Section: .. / 0603-advisories /
| /// File Name: |
CodeScan-ASPPortal.txt |
Description:
|
ASPPortal version 3.00 is susceptible to more than ten SQL injection vulnerabilities.
| | Author: | CodeScan | | Homepage: | http://www.codescan.com/ | | File Size: | 3250 | | Last Modified: | Mar 15 05:25:45 2006 |
| MD5 Checksum: | c860d8901642d841f974a0fee1c82f05 |
|
| /// File Name: |
sa19316.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for xorg-x11-server. This fixes a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/19316/ | | File Size: | 3205 | | Last Modified: | Mar 21 20:21:03 2006 |
| MD5 Checksum: | 6fdcdf5456493a5290a245f4235c65e4 |
|
| /// File Name: |
glsa-200603-08.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200603-08 - OpenPGP is the standard that defines the format of digital signatures supported by GnuPG. OpenPGP signatures consist of multiple sections, in a strictly defined order. Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that certain illegal signature formats could allow signed data to be modified without detection. GnuPG has previously attempted to be lenient when processing malformed or legacy signature formats, but this has now been found to be insecure. Versions less than 1.4.2.2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3198 | | Last Modified: | Mar 11 03:39:43 2006 |
| MD5 Checksum: | fe3204fe45788d6ac2d0202780f95691 |
|
| /// File Name: |
sa19012.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and HTTP response splitting attacks, cause a DoS (Denial of Service), and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19012/ | | File Size: | 3182 | | Last Modified: | Mar 1 04:50:51 2006 |
| MD5 Checksum: | 4470a5b2e855a7250738b0e5e596b086 |
|
| /// File Name: |
sa19176.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for squirrelmail. This fixes some vulnerabilities, which can be exploited by malicious users to manipulate certain information and by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/19176/ | | File Size: | 3178 | | Last Modified: | Mar 10 00:50:11 2006 |
| MD5 Checksum: | 29877e915ed7b8afcc7fc29551a40697 |
|
| /// File Name: |
MDKSA-2006-057.txt |
Description:
|
Mandriva Linux Security Advisory - MDKSA-2006:057 - GNOME Evolution allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3178 | | Last Modified: | Mar 21 23:06:13 2006 |
| MD5 Checksum: | ad08e1c3c27d7593058d707a8e2a2094 |
|
| /// File Name: |
sa19218.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Flash Player, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19218/ | | File Size: | 3148 | | Last Modified: | Mar 15 05:10:17 2006 |
| MD5 Checksum: | c2214db79d3b38356323af82331a3ac0 |
|
| /// File Name: |
glsa-200603-03.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200603-03 - MPlayer makes use of the FFmpeg library, which is vulnerable to a heap overflow in the avcodec_default_get_buffer() function discovered by Simon Kilvington (see GLSA 200601-06). Furthermore, AFI Security Research discovered two integer overflows in ASF file format decoding, in the new_demux_packet() function from libmpdemux/demuxer.h and the demux_asf_read_packet() function from libmpdemux/demux_asf.c. Versions less than 1.0.20060217 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3096 | | Last Modified: | Mar 8 05:42:14 2006 |
| MD5 Checksum: | 1faeb2417156c9e931c8aa53911ef7dc |
|
| /// File Name: |
ZDI-06-006.txt |
Description:
|
ZDI-06-006: A buffer overflow exists in the Symantec VERITAS NetBackup Database Manager. Version 6.0 is affected.
| | Author: | Sebastian Apelt | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3096 | | Last Modified: | Apr 1 07:46:19 2006 |
| MD5 Checksum: | f38b6ec7ed39de2fa80303766c99d7d4 |
|
| /// File Name: |
dsa-1010-1.txt |
Description:
|
Debian Security Advisory DSA 1010-1 - Ulf Härnhammar from the Debian Security Audit Project discovered that ilohamail, a lightweight multilingual web-based IMAP/POP3 client, does not always sanitize input provided by users which allows remote attackers to inject arbitrary web script or HTML.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 3084 | | Last Modified: | Mar 21 22:41:22 2006 |
| MD5 Checksum: | fc002b8e471072fbc66b5926b4c77c43 |
|
| /// File Name: |
ZDI-06-005.txt |
Description:
|
ZDI-06-005: A buffer overflow exists in the Symantec VERITAS Volume Manager. Version 6.0 is affected.
| | Author: | Sebastian Apelt | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3078 | | Last Modified: | Apr 1 07:45:32 2006 |
| MD5 Checksum: | 82677173acd7a9b47769aa41a5d4f878 |
|
| /// File Name: |
MU-200603-01.txt |
Description:
|
MailEnable POP3 Pre-Authentication Buffer Overflow [MU-200603-01] - A remote buffer overflow condition in MailEnable's POP3 service could allow for arbitrary code execution. The vulnerable code can be exercised remotely without authentication.
| | Homepage: | http://labs.musecurity.com | | File Size: | 3056 | | Last Modified: | Mar 22 02:13:18 2006 |
| MD5 Checksum: | 7db6cfd35722383477d5e3763166b3fe |
|
| /// File Name: |
SCOSA-2006.14.txt |
Description:
|
SCO Security Advisory - SCOSA-2006.14 - Multiple X Window System server applications share code that may contain a flaw in the memory allocation for large pixmaps. The affected products include the X.Org X server applications.
| | Author: | SCO | | Homepage: | http://www.sco.com/support/security/index.html | | File Size: | 3030 | | Last Modified: | Mar 21 23:56:09 2006 |
| MD5 Checksum: | 47938db420a00f40d2a98b550db1a608 |
|
| /// File Name: |
dsa-996-1.txt |
Description:
|
Debian Security Advisory DSA 996-1 - Lincoln Stein discovered that the Perl Crypt::CBC module produces weak ciphertext when used with block encryption algorithms with a blocksize less than 8 bytes.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 2977 | | Last Modified: | Mar 13 22:10:15 2006 |
| MD5 Checksum: | a0b56dab26d7886d4f72c363d7c9b63e |
|
| /// File Name: |
ASPPortal-3.1.1.txt |
Description:
|
ASPPortal versions less than or equal to 3.1.1 suffer from multiple remote SQL injection vulnerabilities
| | Author: | nukedx | | Homepage: | http://www.nukedx.com | | File Size: | 2976 | | Last Modified: | Mar 21 23:40:22 2006 |
| MD5 Checksum: | 111f3121c602a426c2648bbb10c369ca |
|
| /// File Name: |
glsa-200603-19.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200603-19 - Ulf Harnhammar reported a possible buffer overflow in the handling of TFTP URLs in libcurl due to the lack of boundary checks. Versions less than 7.15.3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2959 | | Last Modified: | Mar 21 22:45:52 2006 |
| MD5 Checksum: | bcd075671569747691ac6ec7e26ea427 |
|
| /// File Name: |
glsa-200603-21.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200603-21 - ISS discovered that Sendmail is vulnerable to a race condition in the handling of asynchronous signals. Versions less than 8.13.6 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2957 | | Last Modified: | Mar 23 21:44:00 2006 |
| MD5 Checksum: | 91efedcdb1d58da7efb31edba5a5d2a8 |
|
| /// File Name: |
ZDI-06-004.txt |
Description:
|
ZDI-06-004: Microsoft Excel File Format Parsing Vulnerability - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2930 | | Last Modified: | Mar 14 23:40:18 2006 |
| MD5 Checksum: | 2617b7f781934d3a726c47c2122032bc |
|
| /// File Name: |
dsa-989-1.txt |
Description:
|
Debian Security Advisory DSA 989-1 - Neil McBride discovered that Zoph, a web based photo management system performs insufficient sanitizing for input passed to photo searches, which may lead to the execution of SQL commands through a SQL injection attack.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 2923 | | Last Modified: | Mar 10 01:22:58 2006 |
| MD5 Checksum: | 9330c95c989fef3f32a6290e9d5a808a |
|
| /// File Name: |
sa19229.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Adobe Document Server and Adobe Graphics Server, which can be exploited by malicious people to gain knowledge of potentially sensitive information, overwrite arbitrary files, or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/19229/ | | File Size: | 2921 | | Last Modified: | Mar 15 20:10:22 2006 |
| MD5 Checksum: | 2908bee2525a538c1e07b5f4b2b600ba |
|
| /// File Name: |
sa19258.txt |
Description:
|
Secunia Security Advisory - Francesco Ongaro has discovered multiple vulnerabilities in Milkeyway, which can be exploited by malicious users to conduct SQL injection attacks, and malicious people to conduct cross-site scripting attacks and SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/19258/ | | File Size: | 2911 | | Last Modified: | Mar 17 00:11:27 2006 |
| MD5 Checksum: | 77ddd34ab20a9f3ee0a08959184989fb |
|
| /// File Name: |
MDKSA-2006-061.txt |
Description:
|
Mandriva Linux Security Advisory - Scrubber.py, in Mailman 2.1.5 and earlier, when using email 2.5 (part of Python), is susceptible to a DoS (mailman service stops delivering for the list in question) if it encounters a badly formed mime multipart message with only one part and that part has two blank lines between the first boundary and the end boundary.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2901 | | Related CVE(s): | CVE-2006-0052 | | Last Modified: | Apr 1 08:57:08 2006 |
| MD5 Checksum: | b2b71d2742270acf212d1a21aa1139e7 |
|
| /// File Name: |
sa19307.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in X11, which can be exploited by malicious, local users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/19307/ | | File Size: | 2891 | | Last Modified: | Mar 21 20:21:03 2006 |
| MD5 Checksum: | 8c166b64a2bc82873dcf4f71b8bbed1e |
|
| /// File Name: |
sa19468.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for samba. This fixes a security issue, which can be exploited by malicious, local users to gain knowledge of sensitive information.
| | Homepage: | http://secunia.com/advisories/19468/ | | File Size: | 2867 | | Last Modified: | Mar 31 09:50:26 2006 |
| MD5 Checksum: | 0443f57c23679ad0112801378c2da9df |
|
| /// File Name: |
sa19310.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in WebLogic Server / Express, which can be exploited by malicious people to disclose potentially sensitive information and to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/19310/ | | File Size: | 2852 | | Last Modified: | Mar 21 20:21:03 2006 |
| MD5 Checksum: | ada0114458c23cd0414b9e7915d01742 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
