Section: .. / 0602-advisories /
| /// File Name: |
secunia-Visnetic.txt |
Description:
|
Secunia Research has discovered a vulnerability in the Visnetic AntiVirus Plug-in for MailServer, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the Visnetic AntiVirus Plug-in (DKAVUpSch.exe) not dropping its privileges before invoking other programs. This can be exploited to invoke arbitrary programs on the system with SYSTEM privileges. Versions affected are Visnetic AntiVirus Plug-in for MailServer 4.6.0.4 and 4.6.1.1.
| | Homepage: | http://www.secunia.com | | File Size: | 4003 | | Related CVE(s): | CVE-2006-0812 | | Last Modified: | Feb 26 04:42:42 2006 |
| MD5 Checksum: | b62cd513eedd8f6388064be8022ae861 |
|
| /// File Name: |
secunia-WinACE.txt |
Description:
|
Secunia Research has discovered a vulnerability in WinACE, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when reading an overly large ARJ header block into a fixed-sized heap buffer. This can be exploited to cause a heap-based buffer overflow. Successful exploitation allows execution of arbitrary code when a malicious ARJ archive is opened. WinACE version 2.60 is affected. Earlier versions may also be susceptible.
| | Author: | Tan Chew Keong | | Homepage: | http://www.secunia.com | | File Size: | 3557 | | Related CVE(s): | CVE-2006-0813 | | Last Modified: | Feb 26 04:46:22 2006 |
| MD5 Checksum: | 2e37a160a0ff7ff93147a7438af70312 |
|
| /// File Name: |
snews.txt |
Description:
|
sNews suffers from a XSS vulnerability in the comments section.
| | Homepage: | http://securitydot.net | | File Size: | 739 | | Last Modified: | Feb 17 01:17:20 2006 |
| MD5 Checksum: | 026e8f0f70b21a6e022a7e83c4fa4b35 |
|
| /// File Name: |
sNews.txt |
Description:
|
sNews suffers from XSS and SQL injection vulnerabilities.
| | Author: | Alexander Hristov | | Homepage: | http://securitydot.net | | File Size: | 529 | | Last Modified: | Feb 15 00:49:35 2006 |
| MD5 Checksum: | 37be0e60f879d251978ef2a630611377 |
|
| /// File Name: |
SoftMakerShop.txt |
Description:
|
Inputs in the SoftMaker Shop are not properly sanitized, and XSS is possible in a lot of the systems input fields and url parameters.
| | Author: | Preben Nyløkken | | File Size: | 658 | | Last Modified: | Feb 3 01:19:40 2006 |
| MD5 Checksum: | 4ce8985bad052dcb5026f0200694b4c4 |
|
| /// File Name: |
southRiver.txt |
Description:
|
South River WebDrive version 6.08 build 1131 is susceptible to a buffer overflow vulnerability.
| | Author: | Adrian Castro | | File Size: | 1641 | | Last Modified: | Feb 26 02:29:31 2006 |
| MD5 Checksum: | 5a6977841c8d9c9eb0dbba28fcb6b9f6 |
|
| /// File Name: |
SpeedCommander.txt |
Description:
|
SpeedCommander version 11.0, ZipStar version 5.1, and Squeez version 5.1 all suffer from directory traversal vulnerabilities when processing malicious JAR and ZIP files.
| | Author: | Hamid Ebadi | | Homepage: | http://hamid.ir/security | | File Size: | 1608 | | Last Modified: | Feb 26 05:34:07 2006 |
| MD5 Checksum: | 94bd1d15aa6280bd023b5b9f799381fa |
|
| /// File Name: |
SSRT051045.txt |
Description:
|
HPSBUX02097 SSRT051045 rev.2 - HP-UX Running DNS BIND4/BIND8 as Forwarders: Remote Unauthorized Privileged Access - A potential vulnerability has been identified with the HP-UX operating system running DNS BIND4 or BIND8 configured as forwarders. The vulnerability could be exploited remotely to gain unauthorized privileged access to the DNS clients.
| | Author: | HP | | Homepage: | http://www.hp.com | | File Size: | 6972 | | Last Modified: | Feb 17 02:55:07 2006 |
| MD5 Checksum: | a551e0f71713a1904bc52814a7e1a558 |
|
| /// File Name: |
SSRT051102.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified in the SSL v2 implementation used in HP HTTP Server v5.9.6 that may allow a remote attacker to force the use of a weaker security protocol via a man-in-the-middle attack.
| | Author: | HP | | Homepage: | http://www.hp.com | | File Size: | 9718 | | Related CVE(s): | CAN-2005-2969 | | Last Modified: | Feb 13 07:25:28 2006 |
| MD5 Checksum: | 04c7e745be1b759d3e2316791b4988a4 |
|
| /// File Name: |
SSRT061108.txt |
Description:
|
HPSBMA02096 SSRT061108 rev.3 - HP Systems Insight Manager Remote Unauthorized Access via Directory Traversal - Potential security vulnerabilities have been identified with HP Systems Insight Manager (SIM) versions 4.0 and 5.0 running on Microsoft Windows. The potential vulnerabilities could be exploited to allow remote unauthorized access to files via directory traversal.
| | Author: | HP | | Homepage: | http://www.hp.com | | File Size: | 10061 | | Last Modified: | Feb 17 02:55:43 2006 |
| MD5 Checksum: | 71e0be519be47e0e0b97d394f9d4d2a5 |
|
| /// File Name: |
StuffIt.txt |
Description:
|
The StuffIt and ZipMagic family of products are susceptible to directory traversal attacks when fed malicious ZIP or TAR files.
| | Author: | Hamid Ebadi | | Homepage: | http://hamid.ir/security | | File Size: | 1635 | | Last Modified: | Feb 26 05:32:39 2006 |
| MD5 Checksum: | 3d494b20b5df6c1a0a9dba1cbe646e54 |
|
| /// File Name: |
SUSE-SA-2006-009.txt |
Description:
|
SUSE Security Announcement - With certain handcraftable signatures GPG was returning a 0 (valid signature) when used on command-line with option --verify. This only affects GPG version 1.4.x, so it only affects SUSE Linux 9.3 and 10.0. Other SUSE Linux versions are not affected. This could make automated checkers, like for instance the patch file verification checker of the YaST Online Update, pass malicious patch files as correct.
| | Author: | Ludwig Nussel | | Homepage: | http://www.suse.com | | File Size: | 14876 | | Last Modified: | Feb 20 23:50:34 2006 |
| MD5 Checksum: | da20b8c447a55ea800538ef715169f5c |
|
| /// File Name: |
SUSE-SA-2006-010.txt |
Description:
|
SUSE Security Announcement - An update has been released to fix a remotely exploitable stack buffer overflow in the pam_micasa authentication module.
| | Homepage: | http://www.suse.com | | File Size: | 11950 | | Related CVE(s): | CVE-2006-0736 | | Last Modified: | Feb 26 02:32:11 2006 |
| MD5 Checksum: | 41acb0431df9eb8cb4a8bd971718810a |
|
| /// File Name: |
SUSE-SA-2006-011.txt |
Description:
|
SUSE Security Announcement - A new release of Heimdal fixes a file ownership flaw and a bug in the telnet server.
| | Homepage: | http://www.suse.com | | File Size: | 18109 | | Related CVE(s): | CVE-2006-0582, CVE-2006-0677 | | Last Modified: | Feb 26 05:44:00 2006 |
| MD5 Checksum: | 25421df7037a142d3b4812b2350a6aba |
|
| /// File Name: |
SUSE-SA-2006-016.txt |
Description:
|
SUSE Security Announcement - SUSE-SA:2006:016 - A programming flaw in the X.Org X Server allows local attackers to gain root access when the server is setuid root, as is the default in SUSE Linux 10.0. This flaw was spotted by the Coverity project.
| | Homepage: | http://www.suse.com | | File Size: | 12311 | | Last Modified: | Mar 21 23:17:20 2006 |
| MD5 Checksum: | a6a9900c4c24468a7a237eb8cfc8c54d |
|
| /// File Name: |
TA06-032A.txt |
Description:
|
Technical Cyber Security Alert TA06-032A - America Online has released Winamp 5.13 to correct a buffer overflow vulnerability. By convincing a user to open a specially crafted playlist file, a remote unauthenticated attacker may be able to execute arbitrary code with the privileges of the user. Winamp may open a playlist file without any user interaction as the result of viewing a web page or other HTML document.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3413 | | Related CVE(s): | CVE-2006-0476 | | Last Modified: | Feb 2 20:44:39 2006 |
| MD5 Checksum: | 9ac370b0e6dbfd8423eda3fe243b723a |
|
| /// File Name: |
TA06-038A.txt |
Description:
|
Several vulnerabilities exist in the Mozilla web browser and derived products, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system. Version of Mozilla Firefox below 1.5.0.1 and versions of SeaMonkey below 1.0 are affected.
| | Homepage: | http://www.kb.cert.org/ | | File Size: | 4445 | | Related CVE(s): | CVE-2006-0296, CVE-2006-0295 | | Last Modified: | Feb 8 06:14:28 2006 |
| MD5 Checksum: | 50217de4119d3aa6ab0bb424c9e06e4e |
|
| /// File Name: |
TA06-045A.txt |
Description:
|
Technical Cyber Security Alert TA06-045A - Microsoft has released updates that address critical vulnerabilities in Windows, Windows Media Player, and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Author: | CERT | | Homepage: | http://www.us-cert.gov/ | | File Size: | 5247 | | Last Modified: | Feb 15 00:24:54 2006 |
| MD5 Checksum: | 63f2fe31ea7957552c8fec487f461436 |
|
| /// File Name: |
TA06-053A.txt |
Description:
|
Technical Cyber Security Alert TA06-053A - A file type determination vulnerability in Apple Safari could allow a remote attacker to execute arbitrary commands on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3379 | | Last Modified: | Feb 26 04:08:24 2006 |
| MD5 Checksum: | 736b608ae9a0707f17a38cf82a9403bb |
|
| /// File Name: |
tam-file-retrieval.txt |
Description:
|
On December 1st, while conducting a penetration test of a TAM enabled web application, VSR identified a vulnerability in Tivoli Web Server Plug-in which is a component of Tivoli Access Manager (TAM). This flaw allows an authenticated attacker to retrieve files (which reside outside of the web root) from the web server on which the plug-in resides. It is possible to retrieve any file or list any directory which is readable by the web server software.
| | Author: | Virtual Security Research | | Homepage: | http://www.vsecurity.com/ | | File Size: | 5060 | | Last Modified: | Feb 6 04:40:54 2006 |
| MD5 Checksum: | 64cb1200a76e27f71e0e3896bcbaebac |
|
| /// File Name: |
truenorth.txt |
Description:
|
TrueNorth IA eMailserver version 5.3.4 is prone to a remote buffer overflow vulnerability in the IMAP server.
| | Author: | J. Antunes | | File Size: | 1114 | | Last Modified: | Feb 25 23:10:20 2006 |
| MD5 Checksum: | 02bd06e05d3a929067c0acbefb0afa63 |
|
| /// File Name: |
unidenWeak.txt |
Description:
|
The Uniden UIP1868P VoIP phone/gateway comes with a default password of admin without any login necessary.
| | Author: | pagvac | | File Size: | 3423 | | Last Modified: | Feb 25 02:20:27 2006 |
| MD5 Checksum: | 879095fd394dce02834f162963b3c464 |
|
| /// File Name: |
USN-247-1.txt |
Description:
|
Ubuntu Security Notice USN-247-1 - A privilege escalation flaw has been found in the heimdal rsh (remote shell) server. This allowed an authenticated attacker to overwrite arbitrary files and gain ownership of them.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 22677 | | Last Modified: | Feb 13 09:40:06 2006 |
| MD5 Checksum: | bb12e4b5b2a1702e44434aeefc8350be |
|
| /// File Name: |
USN-248-1.txt |
Description:
|
Ubuntu Security Notice USN-248-1 - unzip - A buffer overflow was discovered in the handling of file name arguments. By tricking a user or automated system into processing a specially crafted, excessively long file name with unzip, an attacker could exploit this to execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4632 | | Last Modified: | Feb 15 19:57:51 2006 |
| MD5 Checksum: | 037e7e6ec2fa370a398964e6943b370d |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
