.:[ packet storm ]:.
                             
beyond paranoid
beyond paranoid

 Section:  .. / 0602-advisories  /

Page 5 of 21
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 >> Files 100 - 125 of 514
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: MDKSA-2006-039.txt
Description:
 Mandriva Linux Security Advisory - Evgeny Legerov discovered cases of possible out-of-bounds access in the DER decoding schemes of libtasn1, when provided with invalid input. This library is bundled with gnutls.
Homepage:http://www.mandriva.com/security/
File Size:4263
Last Modified:Feb 15 00:20:33 2006
MD5 Checksum:03d40811690ae364624e113e66f411bb

 ///  File Name: secunia-LotusNotesTar.txt
Description:
 Secunia Research has discovered a vulnerability in Lotus Notes, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the TAR reader (tarrdr.dll) when extracting files from a TAR archive. This can be exploited to cause a stack-based buffer overflow via a TAR archive containing a file with a long filename. Successful exploitation allows execution of arbitrary code, but requires that the user views a malicious TAR archive and chooses to extracts a compressed file to a directory with a very long path (more than 220 bytes). Affected versions are Lotus Notes 6.5.4 and Lotus Notes 7.0.
Author:Carsten Eiram
Homepage:http://secunia.com/
File Size:4224
Related CVE(s):CAN-2005-2618
Last Modified:Feb 13 07:35:13 2006
MD5 Checksum:1a2d46a055e17e348078941b24c32d31

 ///  File Name: USN-254-1.txt
Description:
 Ubuntu Security Notice USN-254-1 - Javier Fernández-Sanguino Peña discovered that noweb scripts created temporary files in an insecure way. This could allow a symlink attack to create or overwrite arbitrary files with the privileges of the user running noweb.
Homepage:http://security.ubuntu.com/
File Size:4215
Last Modified:Feb 22 20:36:36 2006
MD5 Checksum:d1ae4f90847defdc67779771afc759a0

 ///  File Name: sa18875.txt
Description:
 Secunia Security Advisory - Debian has issued an update for gpdf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
Homepage:http://secunia.com/advisories/18875/
File Size:4206
Last Modified:Feb 15 19:37:35 2006
MD5 Checksum:8009cca1b5470d74de8016ac6763c01a

 ///  File Name: sa18948.txt
Description:
 Secunia Security Advisory - Debian has issued an update for pdfkit.framework. This fixes some potential vulnerabilities with unknown impacts.
Homepage:http://secunia.com/advisories/18948/
File Size:4188
Last Modified:Feb 20 21:08:24 2006
MD5 Checksum:5784db74d69d8fca5775260208ee5a30

 ///  File Name: sa18829.txt
Description:
 Secunia Security Advisory - Debian has issued an update for scponly. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
Homepage:http://secunia.com/advisories/18829/
File Size:4157
Last Modified:Feb 13 20:29:16 2006
MD5 Checksum:916c4ff9941e8f1a48024ba0640c34bd

 ///  File Name: glsa-200602-03.txt
Description:
 Gentoo Linux Security Advisory GLSA 200602-03 - Apache's mod_imap fails to properly sanitize the Referer directive of imagemaps in some cases, leaving the HTTP Referer header unescaped. A flaw in mod_ssl can lead to a NULL pointer dereference if the site uses a custom Error 400 document. These vulnerabilities were reported by Marc Cox and Hartmut Keil, respectively. Versions less than 2.0.55-r1 are affected.
Homepage:http://security.gentoo.org
File Size:4150
Last Modified:Feb 7 22:18:18 2006
MD5 Checksum:230c7b6d54832b4e8ea6a940f0fbc5b3

 ///  File Name: MDKSA-2006-043.txt
Description:
 Mandriva Linux Security Advisory - Tavis Ormandy discovered it is possible to make gpg incorrectly return success when verifying an invalid signature file.
Homepage:http://www.mandriva.com/security/
File Size:4127
Last Modified:Feb 20 21:32:53 2006
MD5 Checksum:4ea1a6bd072313194b504121580ab1de

 ///  File Name: sa18700.txt
Description:
 Secunia Security Advisory - Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, potentially disclose sensitive information, and potentially compromise a user's system.
Homepage:http://secunia.com/advisories/18700/
File Size:4109
Last Modified:Feb 2 20:34:25 2006
MD5 Checksum:c45bd99329d302d81a21ce53afcd16f9

 ///  File Name: secunia-Visnetic.txt
Description:
 Secunia Research has discovered a vulnerability in the Visnetic AntiVirus Plug-in for MailServer, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the Visnetic AntiVirus Plug-in (DKAVUpSch.exe) not dropping its privileges before invoking other programs. This can be exploited to invoke arbitrary programs on the system with SYSTEM privileges. Versions affected are Visnetic AntiVirus Plug-in for MailServer 4.6.0.4 and 4.6.1.1.
Homepage:http://www.secunia.com
File Size:4003
Related CVE(s):CVE-2006-0812
Last Modified:Feb 26 04:42:42 2006
MD5 Checksum:b62cd513eedd8f6388064be8022ae861

 ///  File Name: sa16100.txt
Description:
 Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Verity KeyView SDK, which can be exploited by malicious people to bypass certain security restrictions or compromise a user's system.
Homepage:http://secunia.com/advisories/16100/
File Size:3999
Last Modified:Feb 11 20:35:30 2006
MD5 Checksum:bbac6e7a89d0472ddcbee68ed2670a94

 ///  File Name: glsa-200602-11.txt
Description:
 Gentoo Linux Security Advisory GLSA 200602-11 - To copy from a local filesystem to another local filesystem, scp constructs a command line using 'cp' which is then executed via system(). Josh Bressers discovered that special characters are not escaped by scp, but are simply passed to the shell. Versions less than 4.2_p1-r1 are affected.
Homepage:http://security.gentoo.org
File Size:3992
Last Modified:Feb 22 20:34:22 2006
MD5 Checksum:07a29c9ce849564f06d837b95ad63751

 ///  File Name: dsa-973-1.txt
Description:
 Debian Security Advisory DSA 973-1 - Several vulnerabilities have been discovered in otrs, the Open Ticket Request System, that can be exploited remotely.
Author:Martin Schulze
Homepage:http://www.debian.org/security/
File Size:3967
Last Modified:Feb 15 19:53:40 2006
MD5 Checksum:6ef3591d7ce3f3ffa2aba402b13d96fe

 ///  File Name: pearLiveUser.txt
Description:
 PEAR LiveUser versions 0.16.8 and below suffer from an arbitrary file access vulnerability.
Author:James Bercegay
Homepage:http://www.gulftech.org/
File Size:3915
Last Modified:Feb 25 23:30:18 2006
MD5 Checksum:7d0033bc72b2a4cac3db0c5251426443

 ///  File Name: glsa-200602-09.txt
Description:
 Gentoo Linux Security Advisory GLSA 200602-08 - Evgeny Legerov has reported a flaw in the DER decoding routines provided by libtasn1, which could cause an out of bounds access to occur. Versions less than 0.2.18 are affected.
Homepage:http://security.gentoo.org
File Size:3899
Last Modified:Feb 16 23:05:05 2006
MD5 Checksum:3f4f204d3f10c69cf4239e07b936f925

 ///  File Name: glsa-200602-08.txt
Description:
 Gentoo Linux Security Advisory GLSA 200602-08 - Evgeny Legerov has reported a flaw in the DER decoding routines provided by libtasn1, which could cause an out of bounds access to occur. Versions less than 0.2.18 are affected.
Homepage:http://security.gentoo.org
File Size:3899
Last Modified:Feb 16 23:05:00 2006
MD5 Checksum:3f4f204d3f10c69cf4239e07b936f925

 ///  File Name: bugzillaMultiple.txt
Description:
 Bugzilla versions 2.17.1 and above suffer from SQL injection flaws. Versions 2.20rc1 through 2.20 and 2.21.1 suffer from cross site scripting flaws. Versions 2.19.3 and above suffer from sensitive data exposure flaws.
Homepage:http://www.bugzilla.org/
File Size:3851
Last Modified:Feb 25 23:22:00 2006
MD5 Checksum:9f98bb12da6919b9256102ab51db3085

 ///  File Name: glsa-200602-05.txt
Description:
 Gentoo Linux Security Advisory GLSA 200602-05 - KPdf includes Xpdf code to handle PDF files. Dirk Mueller discovered that the Xpdf code is vulnerable a heap based overflow in the splash rasterizer engine. Versions less than 3.4.3-r4 are affected.
Homepage:http://security.gentoo.org
File Size:3838
Last Modified:Feb 13 09:37:55 2006
MD5 Checksum:28424f9abafdde444d9727057bee16d3

 ///  File Name: glsa-200602-04.txt
Description:
 Gentoo Linux Security Advisory GLSA 200602-04 - Dirk Mueller has reported a vulnerability in Xpdf. It is caused by a missing boundary check in the splash rasterizer engine when handling PDF splash images with overly large dimensions. Versions less than 3.01-r7 are affected.
Homepage:http://security.gentoo.org
File Size:3783
Last Modified:Feb 13 09:37:49 2006
MD5 Checksum:11fe831c0ee16bf5c8b611405c4fc1c5

 ///  File Name: invision214.txt
Description:
 Invision Power Board versions 2.1.4 and below are susceptible to path disclosure issues.
Author:Paisterist
Homepage:http://neosecurityteam.net/
File Size:3720
Last Modified:Feb 25 23:26:26 2006
MD5 Checksum:8e90337ff1f8286a3e838ee96d19f244

 ///  File Name: Advisory-16.txt
Description:
 Invision Power Board 2.1.4 Multiple Full Path Disclosure Vulnerabilities.
Author:Paisterist
Homepage:http://neosecurityteam.net
File Size:3720
Last Modified:Feb 22 21:10:38 2006
MD5 Checksum:8e90337ff1f8286a3e838ee96d19f244

 ///  File Name: sa18968.txt
Description:
 Secunia Security Advisory - SUSE has issued an update for gpg / liby2util. This fixes a security issue, which potentially can be exploited by malicious people to bypass certain security restrictions.
Homepage:http://secunia.com/advisories/18968/
File Size:3685
Last Modified:Feb 21 21:14:58 2006
MD5 Checksum:725b7b106a32453c29b928b55775ed6c

 ///  File Name: FreeBSD-SA-06-08.sack.txt
Description:
 FreeBSD Security Advisory FreeBSD-SA-06:08.sack - SACK (Selective Acknowledgment) is an extension to the TCP/IP protocol that allows hosts to acknowledge the receipt of some, but not all, of the packets sent, thereby reducing the cost of retransmissions. When insufficient memory is available to handle an incoming selective acknowledgment, the TCP/IP stack may enter an infinite loop.
Author:Scott Wood
Homepage:http://www.freebsd.org/security/
File Size:3673
Related CVE(s):CVE-2006-0433
Last Modified:Feb 2 20:43:02 2006
MD5 Checksum:6b1c54981d986ac912087927224ba779

 ///  File Name: MDKSA-2006-047.txt
Description:
 Mandriva Linux Security Advisory - Ulf Harnhammar discovered a buffer overflow vulnerability in the way that metamail handles certain mail messages. An attacker could create a carefully-crafted message that, when parsed via metamail, could execute arbitrary code with the privileges of the user running metamail.
Homepage:http://www.mandriva.com/security/
File Size:3663
Related CVE(s):CVE-2006-0709
Last Modified:Feb 26 04:35:22 2006
MD5 Checksum:1a9109a15bc1ca18fe140bdd59a8162e

 ///  File Name: 02.10.06.txt
Description:
 iDEFENSE Security Advisory 02.10.06 - Remote exploitation of a denial of service vulnerability in IBM Corp.'s Lotus Domino LDAP server allows attackers to crash the service, thereby preventing legitimate access. iDEFENSE is currently unaware of exploits for this vulnerability other than those maintained by iDEFENSE Labs. iDEFENSE has confirmed the existence of this vulnerability in Lotus Domino Server version 6.5.4. It is suspected that earlier versions of Lotus Domino Server are also affected.
Author:Sebastian Apelt
Homepage:http://www.idefense.com/
File Size:3647
Related CVE(s):CAN-2005-2712
Last Modified:Feb 13 07:49:12 2006
MD5 Checksum:bc8355da78cbb6e50ad03eeec11df593
 

 ///  Last 10 Files
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citectodbc-fivews.txt
  5. :· citect_scada_odbc.rb.txt
  6. :· flockweb-dos.txt
  7. :· google-chrome-dos4.txt
  8. :· google-download2.txt
  9. :· PLSA-2008-41.txt
  10. :· PLSA-2008-40.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· PLSA-2008-41.txt
  2. :· PLSA-2008-40.txt
  3. :· PLSA-2008-39.txt
  4. :· PLSA-2008-38.txt
  5. :· PLSA-2008-37.txt
  6. :· MDVSA-2008-188.txt
  7. :· glsa-200809-05.txt
  8. :· PLSA-2008-36.txt
  9. :· microworld-insecure.txt
  10. :· SSRT080119.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citect_scada_odbc.rb.txt
  5. :· flockweb-dos.txt
  6. :· google-chrome-dos4.txt
  7. :· google-download2.txt
  8. :· webcmsportal-blindsql.txt
  9. :· esfaq-sql.txt
  10. :· vastal-itechcosmetics.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· clamav-0.94.tar.gz
  2. :· distack-1.1.0-dev.tar.gz
  3. :· samhain-2.4.6.tar.gz
  4. :· sqlmap-0.6.tar.gz
  5. :· psbot.py.txt
  6. :· mimedefang-2.65.tar.gz
  7. :· advchk-2.11.tar.bz2
  8. :· kisgearth-0.01f.tar.bz2
  9. :· lynis-1.2.0.tar.gz
  10. :· fwknop-1.9.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· citectodbc-fivews.txt
  2. :· freebsd-revcon.txt
  3. :· insecurityoverview-samsung.pdf
  4. :· xcon2008-cfp.txt
  5. :· aslr-bypass.txt
  6. :· alphanumeric-shellcode.txt
  7. :· imagebase-shellcode.txt
  8. :· mysql-injection-newbies.txt
  9. :· draft-gont-opsec-ip-security-01.txt
  10. :· draft-ietf-tsvwg-port-randomization-02.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice