Section: .. / 0603-advisories /
| /// File Name: |
dsa-1001-1.txt |
Description:
|
Debian Security Advisory DSA 1001-1 - It was discovered that Crossfire, a multiplayer adventure game, performs insufficient bounds checking on network packets when run in "oldsocketmode", which may possibly lead to the execution of arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 12521 | | Last Modified: | Mar 14 23:37:20 2006 |
| MD5 Checksum: | a381cfe35262e005f058d5ea58f5251d |
|
| /// File Name: |
dsa-1009-1.txt |
Description:
|
Debian Security Advisory DSA 1009-1 - A buffer overflow has been discovered in the crossfire game which allows remote attackers to execute arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 12228 | | Last Modified: | Mar 21 22:40:53 2006 |
| MD5 Checksum: | 8f97ddf7d46a6a94600fa734981429a6 |
|
| /// File Name: |
CORE-2006-0327.txt |
Description:
|
Core Security Technologies - Corelabs Advisory CORE-2006-0327: IAXclient is an open source library that implements the IAX2 VoIP protocol used by the Asterisk IP PBX and several VoIP software phones. Two vulnerabilities have been found in the library that may grant attackers remote execution of arbitrary code on systems using software packages that rely on it to implement the IAX2 protocol support.
| | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 11904 | | Last Modified: | Jun 11 05:39:19 2006 |
| MD5 Checksum: | b509af5b58e8d1eea0fc3bcc0d0619e9 |
|
| /// File Name: |
dsa-992-1.txt |
Description:
|
Debian Security Advisory DSA 992-1 - Simon Kilvington discovered that specially crafted PNG images can trigger a heap overflow in libavcodec, the multimedia library of ffmpeg, which may lead to the execution of arbitrary code.
| | Author: | Moritz Muehlenhoff | | Homepage: | http://www.debian.org/security/ | | File Size: | 11279 | | Related CVE(s): | CVE-2005-4048 | | Last Modified: | Mar 11 03:36:30 2006 |
| MD5 Checksum: | 5f71de37d41e5915247dc5bad090b055 |
|
| /// File Name: |
sa19276.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for crossfire. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/19276/ | | File Size: | 11127 | | Last Modified: | Mar 20 22:27:23 2006 |
| MD5 Checksum: | f94d9486e8ffad0906477c9257f9e235 |
|
| /// File Name: |
sa19194.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for crossfire. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/19194/ | | File Size: | 11067 | | Last Modified: | Mar 15 20:10:22 2006 |
| MD5 Checksum: | 0befed19003acd9fa2021c38b09f77c9 |
|
| /// File Name: |
nCipher14.txt |
Description:
|
nCipher Security Advisory No. 14 - During a major code review carried out for a recent release, nCipher discovered some undesirable features in the nCore code base.
| | Homepage: | http://www.ncipher.com/ | | File Size: | 11044 | | Last Modified: | Mar 10 01:21:11 2006 |
| MD5 Checksum: | 4b59279633529c99b631997833b7cb7d |
|
| /// File Name: |
dsa-986-1.txt |
Description:
|
Debian Security Advisory DSA 986-1 - Evgeny Legerov discovered several out-of-bounds memory accesses in the DER decoding component component of the Tiny ASN.1 Library, which is also present and used in GnuTLS, the GNU implementation for Transport Layer Security (TLS) 1.0 and Secure Sockets Layer (SSL) 3.0 protocols and which allows attackers to crash the DER decoder and possibly execute arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 11040 | | Last Modified: | Mar 8 05:56:39 2006 |
| MD5 Checksum: | 19cd2451b003e83be790bba9c593fbbd |
|
| /// File Name: |
APPLE-SA-2006-03-01.txt |
Description:
|
APPLE-SA-2006-03-01 Security Update 2006-001 - A new update has been released for Mac OS X that addresses vulnerabilities in apache_mod_php, automount, COM, Directory Services, FileVault, IPSec, LibSystem, Mail, perl, rsync, Safari, LaunchServices, and Syndication.
| | Homepage: | http://www.apple.com | | File Size: | 10972 | | Related CVE(s): | CVE-2005-3319, CVE-2005-3353, CVE-2005-3391, CVE-2005-3392, CVE-2006-0384, CVE-2006-0391, CVE-2005-2713, CVE-2005-2714, CVE-2006-0386, CVE-2006-0383, CVE-2005-3706, CVE-2006-0395, CVE-2005-4217, CVE-2005-3712, CVE-2005-4504, CVE-2006-0387, CVE-2006-0388, CVE-2006-0394, CVE-2006-0389 | | Last Modified: | Mar 3 09:09:05 2006 |
| MD5 Checksum: | 6f0b844d25580b154ac7c81e21114787 |
|
| /// File Name: |
sa19380.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for evolution. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/19380/ | | File Size: | 10514 | | Last Modified: | Mar 27 02:53:51 2006 |
| MD5 Checksum: | 676a509414eca2428df0269b47f81df9 |
|
| /// File Name: |
windowsHelp.txt |
Description:
|
There is a heap based buffer overflow in the rendering engine of .hlp files in winhlp32.exe which will allow some attacker the possibility of modifying the internal structure of the process with a means to execute arbitrary and malicious code.
| | Author: | c0ntex | | Homepage: | http://www.open-security.org | | File Size: | 10274 | | Last Modified: | Apr 1 11:29:44 2006 |
| MD5 Checksum: | 6e1e64447f6b86d638f37dff20bc45c6 |
|
| /// File Name: |
TUVSA-0603-001.txt |
Description:
|
Technical University of Vienna Security Advisory - Multiple XSS vulnerabilities in DCP Portal Versions 6.1.1 and prior.
| | Homepage: | http://www.seclab.tuwien.ac.at | | File Size: | 10156 | | Last Modified: | Mar 10 02:08:01 2006 |
| MD5 Checksum: | 2727ec564f17d6bb3d430463f467a7a3 |
|
| /// File Name: |
sa19192.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for ffmpeg. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19192/ | | File Size: | 10132 | | Last Modified: | Mar 13 21:05:36 2006 |
| MD5 Checksum: | d65ae0390d4bfc288f12ffe6c630d120 |
|
| /// File Name: |
FLSA-2006-168264-2.txt |
Description:
|
Several integer overflow bugs were found in the way X.org parses pixmap images. It is possible for a user to gain elevated privileges by loading a specially crafted pixmap image.
| | Homepage: | http://www.fedoralegacy.org | | File Size: | 9845 | | Last Modified: | Mar 9 04:21:38 2006 |
| MD5 Checksum: | 42b758c99ffe11aab6d85f28dea5da28 |
|
| /// File Name: |
dsa-994-1.txt |
Description:
|
Debian Security Advisory DSA 994-1 - Luigi Auriemma discovered a denial of service condition in the free Civilization server that allows a remote user to trigger a server crash.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 9785 | | Last Modified: | Mar 13 22:08:40 2006 |
| MD5 Checksum: | 1253c1c826de7318ee7d11630beaadd5 |
|
| /// File Name: |
sa19080.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gnutls11. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/19080/ | | File Size: | 9699 | | Last Modified: | Mar 6 18:25:57 2006 |
| MD5 Checksum: | aaa8dd787b857f65cce3c2db14ff394e |
|
| /// File Name: |
dsa-998-1.txt |
Description:
|
Debian Security Advisory DSA 998-1 - Derek Noonburg has fixed several potential vulnerabilities in xpdf, which are also present in libextractor, a library to extract arbitrary meta-data from files.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 9412 | | Last Modified: | Mar 14 23:34:35 2006 |
| MD5 Checksum: | 58a4972643a058147e8aba5ac96a8bf3 |
|
| /// File Name: |
SSRT051251-2.txt |
Description:
|
HPSBUX02074 SSRT051251 rev.2 - Apache-based Web Server on HP-UX mod_ssl, proxy_http, Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access.
| | Homepage: | http://www.itrc.hp.com/service/cki/secBullArchive.do | | File Size: | 9297 | | Last Modified: | Mar 21 23:11:07 2006 |
| MD5 Checksum: | 822a5ee0dd0792967d42831bde87917b |
|
| /// File Name: |
FLSA-2006-178606.txt |
Description:
|
Fedora Legacy Update Advisory - The International Domain Name (IDN) support in the Konqueror browser allowed remote attackers to spoof domain names using punycode encoded domain names. Such domain names are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
| | Homepage: | http://fedoralegacy.org | | File Size: | 8776 | | Last Modified: | Mar 21 22:53:52 2006 |
| MD5 Checksum: | 1752e120757cfe6fe7dc42a6ee93cda4 |
|
| /// File Name: |
sa19227.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for freeciv. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/19227/ | | File Size: | 8687 | | Last Modified: | Mar 13 21:05:36 2006 |
| MD5 Checksum: | fffa744f1d2f3baf8fdbfa4f38e6121d |
|
| /// File Name: |
nCipher12.txt |
Description:
|
nCipher Security Advisory No. 12 - In some circumstances, Diffie-Hellman keys generated by an HSM may be less secure than previously thought. An attack which recovers a vulnerable private key is (for typical parameters), expensive but possible.
| | Homepage: | http://www.ncipher.com/ | | File Size: | 8480 | | Last Modified: | Mar 10 01:20:01 2006 |
| MD5 Checksum: | 63cb4a58e3b6e0f6f4a52a8e1d68fdc2 |
|
| /// File Name: |
FLSA-2006-175404.txt |
Description:
|
Fedora Legacy Update Advisory - A flaw was discovered in Xpdf in that an attacker could construct a carefully crafted PDF file that would cause Xpdf to consume all available disk space in /tmp when opened.
| | Homepage: | http://fedoralegacy.org | | File Size: | 8419 | | Last Modified: | Mar 21 22:53:14 2006 |
| MD5 Checksum: | 60e478324f6cbda2c3afe65f749eb4ba |
|
| /// File Name: |
sa19164.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for libextractor. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19164/ | | File Size: | 8264 | | Last Modified: | Mar 14 20:33:49 2006 |
| MD5 Checksum: | 47df80db5d6a7bfbb1b734b7e60a2140 |
|
| /// File Name: |
advisory-18.txt |
Description:
|
A buffer overflow and installation script error in firebird 1.5.3 could lead to system compromise.
| | Author: | Joxean Koret | | File Size: | 8093 | | Last Modified: | Mar 13 21:28:44 2006 |
| MD5 Checksum: | 38934e06ca4dc2ca5c0174865880f75e |
|
| /// File Name: |
gnupgDetect.txt |
Description:
|
All versions of gnupg prior to 1.4.2.2 do not detect injection of unsigned data. Signature verification of non-detached signatures may give a positive result but when extracting the signed data, this data may be prepended or appended with extra data not covered by the signature. Thus it is possible for an attacker to take any signed message and inject extra arbitrary data.
| | Author: | Werner Koch | | Homepage: | http://www.gnupg.org/ | | File Size: | 7977 | | Related CVE(s): | CVE-2006-0049 | | Last Modified: | Mar 11 03:28:40 2006 |
| MD5 Checksum: | 1624e40d532873ee965972a044eed1d7 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
