Section: .. / 0602-advisories /
| /// File Name: |
sa18919.txt |
Description:
|
Secunia Security Advisory - albanialove has reported a vulnerability in CPG Dragonfly CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/18919/ | | File Size: | 2019 | | Last Modified: | Feb 22 20:02:22 2006 |
| MD5 Checksum: | 20566f8c3b1d7ce725d75c95e8580861 |
|
| /// File Name: |
sa18969.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for openssh / dropbear. This fixes a weakness, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/18969/ | | File Size: | 1761 | | Last Modified: | Feb 21 21:14:58 2006 |
| MD5 Checksum: | c26cafbf9ae29a0e70ca2acce4db5833 |
|
| /// File Name: |
sa18968.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for gpg / liby2util. This fixes a security issue, which potentially can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/18968/ | | File Size: | 3685 | | Last Modified: | Feb 21 21:14:58 2006 |
| MD5 Checksum: | 725b7b106a32453c29b928b55775ed6c |
|
| /// File Name: |
sa18965.txt |
Description:
|
Secunia Security Advisory - pcps has discovered some vulnerabilities in Barracuda Directory, which can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/18965/ | | File Size: | 1852 | | Last Modified: | Feb 21 21:14:58 2006 |
| MD5 Checksum: | 0b80444e6112da566f53f873fa010acf |
|
| /// File Name: |
sa18964.txt |
Description:
|
Secunia Security Advisory - A weakness has been reported in Dropbear SSH Server, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/18964/ | | File Size: | 1768 | | Last Modified: | Feb 21 21:14:58 2006 |
| MD5 Checksum: | 5abf39416772faedb86aa5fc4364300f |
|
| /// File Name: |
sa18963.txt |
Description:
|
Secunia Security Advisory - Michael Lehn has discovered a vulnerability in Mac OS X, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18963/ | | File Size: | 2220 | | Last Modified: | Feb 21 21:14:58 2006 |
| MD5 Checksum: | b8eb6dfa5afa70cdf17a75f092f9260f |
|
| /// File Name: |
sa18951.txt |
Description:
|
Secunia Security Advisory - x128 has discovered a vulnerability in ilchClan, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/18951/ | | File Size: | 1814 | | Last Modified: | Feb 21 21:14:58 2006 |
| MD5 Checksum: | bde04f0dacb59d507a2057ce6ea53702 |
|
| /// File Name: |
sa18949.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in PHP-Fusion, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/18949/ | | File Size: | 2149 | | Last Modified: | Feb 21 21:14:58 2006 |
| MD5 Checksum: | a0fc1c1acfd9b62e3244af665568c200 |
|
| /// File Name: |
sa18946.txt |
Description:
|
Secunia Security Advisory - l0om has discovered two vulnerabilities and a security issue in Guestbox, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/18946/ | | File Size: | 2464 | | Last Modified: | Feb 21 21:14:58 2006 |
| MD5 Checksum: | 4d9cbf7dc11b821e102e388e5caf559c |
|
| /// File Name: |
sa18944.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in CherryPy, which can be exploited by malicious people to disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/18944/ | | File Size: | 1943 | | Last Modified: | Feb 21 21:14:58 2006 |
| MD5 Checksum: | 9492427131b50de9a4bd1e42cf4dac32 |
|
| /// File Name: |
sa18937.txt |
Description:
|
Secunia Security Advisory - Maksymilian Arciemowicz has reported some vulnerabilities in PostNuke, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, and to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/18937/ | | File Size: | 3098 | | Last Modified: | Feb 21 21:14:58 2006 |
| MD5 Checksum: | 0ae212bd61f8bb9c665b81e5a728e0b8 |
|
| /// File Name: |
SUSE-SA-2006-009.txt |
Description:
|
SUSE Security Announcement - With certain handcraftable signatures GPG was returning a 0 (valid signature) when used on command-line with option --verify. This only affects GPG version 1.4.x, so it only affects SUSE Linux 9.3 and 10.0. Other SUSE Linux versions are not affected. This could make automated checkers, like for instance the patch file verification checker of the YaST Online Update, pass malicious patch files as correct.
| | Author: | Ludwig Nussel | | Homepage: | http://www.suse.com | | File Size: | 14876 | | Last Modified: | Feb 20 23:50:34 2006 |
| MD5 Checksum: | da20b8c447a55ea800538ef715169f5c |
|
| /// File Name: |
secunia-NJStar.txt |
Description:
|
Secunia Research has discovered a vulnerability in NJStar Word Processor, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/ | | File Size: | 3409 | | Last Modified: | Feb 20 23:32:12 2006 |
| MD5 Checksum: | 184496717b8cdb835ba46ae90e191dae |
|
| /// File Name: |
OpenPKG-SA-2006.005.txt |
Description:
|
OpenPKG Security Advisory - An allocation off-by-one bug exists in the TIN [1] news reader version 1.8.0 and earlier which can lead to a buffer overflow.
| | Homepage: | http://www.openpkg.org/ | | File Size: | 1840 | | Last Modified: | Feb 20 23:31:01 2006 |
| MD5 Checksum: | b4e9f3edc4ae3c51e02316a77ca794bc |
|
| /// File Name: |
OpenPKG-SA-2006.004.txt |
Description:
|
OpenPKG Security Advisory - According to vendor security information [0], privilege escalation vulnerabilities exist in the PostgreSQL RDBMS [1] before version 8.1.3. The bug allowed any logged-in user to "SET ROLE" to any other database user id. Due to inadequate validity checking, a user could exploit the special case that "SET ROLE" normally uses to restore the previous role setting after an error. This allowed ordinary users to acquire superuser status, for example.
| | Homepage: | http://www.openpkg.org/ | | File Size: | 2794 | | Last Modified: | Feb 20 23:30:26 2006 |
| MD5 Checksum: | f7c2932dfd01b6098ce708d7b1df93b3 |
|
| /// File Name: |
EV0071.txt |
Description:
|
Magic Calendar Lite suffers from an authentication bypass vulnerability.
| | Homepage: | http://evuln.com/ | | File Size: | 1212 | | Last Modified: | Feb 20 23:23:55 2006 |
| MD5 Checksum: | 479d14c4da6c30607f462c5a6efab22f |
|
| /// File Name: |
EV0069.txt |
Description:
|
TTS Software Time Tracking Software suffers from multiple vulnerabilities including XSS and SQL injection.
| | Homepage: | http://evuln.com/ | | File Size: | 1435 | | Last Modified: | Feb 20 23:22:56 2006 |
| MD5 Checksum: | 8a20ef6fa342f0d4b5a73af9d310f5c6 |
|
| /// File Name: |
EV0068.txt |
Description:
|
CALimba suffers from an authentication bypass vulnerability.
| | Homepage: | http://evuln.com/ | | File Size: | 1145 | | Last Modified: | Feb 20 23:21:51 2006 |
| MD5 Checksum: | e8a2e8cb1fd0515f3868baf02546baca |
|
| /// File Name: |
EV0067.txt |
Description:
|
PHP/MYSQL Timesheet suffers from multiple SQL injection vulnerabilities.
| | Homepage: | http://evuln.com/ | | File Size: | 1104 | | Last Modified: | Feb 20 23:21:14 2006 |
| MD5 Checksum: | 19f3823a44addefdd74aa1479aadc180 |
|
| /// File Name: |
EV0066.txt |
Description:
|
Scriptme SmE GB Host suffers from an authentication bypass vulnerability.
| | Homepage: | http://evuln.com/ | | File Size: | 1075 | | Last Modified: | Feb 20 23:20:36 2006 |
| MD5 Checksum: | fed5c2ba9fcd9e374df9241110baf4fb |
|
| /// File Name: |
EV0065.txt |
Description:
|
Scriptme products "SmE GB Host" and "SmE Blog Host" suffer from arbitrary script code insertion in the BBcode [url] tag.
| | Homepage: | http://evuln.com/ | | File Size: | 1104 | | Last Modified: | Feb 20 23:19:22 2006 |
| MD5 Checksum: | 25d61c002ed71e06acae3e2b25830e3a |
|
| /// File Name: |
AD20060216.txt |
Description:
|
Winamp versions up to and including 5.13 suffer from a .m3u buffer overflow vulnerability
| | Homepage: | http://secway.org/advisory/AD20060216.txt | | File Size: | 1024 | | Last Modified: | Feb 20 22:58:36 2006 |
| MD5 Checksum: | 6ce8097aa8fb6b01da815588d5251346 |
|
| /// File Name: |
DWL-G700AP.txt |
Description:
|
It is possible to crash the web interface on a D-Link DWL-G700AP by sending it a simple GET request. POC included.
| | Author: | innate | | Homepage: | http://www.excluded.org | | File Size: | 6466 | | Last Modified: | Feb 20 22:51:51 2006 |
| MD5 Checksum: | 54fe1137106d52d891bdb223424243a9 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
