Section: .. / 0601-advisories /
| /// File Name: |
cirt-41-advisory.pdf |
Description:
|
Apple Quicktime is susceptible to a buffer overflow vulnerability during the handling of .JPG/.PICT files. This vulnerability affects Windows Quicktime versions 6.5.1, 7.0.3, and Mac OSX Quicktime version 7.0.3. Earlier versions are suspected vulnerable.
| | Author: | Dennis Rand | | Homepage: | http://www.cirt.dk | | File Size: | 323777 | | Related CVE(s): | CAN-2005-2340 | | Last Modified: | Jan 15 16:22:47 2006 |
| MD5 Checksum: | 38c34f274ad8457c07a12f049aef22e9 |
|
| /// File Name: |
usn-244-1.txt |
Description:
|
Ubuntu Security Notice USN-244-1 - Multiple Linux kernel vulnerabilities.
| | Author: | Martin Pitt | | Homepage: | http://security.ubuntu.com/ | | File Size: | 96677 | | Last Modified: | Jan 22 23:59:05 2006 |
| MD5 Checksum: | 75e528bce5859c20af05ebe742b805c9 |
|
| /// File Name: |
sa18527.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to gain knowledge of potentially sensitive information and cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18527/ | | File Size: | 88320 | | Last Modified: | Jan 19 03:04:53 2006 |
| MD5 Checksum: | 9e1e25fcc39ac9d86390aa3fabbeac6d |
|
| /// File Name: |
sa18389.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for kpdf. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18389/ | | File Size: | 42583 | | Last Modified: | Jan 11 06:48:09 2006 |
| MD5 Checksum: | 9b79e962ed58f1030f4f3bfb072ed3ea |
|
| /// File Name: |
sa18338.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued updates for kpdf / kword. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18338/ | | File Size: | 34967 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | 9f52c5b8e9b13412979a56bbde5e3638 |
|
| /// File Name: |
cisco-sa-20060118-sgbp.txt |
Description:
|
The Cisco IOS Stack Group Bidding Protocol (SGBP) feature in certain versions of Cisco IOS software is vulnerable to a remotely-exploitable denial of service condition. Devices that do not support or have not enabled the SGBP protocol are not affected by this vulnerability.
| | Author: | Cisco | | Homepage: | http://www.cisco.com/warp/public/707/cisco-sa-20060118-sgbp.shtml | | File Size: | 29733 | | Last Modified: | Jan 25 08:46:07 2006 |
| MD5 Checksum: | 16fd609bec0d74a6b06643fa010a06a9 |
|
| /// File Name: |
dsa-950-1.txt |
Description:
|
Debian Security Advisory DSA 950-1 - "infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in CUPS, the Common UNIX Printing System, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 29148 | | Last Modified: | Jan 25 09:26:36 2006 |
| MD5 Checksum: | e77b0baae789762499a947400e76ecbb |
|
| /// File Name: |
sa18429.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued updates for apache and apache2. These fix two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/18429/ | | File Size: | 27766 | | Last Modified: | Jan 12 17:56:50 2006 |
| MD5 Checksum: | bcd2b0f78208aeab2fc2db53d93fab15 |
|
| /// File Name: |
dsa-957-1.txt |
Description:
|
Debian Security Advisory DSA 957-1 - Florian Weimer discovered that delegate code in ImageMagick is vulnerable to shell command injection using specially crafted file names. This allows attackers to encode commands inside of graphic commands. With some user interaction, this is exploitable through Gnus and Thunderbird.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 27177 | | Last Modified: | Jan 27 07:49:10 2006 |
| MD5 Checksum: | adaef61f852821ff1e9e26c5dff64d44 |
|
| /// File Name: |
sa18582.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for cupsys. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18582/ | | File Size: | 26370 | | Last Modified: | Jan 25 07:44:12 2006 |
| MD5 Checksum: | bbd37cc774ce67dc9b2702d0a2b59b8a |
|
| /// File Name: |
sa18147.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for koffice. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18147/ | | File Size: | 22733 | | Last Modified: | Jan 14 06:07:24 2006 |
| MD5 Checksum: | 884f0b2fb726fe20cafc2136777fb693 |
|
| /// File Name: |
USN-236-1.txt |
Description:
|
Ubuntu Security Notice USN-236-1 - Chris Evans discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, and tetex-bin. By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the application that processes the document.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 19162 | | Related CVE(s): | CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627 | | Last Modified: | Jan 8 06:17:36 2006 |
| MD5 Checksum: | 3b89c5984a29f99449669b775fdef282 |
|
| /// File Name: |
sa18334.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued updates for cupsys / libpoppler0c2 / tetex-bin / xpdf-reader / xpdf-utils. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18334/ | | File Size: | 18251 | | Last Modified: | Jan 6 18:58:29 2006 |
| MD5 Checksum: | f1ef4e99a8fbb88bb6c267957a131283 |
|
| /// File Name: |
cisco-sa-20060112-wireless.txt |
Description:
|
Cisco Security Advisory - A vulnerability exists in Cisco Aironet Wireless Access Points (AP) running IOS which may allow a malicious user to send a crafted attack via IP address Resolution Protocol (ARP) to the Access point which will cause the device to stop passing traffic and/or drop user connections. Repeated exploitation of this vulnerability will create a sustained DoS.
| | Author: | Eric Smith | | Homepage: | http://www.cisco.com/ | | File Size: | 16515 | | Last Modified: | Jan 15 16:49:26 2006 |
| MD5 Checksum: | 40df5e485ee24b37927fa36a5a1a91d4 |
|
| /// File Name: |
SUSE-SA-2006-003.txt |
Description:
|
SUSE Security Announcement - Maksim Orlovich discovered a bug in the JavaScript interpreter used by Konqueror. UTF-8 encoded URLs could lead to a buffer overflow that causes the browser to crash or execute arbitrary code. Attackers could trick users into visiting specially crafted web sites that exploit this bug (CVE-2006-0019).
| | Author: | Ludwig Nussel | | Homepage: | http://www.suse.com | | File Size: | 16441 | | Last Modified: | Jan 26 06:06:08 2006 |
| MD5 Checksum: | d4aa6a76a958cfcb774a256f84cd94a1 |
|
| /// File Name: |
dsa-937-1.txt |
Description:
|
Debian Security Advisory DSA 937-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in tetex-bin, the binary files of teTeX, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 15727 | | Related CVE(s): | CVE-2005-3191, CVE-2005-3192, CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, CVE-2005-3628 | | Last Modified: | Jan 15 16:44:49 2006 |
| MD5 Checksum: | 635b5e6044bdbb7b8ef3d66674e75834 |
|
| /// File Name: |
dsa-943-1.txt |
Description:
|
Debian Security Advisory DSA 943-1 - Jack Louis discovered an integer overflow in Perl, Larry Wall's Practical Extraction and Report Language, that allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via specially crafted content that is passed to vulnerable format strings of third party software.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 14954 | | Related CVE(s): | CVE-2005-3962 | | Last Modified: | Jan 22 01:03:10 2006 |
| MD5 Checksum: | 115e28fca2fb2ddfd1fb58f264dbbd57 |
|
| /// File Name: |
SUSE-SA-2006-004.txt |
Description:
|
Stefan Esser discovered a bug in in the register_globals emulation of phpMyAdmin that allowes to overwrite variables. An attacker could exploit the bug to ultimately execute code (CVE-2005-4079). Additionally several cross-site-scripting bugs were discovered (CVE-2005-3787, CVE-2005-3665).
| | Author: | Ludwig Nussel | | Homepage: | http://www.suse.com | | File Size: | 14534 | | Last Modified: | Jan 27 09:02:28 2006 |
| MD5 Checksum: | 5540d4c1518e4fd77b1b8597f5b4585c |
|
| /// File Name: |
sa18428.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for tetex-bin. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18428/ | | File Size: | 14084 | | Last Modified: | Jan 12 17:56:50 2006 |
| MD5 Checksum: | 22b1bcd6a1fd64cfaa14f8eee62c7f65 |
|
| /// File Name: |
USN-246-1.txt |
Description:
|
Ubuntu Security Notice USN-246-1 - Multiple vulnerabilities in imagemagick.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 13476 | | Last Modified: | Jan 25 09:25:47 2006 |
| MD5 Checksum: | 106586444bbaa00d85e6345878d5aefe |
|
| /// File Name: |
sa18413.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for perl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable Perl application.
| | Homepage: | http://secunia.com/advisories/18413/ | | File Size: | 13364 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | e102d9811ee82cbc787807abc41ce079 |
|
| /// File Name: |
dsa-947-1.txt |
Description:
|
Debian Security Advisory DSA 947-1 - A heap overflow has been discovered in ClamAV, a virus scanner, which could allow an attacker to execute arbitrary code by sending a carefully crafted UPX-encoded executable to a system runnig ClamAV. In addition, other potential overflows have been corrected.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 13157 | | Last Modified: | Jan 22 23:54:33 2006 |
| MD5 Checksum: | e0f9172e9548d42e3a852aa6165d9864 |
|
| /// File Name: |
cisco-sa-20060111-mars.txt |
Description:
|
Cisco Security Advisory - The Cisco Security Monitoring, Analysis and Response System (CS-MARS) software contains a default password for an undocumented administrative account. This password is set, without any user intervention, during installation of the software used by CS-MARS appliances, and is the same in all installations of the product. Users must be authenticated to the CS-MARS command line in order to utilize the default password to access the administrative account. Software version 4.1.2 and earlier of CS-MARS are affected by this vulnerability. Customers running software version 4.1.3 or higher can mitigate the effects of this vulnerability by applying the workaround listed in this advisory.
| | Homepage: | http://www.cisco.com | | File Size: | 12662 | | Last Modified: | Jan 15 16:26:16 2006 |
| MD5 Checksum: | 71520211bfff6eb63894b10ce679d8a2 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
