Section: .. / 0608-advisories /
| /// File Name: |
glsa-200608-11.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200608-11 - A vulnerability in both Webmin and Usermin has been discovered by Kenny Chen, wherein simplify_path is called before the HTML is decoded. Versions less than 1.290 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3011 | | Last Modified: | Aug 18 01:00:58 2006 |
| MD5 Checksum: | 9c6a30d099397dc0265047697ad2327f |
|
| /// File Name: |
glsa-200608-24.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200608-24 - AlsaPlayer contains three buffer overflows: in the function that handles the HTTP connections, the GTK interface, and the CDDB querying mechanism. Versions less than or equal to 0.99.76-r3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3008 | | Last Modified: | Aug 28 01:22:51 2006 |
| MD5 Checksum: | 04c76dbf6fe0e9b46fd79ae5a010f0bc |
|
| /// File Name: |
sa21342.txt |
Description:
|
Secunia Security Advisory - rgod has reported some vulnerabilities in sendcard, which can be exploited by malicious users to disclose certain sensitive information, and by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/21342/ | | File Size: | 3008 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | 85d49ac96b6fac022a98c1f1b0e98d21 |
|
| /// File Name: |
sa21244.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for drupal. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, and by malicious users to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21244/ | | File Size: | 2972 | | Last Modified: | Aug 2 04:14:26 2006 |
| MD5 Checksum: | 797a041f18cdb2a51b5ca239a30fec31 |
|
| /// File Name: |
sa21402.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in Kerberos, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/21402/ | | File Size: | 2971 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | f793f7e7be392b586c7612b20f87b4c6 |
|
| /// File Name: |
sa21570.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in Sun Java Plugin and Sun Java Web Start, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/21570/ | | File Size: | 2971 | | Last Modified: | Aug 26 20:18:48 2006 |
| MD5 Checksum: | 533c2da0a8ec2e3415150e6b6627b18e |
|
| /// File Name: |
sa21573.txt |
Description:
|
Secunia Security Advisory - Stefan Esser has reported some vulnerabilities in Zend Platform, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose sensitive information, bypass certain security restrictions, and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21573/ | | File Size: | 2970 | | Last Modified: | Aug 26 20:18:48 2006 |
| MD5 Checksum: | fa7d1b2ddf4831559557b78df5651766 |
|
| /// File Name: |
sa21401.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/21401/ | | File Size: | 2965 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | 56f27a4f0f29b1221f1094dc4fd3efe7 |
|
| /// File Name: |
sa21230.txt |
Description:
|
Secunia Security Advisory - Corsaire has reported some vulnerabilities in VMware ESX Server, which can be exploited to gain knowledge of potentially sensitive information or conduct cross-site request forgery attacks.
| | Homepage: | http://secunia.com/advisories/21230/ | | File Size: | 2953 | | Last Modified: | Aug 2 04:14:26 2006 |
| MD5 Checksum: | fdbbb4a943fb2d53e3b0779ccf5d0773 |
|
| /// File Name: |
sa21426.txt |
Description:
|
Secunia Security Advisory - Collin Mulliner and Prof. Giovanni Vigna have reported some vulnerabilities in ArcSoft MMS Composer, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21426/ | | File Size: | 2953 | | Last Modified: | Aug 17 00:44:27 2006 |
| MD5 Checksum: | f0a201a2c5b3f971e987b628a55126ee |
|
| /// File Name: |
glsa-200608-20.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200608-20 - The Ruby on Rails developers have corrected some weaknesses in action_controller/, relative to the handling of the user input and the LOAD_PATH variable. A remote attacker could inject arbitrary entries into the LOAD_PATH variable and alter the main Ruby on Rails process. The security hole has only been partly solved in version 1.1.5. Version 1.1.6 now fully corrects it. Versions less than 1.1.6 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2945 | | Last Modified: | Aug 27 00:19:15 2006 |
| MD5 Checksum: | 6db4d3e282777430d69b590a709e3e9a |
|
| /// File Name: |
modrewrite.txt |
Description:
|
Mod_rewrite is an Apache module that can be used to remap requests based on regular expression matches of the requested URI. A buffer overflow vulnerability exists when dealing with rewritten URI's that are prefixed with the LDAP protocol scheme.
| | Author: | Mark Dowd | | Homepage: | http://www.avertlabs.com/ | | File Size: | 2945 | | Related CVE(s): | CVE-2006-3747 | | Last Modified: | Aug 3 00:53:35 2006 |
| MD5 Checksum: | 7771959086da058fc8bcfb0c2e59cf43 |
|
| /// File Name: |
sa21490.txt |
Description:
|
Secunia Security Advisory - Susam Pal has discovered a vulnerability in Apache, which can be exploited by malicious people to bypass certain security restrictions and disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/21490/ | | File Size: | 2944 | | Last Modified: | Aug 17 00:44:27 2006 |
| MD5 Checksum: | f3f888106cac5127ddaecf6ddd25ed5e |
|
| /// File Name: |
glsa-200608-28.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200608-28 - The sscanf() PHP function contains an array boundary error that can be exploited to dereference a null pointer. This can possibly allow the bypass of the safe mode protection by executing arbitrary code. Versions less than 5.1.4-r6 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2940 | | Last Modified: | Aug 29 13:07:27 2006 |
| MD5 Checksum: | 0f87c08c2790a2f549fcaa75499511db |
|
| /// File Name: |
sa21465.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, gain knowledge of potentially sensitive information, or cause a DoS (Denial of Service), and malicious people to bypass certain security restrictions or cause a DoS.
| | Homepage: | http://secunia.com/advisories/21465/ | | File Size: | 2939 | | Last Modified: | Aug 17 00:44:27 2006 |
| MD5 Checksum: | 8cbcf2428cec8b2e4497c9c2ce29c1ac |
|
| /// File Name: |
dsa-1154-1.txt |
Description:
|
Debian Security Advisory 1154-1 - James Bercegay of GulfTech Security Research discovered a vulnerability in SquirrelMail where an authenticated user could overwrite random variables in the compose script. This might be exploited to read or write the preferences or attachment files of other users.
| | Homepage: | http://www.debian.org/security | | File Size: | 2934 | | Related CVE(s): | CVE-2006-4019 | | Last Modified: | Aug 27 17:17:16 2006 |
| MD5 Checksum: | 83baddbcee5acf74265777ca92416171 |
|
| /// File Name: |
TSRT-06-06.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of the Computer Associates eTrust AntiVirus WebScan ActiveX component that suffers from a buffer overflow.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2923 | | Related CVE(s): | CVE-2006-3975 | | Last Modified: | Aug 18 01:13:22 2006 |
| MD5 Checksum: | 43211ea4830a1aa90d0270c5acd52d92 |
|
| /// File Name: |
sa21267.txt |
Description:
|
Secunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in Open Cubic Player, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21267/ | | File Size: | 2913 | | Last Modified: | Aug 2 04:14:26 2006 |
| MD5 Checksum: | 50f3c624059a33dcafdd8c9c170ad3eb |
|
| /// File Name: |
sa21617.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in Cisco VPN 3000 Concentrator, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/21617/ | | File Size: | 2913 | | Last Modified: | Aug 26 20:18:48 2006 |
| MD5 Checksum: | 4e2f65cb3efd7f51a21cee1f521a390d |
|
| /// File Name: |
sa21272.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for ruby. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/21272/ | | File Size: | 2904 | | Last Modified: | Aug 2 04:14:26 2006 |
| MD5 Checksum: | 0eb5b880159a4c9840c2ca4644734cdc |
|
| /// File Name: |
sa21346.txt |
Description:
|
Secunia Security Advisory - Trustix has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21346/ | | File Size: | 2899 | | Last Modified: | Aug 9 20:40:54 2006 |
| MD5 Checksum: | 55d9bfbe63f8d86d038d31b14fb12308 |
|
| /// File Name: |
glsa-200608-27.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200608-27 - In November 2005, Zone-H Research reported a boundary error in the ktools library in the VGETSTRING() macro of kkstrtext.h, which may cause a buffer overflow via an overly long input string. Versions less than 3.4.0-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2892 | | Last Modified: | Aug 29 13:06:50 2006 |
| MD5 Checksum: | ba321d1d7e73806185ca8165c086bd4b |
|
| /// File Name: |
dsa-1130-1.txt |
Description:
|
Debian Security Advisory 1130-1 - A cross-site scripting vulnerability has been discovered in sitebar, a web based bookmark manager written in PHP, which allows remote attackers to inject arbitrary web script or HTML.
| | Homepage: | http://www.debian.org/security | | File Size: | 2891 | | Related CVE(s): | CVE-2006-3320 | | Last Modified: | Aug 17 03:02:29 2006 |
| MD5 Checksum: | 97c37250474c49d02c44d0c1ab6d5656 |
|
| /// File Name: |
sa21624.txt |
Description:
|
Secunia Security Advisory - Timq has discovered some vulnerabilities in phpCOIN, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21624/ | | File Size: | 2887 | | Last Modified: | Aug 26 20:18:48 2006 |
| MD5 Checksum: | de468a155a9fb737133cb2f137024146 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
