Section: .. / 0608-advisories /
| /// File Name: |
cms-g3.txt |
Description:
|
The G3 Content Management Framework suffers from a cross site scripting flaw in its search functionality.
| | Author: | Stefan Friedli | | File Size: | 4152 | | Last Modified: | Aug 17 03:49:09 2006 |
| MD5 Checksum: | 81d458862f19cf944775b68f3f697ed6 |
|
| /// File Name: |
cmsimple.txt |
Description:
|
CMSimple suffers from a cross site scripting flaw.
| | Author: | OUTLAW | | Homepage: | http://www.aria-security.net | | File Size: | 812 | | Last Modified: | Aug 17 04:25:38 2006 |
| MD5 Checksum: | f68339555b91b443ef5cc3f958fa7516 |
|
| /// File Name: |
coolmessenger.txt |
Description:
|
A vulnerability has been found in Cool Messenger Office/School Server. When exploited, the vulnerability allows any people to logon to the messenger server as any user without requiring knowledge of any passwords.
| | Author: | Tan Chew Keong | | Homepage: | http://vuln.sg/ | | File Size: | 885 | | Last Modified: | Aug 27 19:53:02 2006 |
| MD5 Checksum: | 961d09ddd420d199f8f40fb35acbe6fa |
|
| /// File Name: |
CORE-2006-0714.txt |
Description:
|
Core Security Technologies Advisory - While investigating the Microsoft Server Service Mailslot heap overflow vulnerability reported in Microsoft Security Bulletin MS06-035, Core Security Technologies researcher Gerardo Richarte discovered a second bug in the server service.
| | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 6787 | | Related CVE(s): | CVE-2006-3942 | | Last Modified: | Aug 27 01:30:30 2006 |
| MD5 Checksum: | a97aea0b4c4c900e48037b34d08cb141 |
|
| /// File Name: |
cybozuFile.txt |
Description:
|
A vulnerability has been found in Cybozu Products. When exploited, the vulnerability allows an authenticated user to retrieve arbitrary files accessible to the web server process. Affected versions include Cybozu Office version 6.5 for Windows and Cybozu Share 360 version 2.5 for Windows.
| | Author: | Tan Chew Keong | | Homepage: | http://vuln.sg/ | | File Size: | 784 | | Last Modified: | Aug 28 23:06:16 2006 |
| MD5 Checksum: | e7e15384cfafa97eadf981ea2f98b541 |
|
| /// File Name: |
cybozuSQL.txt |
Description:
|
Some SQL injection vulnerabilities have been found in Cybozu Garoon 2 version 2.1.0 for Windows. When exploited by a logged on user, the vulnerabilities allow for manipulation of SQL statements which can lead to disclosure of information from the database, or to cause the backend MySQL database to consume large amount of CPU resources.
| | Author: | Tan Chew Keong | | Homepage: | http://vuln.sg/ | | File Size: | 820 | | Last Modified: | Aug 28 23:07:33 2006 |
| MD5 Checksum: | 347231623e54e0353d915054775d085c |
|
| /// File Name: |
CYBSEC-MSDHCP.txt |
Description:
|
CYBSEC Security Advisory - A remote buffer overflow vulnerability has been identified in Microsoft Windows DHCP-Client Service. Affected products include Microsoft Windows 2000 SP4 and below, Microsoft Windows XP SP2 and below, and Microsoft Windows 2003 SP1 and below.
| | Author: | Mariano Nunez Di Croce | | Homepage: | http://www.cybsec.com | | File Size: | 7031 | | Last Modified: | Aug 29 22:20:19 2006 |
| MD5 Checksum: | d7b3548d732196e036684dadd08fee3f |
|
| /// File Name: |
CYBSEC-SAPIGSBO.txt |
Description:
|
CYBSEC Security Advisory - The SAP Internet Graphics Service (IGS) suffers from a buffer overflow condition.
| | Author: | Mariano Nunez Di Croce | | Homepage: | http://www.cybsec.com | | File Size: | 3548 | | Last Modified: | Aug 26 21:54:44 2006 |
| MD5 Checksum: | 248edcb65495f3b7616044270f30f225 |
|
| /// File Name: |
CYBSEC-SAPIGSDOS.txt |
Description:
|
CYBSEC Security Advisory - The SAP Internet Graphics Service (IGS) suffers from a remote denial of service condition.
| | Author: | Mariano Nunez Di Croce | | Homepage: | http://www.cybsec.com | | File Size: | 3043 | | Last Modified: | Aug 26 21:42:09 2006 |
| MD5 Checksum: | 39a23d4600a97b350f9c11425b90dc8d |
|
| /// File Name: |
dconnx.txt |
Description:
|
DConnect Daemon versions 0.7.0 and below and CVS versions 30 and below suffer from buffer overflow, null pointer, and various format string bugs.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | dconnx.zip | | File Size: | 3669 | | Last Modified: | Aug 18 00:58:03 2006 |
| MD5 Checksum: | fd743949fece37d593d2840f2798af73 |
|
| /// File Name: |
deluxeBBflaws.txt |
Description:
|
DeluxeBB version 1.08 suffers from cross site scripting, cookie manipulation, and login bypass flaws.
| | Author: | Attila Gerendi | | File Size: | 1488 | | Last Modified: | Aug 18 01:07:32 2006 |
| MD5 Checksum: | 34e20e55a51d927192d320ee3169c491 |
|
| /// File Name: |
DoS_ADV_2Wire.txt |
Description:
|
The 2wire Gateway User Interface suffers from a denial of service condition.
| | Author: | Preth00nker | | Homepage: | http://mexhackteam.org/ | | File Size: | 1486 | | Last Modified: | Aug 27 16:58:51 2006 |
| MD5 Checksum: | c0ad30f38e01bf57080f7cdf8f782d01 |
|
| /// File Name: |
dotclear_1.2.5.txt |
Description:
|
DotClear version 1.2.5 is susceptible to cross site scripting attacks.
| | Author: | Stoun | | File Size: | 516 | | Last Modified: | Aug 27 17:22:00 2006 |
| MD5 Checksum: | 2d70ab168e19fe718e41604483950f39 |
|
| /// File Name: |
DRUPAL-SA-2006-011.txt |
Description:
|
Drupal security advisory DRUPAL-SA-2006-011: A malicious user can execute a cross site scripting attack by enticing someone to visit a Drupal site via a specially crafted link. Versions 4.6 and 4.7 are affected.
| | Author: | Uwe Hermann | | Homepage: | http://drupal.org/security | | File Size: | 2323 | | Last Modified: | Aug 17 04:46:27 2006 |
| MD5 Checksum: | 63da241f456cfc9b75e2ca8325df4bbe |
|
| /// File Name: |
dsa-1128-1.txt |
Description:
|
Debian Security Advisory 1128-1 - Yan Rong Ge discovered that wrong permissions on a shared memory page in heartbeat, the subsystem for High-Availability Linux could be exploited by a local attacker to cause a denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 16905 | | Related CVE(s): | CVE-2006-3815 | | Last Modified: | Aug 3 00:42:16 2006 |
| MD5 Checksum: | 6ec1f765a4316651bfb5171c65b0a8df |
|
| /// File Name: |
dsa-1129-1.txt |
Description:
|
Debian Security Advisory 1129-1 - Ulf Harnhammar and Max Vozeler from the Debian Security Audit Project have found several format string security bugs in osiris, a network-wide system integrity monitor control interface. A remote attacker could exploit them and cause a denial of service or execute arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 8729 | | Related CVE(s): | CVE-2006-3120 | | Last Modified: | Aug 3 00:54:14 2006 |
| MD5 Checksum: | 6e996ce78bbb707cafd6b7007ed5f55b |
|
| /// File Name: |
dsa-1130-1.txt |
Description:
|
Debian Security Advisory 1130-1 - A cross-site scripting vulnerability has been discovered in sitebar, a web based bookmark manager written in PHP, which allows remote attackers to inject arbitrary web script or HTML.
| | Homepage: | http://www.debian.org/security | | File Size: | 2891 | | Related CVE(s): | CVE-2006-3320 | | Last Modified: | Aug 17 03:02:29 2006 |
| MD5 Checksum: | 97c37250474c49d02c44d0c1ab6d5656 |
|
| /// File Name: |
dsa-1131-1.txt |
Description:
|
Debian Security Advisory 1131-1 - Mark Dowd discovered a buffer overflow in the mod_rewrite component of apache, a versatile high-performance HTTP server. In some situations a remote attacker could exploit this to execute arbitary code
| | Homepage: | http://www.debian.org/security | | File Size: | 15233 | | Related CVE(s): | CVE-2006-3747 | | Last Modified: | Aug 17 02:54:39 2006 |
| MD5 Checksum: | 720c4b8d72e955f0a6941f5d82028cff |
|
| /// File Name: |
dsa-1132-1.txt |
Description:
|
Debian Security Advisory 1132-1 - Mark Dowd discovered a buffer overflow in the mod_rewrite component of apache, a versatile high-performance HTTP server. In some situations a remote attacker could exploit this to execute arbitary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 23377 | | Related CVE(s): | CVE-2006-3747 | | Last Modified: | Aug 17 02:56:59 2006 |
| MD5 Checksum: | 3c651cf28d3daf7a9c44548c12d62ad2 |
|
| /// File Name: |
dsa-1135-1.txt |
Description:
|
Debian Security Advisory 1135-1 - Kevin Kofler discovered several stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp, a MusicBrainz tagging library, which allows remote attackers to cause a denial of service or execute arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 17692 | | Related CVE(s): | CVE-2006-3600 | | Last Modified: | Aug 17 03:47:28 2006 |
| MD5 Checksum: | 2db7cee67e588681418f188f1d0409d7 |
|
| /// File Name: |
dsa-1136-1.txt |
Description:
|
Debian Security Advisory 1136-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which are also present in gpdf, the viewer with Gtk bindings, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 5016 | | Related CVE(s): | CVE-2005-2097 | | Last Modified: | Aug 17 04:04:37 2006 |
| MD5 Checksum: | b402f9581ba505f7a8a5a8eb6800db0d |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
