Section: .. / 0608-advisories /
| /// File Name: |
USN-337-1.txt |
Description:
|
Ubuntu Security Notice USN-337-1 - Damian Put discovered a buffer overflow in imagemagick's SGI file format decoder. By tricking an user or automated system into processing a specially crafted SGI image, this could be exploited to execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 14117 | | Related CVE(s): | CVE-2006-4144 | | Last Modified: | Aug 27 14:05:35 2006 |
| MD5 Checksum: | 53dbd706659088c959b65c8a7ae5db88 |
|
| /// File Name: |
USN-336-1.txt |
Description:
|
Ubuntu Security Notice USN-336-1 - A buffer overflow was discovered in gas (the GNU assembler). By tricking an user or automated system (like a compile farm) into assembling a specially crafted source file with gcc or gas, this could be exploited to execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 7498 | | Last Modified: | Aug 27 14:04:56 2006 |
| MD5 Checksum: | 4b927c0702b7bf9cc3a7a0792e072a7e |
|
| /// File Name: |
EEYEB-20060703.txt |
Description:
|
eEye Digital Security has discovered a security vulnerability in IBM's eGatherer ActiveX control. This is the second vulnerability found in this control by eEye Research, the first being from Drew Copley. This control is typically installed by default on IBM workstations and laptops, and is used by default for auto-finding drivers/updates on IBM's/Lenovo's support site.
| | Author: | Andre Derek Protas | | Homepage: | http://www.eeye.com/ | | File Size: | 4844 | | Last Modified: | Aug 27 13:53:37 2006 |
| MD5 Checksum: | 4e5a3bc31eee6ca62b7f8bf8c82d6cc9 |
|
| /// File Name: |
MDKSA-2006-143.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-143 - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 21168 | | Related CVE(s): | CVE-2006-2613, CVE-2006-2894, CVE-2006-2775, CVE-2006-2776, CVE-2006-2777, CVE-2006-2778, CVE-2006-2779, CVE-2006-2780, CVE-2006-2782, CVE-2006-2783, CVE-2006-2784, CVE-2006-2785, CVE-2006-2786, CVE-2006-2787, CVE-2006-2788, CVE-2006-3677, CVE-2006-3803, CVE-2006-3804, CVE-2006-3806, CVE-2006-3807, CVE-2006-3113, CVE-2006-3801, CVE-2006-3802, CVE-2006-3805, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812 | | Last Modified: | Aug 27 13:51:09 2006 |
| MD5 Checksum: | cc44996693ead6def2d61c4a3d3ffc5c |
|
| /// File Name: |
SYM06-015_signed.txt |
Description:
|
Symantec Security Advisory - Symantec discovered a security issue in Symantec's Veritas NetBackup 6.0 PureDisk Remote Office Edition. An unauthorized user with access to the network and the server hosting the management interface can potentially bypass the management interface authentication to gain access and elevate their privileges on the system.
| | Homepage: | http://www.symantec.com/ | | File Size: | 4027 | | Last Modified: | Aug 27 13:48:09 2006 |
| MD5 Checksum: | c26fa8cff8eac26b4e16da77ddcc62c2 |
|
| /// File Name: |
symantecOddity.txt |
Description:
|
Symantec Anti-Virus Corporate Edition clients controlled via the Symantec System Center Console do not follow the "Download product updates using LiveUpdate" setting.
| | Author: | Chris Faigle | | File Size: | 4055 | | Last Modified: | Aug 27 13:46:42 2006 |
| MD5 Checksum: | 9a844e2941a9fdf3b554b0424c572981 |
|
| /// File Name: |
msterminal.txt |
Description:
|
There is a vulnerability in Microsoft Terminal Server when an application is specified for the user instead of a full Windows Desktop. It is possible to easily cause an error in explorer.exe and to gain access to a full Desktop. This is an issue for anyone publishing applications through TS to domain users who also logon to full desktops either on the TS or on another machine.
| | Author: | Bill Littlejohn | | File Size: | 1253 | | Last Modified: | Aug 27 13:45:19 2006 |
| MD5 Checksum: | 1fc1123097f5a7d14867a71a6c53b5a2 |
|
| /// File Name: |
hordeXSS-2.txt |
Description:
|
The Horde Framework and Horde IMP systems are susceptible to cross site scripting attacks in search.php. Flaws are verified in Horde versions 3.0.4 through 3.1.2 and IMP versions prior to 4.1.3.
| | Author: | Marc Ruef | | Homepage: | http://www.scip.ch/ | | File Size: | 3939 | | Last Modified: | Aug 27 03:36:55 2006 |
| MD5 Checksum: | ca31bf019478f3037931e27060c2470b |
|
| /// File Name: |
hordeXSS.txt |
Description:
|
The Horde Framework and Horde IMP systems are susceptible to cross site scripting attacks in index.php. Flaws are verified in Horde versions 3.0.4 through 3.1.2 and IMP versions prior to 4.1.3.
| | Author: | Marc Ruef | | Homepage: | http://www.scip.ch/ | | File Size: | 4063 | | Last Modified: | Aug 27 03:36:20 2006 |
| MD5 Checksum: | 80cc6ee76eadd40659315f14aec856ba |
|
| /// File Name: |
USN-335-1.txt |
Description:
|
Ubuntu Security Notice USN-335-1 - Yan Rong Ge discovered that heartbeat did not sufficiently verify some packet input data, which could lead to an out-of-boundary memory access. A remote attacker could exploit this to crash the daemon (Denial of Service).
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 15862 | | Related CVE(s): | CVE-2006-3121 | | Last Modified: | Aug 27 03:29:43 2006 |
| MD5 Checksum: | a2ef70f25bb73e37fc6bfe5c41cbec35 |
|
| /// File Name: |
USN-334-1.txt |
Description:
|
Ubuntu Security Notice USN-334-1 - Michael Calmer and Marcus Meissner discovered that several krb5 tools did not check the return values from setuid() system calls. On systems that have configured user process limits, it may be possible for an attacker to cause setuid() to fail via resource starvation. In that situation, the tools will not reduce their privilege levels, and will continue operation as the root user.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 21564 | | Related CVE(s): | CVE-2006-3083, CVE-2006-3084 | | Last Modified: | Aug 27 03:26:43 2006 |
| MD5 Checksum: | 652ecb99ebcb7f2582976901906bd9d6 |
|
| /// File Name: |
SSRT51153.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified in HP-UX running in Trusted Mode. The potential vulnerability could be exploited by a local authorized user to create a Denial of Service (DoS).
| | Author: | HP | | Homepage: | http://www.hp.com | | File Size: | 5946 | | Last Modified: | Aug 27 02:03:07 2006 |
| MD5 Checksum: | 0f312636742e384cf684ea79ec87b735 |
|
| /// File Name: |
XSec-06-04.txt |
Description:
|
A vulnerability has been found in Internet Explorer 6.0. When Internet Explorer tries to instantiate the msoe.dll (OutLook) COM object as an ActiveX control, it may corrupt system memory in such a way that an attacker may cause a denial of service and/or execute arbitrary code.
| | Author: | nop | | Homepage: | http://www.xsec.org/ | | File Size: | 1257 | | Last Modified: | Aug 27 02:02:10 2006 |
| MD5 Checksum: | 236056c5090e05a6af3d7adee638e683 |
|
| /// File Name: |
XSec-06-03.txt |
Description:
|
A vulnerability has been found in Internet Explorer 6.0. When Internet Explorer tries to instantiate the CHTSKDIC.DLL (Microsoft IME) COM object as an ActiveX control, it may corrupt system memory in such a way that an attacker may cause a denial of service and/or execute arbitrary code.
| | Author: | nop | | Homepage: | http://www.xsec.org/ | | File Size: | 1231 | | Last Modified: | Aug 27 02:01:15 2006 |
| MD5 Checksum: | 05bdcc8835a9059880ccc28ba3d3cf6e |
|
| /// File Name: |
XSec-06-02.txt |
Description:
|
A vulnerability has been found in Internet Explorer 6.0. When Internet Explorer tries to instantiate the IMSKDIC.DLL (Microsoft IME) COM object as an ActiveX control, it may corrupt system memory in such a way that an attacker may cause a denial of service and/or execute arbitrary code.
| | Author: | nop | | Homepage: | http://www.xsec.org/ | | File Size: | 1272 | | Last Modified: | Aug 27 01:59:48 2006 |
| MD5 Checksum: | 1bab1fcfb3b939144ed6596c3d47df2f |
|
| /// File Name: |
matousec-2006-08-15.01.txt |
Description:
|
Norton protects its own registry keys against actions of other applications. This protection can be bypassed for registry key 'HKLM\SOFTWARE\Symantec\CCPD\SuiteOwners' using API functions RegSaveKey and RegRestoreKey.
| | Author: | David Matousek | | Homepage: | http://www.matousec.com/ | | Related Exploit: | BTP00010P002NF.zip | | File Size: | 1512 | | Last Modified: | Aug 27 01:49:02 2006 |
| MD5 Checksum: | 924649c96d9c7fba48c2884fbddd3474 |
|
| /// File Name: |
dsa-1151-1.txt |
Description:
|
Debian Security Advisory 1151-1 - Yan Rong Ge discovered out-of-boundary memory access in heartbeat, the subsystem for High-Availability Linux. This could be used by a remote attacker to cause a denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 16934 | | Related CVE(s): | CVE-2006-3121 | | Last Modified: | Aug 27 01:39:04 2006 |
| MD5 Checksum: | ef03585e33afbacbb8a0d7baf24c8902 |
|
| /// File Name: |
mailslot.txt |
Description:
|
Full write up discussing the Mailslot bug discussed in MS06-035 and another bug discovered alongside of it.
| | Author: | Gerardo Richarte | | File Size: | 12308 | | Related CVE(s): | CVE-2006-3942 | | Last Modified: | Aug 27 01:34:36 2006 |
| MD5 Checksum: | d157cd155d5131d940d4cc97e3aaefea |
|
| /// File Name: |
CORE-2006-0714.txt |
Description:
|
Core Security Technologies Advisory - While investigating the Microsoft Server Service Mailslot heap overflow vulnerability reported in Microsoft Security Bulletin MS06-035, Core Security Technologies researcher Gerardo Richarte discovered a second bug in the server service.
| | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 6787 | | Related CVE(s): | CVE-2006-3942 | | Last Modified: | Aug 27 01:30:30 2006 |
| MD5 Checksum: | a97aea0b4c4c900e48037b34d08cb141 |
|
| /// File Name: |
MDKSA-2006-141.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-141 - An integer overflow vulnerability was discovered in gnupg where an attacker could create a carefully-crafted message packet with a large length that could cause gnupg to crash or possibly overwrite memory when opened.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 3382 | | Related CVE(s): | CVE-2006-3746 | | Last Modified: | Aug 27 01:24:51 2006 |
| MD5 Checksum: | 3b1f70876c8e63eadc54e6475c1bbb02 |
|
| /// File Name: |
flashTheft.txt |
Description:
|
By forging HTTP request headers with flash, virtual hosted systems can be susceptible to cookie theft using IE.
| | Author: | Amit Klein | | File Size: | 2302 | | Last Modified: | Aug 27 01:21:38 2006 |
| MD5 Checksum: | 2777e8c2e5632edcfbb7a1ec727cf509 |
|
| /// File Name: |
imsgiheap.txt |
Description:
|
ImageMagick versions 6.2.8 and below suffer from a heap overflow in ReadSGIImage().
| | Author: | Damian Put | | Homepage: | http://www.overflow.pl/ | | File Size: | 1797 | | Last Modified: | Aug 27 00:44:38 2006 |
| MD5 Checksum: | 4543fb0874a95e128b1f8644b01981a3 |
|
| /// File Name: |
NISR02082006I.txt |
Description:
|
NGSSoftware Insight Security Research Advisory - Informix Dynamic Server is a database developed by IBM. During a security assessment of Informix multiple file creation/write/read issues were discovered. The LOTOFILE function and rlt_tracefile_set functions can be used to create and write to files. The SET DEBUG FILE can also be used to create and write to files. All versions are affected.
| | Author: | David Litchfield | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 1977 | | Related CVE(s): | CVE-2006-3859 | | Last Modified: | Aug 27 00:42:54 2006 |
| MD5 Checksum: | 08bb6092c587cd407c6e7391d131de93 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
