com | | File Size: | 8874 | | Related CVE(s): | CVE-2006-0561 | | Last Modified: | May 17 02:59:28 2006 |
| MD5 Checksum: | 0becbb60b8417095fc88231c381bfd70 |
|
| /// File Name: |
sa20070.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mozilla-firefox. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/20070/ | | File Size: | 8737 | | Last Modified: | May 17 01:39:52 2006 |
| MD5 Checksum: | 750b0764c9c5b7518e49b58f45772fbe |
|
| /// File Name: |
sa20247.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for nagios. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20247/ | | File Size: | 8661 | | Last Modified: | May 23 12:45:46 2006 |
| MD5 Checksum: | 3889503fadd8e42ce9210af98835d273 |
|
| /// File Name: |
SSRT5911-1.txt |
Description:
|
HPSBMA02098 SSRT5911 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Privileged Access, Arbitrary Command Execution, Arbitrary File Creation
| | Homepage: | http://www.hp.com | | File Size: | 8561 | | Last Modified: | May 25 22:55:14 2006 |
| MD5 Checksum: | 49fb906ed7b33f585970a6cc09573b8c |
|
| /// File Name: |
sa20315.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for dovecot. This fixes a weakness, which can be exploited by malicious users to gain knowledge of potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/20315/ | | File Size: | 8218 | | Last Modified: | May 29 18:46:46 2006 |
| MD5 Checksum: | 2daf24a06c1b01ab482a60e458db394b |
|
| /// File Name: |
sa20166.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for fbi. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
| | Homepage: | http://secunia.com/advisories/20166/ | | File Size: | 7999 | | Last Modified: | May 23 01:09:34 2006 |
| MD5 Checksum: | 7bed94186463a8a1a4b1a0b2068e58a5 |
|
| /// File Name: |
SSRT061157-1.txt |
Description:
|
HPSBMA02121 SSRT061157 rev.1 - HP OpenView Storage Data Protector Remote Arbitrary Command Execution
| | Homepage: | http://www.hp.com | | File Size: | 7917 | | Last Modified: | May 25 22:57:08 2006 |
| MD5 Checksum: | 76f60a09c1f4d3a2caf028a6462e976b |
|
| /// File Name: |
MDKSA-2006-084.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-084: The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 7634 | | Last Modified: | May 17 17:48:53 2006 |
| MD5 Checksum: | 010201bad5e247386899caf659a142f2 |
|
| /// File Name: |
sa19898.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for resmgr. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/19898/ | | File Size: | 7620 | | Last Modified: | May 1 13:19:26 2006 |
| MD5 Checksum: | 7dd4dfa365bfd73ceaa5a498a93bf6fa |
|
| /// File Name: |
novellWhoops.txt |
Description:
|
Novell Client login form enables reading and writing from and to the clipboard of the logged-in user. Affected are Novell Client for Windows, versions 4.9 and 4.8 (On windows XP Pro and Windows 2000 Workstation).
| | Author: | Eitan Caspi | | File Size: | 7604 | | Last Modified: | May 23 04:36:47 2006 |
| MD5 Checksum: | a57670fefae1dbac70d19c4219288c02 |
|
| /// File Name: |
dsa-1064-1.txt |
Description:
|
Debian Security Advisory 1064-1 - Jason Duell discovered that cscope, a source code browsing tool, does not verify the length of file names sourced in include statements, which may potentially lead to the execution of arbitrary code through specially crafted source code files.
| | Author: | Moritz Muehlenhoff | | Homepage: | http://www.debian.org/security/ | | File Size: | 7584 | | Related CVE(s): | CVE-2004-2541 | | Last Modified: | May 22 02:24:52 2006 |
| MD5 Checksum: | 760b7c5c025a3fd2ea392dadf8b9609c |
|
| /// File Name: |
dsa-1076-1.txt |
Description:
|
Debian Security Advisory 1076-1: Michal Zalewski discovered that lynx, the popular text-mode WWW Browser, is not able to grok invalid HTML including a TEXTAREA tag with a large COLS value and a large tag name in an element that is not terminated, and loops forever trying to render the broken HTML.
| | Homepage: | http://www.debian.org/security | | File Size: | 7536 | | Last Modified: | May 29 03:38:56 2006 |
| MD5 Checksum: | 9d288b10d87bea5d4f5d0c143548dd88 |
|
| /// File Name: |
BuHa-13.txt |
Description:
|
BuHa Security-Advisory #13 - Memory Corruption Vulnerability in Internet Explorer: #7d519030
| | Homepage: | http://buha.info/board/ | | File Size: | 7462 | | Last Modified: | May 29 03:36:29 2006 |
| MD5 Checksum: | ca5cdd39bfd6713472e9611d50abef1d |
|
| /// File Name: |
FLSA-2006-152904.txt |
Description:
|
Fedora Legacy Update Advisory FLSA:152904 - Buffer overflows were found in the nwclient program. An attacker, using a long -T option, could possibly execute arbitrary code and gain privileges.
| | Homepage: | http://fedoralegacy.org | | File Size: | 7231 | | Last Modified: | May 17 17:45:03 2006 |
| MD5 Checksum: | a49223f8d73e94a1f2dda56b6d7863d5 |
|
| /// File Name: |
sa20077.txt |
Description:
|
Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
| | Homepage: | http://secunia.com/advisories/20077/ | | File Size: | 7154 | | Last Modified: | May 17 01:39:52 2006 |
| MD5 Checksum: | fdd354facce40b5826d466788659e5b6 |
|
| /// File Name: |
PGPcrack.txt |
Description:
|
A vulnerability in PGP Virtual Disks & PGP SDA , PGP 8.x, 9.x and Truecrypt has been discovered. Affected Products include: PGP 8.x, PGP 9.x (possibly earlier versions), Truecrypt 4.2 (and possibly earlier versions), Secure Email Attachments (SEA) V1.0
| | Author: | Adonis | | Homepage: | http://www.safehack.com/Advisory/pgp/PGPcrack.html | | File Size: | 6951 | | Last Modified: | May 29 01:28:08 2006 |
| MD5 Checksum: | 23c910fde91632b186e879e7645e1287 |
|
| /// File Name: |
dsa-1069-1.txt |
Description:
|
Debian Security Advisory 1069-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
| | Author: | Martin Schulze, Dann Frazier | | Homepage: | http://www.debian.org/security/ | | File Size: | 6938 | | Related CVE(s): | CVE-2004-0427, CVE-2005-0489, CVE-2004-0394, CVE-2004-0447, CVE-2004-0554, CVE-2004-0565, CVE-2004-0685, CVE-2005-0001, CVE-2004-0883, CVE-2004-0949, CVE-2004-1016, CVE-2004-1333, CVE-2004-0997, CVE-2004-1335, CVE-2004-1017, CVE-2005-0124, CVE-2005-0528, CVE-2003-0984, CVE-2004-1070, CVE-2004-1071, CVE-2004-1072, CVE-2004-1073, CVE-2004-1074, CVE-2004-0138, CVE-2004-1068, CVE-2004-1234, CVE-2005-0003, CVE-2004-1235, CVE-2005-0504, CVE-2005-0384, CVE-2005-0135 | | Last Modified: | May 22 02:33:40 2006 |
| MD5 Checksum: | 0624ddb0d704e2264ed8dac627c7b9c6 |
|
| /// File Name: |
USN-274-2.txt |
Description:
|
Ubuntu Security Notice 274-2: USN-274-1 fixed a logging bypass in the MySQL server. Unfortunately it was determined that the original update was not sufficient to completely fix the vulnerability, thus another update is necessary. We apologize for the inconvenience.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6918 | | Last Modified: | May 17 17:46:56 2006 |
| MD5 Checksum: | 2cf25004ea62c6804b97e8395487c470 |
|
| /// File Name: |
SSRT2400.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running the BINDv4 Domain Name Server (DNS). The vulnerability could be exploited to poison the DNS cache leading to remote unauthorized access or Denial of Service (DoS).
| | Homepage: | http://www.hp.com | | File Size: | 6709 | | Last Modified: | May 22 02:59:00 2006 |
| MD5 Checksum: | fedaba6b4e5114827cf2a563f34f4b52 |
|
| /// File Name: |
DMA-2006-0514a.txt |
Description:
|
ClamAV freshclam suffers from an incorrect privilege dropping vulnerability.
| | Author: | Kevin Finisterre | | Homepage: | http://www.digitalmunition.com/ | | File Size: | 6641 | | Last Modified: | May 21 23:41:59 2006 |
| MD5 Checksum: | 04cfa190d4ba3ec49511d88cd9e3f793 |
|
| /// File Name: |
sa20191.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for cscope. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/20191/ | | File Size: | 6607 | | Last Modified: | May 23 01:09:34 2006 |
| MD5 Checksum: | 591eb15221512887287dba3c23fed4fd |
|
| /// File Name: |
FLSA-2006-185355.txt |
Description:
|
Fedora Legacy Update Advisory FLSA:185355 - Tavis Ormandy discovered a bug in the way GnuPG verifies cryptographically signed data with detached signatures. It is possible for an attacker to construct a cryptographically signed message which could appear to come from a third party. When a victim processes a GnuPG message with a malformed detached signature, GnuPG ignores the malformed signature, processes and outputs the signed data, and exits with status 0, just as it would if the signature had been valid. In this case, GnuPG's exit status would not indicate that no signature verification had taken place. This issue would primarily be of concern when processing GnuPG results via an automated script.
| | Homepage: | http://fedoralegacy.org | | File Size: | 6542 | | Last Modified: | May 17 17:46:33 2006 |
| MD5 Checksum: | 76c3673374611c1455a5420db48eba48 |
|
| /// File Name: |
sa20130.txt |
Description:
|
Secunia Security Advisory - Multiple security issues and a vulnerability have been reported in WebLogic Server / Express, which can be exploited by malicious people to disclose system and sensitive information, and bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/20130/ | | File Size: | 6540 | | Last Modified: | May 17 01:39:52 2006 |
| MD5 Checksum: | 1317f8900a224f4a47a659f1b7182bee |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
