Section: .. / 0606-advisories /
| /// File Name: |
06.13.06-1.txt |
Description:
|
iDefense Security Advisory 06.13.06: Windows Media Player PNG Chunk Decoding Stack-Based Buffer Overflow.
| | Homepage: | http://www.idefense.com/ | | File Size: | 5091 | | Last Modified: | Jun 14 06:41:15 2006 |
| MD5 Checksum: | 9d14e2022ec351e91b62f3afed12b8cb |
|
| /// File Name: |
06.13.06-2.txt |
Description:
|
iDefense Security Advisory 06.13.06: Microsoft Internet Explorer ART File Heap Corruption Vulnerability
| | Homepage: | http://www.idefense.com/ | | File Size: | 5369 | | Last Modified: | Jun 14 06:41:47 2006 |
| MD5 Checksum: | 094cbf479422bb354b0f24b92f1bdcea |
|
| /// File Name: |
06.13.06-3.txt |
Description:
|
iDefense Security Advisory 06.13.06: Windows MRXSMB.SYS MrxSmbCscIoctlCloseForCopyChunk DoS
| | Homepage: | http://www.idefense.com/ | | File Size: | 3739 | | Last Modified: | Jun 14 06:42:28 2006 |
| MD5 Checksum: | 5b7d241518e06a65e9248f59c0902b8f |
|
| /// File Name: |
06.13.06-4.txt |
Description:
|
iDefense Security Advisory 06.13.06: Windows MRXSMB.SYS MRxSmbCscIoctlOpenForCopyChunk Overflow
| | Homepage: | http://www.idefense.com/ | | File Size: | 3710 | | Last Modified: | Jun 14 06:42:58 2006 |
| MD5 Checksum: | 00e3c2226b4dce9181cd453acfc3c6cf |
|
| /// File Name: |
20060606-1.txt |
Description:
|
The Microsoft NetMeeting application insufficiently validates received data opening a possibility to overwrite portions of application memory causing exceptions ranging from null-pointer access to a possible code execution. Version 3.01 has been found vulnerable.
| | Homepage: | http://www.hexview.com/ | | File Size: | 2226 | | Last Modified: | Jun 12 08:49:10 2006 |
| MD5 Checksum: | 05c8e326317457e4534ec05e4544dbea |
|
| /// File Name: |
20060611-XSS |
Description:
|
List of XSS vulnerabilities received between 06/02/06 and 06/11/06. Affected software includes: LabWiki 1.0, LarkinWEB Database Development, Web Site Design Marketing and Advertising System, ASPScriptz Guest Book 2.0 , ParticleSoft Whois v1.0.3, ParticleSoft Wiki v1.0.2, GANTTy v1.0.3, MyBB 1.1.2 New XSS, PBLGuestbook v1.31, ViArt Shop v2.5.5 Free (and possibly Light, Standard, and Enterprise), E-Dating System, vSCAL and vREAL v1.0, Easy Ad-Manager, Ez Ringtone Manager, tikiwiki 1.9.x, Skoom i.List 1.5, OkMall v1.0, QuickLinks v1.1, OKArticles v1.0, iFoto v0.20-06/06/06, phazizGuestbook v2.0, Ticket Booking Script, MobeSpace v2.0, TinyMuw v1.0, Contensis CMS, Daum Search, DaNaWa Search, DreamWiz Search.
| | Author: | PSS Staff | | Homepage: | http://packetstormsecurity.org/ | | File Size: | 19761 | | Last Modified: | Jun 11 05:08:38 2006 |
| MD5 Checksum: | ec1b4e4ae4b34eb4c0fc09e140cf27ac |
|
| /// File Name: |
advisory-20060614-1.txt |
Description:
|
KDE Security Advisory - KDM allows the user to select the session type for login. This setting is permanently stored in the user home directory. By using a symlink attack, KDM can be tricked into allowing the user to read file content that would otherwise be unreadable to this particular user. This vulnerability was discovered and reported by Ludwig Nussel. Affected is KDM as shipped with KDE 3.2.0 up to including 3.5.3. KDE 3.1.x and older and newer versions than KDE 3.5.3 are not affected.
| | Homepage: | http://www.kde.org/ | | File Size: | 1695 | | Related CVE(s): | CVE-2006-2449 | | Last Modified: | Jun 21 10:02:43 2006 |
| MD5 Checksum: | 49bc86edbf7af81808abb7af3ac8b2a9 |
|
| /// File Name: |
advisory_042006.119.txt |
Description:
|
Hardened-PHP Project Security Advisory - DokuWiki comes with an AJAX spellchecking service that can be called by every visiting client without the need of authorization. Unfortunately, the spellchecking service used the /e modifier of preg_replace() to handle links that are embedded in the text to translate in an unsafe way, allowing for arbitrary code execution.
| | Author: | Stefan Esser | | Homepage: | http://www.hardened-php.net/ | | File Size: | 4239 | | Last Modified: | Jun 12 01:49:51 2006 |
| MD5 Checksum: | 562b9174dbf918f3c71d7a515920de4a |
|
| /// File Name: |
aWebNews-1.0.txt |
Description:
|
aWebNews version 1.0 suffers from a remote file disclosure vulnerability.
| | Author: | Federico Fazzi | | File Size: | 1005 | | Last Modified: | Jun 11 05:21:53 2006 |
| MD5 Checksum: | e4c68aa4ee408969656fbf20f69baa20 |
|
| /// File Name: |
aXent.txt |
Description:
|
aXentForum versions II and below suffer from a cross site scripting flaw.
| | Author: | Turkish hacker | | File Size: | 425 | | Last Modified: | Jun 26 07:42:43 2006 |
| MD5 Checksum: | 2a0252e3af6e1bbfd9bcd520f0316d4b |
|
| /// File Name: |
AzDGDatingPlatinum-1.1.0.txt |
Description:
|
AzDGDatingPlatinum v1.1.0 suffers from SQL injection in view.php.
| | Author: | CrAzY.CrAcKeR | | File Size: | 205 | | Last Modified: | Jun 29 05:21:09 2006 |
| MD5 Checksum: | f8c6d12bd208c0f43f0e59b7299b2a93 |
|
| /// File Name: |
BloggIT-1.01.txt |
Description:
|
BloggIT versions 1.01 or prior suffer from arbitrary code execution vulnerabilities.
| | Author: | Federico Fazzi | | File Size: | 1034 | | Last Modified: | Jun 11 05:22:53 2006 |
| MD5 Checksum: | 5296db63f1f03cb6742b5c5b1ef1a480 |
|
| /// File Name: |
Bookmark4U-2.0.0.txt |
Description:
|
Bookmark4U versions less than or equal to 2.0.0 suffer from remote file inclusion vulnerabilities.
| | Author: | SnIpEr_SA | | File Size: | 1356 | | Last Modified: | Jun 11 05:03:20 2006 |
| MD5 Checksum: | 6961cfd8199ab6f66b608b79f7f38c25 |
|
| /// File Name: |
Bytehoard2.1.txt |
Description:
|
Bytehoard 2.1 Epsilon/Delta suffers from a remote file inclusion vulnerability.
| | Author: | beford | | File Size: | 343 | | Last Modified: | Jun 3 06:27:14 2006 |
| MD5 Checksum: | bdf771c4ed1d6560511885f6c6600fe9 |
|
| /// File Name: |
CAForum1.0.txt |
Description:
|
CAForum 1.0 suffers from a SQL injection vulnerability allowing anyone to log in as admin.
| | Author: | omnipresent | | File Size: | 1926 | | Last Modified: | Jun 3 06:23:42 2006 |
| MD5 Checksum: | b31121b47b2df3e171adb604dfe30176 |
|
| /// File Name: |
CAID-34325.txt |
Description:
|
CAID 34325 - CA ITM, eAV, ePP scan job description field format string vulnerability
| | Author: | Ken Williams | | Homepage: | http://ca.com/ | | File Size: | 2393 | | Last Modified: | Jun 29 05:24:17 2006 |
| MD5 Checksum: | 34cef94d61b25bee674f444db67e8fbb |
|
| /// File Name: |
cisco-sa-20060628-wcs.txt |
Description:
|
Cisco Security Advisory: Multiple Vulnerabilities in Wireless Control System
| | Homepage: | http://www.cisco.com | | File Size: | 17136 | | Last Modified: | Jun 29 06:06:40 2006 |
| MD5 Checksum: | db1f3535136905e588bf525b6c75fe90 |
|
| /// File Name: |
cisco-sa-20062806-ap.txt |
Description:
|
Cisco Security Advisory: Access Point Web-Browser Interface Vulnerability: The Cisco web-browser interface for Cisco access points contains a vulnerability that could, under certain circumstances, remove the default security configuration from the managed access point and allow administrative access without validation of administrative user credentials.
| | Homepage: | http://www.cisco.com | | File Size: | 16020 | | Last Modified: | Jun 29 06:08:08 2006 |
| MD5 Checksum: | fc558a356a71a3547f858c7ce75185b3 |
|
| /// File Name: |
CiscoACSvuln.txt |
Description:
|
A vulnerability has been identified in the Cisco Secure ACS session management architecture which could be exploited by an attacker to obtain full administrative access to the web interface and thus all managed assets (routers, switches, 802.1x authenticated networks, etc). Cisco Secure ACS 4.x for Windows is affected. Legacy versions may also be affected.
| | Author: | Darren Bounds | | File Size: | 2061 | | Last Modified: | Jun 27 08:10:11 2006 |
| MD5 Checksum: | 5aaf43665f18bbe036c7431192e32b5d |
|
| /// File Name: |
clarolineXSS.txt |
Description:
|
Claroline version 1.7.7 suffers from cross site scripting vulnerabilities.
| | Author: | bug | | Homepage: | http://securitynews.ir/ | | File Size: | 928 | | Last Modified: | Jun 27 08:59:39 2006 |
| MD5 Checksum: | 7ef2b8a42ef71c4145cb932aef6ac877 |
|
| /// File Name: |
Content-Builder-0.7.5.txt |
Description:
|
Content-Builder (CMS) 0.7.5 suffers from a flaw that allows for remote command execution.
| | Author: | Federico Fazzi | | File Size: | 2112 | | Last Modified: | Jun 14 06:25:37 2006 |
| MD5 Checksum: | 982d50c31478c5f33c8d88ba3316921d |
|
| /// File Name: |
CORE-2006-0330.txt |
Description:
|
Core Security Technologies - Corelabs Advisory: CORE-2006-0330 - Asterisk PBX truncated video miniframe vulnerability
| | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 10805 | | Last Modified: | Jun 11 05:40:18 2006 |
| MD5 Checksum: | 4ae713429fce41232d7c46bbfc54acbf |
|
| /// File Name: |
CrisoftRicette-1.0pre15b.txt |
Description:
|
CrisoftRicette 1.0pre15b suffers from a remote file inclusion vulnerability.
| | Author: | CrAzY.CrAcKeR | | File Size: | 193 | | Last Modified: | Jun 29 05:17:54 2006 |
| MD5 Checksum: | afa5fb52a4cb1324312e0bb039425f27 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
