Section: .. / 0602-advisories /
| /// File Name: |
USN-248-2.txt |
Description:
|
Ubuntu Security Notice USN-248-2 - USN-248-1 fixed a vulnerability in unzip. However, that update inadvertently changed the field order in the contents listing output, which broke unzip frontends like file-roller. The updated packages fix this regression.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4599 | | Last Modified: | Feb 15 20:05:50 2006 |
| MD5 Checksum: | e1599ca77edcaa922d0b30663d2913d5 |
|
| /// File Name: |
USN-249-1.txt |
Description:
|
Ubuntu Security Notice USN-249-1 - The splash image handler in xpdf did not check the validity of coordinates. By tricking a user into opening a specially crafted PDF file, an attacker could exploit this to trigger a buffer overflow which could lead to arbitrary code execution with the privileges of the user.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 31908 | | Last Modified: | Feb 15 20:02:25 2006 |
| MD5 Checksum: | c2674e0aec4e77150e6a2ca4482117e1 |
|
| /// File Name: |
USN-250-1.txt |
Description:
|
Ubuntu Security Notice USN-250-1 - Herbert Xu discovered a remote Denial of Service vulnerability in the ICMP packet handler. In some situations a memory allocation was released twice, which led to memory corruption. A remote attacker could exploit this to crash the machine.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 39490 | | Last Modified: | Feb 15 20:03:05 2006 |
| MD5 Checksum: | 979caaeab5bc4d763627f9bdff7f0128 |
|
| /// File Name: |
USN-251-1.txt |
Description:
|
Ubuntu Security Notice USN-251-1 - Evgeny Legerov discovered a buffer overflow in the DER format decoding function of the libtasn library. This library is mainly used by the GNU TLS library; by sending a specially crafted X.509 certificate to a server which uses TLS encryption/authentication, a remote attacker could exploit this to crash that server process and possibly even execute arbitrary code with the privileges of that server.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 13953 | | Last Modified: | Feb 16 23:08:01 2006 |
| MD5 Checksum: | 9875e11fe10e86b3eb4a84c820f6c987 |
|
| /// File Name: |
USN-252-1.txt |
Description:
|
Ubuntu Security Notice USN-252-1 - Tavis Ormandy discovered a potential weakness in the signature verification of gnupg. gpgv and gpg --verify returned a successful exit code even if the checked file did not have any signature at all. The recommended way of checking the result is to evaluate the status messages, but some third party applications might just check the exit code for determining whether or not a signature is valid. These applications could be tricked into erroneously reporting a valid signature.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5389 | | Last Modified: | Feb 20 21:28:09 2006 |
| MD5 Checksum: | bd1ca2294bf9f5f2615f22032099965c |
|
| /// File Name: |
USN-253-1.txt |
Description:
|
Ubuntu Security Notice USN-253-1 - A remote Denial of Service vulnerability was discovered in the heimdal implementation of the telnet daemon. A remote attacker could force the server to crash due to a NULL de-reference before the user logged in, resulting in inetd turning telnetd off because it forked too fast.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 22775 | | Last Modified: | Feb 20 21:28:58 2006 |
| MD5 Checksum: | 6dddcaee1240a74524ca1fbd6363fe8c |
|
| /// File Name: |
USN-254-1.txt |
Description:
|
Ubuntu Security Notice USN-254-1 - Javier Fernández-Sanguino Peña discovered that noweb scripts created temporary files in an insecure way. This could allow a symlink attack to create or overwrite arbitrary files with the privileges of the user running noweb.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4215 | | Last Modified: | Feb 22 20:36:36 2006 |
| MD5 Checksum: | d1ae4f90847defdc67779771afc759a0 |
|
| /// File Name: |
USN-255-1.txt |
Description:
|
Ubuntu Security Notice USN-255-1 - Tomas Mraz discovered a shell code injection flaw in scp. When doing local-to-local or remote-to-remote copying, scp expanded shell escape characters. By tricking an user into using scp on a specially crafted file name (which could also be caught by using an innocuous wild card like '*'), an attacker could exploit this to execute arbitrary shell commands with the privilege of that user.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 11151 | | Last Modified: | Feb 22 20:37:21 2006 |
| MD5 Checksum: | 08178852ac4d01bbd9b62c1da09f06a4 |
|
| /// File Name: |
USN-256-1.txt |
Description:
|
Ubuntu Security Notice USN-256-1 - Pierre Betouin discovered a Denial of Service vulnerability in the handling of the L2CAP (Logical Link Control and Adaptation Layer Protocol) layer. By sending a specially crafted L2CAP packet through a wireless Bluetooth connection, a remote attacker could crash hcidump.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4549 | | Last Modified: | Feb 22 20:36:02 2006 |
| MD5 Checksum: | 05ab22fbb8665b4870827a960ca8b250 |
|
| /// File Name: |
USN-257-1.txt |
Description:
|
Ubuntu Security Notice USN-257-1 - Jim Meyering discovered that tar did not properly verify the validity of certain header fields in a GNU tar archive. By tricking an user into processing a specially crafted tar archive, this could be exploited to execute arbitrary code with the privileges of the user.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 3066 | | Related CVE(s): | CVE-2006-0300 | | Last Modified: | Feb 26 04:43:43 2006 |
| MD5 Checksum: | 3983d648b1aaeeca0a801b90f7d8f35f |
|
| /// File Name: |
WinAce.txt |
Description:
|
WinAce Archiver versions 2.6 and below are susceptible to a directory traversal attack when fed a malicious RAR or TAR file.
| | Author: | Hamid Ebadi | | Homepage: | http://hamid.ir/security | | File Size: | 1254 | | Last Modified: | Feb 26 05:31:37 2006 |
| MD5 Checksum: | 6f12f7c3cdee6b80b4fb4cd16bf117bc |
|
| /// File Name: |
WiredRedXSS.txt |
Description:
|
WiredRed EPOP WebConference server version 4.1.0.755 is susceptible to cross site scripting attacks.
| | Author: | Adrian Castro | | File Size: | 1407 | | Last Modified: | Feb 9 06:09:18 2006 |
| MD5 Checksum: | 228f9edb20cdb4b5378efc8b6e28d4c8 |
|
| /// File Name: |
ZDI-06-002.txt |
Description:
|
Adobe Macromedia Shockwave is susceptible to a remote code execution flaw. This specific flaw exists within the ActiveX control with CLSID 166B1BCA-3F9C-11CF-8075-444553540000. Specifying large values for two specific parameters to this control results in an exploitable stack based buffer overflow. Due to the nature of this vulnerability, the target user is not required to have fully completed an installation of Shockwave to be vulnerable.
| | Author: | Peter Vreugdenhil | | Homepage: | http://www.zerodayinitiative.com | | File Size: | 2908 | | Related CVE(s): | CVE-2005-3525 | | Last Modified: | Feb 26 04:54:25 2006 |
| MD5 Checksum: | aa146a3f81da882868d19fcf7e9f69ae |
|
| /// File Name: |
zooExec.txt |
Description:
|
When feeding zoo a specially crafted archive, an attacker may be able to trigger a stack overflow and seize control of the program.
| | Author: | Jean-Sebastien Guay-Leroux | | Homepage: | http://www.guay-leroux.com/ | | File Size: | 2191 | | Last Modified: | Feb 26 04:36:45 2006 |
| MD5 Checksum: | 929e4d3acc5bdf431c2aab70d0817786 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
