Section: .. / 0609-advisories /
| /// File Name: |
sa21773.txt |
Description:
|
Secunia Security Advisory - Terry Donaldson has reported a security issue in AuditWizard, which can be exploited by malicious, local users to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/21773/ | | File Size: | 2253 | | Last Modified: | Sep 8 07:23:41 2006 |
| MD5 Checksum: | 6643dec189463da41e5cd26963dd7b99 |
|
| /// File Name: |
sa21769.txt |
Description:
|
Secunia Security Advisory - 3APA3A has discovered a security issue in Panda Platinum Internet Security, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/21769/ | | File Size: | 3049 | | Last Modified: | Sep 8 07:23:41 2006 |
| MD5 Checksum: | 050e78bf55f21657e9ce76e8f82a87f3 |
|
| /// File Name: |
sa21764.txt |
Description:
|
Secunia Security Advisory - rugginello has discovered a vulnerability in AntiVir PersonalEdition, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/21764/ | | File Size: | 2505 | | Last Modified: | Sep 8 07:23:41 2006 |
| MD5 Checksum: | b8d564681d2bf50431cb027f2af71015 |
|
| /// File Name: |
sa21748.txt |
Description:
|
Secunia Security Advisory - Andres Tarasco Acuņa has reported a security issue in TIBCO Rendezvous, which can be exploited by malicious, local users to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/21748/ | | File Size: | 2323 | | Last Modified: | Sep 8 07:23:41 2006 |
| MD5 Checksum: | 11850e0accfe82e53d6f4d29b83a17c3 |
|
| /// File Name: |
sa21790.txt |
Description:
|
Secunia Security Advisory - IBM has acknowledged a vulnerability in bind, which potentially can be exploited by malicious people to cause a Denial of Service.
| | Homepage: | http://secunia.com/advisories/21790/ | | File Size: | 2152 | | Last Modified: | Sep 7 11:34:18 2006 |
| MD5 Checksum: | fcc9d8f00b25855699028319ad9f031e |
|
| /// File Name: |
MDKSA-2006-161.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-161 - Daniel Bleichenbacher recently described an attack on PKCS #1 version 1.5 signatures where an RSA key with a small exponent used could be vulnerable to forgery of a PKCS #1 version 1.5 signature signed by that key. Any software using OpenSSL to verify X.509 certificates is potentially vulnerable to this issue, as well as any other use of PKCS #1 version 1.5, including software uses OpenSSL for SSL or TLS.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 5035 | | Related CVE(s): | CVE-2006-4339 | | Last Modified: | Sep 7 11:27:43 2006 |
| MD5 Checksum: | 779e310851570485664d412935a7d63e |
|
| /// File Name: |
lotusDUNZIP32dll.txt |
Description:
|
The IBM Lotus Notes DUNZIP32.dll suffers from a buffer overflow vulnerability. The vulnerability has been confirmed in versions Lotus Notes 5.0.10, 6.0 and 6.5.1. Other versions may also be affected. It is expected that the latest R5 build 5.0.12 build is affected too.
| | Author: | Juha-Matti Laurio | | Homepage: | http://www.networksecurity.fi/ | | File Size: | 6060 | | Last Modified: | Sep 7 11:25:38 2006 |
| MD5 Checksum: | eb6e8ccd30441e2af9278fe031e04b93 |
|
| /// File Name: |
dsa-1170-1.txt |
Description:
|
Debian Security Advisory 1170-1 - It was discovered that upon unpacking JAR archives fastjar from the GNU Compiler Collection does not check the path for included files and allows to create or overwrite files in upper directories.
| | Homepage: | http://www.debian.org/security | | File Size: | 46792 | | Related CVE(s): | CVE-2006-3619 | | Last Modified: | Sep 7 11:22:26 2006 |
| MD5 Checksum: | d9d861d67f7620169b18c69788414640 |
|
| /// File Name: |
CiscoGRE.txt |
Description:
|
Phenoelit Advisory - Cisco Systems IOS contains a bug when parsing GRE packets with GRE source routing information. A specially crafter GRE packet can cause the router to reuse packet packet data from unrelated ring buffer memory. The resulting packet is reinjected in the routing queues. Tested on C3550 IOS 12.1(19).
| | Author: | FX | | Homepage: | http://www.phenoelit.de/ | | File Size: | 6085 | | Last Modified: | Sep 7 11:17:39 2006 |
| MD5 Checksum: | f09a97e7d16b1d3caf71b6f332a4a856 |
|
| /// File Name: |
sa21805.txt |
Description:
|
Secunia Security Advisory - SHiKaA has reported a vulnerability in phpFullAnnu, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21805/ | | File Size: | 2393 | | Last Modified: | Sep 7 11:15:28 2006 |
| MD5 Checksum: | 3164d42a9903aeb2a2d67f1c4756b0e2 |
|
| /// File Name: |
glsa-200609-04.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-04 - Several integer overflows have been found in the PCF font parser. Versions less than 1.2.0-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2455 | | Last Modified: | Sep 7 11:11:53 2006 |
| MD5 Checksum: | 77e8f04823ce0bd8ab58edb844864057 |
|
| /// File Name: |
glsa-200609-03.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-03 - OpenTTD is vulnerable to a Denial of Service attack due to a flaw in the manner the game server handles errors in command packets. Versions less than 0.4.8 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2512 | | Last Modified: | Sep 7 11:11:32 2006 |
| MD5 Checksum: | 27abf0eddb17fa36ca8627a068635e25 |
|
| /// File Name: |
glsa-200609-02.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-02 - Michael Gehring has found that GTetrinet fails to properly handle array indexes. Versions less than 0.7.9 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2396 | | Last Modified: | Sep 7 11:11:12 2006 |
| MD5 Checksum: | a1e81f305e3cabadafbde439feec3b05 |
|
| /// File Name: |
glsa-200609-01.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-01 - Ulf Harnhammar, from the Debian Security Audit Project, has found that Streamripper is vulnerable to multiple stack based buffer overflows caused by improper bounds checking when processing malformed HTTP headers. Versions less than 1.61.26 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2632 | | Last Modified: | Sep 7 11:10:53 2006 |
| MD5 Checksum: | 8bb04206fbb8b761ba3f7d6862810b8e |
|
| /// File Name: |
db2udb-handshake.txt |
Description:
|
An attacker can send a specially crafted ACCSEC command during the handshake process with the server, causing the server process to crash in the DB2 Universal Database versions 8.x.
| | File Size: | 2336 | | Last Modified: | Sep 7 11:10:44 2006 |
| MD5 Checksum: | 253f8ce11873731c88cdfcd862c1e9af |
|
| /// File Name: |
db2udb-unauth.txt |
Description:
|
An attacker can send a specially crafted EXCSAT command during the handshake process with the server, causing the server process to crash in the DB2 Universal Database versions 8.x.
| | File Size: | 1947 | | Last Modified: | Sep 7 11:10:03 2006 |
| MD5 Checksum: | da70d9291764aa0b92e4fa9dc9cf1476 |
|
| /// File Name: |
USN-340-1.txt |
Description:
|
Ubuntu Security Notice USN-340-1 - Tavis Ormandy discovered several buffer overflows in imagemagick's Sun Raster and XCF (Gimp) image decoders. By tricking a user or automated system into processing a specially crafted image, this could be exploited to execute arbitrary code with the users' privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 14143 | | Related CVE(s): | CVE-2006-3743, CVE-2006-3744 | | Last Modified: | Sep 7 11:07:01 2006 |
| MD5 Checksum: | 6e5488de7d25c5623b523bd91b1d26f4 |
|
| /// File Name: |
canonDisclose.txt |
Description:
|
The Canon ImageRunner remote UI web interface software will reveal username and password pairs contained in address book entries when the address book is exported. Tested and verified on Canon iR C3220, iR 5020, iR9070, iR C6800, iR C6870, and iR 8500.
| | Author: | GR | | File Size: | 2290 | | Last Modified: | Sep 7 11:05:20 2006 |
| MD5 Checksum: | 51f5d277ec198b1f10ca9d211b51459d |
|
| /// File Name: |
SSRT061202.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, denial of service, or unauthorized access.
| | Author: | HP | | Homepage: | http://www.hp.com | | File Size: | 8641 | | Related CVE(s): | CVE-2006-3747, CVE-2005-3352, CVE-2005-3357 | | Last Modified: | Sep 7 11:01:54 2006 |
| MD5 Checksum: | 7060db2e730ca644a55dcccbba488d35 |
|
| /// File Name: |
sa20270.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in ZipTV, which can be exploited by malicious people to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/20270/ | | File Size: | 2868 | | Last Modified: | Sep 7 10:58:03 2006 |
| MD5 Checksum: | b72ebaa145f1a8da56714dc29a8ed62a |
|
| /// File Name: |
sa21801.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for streamripper. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21801/ | | File Size: | 2103 | | Last Modified: | Sep 7 10:57:50 2006 |
| MD5 Checksum: | 0e2f6fa4ac71de1b321f6a253758ffe1 |
|
| /// File Name: |
sa21800.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for gtetrinet. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21800/ | | File Size: | 2088 | | Last Modified: | Sep 7 10:57:50 2006 |
| MD5 Checksum: | 0d13b195f99db2caca6393d9d7eedc5f |
|
| /// File Name: |
sa21797.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gcc-3.4. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21797/ | | File Size: | 43531 | | Last Modified: | Sep 7 10:57:50 2006 |
| MD5 Checksum: | a80eb083457ccba3771c8cd86debc9ce |
|
| /// File Name: |
sa21789.txt |
Description:
|
Secunia Security Advisory - DrEiNsTeIn has discovered a vulnerability in PhpLeague, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/21789/ | | File Size: | 2366 | | Last Modified: | Sep 7 10:57:50 2006 |
| MD5 Checksum: | caffb56f4d407204ca308746a6758546 |
|
| /// File Name: |
USN-339-1.txt |
Description:
|
Ubuntu Security Notice USN-339-1 - Philip Mackenzie, Marius Schilder, Jason Waddle and Ben Laurie of Google Security discovered that the OpenSSL library did not sufficiently check the padding of PKCS #1 version 1.5 signatures if the exponent of the public key is 3 (which is widely used for CAs). This could be exploited to forge signatures without the need of the secret key.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 10791 | | Related CVE(s): | CVE-2006-4339 | | Last Modified: | Sep 7 10:57:27 2006 |
| MD5 Checksum: | 00df9bb032b34dba4b73a14aff0d1ca0 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
