Section: .. / 0605-advisories /
| /// File Name: |
TA06-132B.txt |
Description:
|
Technical Cyber Security Alert TA06-132B - Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
| | Homepage: | http://cert.org/ | | File Size: | 3942 | | Last Modified: | May 21 20:50:08 2006 |
| MD5 Checksum: | 27f0e5813b97d2345573ff793aff36b8 |
|
| /// File Name: |
genecysbof.txt |
Description:
|
Genecys versions 0.2 and below suffer from a buffer overflow and a NULL pointer crash.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | genecysbof.zip | | File Size: | 3569 | | Last Modified: | May 21 20:47:37 2006 |
| MD5 Checksum: | 2f4ee9bed61be407266d598449eaf105 |
|
| /// File Name: |
raydiumx.txt |
Description:
|
Raydium versions SVN revision 309 and below suffer from buffer overflows, format string, and invalid memory access flaws.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | raydiumx.zip | | File Size: | 5977 | | Last Modified: | May 21 18:40:30 2006 |
| MD5 Checksum: | 98700ca05091113c9c05018423c8c422 |
|
| /// File Name: |
phpbb2020multi.txt |
Description:
|
PHPBB 2.0.20 suffers from multiple security related issues having to do with avatars.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org/ | | File Size: | 2374 | | Last Modified: | May 21 18:37:41 2006 |
| MD5 Checksum: | 74e439e3f0c5bc174924656114fdc928 |
|
| /// File Name: |
McAfee-2006-0511.txt |
Description:
|
Two code execution vulnerabilities are present in Apple QuickDraw PICT image format support. Twenty one code execution vulnerabilities are present in Apple QuickTime support for various multimedia formats including: MOV, H.264, MPEG 4, AVI, FPX and SWF. Exploitation could lead to execution of arbitrary code. In order for an attack to succeed user interaction is required and therefore the risk factor for these issues is medium. Vulnerable systems include Mac OS X versions 10.4.6 and below without the May 2006 security update installed, QuickTime versions 7.0.4 and below for Mac OS X, and QuickTime for Windows versions 7.0.4 and below.
| | Author: | Mike Price | | File Size: | 3636 | | Related CVE(s): | CVE-2006-1249, CVE-2006-1453, CVE-2006-1454, CVE-2006-1459, CVE-2006-1460, CVE-2006-1461, CVE-2006-1462, CVE-2006-1464, CVE-2006-1465 | | Last Modified: | May 21 18:28:33 2006 |
| MD5 Checksum: | 1d79a56fa59628c48481d75f805348b7 |
|
| /// File Name: |
dovecotIssue.txt |
Description:
|
Dovecot 1.0 beta is susceptible to an information disclosure flaw.
| | Author: | Timo Sirainen | | File Size: | 1291 | | Last Modified: | May 21 18:16:58 2006 |
| MD5 Checksum: | 9fd3fcfccd3eca5d2326c2d8bd2b341f |
|
| /// File Name: |
AD20060512.txt |
Description:
|
A vulnerability that allows for arbitrary code execution in Apple QuickTime versions below 7.1 can be exploited by persuading a user to open a carefully crafted .mov files or visit a website embedding the malicious .mov file.
| | Author: | Sowhat | | Homepage: | http://www.nevisnetworks.com/ | | File Size: | 2163 | | Last Modified: | May 21 15:19:11 2006 |
| MD5 Checksum: | a6b5418a2c7a31e937c6b5f0b7a8686b |
|
| /// File Name: |
ZDI-06-015.txt |
Description:
|
ZDI-06-015 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime media player. The specific flaw exists within the parsing of H.264 content. The implicit trust of a user-supplied size value during a memory copy loop allows an attacker to create an exploitable memory corruption condition. Exploitation requires that an attacker either coerce the target to open a malformed media file or visit a website embedding the malicious file. Versions prior to 7.1 of Apple Quicktime are affected.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2662 | | Related CVE(s): | CVE-2006-1463 | | Last Modified: | May 21 15:15:50 2006 |
| MD5 Checksum: | df19f70a0f598f9afa328427a852326c |
|
| /// File Name: |
MU-200605-02.txt |
Description:
|
MU-200605-02 - A remote buffer overflow condition in Apple's RTSP service could allow for arbitrary code execution. The vulnerable code is triggered with the use of a malformed RTSP header. QuickTime Streaming Server versions 5.5 and below are affected.
| | Homepage: | http://labs.musecurity.com | | File Size: | 2434 | | Last Modified: | May 21 15:14:41 2006 |
| MD5 Checksum: | 1d90fb401c7d13d3e639753d642c2ba4 |
|
| /// File Name: |
EEYEB-20060307.txt |
Description:
|
eEye Digital Security has discovered a critical vulnerability in QuickTime Player. There is a integer overflow in the way QuickTime processes fpx format files. An attacker can create a fpx file and send it to the user via email, web page, or fpx file with activex.
| | Author: | Fang Xing | | Homepage: | http://www.eeye.com/ | | File Size: | 2310 | | Related CVE(s): | CVE-2006-1249 | | Last Modified: | May 21 15:13:18 2006 |
| MD5 Checksum: | 2a65823ba1f098e05bf2b7f47f274f5f |
|
| /// File Name: |
secunia-ultimatezip.txt |
Description:
|
Secunia Research has discovered a vulnerability in UltimateZip, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in UNACEV2.DLL when extracting an ACE archive containing a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when a user extracts a specially crafted ACE archive.
| | Homepage: | http://secunia.com/ | | File Size: | 3562 | | Last Modified: | May 21 14:52:25 2006 |
| MD5 Checksum: | a00115d97802abbcbb0cf9fc7764a142 |
|
| /// File Name: |
msdtcndrallocate.txt |
Description:
|
There is an RPC procedure within the MSDTC interface in msdtcprx.dll that may be called remotely without user credentials in such a way that triggers a denial of service in the Microsoft Distributed Transaction Coordinator (MSDTC) service.
| | Author: | Chen Xiaobo | | File Size: | 2521 | | Related CVE(s): | CVE-2006-0034 | | Last Modified: | May 21 14:46:15 2006 |
| MD5 Checksum: | 640ac3eb8c761abd8d6198b0e364e268 |
|
| /// File Name: |
verizonLinksys.txt |
Description:
|
Verizon voicewing combined with Linksys PAP2-VN suffers from a trust issue.
| | Author: | Haavar Valeur | | File Size: | 1969 | | Last Modified: | May 21 14:44:56 2006 |
| MD5 Checksum: | 6f379397376e06e6edf46d68215ec555 |
|
| /// File Name: |
ZDI-06-014.txt |
Description:
|
ZDI-06-014 - The Verisign i-Nav ActiveX Control suffers from a vulnerability that allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2699 | | Related CVE(s): | CVE-2006-2273 | | Last Modified: | May 21 14:40:19 2006 |
| MD5 Checksum: | 40c73a1ed2336599cdb73f5812099633 |
|
| /// File Name: |
cfxss5.txt |
Description:
|
ColdFusion versions 5 and below suffer from cross site scripting issues.
| | Author: | zuxncwaruio | | File Size: | 1953 | | Last Modified: | May 21 14:37:59 2006 |
| MD5 Checksum: | 800db59394b8216e3dee1ad7a36e0347 |
|
| /// File Name: |
cisco-sa-20060510-avs.txt |
Description:
|
Cisco Security Advisory - Cisco Application Velocity System's (AVS) default configuration allows transparent relay of TCP connections to any reachable destination TCP port if the receiving TCP service can process requests embedded in a HTTP POST method message. This issue does not require a software upgrade and can be mitigated by a configuration command for all affected customers. Vulnerable versions include AVS 3110 4.0, 5.0, and prior versions. Also affected is AVS 3120 5.0.0 and prior versions.
| | Homepage: | http://www.cisco.com/ | | File Size: | 11816 | | Last Modified: | May 21 14:36:32 2006 |
| MD5 Checksum: | 19868f62a354d3fa8c4d4f1f2be6e94b |
|
| /// File Name: |
dreamweaverSQL.txt |
Description:
|
There are multiple SQL Injection vulnerabilities in the code generated by Adobe's Macromedia Dreamweaver prior to version 8.0.2. This vulnerability affects the ColdFusion, PHP mySQL, ASP, ASP.NET and JSP server models. If the database server is configured to allow local system commands to be executed via database calls, this vulnerability may also allow local code execution.
| | Author: | Brian Gallagher | | File Size: | 3659 | | Related CVE(s): | CVE-2006-2042 | | Last Modified: | May 21 14:32:33 2006 |
| MD5 Checksum: | da20127ffd2927fbe693829cb4d87f00 |
|
| /// File Name: |
ntdlldll.txt |
Description:
|
Microsoft Windows NTDLL.DLL is prone to an incorrect path conversion vulnerability. This flaw could be successful exploited by malicious users in order to bypass protection mechanisms implemented by certain antivirus and antispyware products.
| | Author: | Mario Ballano Bárcena | | Homepage: | http://www.48Bits.com | | File Size: | 6029 | | Last Modified: | May 21 14:04:22 2006 |
| MD5 Checksum: | 4b93c932eefcf07bfe159108a0545dc3 |
|
| /// File Name: |
TZO-042006-Zango.txt |
Description:
|
ZangoCash is susceptible to an insecure auto-update and file execution flaw.
| | Author: | Thierry Zoller | | Homepage: | http://secdev.zoller.lu/ | | File Size: | 3063 | | Last Modified: | May 21 14:02:29 2006 |
| MD5 Checksum: | 871734628b83158b0d136fd1ffabd20a |
|
| /// File Name: |
msinfotech.txt |
Description:
|
Microsoft Infotech Storage System Library (itss.dll) is prone to a heap corruption vulnerability. This issue is due to the failure of the library to properly check a specially crafted CHM file. The successful exploitation of this flaw would allow to execute arbitrary code.
| | Homepage: | http://www.reversemode.com | | Related Exploit: | ONE.zip | | File Size: | 947 | | Last Modified: | May 21 13:59:22 2006 |
| MD5 Checksum: | 105a2e8e5a135685edc33b473a809b2e |
|
| /// File Name: |
ZDI-06-013.txt |
Description:
|
ZDI-06-013 - A flaw in TippingPoint SMS servers exists within the web management interface. Due to insufficient protections on specific directories, an attacker with access to the web interface may be able to view benign data such as the user manual. In the event that the device was being used for backup purposes, it may be possible for an attacker to identify additional information such as configuration settings.
| | Author: | Micheal Cottingham | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2395 | | Related CVE(s): | CVE-2006-0993 | | Last Modified: | May 21 13:55:40 2006 |
| MD5 Checksum: | 2d3bedc6043162cf656a6a6f1cbf1062 |
|
| /// File Name: |
TA06-129A.txt |
Description:
|
Technical Cyber Security Alert TA06-129A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Exchange Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Homepage: | http://cert.org/ | | File Size: | 4640 | | Related CVE(s): | CVE-2006-0027, CVE-2006-0024, CVE-2005-2628 | | Last Modified: | May 21 13:53:19 2006 |
| MD5 Checksum: | 366fc6c2a49729d2194d0828f1f2a80d |
|
| /// File Name: |
AD20060509a.txt |
Description:
|
eEye Digital Security has discovered a second vulnerability in the Microsoft Distributed Transaction Coordinator that could allow an attacker to take complete control over a vulnerable system to which he has network or local access. The vulnerable MSDTC component is an RPC server which is network accessible by default on Windows NT 4.0 Server and Windows 2000 Server systems, over a dynamic high TCP port.
| | Author: | Derek Soeder | | Homepage: | http://www.eeye.com | | File Size: | 4012 | | Last Modified: | May 21 13:51:29 2006 |
| MD5 Checksum: | 0cacde8e729b39afddc354aea2ed008a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
