Section: .. / 0609-advisories /
| /// File Name: |
sa22097.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for gnutls. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/22097/ | | File Size: | 2069 | | Last Modified: | Sep 27 23:00:00 2006 |
| MD5 Checksum: | b7fd01a105d9ed00ace18af1a92db804 |
|
| /// File Name: |
sa21799.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for openttd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/21799/ | | File Size: | 2069 | | Last Modified: | Sep 8 07:23:41 2006 |
| MD5 Checksum: | 384b7fd5c9810137e7c2d9a22d40c511 |
|
| /// File Name: |
sa21886.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in SQL-Ledger, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21886/ | | File Size: | 2058 | | Last Modified: | Sep 13 00:17:26 2006 |
| MD5 Checksum: | cdb825c39027b886d4475b71aff8e57f |
|
| /// File Name: |
e107075.txt |
Description:
|
e107 version 0.7.5 suffers from SQL injection flaws in the admin section.
| | Author: | Omid | | File Size: | 2024 | | Last Modified: | Sep 7 09:18:28 2006 |
| MD5 Checksum: | fd2f393ebf6169a063b6eea59d220b97 |
|
| /// File Name: |
feedsplitter.txt |
Description:
|
The Feedsplitter script suffers from multiple vulnerabilities including a file inclusion flaw that may allow for code execution.
| | Author: | Jonathan Rockway | | File Size: | 2008 | | Last Modified: | Sep 7 07:43:02 2006 |
| MD5 Checksum: | e938964a050758af7ece8846b4a4c71a |
|
| /// File Name: |
AS06260602.txt |
Description:
|
Airscanner Mobile Security Advisory - Pocket Expense Pro version 3.9.1 suffers from a flaw where user authentication can be disabled.
| | Homepage: | http://www.airscanner.com | | File Size: | 1984 | | Last Modified: | Sep 9 03:55:48 2006 |
| MD5 Checksum: | a6bae0ed7acc99cce433e6ea334b71f3 |
|
| /// File Name: |
db2udb-unauth.txt |
Description:
|
An attacker can send a specially crafted EXCSAT command during the handshake process with the server, causing the server process to crash in the DB2 Universal Database versions 8.x.
| | File Size: | 1947 | | Last Modified: | Sep 7 11:10:03 2006 |
| MD5 Checksum: | da70d9291764aa0b92e4fa9dc9cf1476 |
|
| /// File Name: |
jevoncms-inc.txt |
Description:
|
jevoncms (.inc) suffers from a path disclosure vulnerability.
| | Author: | CvIr.System | | File Size: | 1759 | | Last Modified: | Oct 3 01:35:19 2006 |
| MD5 Checksum: | bb8866aa171e0f86762140220e6b31e7 |
|
| /// File Name: |
tikiwiki194.txt |
Description:
|
Tikiwiki version 1.9.4 suffers from two SQL injection vulnerabilities.
| | Author: | Omid | | Homepage: | http://www.hackers.ir/ | | File Size: | 1599 | | Last Modified: | Sep 13 09:36:36 2006 |
| MD5 Checksum: | f68198f1a34fb8775a9f3fd776e9c9a3 |
|
| /// File Name: |
blackICEpc.txt |
Description:
|
BlackICE PC Protection suffers from a denial of service condition when failing to validate the third argument of NtOpenSection.
| | Author: | David Matousek | | Homepage: | http://www.matousec.com/ | | File Size: | 1384 | | Last Modified: | Sep 7 08:35:09 2006 |
| MD5 Checksum: | 81d050fbe5e67a0b36c974fd2eb67725 |
|
| /// File Name: |
linuxsource.txt |
Description:
|
The Linux kernel source tarball extracts files into a dangerous, worldwrite-able and setuid state.
| | Author: | Hadmut Danisch | | File Size: | 1346 | | Last Modified: | Sep 8 08:17:32 2006 |
| MD5 Checksum: | 7090e7f5a6804e51297fd8e48c2dee04 |
|
| /// File Name: |
SQLInjectionTix.txt |
Description:
|
Tix.com suffered from a SQL injection vulnerability where a user could access account information, and order tickets (and print them online) via a stolen account.
| | Author: | FxYxIxE | | File Size: | 1328 | | Last Modified: | Sep 7 09:16:21 2006 |
| MD5 Checksum: | 72d28f11553d9e86eef3a6d41e17b326 |
|
| /// File Name: |
rPSA-2006-0170-1.txt |
Description:
|
rPath Security Advisory: 2006-0170-1 - Previous versions of the gzip package contain multiple vulnerabilities that enable user-complicit unauthorized access when a user attempts to gunzip intentionally malformed gzip files. Some network services will automatically run the gunzip program in some contexts, which may then enable direct unauthorized access to the user account that provides the network service.
| | Homepage: | http://security.rpath.com | | File Size: | 1259 | | Last Modified: | Sep 28 00:14:37 2006 |
| MD5 Checksum: | bc9030050a66cde7562425954c30e607 |
|
| /// File Name: |
152.txt |
Description:
|
Fantastic News versions 2.1.4 and below suffer from a remote file inclusion vulnerability.
| | Author: | Sx02 | | Homepage: | http://sx02.coresec.de/ | | File Size: | 1145 | | Last Modified: | Sep 8 08:54:02 2006 |
| MD5 Checksum: | f1839b9a504d6af0ba1f43d731a34a87 |
|
| /// File Name: |
norton91033.txt |
Description:
|
Norton insufficiently protects its driver '\Device\SymEvent' against manipulation from malicious applications and it fails to validate its input buffer.
| | Author: | David Matousek | | Homepage: | http://www.matousec.com/ | | Related Exploit: | BTP00011P002NF.zip | | File Size: | 1144 | | Last Modified: | Sep 16 10:31:31 2006 |
| MD5 Checksum: | 66367b04d2885d7f5a67cbe1c385bf00 |
|
| /// File Name: |
sslinks122.txt |
Description:
|
ssLinks version 1.22 suffers from multiple SQL injection vulnerabilities.
| | Author: | Sirdarckcat | | Homepage: | http://elhacker.net/ | | File Size: | 1098 | | Last Modified: | Sep 7 09:30:49 2006 |
| MD5 Checksum: | 900ce6e412577a5c3ba0d3b29f8c08b1 |
|
| /// File Name: |
PLESK7.5-7.6.txt |
Description:
|
Plesk 7.5 and prior and 7.6 for windows suffer from an information disclosure vulnerability in the file manager.
| | Author: | GuanYu | | Homepage: | http://www.vnhacker.org | | File Size: | 1094 | | Last Modified: | Oct 3 01:34:05 2006 |
| MD5 Checksum: | 1046960464b77bb56826f884e0e0d616 |
|
| /// File Name: |
korvi.txt |
Description:
|
KorviBlog suffers from a cross site scripting vulnerability. Advisory written in French.
| | Author: | cdg393 | | File Size: | 1024 | | Last Modified: | Sep 13 10:24:44 2006 |
| MD5 Checksum: | 083aef3a5744deee30404144584dba1d |
|
| /// File Name: |
ks-27.txt |
Description:
|
Kurdish Security Advisory #27: artmedic links 5.0 remote file inclusion vulnerability.
| | Author: | Botan | | Homepage: | http://kurdishsecurity.blogspot.com | | File Size: | 1016 | | Last Modified: | Sep 26 22:40:30 2006 |
| MD5 Checksum: | bd2c4c08c4cc44ef7d3bb5497e4d86be |
|
| /// File Name: |
smf11.txt |
Description:
|
SMF version 1.1 RC3 suffers from a SQL injection flaw in the admin section.
| | Author: | Omid | | File Size: | 1005 | | Last Modified: | Sep 7 09:17:26 2006 |
| MD5 Checksum: | 5e819f03b4ad9c56e5bdea16402bbf05 |
|
| /// File Name: |
PhotoStore.txt |
Description:
|
PhotoStore suffers from multiple cross site scripting vulnerabilities.
| | Author: | meto5757 | | File Size: | 844 | | Last Modified: | Oct 3 01:54:13 2006 |
| MD5 Checksum: | 9084b2681380764b26cc434db91fa37e |
|
| /// File Name: |
aq71.txt |
Description:
|
Apple Quicktime versions 7.1 and below are prone to a heap overflow vulnerability. This flaw could lead to a remote code execution if an attacker tricks the victim to visit a malicious webpage with a specially crafted .fli animation embedded.
| | Author: | Rubén | | Homepage: | http://www.reversemode.com/ | | Related Exploit: | poc_fli.zip | | File Size: | 767 | | Last Modified: | Sep 16 10:56:44 2006 |
| MD5 Checksum: | 2d27736b50bd4f0e08e3eb1bf52cbd22 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
