Section: .. / 0608-advisories /
| /// File Name: |
MDKSA-2006-154.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-154 - The libXm library in LessTif versions 0.95.0 and earlier allows local users to gain privileges via the DEBUG_FILE environment variable, which is used to create world-writable files when libXm is run from a setuid program.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4833 | | Related CVE(s): | CVE-2006-4124 | | Last Modified: | Aug 29 13:00:05 2006 |
| MD5 Checksum: | 2173c0f4d5d32c1a6073bad6c3fc4a30 |
|
| /// File Name: |
dsa-1140-1.txt |
Description:
|
Debian Security Advisory 1140-1 - Evgeny Legerov discovered that overly large comments can crash gnupg.
| | Homepage: | http://www.debian.org/security | | File Size: | 4821 | | Related CVE(s): | CVE-2006-3746 | | Last Modified: | Aug 17 04:49:23 2006 |
| MD5 Checksum: | 891b77c9face00b999bcfcca482d1aff |
|
| /// File Name: |
secunia-aol.txt |
Description:
|
Secunia Research has discovered a security issue in AOL, which can be exploited by malicious, local users to manipulate arbitrary files. The problem is that AOL sets insecure default permissions (grants "Everyone" group "Full Control") on the "America Online 9.0" directory and all child objects. This can be exploited to remove, manipulate, and replace any of the application's files.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4821 | | Last Modified: | Aug 27 15:16:29 2006 |
| MD5 Checksum: | 4da9e31eab183759f7dca787537af7d7 |
|
| /// File Name: |
MDKSA-2006-138.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-138 - Damian Put discovered a boundary error in the UPX extraction module in ClamAV which is used to unpack PE Windows executables. This could be abused to cause a Denial of Service issue and potentially allow for the execution of arbitrary code with the permissions of the user running clamscan or clamd.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4796 | | Related CVE(s): | CVE-2006-4018 | | Last Modified: | Aug 26 20:21:44 2006 |
| MD5 Checksum: | 156c6851c34b1f7f89c82f4abadbfb01 |
|
| /// File Name: |
EEYEB-20060719.txt |
Description:
|
eEye Digital Security has discovered a vulnerability in McAfee Security Center that ships with all McAfee consumer products. There is a remote code execution vulnerability that allows an attacker to take complete control of a remote computer by exploiting a vulnerability found in the Subscription Manager ActiveX control.
| | Homepage: | http://www.eeye.com/ | | File Size: | 4772 | | Last Modified: | Aug 18 01:23:22 2006 |
| MD5 Checksum: | 7bc189cfeb13dd834ac8dd9109dc3f18 |
|
| /// File Name: |
dsa-1138-1.txt |
Description:
|
Debian Security Advisory 1138-1 - Carlo Contavalli discovered an integer overflow in CFS, a cryptographic filesystem, which allows local users to crash the encryption daemon.
| | Homepage: | http://www.debian.org/security | | File Size: | 4733 | | Related CVE(s): | CVE-2006-3123 | | Last Modified: | Aug 17 04:14:06 2006 |
| MD5 Checksum: | 2c6c6a33a868b45c29be06989fe6e121 |
|
| /// File Name: |
EEYE-MS06-042.txt |
Description:
|
eEye has confirmed that the Internet Explorer crash vulnerability as described in MS06-042 is indeed exploitable.
| | Author: | Derek Soeder | | Homepage: | http://www.eeye.com/ | | File Size: | 4689 | | Last Modified: | Aug 27 19:41:54 2006 |
| MD5 Checksum: | 9ef47386e4e24ffcfa4cb0702d3629b0 |
|
| /// File Name: |
alsapbof.txt |
Description:
|
AlsaPlayer versions 0.99.76 and below suffer from multiple buffer overflows.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org | | Related Exploit: | alsapbof.zip | | File Size: | 4659 | | Last Modified: | Aug 26 21:00:13 2006 |
| MD5 Checksum: | 3951f0c4008697e8598b567265934fbc |
|
| /// File Name: |
sa21408.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Visual Basic for Applications, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21408/ | | File Size: | 4656 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | 41ed442b83fcc901b152e4fa69b4fe1b |
|
| /// File Name: |
sa21434.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for ncompress. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21434/ | | File Size: | 4638 | | Last Modified: | Aug 17 00:44:27 2006 |
| MD5 Checksum: | 41b8b80735dc943c0b5bbe3326cb4a2b |
|
| /// File Name: |
MDKSA-2006-144.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-144 - A vulnerability was discovered in the sscanf function of PHP that could allow attackers in certain circumstances to execute arbitrary code via argument swapping which incremented an index past the end of an array and triggered a buffer over-read.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4632 | | Related CVE(s): | CVE-2006-4020 | | Last Modified: | Aug 27 17:48:05 2006 |
| MD5 Checksum: | 98f423f939b00e7099687390a772bbf9 |
|
| /// File Name: |
sa21333.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gnupg. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/21333/ | | File Size: | 4617 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | 24f5f1a100d770c32b085a6319f158ac |
|
| /// File Name: |
sa21339.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gpdf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21339/ | | File Size: | 4606 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | bc0f96a0859906c6657fa43e3fc7d5d0 |
|
| /// File Name: |
cgiDisclose.txt |
Description:
|
A CGI script source disclosure flaw exists for Apache version 2.2.2 on Windows.
| | Author: | Susam Pal | | Homepage: | http://susampal.blogspot.com/ | | File Size: | 4583 | | Last Modified: | Aug 26 20:32:52 2006 |
| MD5 Checksum: | 145c95696dbc34d7cfc103b8a21ec363 |
|
| /// File Name: |
TSRT-06-07.txt |
Description:
|
The eIQnetworks Enterprise Security Analyzer suffers from multiple vulnerabilities that allow remote attackers the ability to execute arbitrary code.
| | Author: | Pedram Amini | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 4580 | | Related CVE(s): | CVE-2006-3838 | | Last Modified: | Aug 18 01:54:32 2006 |
| MD5 Checksum: | b793276ff876a405eb48b8b0259692db |
|
| /// File Name: |
sa21534.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for trac. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks and disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/21534/ | | File Size: | 4569 | | Last Modified: | Aug 20 21:48:37 2006 |
| MD5 Checksum: | ebd82fd57e6a074ceebfa3dff7be71ae |
|
| /// File Name: |
sa21609.txt |
Description:
|
Secunia Security Advisory - Trustix has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21609/ | | File Size: | 4542 | | Last Modified: | Aug 26 20:18:48 2006 |
| MD5 Checksum: | 68e920eab1efdfcbe5351dcbac65d097 |
|
| /// File Name: |
sa21341.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for cfs. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/21341/ | | File Size: | 4539 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | 881c4569d8c2934d28060b2db6141ad8 |
|
| /// File Name: |
ocpbof.txt |
Description:
|
Open Cuber Player versions 2.6.0pre6 and below on DOS/Windows and versions 0.1.10_rc5 and below on Linux and *BSD suffer from buffer overflows.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org | | Related Exploit: | ocpbof.zip | | File Size: | 4530 | | Last Modified: | Aug 17 01:56:16 2006 |
| MD5 Checksum: | b439a9d96a0628fa0e476123d348d45e |
|
| /// File Name: |
sa20889.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Jetbox CMS, which can be exploited by malicious people to conduct session fixation attacks, disclose certain system information, conduct cross-site scripting, script insertion, and SQL injection attacks, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20889/ | | File Size: | 4504 | | Last Modified: | Aug 2 23:35:36 2006 |
| MD5 Checksum: | 727f898aa45c180087fee60cb284354d |
|
| /// File Name: |
ScatterChat-2006-01.txt |
Description:
|
ScatterChat Advisory 2006-01 - Steven Murdoch, a security researcher with the University of Cambridge, discovered a theoretical weakness in ScatterChat's cryptographic module. He found that an eavesdropper might locate patterns in a private communications channel if extraordinarily large amounts of messages were exchanged in a single conversation.
| | Homepage: | http://www.scatterchat.com/ | | File Size: | 4450 | | Related CVE(s): | CVE-2006-4021 | | Last Modified: | Aug 26 22:40:56 2006 |
| MD5 Checksum: | 933d03d7f648cbedd9c0130a59fdea1f |
|
| /// File Name: |
sa21396.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to gain knowledge of certain information or compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21396/ | | File Size: | 4444 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | a49f6919047486672bbe4a4f6afb41a7 |
|
| /// File Name: |
TA06-220A.txt |
Description:
|
Technical Cyber Security Alert TA06-220A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Office, and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4425 | | Last Modified: | Aug 18 02:33:41 2006 |
| MD5 Checksum: | 7ec097a96a4e090747f3fde6af006749 |
|
| /// File Name: |
MDKSA-2006-153.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-153 - A stack-based buffer overflow in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code. A buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format record in which the length character is not a valid hexadecimal character.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4407 | | Related CVE(s): | CVE-2005-4807, CVE-2006-2362 | | Last Modified: | Aug 29 12:58:56 2006 |
| MD5 Checksum: | db71ffc94da6ff91a51660da2b149cd4 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
