Section: .. / 0605-advisories /
| /// File Name: |
sa20162.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for kernel-source-2.4.16. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information, cause a DoS (Denial of Service), gain escalated privileges, and by malicious people to cause a DoS, and disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/20162/ | | File Size: | 5347 | | Last Modified: | May 23 01:09:34 2006 |
| MD5 Checksum: | 9084a5e2c3105f327adcda62da351fce |
|
| /// File Name: |
outgunx.txt |
Description:
|
Outgun versions 1.0.3 bot 2 and below suffer from various flaws including a buffer overflow and invalid memory access.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | outgunx.zip | | File Size: | 5266 | | Last Modified: | May 21 23:04:01 2006 |
| MD5 Checksum: | 597be3dc18c5a368a3c88ca7b4b97552 |
|
| /// File Name: |
glsa-200605-09.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200605-09 - Several vulnerabilities were found and fixed in Mozilla Thunderbird. Versions less than 1.0.8 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 5241 | | Last Modified: | May 9 17:17:10 2006 |
| MD5 Checksum: | 9d346d3721538b88beac4708aa243a81 |
|
| /// File Name: |
quake3-vuln.txt |
Description:
|
Two independent vulnerabilities (client and server side) have been discovered in the Quake3 engine and many derived games.
| | Author: | Thilo Schulz | | File Size: | 5229 | | Last Modified: | May 17 18:10:33 2006 |
| MD5 Checksum: | 9989c487ac7d58a57212b391c9cfa6c2 |
|
| /// File Name: |
dsa-1074-1.txt |
Description:
|
Debian Security Advisory 1074-1: A. Alejandro Hernández discovered a vulnerability in mpg123, a command-line player for MPEG audio files. Insufficient validation of MPEG 2.0 layer 3 files results in several buffer overflows.
| | Homepage: | http://www.debian.org/security | | File Size: | 5045 | | Last Modified: | May 25 23:01:27 2006 |
| MD5 Checksum: | ba9c5d5f1c4d243e99ba3f640d3a651c |
|
| /// File Name: |
dsa-1062-1.txt |
Description:
|
Debian Security Advisory 1062-1 - Sven Dreyer discovered that KPhone, a Voice over IP client for KDE, creates a configuration file world-readable, which could leak sensitive information like SIP passwords.
| | Author: | Moritz Muehlenhoff | | Homepage: | http://www.debian.org/security/ | | File Size: | 5008 | | Related CVE(s): | CVE-2006-2442 | | Last Modified: | May 22 02:22:36 2006 |
| MD5 Checksum: | 840ceff171d8f41a3d0336be165a3218 |
|
| /// File Name: |
dsa-1065-1.txt |
Description:
|
Debian Security Advisory 1065-1 - Matteo Rosi and Leonardo Maccari discovered that hostapd, a wifi network authenticator daemon, performs insufficient boundary checks on a key length value, which might be exploited to crash the service.
| | Author: | Moritz Muehlenhoff | | Homepage: | http://www.debian.org/security/ | | File Size: | 4987 | | Related CVE(s): | CVE-2006-2213 | | Last Modified: | May 22 02:25:41 2006 |
| MD5 Checksum: | 703b95d47d5c83f72f9de44ecd56d174 |
|
| /// File Name: |
dsa-1077-1.txt |
Description:
|
Debian Security Advisory 1077-1: Michael Zalewski discovered that lynx, the popular text-mode WWW Browser, is not able to grok invalid HTML including a TEXTAREA tag with a large COLS value and a large tag name in an element that is not terminated, and loops forever trying to render the broken HTML. The same code is present in lynx-ssl.
| | Homepage: | http://www.debian.org/security | | File Size: | 4968 | | Last Modified: | May 29 03:39:03 2006 |
| MD5 Checksum: | 66ed9dd2153f9819ad5f7bed2ba41c86 |
|
| /// File Name: |
dsa-1052-1.txt |
Description:
|
Debian Security Advisory 1052-1 - Several buffer overflows have been discovered in cgiirc, a web-based IRC client, which could be exploited to execute arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security | | File Size: | 4893 | | Related CVE(s): | CVE-2006-2148 | | Last Modified: | May 9 16:29:56 2006 |
| MD5 Checksum: | cac61ad22493469ada90f1144f547884 |
|
| /// File Name: |
IdealBBASP.txt |
Description:
|
IdealBB ASP Bulletin Board versions 1.5.4a and below suffer from file reading, file upload, and cross site scripting flaws.
| | Author: | CodeScan Labs | | File Size: | 4778 | | Last Modified: | May 9 16:34:18 2006 |
| MD5 Checksum: | b7974a3e2b8d8895034588bbdf00e1a4 |
|
| /// File Name: |
TZO-072006-Xampp.txt |
Description:
|
XAMPP version 1.5.2 is susceptible to multiple privilege escalation flaws and a rogue autostart vulnerability.
| | Author: | Thierry Zoller | | Homepage: | http://secdev.zoller.lu/ | | File Size: | 4735 | | Last Modified: | May 22 03:23:07 2006 |
| MD5 Checksum: | 0400aa7b17ef7dce2b10569b91329299 |
|
| /// File Name: |
BuHa-12.txt |
Description:
|
BuHa Security-Advisory #12 - Denial of Service bug in Internet Explorer: #7d6d2db
| | Homepage: | http://buha.info/board/ | | File Size: | 4726 | | Last Modified: | May 29 03:35:34 2006 |
| MD5 Checksum: | 503fb1340d56ce3ab67b5c62f50aea61 |
|
| /// File Name: |
TA06-129A.txt |
Description:
|
Technical Cyber Security Alert TA06-129A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Exchange Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Homepage: | http://cert.org/ | | File Size: | 4640 | | Related CVE(s): | CVE-2006-0027, CVE-2006-0024, CVE-2005-2628 | | Last Modified: | May 21 13:53:19 2006 |
| MD5 Checksum: | 366fc6c2a49729d2194d0828f1f2a80d |
|
| /// File Name: |
sa20221.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for quagga. This fixes two security issues and a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service), and by malicious people to bypass certain security restrictions and to disclose system information.
| | Homepage: | http://secunia.com/advisories/20221/ | | File Size: | 4550 | | Last Modified: | May 23 01:09:34 2006 |
| MD5 Checksum: | b9230d8550c176bfaf8e21feb4bd154f |
|
| /// File Name: |
sa20157.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and bypass certain security restrictions, and by malicious people to cause a DoS (Denial of Service), disclose certain system information and potentially to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/20157/ | | File Size: | 4457 | | Last Modified: | May 21 13:31:04 2006 |
| MD5 Checksum: | c0cf1dd4df239cb8489ce73e631f7b40 |
|
| /// File Name: |
ASPR-2006-05-17-1.txt |
Description:
|
ACROS Security Problem Report #2006-05-17-1 - A buffer overflow vulnerability in Retroclient service can be exploited to crash Retrospect clients in the network. This enables an attacker to easily disable the backup process throughout an organization. Affected is the Retrospect 7.5 client for Windows.
| | Homepage: | http://www.acrossecurity.com/ | | File Size: | 4439 | | Last Modified: | May 24 05:01:44 2006 |
| MD5 Checksum: | 1f9e18c5fbdebdd46a9ad0e699722ebf |
|
| /// File Name: |
VSR-2006-05-23.txt |
Description:
|
On April 18th, 2006 VSR has identified a stack overflow in the PDF Tools AG PDF Form Filling and Flattening tool. Although this is a traditional command line utility there may be a risk to those users of the application who use it within web application or a network service, particularly when relying on user supplied input to generate the PDF form field name or value pairs.
| | Homepage: | http://www.vsecurity.com/ | | File Size: | 4424 | | Last Modified: | May 26 18:43:54 2006 |
| MD5 Checksum: | b6ed72429d95e4de71ab22b8e31caed7 |
|
| /// File Name: |
realvnc411.txt |
Description:
|
RealVNC version 4.1.1 suffers from a remote compromise flaw due to handing authentication duties client-side.
| | Author: | James Evans | | File Size: | 4339 | | Last Modified: | May 21 23:46:41 2006 |
| MD5 Checksum: | 2a926f9437c01a41f218451271499922 |
|
| /// File Name: |
sa20275.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mpg123. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/20275/ | | File Size: | 4283 | | Last Modified: | May 25 04:22:54 2006 |
| MD5 Checksum: | 364919b27d7827260c4def6603bc31fd |
|
| /// File Name: |
sa19985.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for cgiirc. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/19985/ | | File Size: | 4230 | | Last Modified: | May 9 15:56:56 2006 |
| MD5 Checksum: | dbb46992f71e2446dd40e3671239cdb6 |
|
| /// File Name: |
sa20069.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in QuickTime, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/20069/ | | File Size: | 4209 | | Last Modified: | May 17 01:39:52 2006 |
| MD5 Checksum: | feba22ef1b31005b27bc3fb9cfc81700 |
|
| /// File Name: |
USN-279-1.txt |
Description:
|
Ubuntu Security Notice 279-1 - Jayesh KS discovered that the nasl_split() function in the NASL (Nessus Attack Scripting Language) library did not check for a zero-length separator argument, which lead to an invalid memory allocation. This library is primarily used in the Nessus security scanner; a remote attacker could exploit this vulnerability to cause the Nessus daemon to crash.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4202 | | Related CVE(s): | CVE-2006-2093 | | Last Modified: | May 6 16:53:57 2006 |
| MD5 Checksum: | f71099bc40e5058fd03cb9af1c23da60 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
