Section: .. / 0609-advisories /
| /// File Name: |
glsa-200609-12.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-12 - Mailman fails to properly handle standards-breaking RFC 2231 formatted headers. Furthermore, Moritz Naumann discovered several XSS vulnerabilities and a log file injection. Versions less than 2.1.9_rc1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2728 | | Last Modified: | Sep 26 21:57:55 2006 |
| MD5 Checksum: | 7f8f7027c6d8fb0de686dea92f33ea1a |
|
| /// File Name: |
glsa-200609-13.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-13 - Tavis Ormandy of the Google Security Team has reported multiple vulnerabilities in gzip. A stack buffer modification vulnerability was discovered in the LZH decompression code, where a pathological data stream may result in the modification of stack data such as frame pointer, return address or saved registers. A static buffer underflow was discovered in the pack decompression support, allowing a specially crafted pack archive to underflow a .bss buffer. A static buffer overflow was uncovered in the LZH decompression code, allowing a data stream consisting of pathological huffman codes to overflow a .bss buffer. Multiple infinite loops were also uncovered in the LZH decompression code. Versions less than 1.3.5-r9 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4108 | | Last Modified: | Sep 27 01:34:00 2006 |
| MD5 Checksum: | d50a84a95a966afb243290f7962ebdc6 |
|
| /// File Name: |
glsa-200609-14.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-14 - Tavis Ormandy of the Google Security Team discovered a stack and heap buffer overflow in the GIMP XCF Image decoder and multiple heap and integer overflows in the SUN bitmap decoder. Damian Put discovered a heap overflow in the SGI image decoder. Versions less than 6.2.9.5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3318 | | Last Modified: | Sep 27 01:33:37 2006 |
| MD5 Checksum: | 33ec0d9ea1a54338ddea7417e056eefd |
|
| /// File Name: |
glsa-200609-15.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-15 - verify.c fails to properly handle excess data in digestAlgorithm.parameters field while generating a hash when using an RSA key with exponent 3. RSA keys that use exponent 3 are commonplace. Versions less than 1.4.4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2979 | | Last Modified: | Sep 27 01:33:43 2006 |
| MD5 Checksum: | f3dacc8f6a205bd5f40ca0ad12ccf101 |
|
| /// File Name: |
glsa-200609-16.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-16 - A vulnerability in jhot.php allows for an unrestricted file upload to the img/wiki/ directory. Additionally, an XSS exists in the highlight parameter of tiki-searchindex.php. Versions less than 1.9.5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3324 | | Last Modified: | Sep 27 01:33:51 2006 |
| MD5 Checksum: | e7396c1c1ce5cc251257495a2dbf689d |
|
| /// File Name: |
greekbanks.txt |
Description:
|
Several greek banks suffer from cross site scripting vulnerabilities.
| | Author: | Sentinel Co | | Homepage: | http://www.sentinel.gr | | File Size: | 10229 | | Last Modified: | Oct 2 23:38:13 2006 |
| MD5 Checksum: | 304e9d8091083adf73b2103cd91f19fe |
|
| /// File Name: |
Ingate-sip.txt |
Description:
|
Ingate Firewall and Ingate SIParator are vulnerable to unauthorized access and possible connection intercepting if any of the certificates in the "TLS CA Certificates" table on the "Signaling Encryption" tab uses exponent 3.
| | Author: | Per Cederqvist | | File Size: | 2769 | | Last Modified: | Sep 15 01:14:32 2006 |
| MD5 Checksum: | 9d2e7f7e0e9630387a0297ec69bc4ed1 |
|
| /// File Name: |
InnovatePortalv2.0.txt |
Description:
|
Innovate Portal v2.0 suffers from a cross site scripting vulnerability in index.php.
| | Author: | meto5757 | | File Size: | 187 | | Last Modified: | Sep 28 00:13:10 2006 |
| MD5 Checksum: | dbdeaec937cd02f9a7863442a8253051 |
|
| /// File Name: |
jevoncms-inc.txt |
Description:
|
jevoncms (.inc) suffers from a path disclosure vulnerability.
| | Author: | CvIr.System | | File Size: | 1759 | | Last Modified: | Oct 3 01:35:19 2006 |
| MD5 Checksum: | bb8866aa171e0f86762140220e6b31e7 |
|
| /// File Name: |
korvi.txt |
Description:
|
KorviBlog suffers from a cross site scripting vulnerability. Advisory written in French.
| | Author: | cdg393 | | File Size: | 1024 | | Last Modified: | Sep 13 10:24:44 2006 |
| MD5 Checksum: | 083aef3a5744deee30404144584dba1d |
|
| /// File Name: |
ks-27.txt |
Description:
|
Kurdish Security Advisory #27: artmedic links 5.0 remote file inclusion vulnerability.
| | Author: | Botan | | Homepage: | http://kurdishsecurity.blogspot.com | | File Size: | 1016 | | Last Modified: | Sep 26 22:40:30 2006 |
| MD5 Checksum: | bd2c4c08c4cc44ef7d3bb5497e4d86be |
|
| /// File Name: |
LD-13.txt |
Description:
|
Layered Defense Advisory 13 September 2006 - multiple versions of Symantec AntiVirus Corporate Edition and Symantec Client Security suffer from a format string vulnerability that can allow a local user to execute arbitrary code with elevated privileges.
| | Author: | Deral Heiland | | Homepage: | http://www.LayeredDefense.com | | File Size: | 2376 | | Last Modified: | Sep 15 01:06:11 2006 |
| MD5 Checksum: | 29b82ed23533bca5dac1aa598d5cbab0 |
|
| /// File Name: |
lda-13.txt |
Description:
|
A format string vulnerability was discovered within Symantec AntiVirus Corporate Edition versions 10.0, 9.0, and 8.1. The vulnerability is due to improper processing of format strings within the Tamper Protection and Virus Alert Notification message fields.
| | Author: | Deral Heiland | | Homepage: | http://www.LayeredDefense.com | | File Size: | 2172 | | Related CVE(s): | CVE-2006-3454 | | Last Modified: | Sep 16 08:52:54 2006 |
| MD5 Checksum: | 07c2be912ebb18f39d5e9dbb95a9dbfe |
|
| /// File Name: |
linuxsource.txt |
Description:
|
The Linux kernel source tarball extracts files into a dangerous, worldwrite-able and setuid state.
| | Author: | Hadmut Danisch | | File Size: | 1346 | | Last Modified: | Sep 8 08:17:32 2006 |
| MD5 Checksum: | 7090e7f5a6804e51297fd8e48c2dee04 |
|
| /// File Name: |
lotusDUNZIP32dll.txt |
Description:
|
The IBM Lotus Notes DUNZIP32.dll suffers from a buffer overflow vulnerability. The vulnerability has been confirmed in versions Lotus Notes 5.0.10, 6.0 and 6.5.1. Other versions may also be affected. It is expected that the latest R5 build 5.0.12 build is affected too.
| | Author: | Juha-Matti Laurio | | Homepage: | http://www.networksecurity.fi/ | | File Size: | 6060 | | Last Modified: | Sep 7 11:25:38 2006 |
| MD5 Checksum: | eb6e8ccd30441e2af9278fe031e04b93 |
|
| /// File Name: |
lotusTimeout.txt |
Description:
|
In Lotus Domino Web Access (DWA) version 7.0.1, the session token used to identify the user (called "LtpaToken") is not invalidated on the server upon user logout. The cookie is removed from the browser, but the token continues to be recognized by the server until a configurable expiration time is reached.
| | Author: | Dave Ferguson | | Homepage: | http://www.fishnetsecurity.com/ | | File Size: | 4611 | | Last Modified: | Sep 13 11:02:53 2006 |
| MD5 Checksum: | c875c84c8696e9e399187085105cf96d |
|
| /// File Name: |
lyris895.txt |
Description:
|
The Lyris ListManager version 8.95 suffers from an arbitrary administrative user addition flaw.
| | Author: | Design Properly | | File Size: | 3995 | | Last Modified: | Sep 7 08:05:26 2006 |
| MD5 Checksum: | 1a82ccec03920ee7c28bea19d623ed1f |
|
| /// File Name: |
mcafee-quicktime.txt |
Description:
|
McAfee Avert(tm) Labs Security Advisory - Seven code execution vulnerabilities are present in QuickTime support for various multimedia formats including: MOV, H.264, FLC, FPX and SGI. Exploitation could lead to execution of arbitrary code. User interaction is required for an attack to succeed. Vulnerable systems include QuickTime versions 7.1.2 and below for Mac OS X, QuickTime for Windows versions 7.1.2 and below.
| | Homepage: | http://avertlabs.com/ | | File Size: | 2919 | | Related CVE(s): | CVE-2006-4382, CVE-2006-4384, CVE-2006-4385, CVE-2006-4386, CVE-2006-4388, CVE-2006-4389 | | Last Modified: | Sep 14 09:22:52 2006 |
| MD5 Checksum: | 1befd55214b87925a67aae529d0c751f |
|
| /// File Name: |
MDKSA-2006-156.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-156 - Moritz Jodeit discovered a vulnerability in sendmail when processing very long header lines that could be exploited to cause a Denial of Service by crashing sendmail.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4265 | | Related CVE(s): | CVE-2006-4434 | | Last Modified: | Sep 7 07:51:39 2006 |
| MD5 Checksum: | a60a68c04f694436ad4dfed1a78ff00c |
|
| /// File Name: |
MDKSA-2006-157.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-157 - Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a URL in an rdf:resource field in an RDF XML document, which triggers overflows in many functions in lib/rdfparse.c.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 2932 | | Related CVE(s): | CVE-2006-4197 | | Last Modified: | Sep 7 07:52:34 2006 |
| MD5 Checksum: | 517c3e802783811c8a8396cb62a82056 |
|
| /// File Name: |
MDKSA-2006-158.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-158 - MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects. There is also a bug in the MySQL-Max (and MySQL) init script where the script was not waiting for the mysqld daemon to fully stop. This impacted the restart behavior during updates, as well as scripted setups that temporarily stopped the server to backup the database files.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4039 | | Related CVE(s): | CVE-2006-4389 | | Last Modified: | Sep 7 08:30:54 2006 |
| MD5 Checksum: | 8ba06d45177758f0f30e180b234174b8 |
|
| /// File Name: |
MDKSA-2006-159.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-159 - Previous sudo updates were made available to sanitize certain environment variables from affecting a sudo call, such as PYTHONINSPECT, PERL5OPT, etc. While those updates were effective in addressing those specific environment variables, other variables that were not blacklisted were being made available.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 3912 | | Related CVE(s): | CVE-2005-4158, CVE-2006-0151 | | Last Modified: | Sep 7 08:32:25 2006 |
| MD5 Checksum: | 4661b6ce8508215c583a6c6ef16bb1dc |
|
| /// File Name: |
MDKSA-2006-160.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-160 - X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 8775 | | Related CVE(s): | CVE-2006-4447 | | Last Modified: | Sep 7 08:33:22 2006 |
| MD5 Checksum: | 698d87bfb3d04f8db4969f223c936876 |
|
| /// File Name: |
MDKSA-2006-161.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-161 - Daniel Bleichenbacher recently described an attack on PKCS #1 version 1.5 signatures where an RSA key with a small exponent used could be vulnerable to forgery of a PKCS #1 version 1.5 signature signed by that key. Any software using OpenSSL to verify X.509 certificates is potentially vulnerable to this issue, as well as any other use of PKCS #1 version 1.5, including software uses OpenSSL for SSL or TLS.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 5035 | | Related CVE(s): | CVE-2006-4339 | | Last Modified: | Sep 7 11:27:43 2006 |
| MD5 Checksum: | 779e310851570485664d412935a7d63e |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
