Section: .. / 0602-advisories /
| /// File Name: |
SUSE-SA-2006-016.txt |
Description:
|
SUSE Security Announcement - SUSE-SA:2006:016 - A programming flaw in the X.Org X Server allows local attackers to gain root access when the server is setuid root, as is the default in SUSE Linux 10.0. This flaw was spotted by the Coverity project.
| | Homepage: | http://www.suse.com | | File Size: | 12311 | | Last Modified: | Mar 21 23:17:20 2006 |
| MD5 Checksum: | a6a9900c4c24468a7a237eb8cfc8c54d |
|
| /// File Name: |
MDKSA-2006-048.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple integer overflows in the new_demux_packet function in demuxer.h and the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4734 | | Related CVE(s): | CVE-2006-0579 | | Last Modified: | Feb 26 05:47:56 2006 |
| MD5 Checksum: | ede7f568c8889d524e6344db2dcb4b96 |
|
| /// File Name: |
02.24.06.txt |
Description:
|
iDefense Security Advisory 02.24.06 - Local exploitation of an access validation error in SCO Unixware allows attackers to gain root privileges. The vulnerability specifically exists due to a failure to check permissions on traced executables. The ptrace() system call provides an interface for debugging other processes on the system. SCO Unixware's implementation of the ptrace system call fails to check for setuid permissions on binaries before attaching to the process. This results in the complete control of memory and execution for the traced process with root privileges. Attackers can inject data into the running setuid process and execute arbitrary code with root permissions. iDefense has confirmed the existence of this vulnerability in SCO Unixware versions 7.1.3 and 7.1.4. All previous versions of SCO Unixware are suspected to be vulnerable.
| | Homepage: | http://www.idefense.com | | File Size: | 3163 | | Related CVE(s): | CAN-2005-2934 | | Last Modified: | Feb 26 05:45:37 2006 |
| MD5 Checksum: | 759036ff55d21839246e3a04d35ca7bb |
|
| /// File Name: |
SUSE-SA-2006-011.txt |
Description:
|
SUSE Security Announcement - A new release of Heimdal fixes a file ownership flaw and a bug in the telnet server.
| | Homepage: | http://www.suse.com | | File Size: | 18109 | | Related CVE(s): | CVE-2006-0582, CVE-2006-0677 | | Last Modified: | Feb 26 05:44:00 2006 |
| MD5 Checksum: | 25421df7037a142d3b4812b2350a6aba |
|
| /// File Name: |
IRM-018.txt |
Description:
|
IRM Security Advisory No. 018 - A buffer overflow exists in Winamp's handling of a m3u playlist file. Version 5.13 is affected.
| | Author: | P. Robinson | | Homepage: | http://www.irmplc.com/advisories | | File Size: | 1416 | | Last Modified: | Feb 26 05:38:14 2006 |
| MD5 Checksum: | 924d244e3e454672d333b985a74df005 |
|
| /// File Name: |
SpeedCommander.txt |
Description:
|
SpeedCommander version 11.0, ZipStar version 5.1, and Squeez version 5.1 all suffer from directory traversal vulnerabilities when processing malicious JAR and ZIP files.
| | Author: | Hamid Ebadi | | Homepage: | http://hamid.ir/security | | File Size: | 1608 | | Last Modified: | Feb 26 05:34:07 2006 |
| MD5 Checksum: | 94bd1d15aa6280bd023b5b9f799381fa |
|
| /// File Name: |
StuffIt.txt |
Description:
|
The StuffIt and ZipMagic family of products are susceptible to directory traversal attacks when fed malicious ZIP or TAR files.
| | Author: | Hamid Ebadi | | Homepage: | http://hamid.ir/security | | File Size: | 1635 | | Last Modified: | Feb 26 05:32:39 2006 |
| MD5 Checksum: | 3d494b20b5df6c1a0a9dba1cbe646e54 |
|
| /// File Name: |
WinAce.txt |
Description:
|
WinAce Archiver versions 2.6 and below are susceptible to a directory traversal attack when fed a malicious RAR or TAR file.
| | Author: | Hamid Ebadi | | Homepage: | http://hamid.ir/security | | File Size: | 1254 | | Last Modified: | Feb 26 05:31:37 2006 |
| MD5 Checksum: | 6f12f7c3cdee6b80b4fb4cd16bf117bc |
|
| /// File Name: |
Archive_Zipr.txt |
Description:
|
Archive_Zipr is susceptible to a directory traversal attack when fed a malicious ZIP file. Version 1.1 has been found vulnerable.
| | Author: | Hamid Ebadi | | Homepage: | http://hamid.ir/security | | File Size: | 1585 | | Last Modified: | Feb 26 05:30:13 2006 |
| MD5 Checksum: | 2eff05fc4a4bee2a4f1edfe2a8f43c4a |
|
| /// File Name: |
CRYPT-CBC.txt |
Description:
|
Crypt::CBC versions 2.16 and below suffer from a ciphertext weakness when using certain block algorithms.
| | Author: | Ben Laurie | | File Size: | 4811 | | Last Modified: | Feb 26 05:20:46 2006 |
| MD5 Checksum: | 3262de5d8e6b3a69abc5efc3334c2f70 |
|
| /// File Name: |
NSAG-198-23.02.2006.txt |
Description:
|
NSA Group Advisory - The Bat version 3.60.07 is susceptible to a buffer overflow.
| | Homepage: | http://www.nsag.ru/ | | File Size: | 1899 | | Last Modified: | Feb 26 05:19:37 2006 |
| MD5 Checksum: | 16a18e3b087b6a69e458ab08ce2d482d |
|
| /// File Name: |
ZDI-06-002.txt |
Description:
|
Adobe Macromedia Shockwave is susceptible to a remote code execution flaw. This specific flaw exists within the ActiveX control with CLSID 166B1BCA-3F9C-11CF-8075-444553540000. Specifying large values for two specific parameters to this control results in an exploitable stack based buffer overflow. Due to the nature of this vulnerability, the target user is not required to have fully completed an installation of Shockwave to be vulnerable.
| | Author: | Peter Vreugdenhil | | Homepage: | http://www.zerodayinitiative.com | | File Size: | 2908 | | Related CVE(s): | CVE-2005-3525 | | Last Modified: | Feb 26 04:54:25 2006 |
| MD5 Checksum: | aa146a3f81da882868d19fcf7e9f69ae |
|
| /// File Name: |
secunia-WinACE.txt |
Description:
|
Secunia Research has discovered a vulnerability in WinACE, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when reading an overly large ARJ header block into a fixed-sized heap buffer. This can be exploited to cause a heap-based buffer overflow. Successful exploitation allows execution of arbitrary code when a malicious ARJ archive is opened. WinACE version 2.60 is affected. Earlier versions may also be susceptible.
| | Author: | Tan Chew Keong | | Homepage: | http://www.secunia.com | | File Size: | 3557 | | Related CVE(s): | CVE-2006-0813 | | Last Modified: | Feb 26 04:46:22 2006 |
| MD5 Checksum: | 2e37a160a0ff7ff93147a7438af70312 |
|
| /// File Name: |
USN-257-1.txt |
Description:
|
Ubuntu Security Notice USN-257-1 - Jim Meyering discovered that tar did not properly verify the validity of certain header fields in a GNU tar archive. By tricking an user into processing a specially crafted tar archive, this could be exploited to execute arbitrary code with the privileges of the user.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 3066 | | Related CVE(s): | CVE-2006-0300 | | Last Modified: | Feb 26 04:43:43 2006 |
| MD5 Checksum: | 3983d648b1aaeeca0a801b90f7d8f35f |
|
| /// File Name: |
secunia-Visnetic.txt |
Description:
|
Secunia Research has discovered a vulnerability in the Visnetic AntiVirus Plug-in for MailServer, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the Visnetic AntiVirus Plug-in (DKAVUpSch.exe) not dropping its privileges before invoking other programs. This can be exploited to invoke arbitrary programs on the system with SYSTEM privileges. Versions affected are Visnetic AntiVirus Plug-in for MailServer 4.6.0.4 and 4.6.1.1.
| | Homepage: | http://www.secunia.com | | File Size: | 4003 | | Related CVE(s): | CVE-2006-0812 | | Last Modified: | Feb 26 04:42:42 2006 |
| MD5 Checksum: | b62cd513eedd8f6388064be8022ae861 |
|
| /// File Name: |
SA2006-01.txt |
Description:
|
NSFOCUS Security Advisory - The NSFocus Security Team has discovered a buffer overflow vulnerability when Winamp processes .m3u files, which might cause Winamp to crash or even execute arbitrary code when a user loads a malicious .m3u file and plays it. Affected software includes Nullsoft Winamp version 5.12 and 5.13.
| | Author: | Liu Yexin. | | Homepage: | http://www.nsfocus.com | | File Size: | 2770 | | Related CVE(s): | CAN-2006-0720 | | Last Modified: | Feb 26 04:38:32 2006 |
| MD5 Checksum: | 445600afb0a4ead37ec73f5efec66567 |
|
| /// File Name: |
zooExec.txt |
Description:
|
When feeding zoo a specially crafted archive, an attacker may be able to trigger a stack overflow and seize control of the program.
| | Author: | Jean-Sebastien Guay-Leroux | | Homepage: | http://www.guay-leroux.com/ | | File Size: | 2191 | | Last Modified: | Feb 26 04:36:45 2006 |
| MD5 Checksum: | 929e4d3acc5bdf431c2aab70d0817786 |
|
| /// File Name: |
MDKSA-2006-047.txt |
Description:
|
Mandriva Linux Security Advisory - Ulf Harnhammar discovered a buffer overflow vulnerability in the way that metamail handles certain mail messages. An attacker could create a carefully-crafted message that, when parsed via metamail, could execute arbitrary code with the privileges of the user running metamail.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3663 | | Related CVE(s): | CVE-2006-0709 | | Last Modified: | Feb 26 04:35:22 2006 |
| MD5 Checksum: | 1a9109a15bc1ca18fe140bdd59a8162e |
|
| /// File Name: |
TA06-053A.txt |
Description:
|
Technical Cyber Security Alert TA06-053A - A file type determination vulnerability in Apple Safari could allow a remote attacker to execute arbitrary commands on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3379 | | Last Modified: | Feb 26 04:08:24 2006 |
| MD5 Checksum: | 736b608ae9a0707f17a38cf82a9403bb |
|
| /// File Name: |
googleReader.txt |
Description:
|
Google reader is supposed to display only content that the user has subscribed to however two vulnerabilities has been identified which may allow an attacker to entice it's victim (using the Google reader service) to view unwanted web content carrying malicious payloads.
| | Author: | Debasis Mohanty | | Homepage: | http://www.hackingspirits.com | | File Size: | 3394 | | Last Modified: | Feb 26 03:24:26 2006 |
| MD5 Checksum: | b24de84c45fd97304d6aa1b792ccb041 |
|
| /// File Name: |
IRM-017.txt |
Description:
|
IRM Security Advisory No. 017 - PortalSE version 2.0 allows a remote attacker to read any file on the filesystem as it runs with root privileges by default. It is also susceptible to a directory revelation issue.
| | Author: | P. Robinson | | Homepage: | http://www.irmplc.com/advisories | | File Size: | 2994 | | Last Modified: | Feb 26 02:36:31 2006 |
| MD5 Checksum: | 53a6d085c73194ed7e99b4fceb971453 |
|
| /// File Name: |
SUSE-SA-2006-010.txt |
Description:
|
SUSE Security Announcement - An update has been released to fix a remotely exploitable stack buffer overflow in the pam_micasa authentication module.
| | Homepage: | http://www.suse.com | | File Size: | 11950 | | Related CVE(s): | CVE-2006-0736 | | Last Modified: | Feb 26 02:32:11 2006 |
| MD5 Checksum: | 41acb0431df9eb8cb4a8bd971718810a |
|
| /// File Name: |
southRiver.txt |
Description:
|
South River WebDrive version 6.08 build 1131 is susceptible to a buffer overflow vulnerability.
| | Author: | Adrian Castro | | File Size: | 1641 | | Last Modified: | Feb 26 02:29:31 2006 |
| MD5 Checksum: | 5a6977841c8d9c9eb0dbba28fcb6b9f6 |
|
| /// File Name: |
pearAuthSQL.txt |
Description:
|
PEAR::Auth version less than 1.2.4 and 1.3.0r4 suffer from SQL injection flaws.
| | Author: | Matt Van Gundy | | File Size: | 886 | | Last Modified: | Feb 25 23:34:39 2006 |
| MD5 Checksum: | 73272548cc7945988381dfc4bdc028fa |
|
| /// File Name: |
hauri.txt |
Description:
|
Global Hauri Virobot is susceptible to an authentication bypass flaw.
| | Author: | Xpl017Elz | | Homepage: | http://www.inetcop.org | | File Size: | 8622 | | Last Modified: | Feb 25 23:33:27 2006 |
| MD5 Checksum: | 0639d51c4366de335eddf6cc2e229776 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
