Section: .. / 0611-advisories /
| /// File Name: |
sa23013.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for mozilla-thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23013/ | | File Size: | 13144 | | Last Modified: | Nov 25 23:47:38 2006 |
| MD5 Checksum: | c825d980993bc6e38510ff9c819b1d1f |
|
| /// File Name: |
USN-381-1.txt |
Description:
|
Ubuntu Security Notice 381-1 - USN-351-1 fixed a flaw in the verification of PKCS certificate signatures. Ulrich Kuehn discovered a variant of the original attack which the original fix did not cover. Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page containing JavaScript.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 13018 | | Related CVE(s): | CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748 | | Last Modified: | Nov 21 21:48:54 2006 |
| MD5 Checksum: | 0f560f6f914a8eceb4ade850d5c7feb8 |
|
| /// File Name: |
sa23009.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23009/ | | File Size: | 13013 | | Last Modified: | Nov 25 23:47:37 2006 |
| MD5 Checksum: | 4e338149c8687e48432db852e8920822 |
|
| /// File Name: |
USN-382-1.txt |
Description:
|
Ubuntu Security Notice 382-1 - USN-352-1 fixed a flaw in the verification of PKCS certificate signatures. Ulrich Kuehn discovered a variant of the original attack which the original fix did not cover. Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page containing JavaScript.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 12794 | | Related CVE(s): | CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748 | | Last Modified: | Nov 21 21:51:00 2006 |
| MD5 Checksum: | 521f19287302bd9e6b41cffda2f5f7d1 |
|
| /// File Name: |
USN-369-2.txt |
Description:
|
Ubuntu Security Notice 369-2: multiple vulnerabilities in postgresql-8.1 server.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 12260 | | Last Modified: | Nov 2 19:24:21 2006 |
| MD5 Checksum: | 8c226ca83dec25799b2980fe173bd0ab |
|
| /// File Name: |
dsa-1212-1.txt |
Description:
|
Debian Security Advisory 1212-1 - Two denial of service vulnerabilities have been found in the OpenSSH server. The sshd support for ssh protocol version 1 does not properly handle duplicate incoming blocks. This could allow a remote attacker to cause sshd to consume significant CPU resources leading to a denial of service. A signal handler race condition could potentially allow a remote attacker to crash sshd and could theoretically lead to the ability to execute arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 11437 | | Related CVE(s): | CVE-2006-4924, CVE-2006-5051 | | Last Modified: | Nov 16 12:20:08 2006 |
| MD5 Checksum: | 51971b066a8eeebbdfb1d58b79d8767e |
|
| /// File Name: |
sa22926.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for openssh. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22926/ | | File Size: | 11028 | | Last Modified: | Nov 16 10:09:27 2006 |
| MD5 Checksum: | b4e24a12812d1a6d538201ff795da4af |
|
| /// File Name: |
cisco-sa-20061101-csamc.txt |
Description:
|
Cisco Security Advisory - cisco-sa-20061101-csamc: Cisco Security Agent Management Center (CSAMC) contains an administrator authentication bypass vulnerability when configured to use an external Lightweight Directory Access Protocol (LDAP) server for authentication.
| | Homepage: | http://www.cisco.com | | File Size: | 10939 | | Last Modified: | Nov 2 19:39:42 2006 |
| MD5 Checksum: | 19c5e35ff0855aabb2fd78e20fa9a9be |
|
| /// File Name: |
sa23162.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for koffice. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23162/ | | File Size: | 10808 | | Last Modified: | Nov 30 11:12:25 2006 |
| MD5 Checksum: | fe11a4dd9ae2be72d6a31fabb8159ffd |
|
| /// File Name: |
NETRAGARD-20060810-1.txt |
Description:
|
Netragard, L.L.C Advisory NETRAGARD-20060810 - libpthread suffers from a buffer overflow vulnerability which may enable an attacker to execute arbitrary commands on the system. This vulnerability may potentially be exploited by a creating a specially crafted buffer and inserting it into the PTHREAD_CONFIG variable. Version 5.1b is affected.
| | Homepage: | http://www.netragard.com | | File Size: | 10610 | | Last Modified: | Nov 13 11:05:30 2006 |
| MD5 Checksum: | c15d7a566c97361fe11f65fdbda11ff9 |
|
| /// File Name: |
dsa-1201-1.txt |
Description:
|
Debian Security Advisory 1201-1: Several remote vulnerabilities have been discovered in the Ethereal network scanner.
| | Homepage: | http://www.debian.org/security | | File Size: | 10184 | | Last Modified: | Nov 1 17:18:03 2006 |
| MD5 Checksum: | 49cfc528c40ca38b06d5c3e94c60160f |
|
| /// File Name: |
FLSA-2006-195418.txt |
Description:
|
Fedora Legacy Update Advisory FLSA:195418 - Updated sendmail packages fix security issue
| | Homepage: | http://fedoralegacy.org | | File Size: | 10119 | | Last Modified: | Nov 1 17:20:12 2006 |
| MD5 Checksum: | b25437c410fb1e9b0d847f245cfae681 |
|
| /// File Name: |
MDKSA-2006-217.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-217 - As disclosed by an exploit (vd_proftpd.pm) and a related vendor bugfix, a Denial of Service (DoS) vulnerability exists in the FTP server ProFTPD, up to and including version 1.3.0. The flaw is due to both a potential bus error and a definitive buffer overflow in the code which determines the FTP command buffer size limit. The vulnerability can be exploited only if the "CommandBufferSize" directive is explicitly used in the server configuration, which is not the case in the default configuration of ProFTPD.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 9874 | | Related CVE(s): | CVE-2006-5815 | | Last Modified: | Nov 21 02:23:22 2006 |
| MD5 Checksum: | 8652a3ed074725a49c55500766ce638e |
|
| /// File Name: |
sa22951.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/22951/ | | File Size: | 9797 | | Last Modified: | Nov 20 11:05:00 2006 |
| MD5 Checksum: | 8da633b6f5e8b7e97733a7812838d940 |
|
| /// File Name: |
sa22849.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mozilla-firefox. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing and DoS (Denial of Service) attacks, bypass certain security restrictions and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/22849/ | | File Size: | 9652 | | Last Modified: | Nov 15 22:19:38 2006 |
| MD5 Checksum: | 3a7f04eada18cbb808203661fac50eac |
|
| /// File Name: |
MDKSA-2006-200.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-200: A heap-based buffer overflow was discovered in librpm when the LANG or LC_ALL environment variable is set to ru_RU.UTF-8 (and possibly other locales), which could allow for user-assisted attackers to execute arbitrary code via crafted RPM packages.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 9501 | | Last Modified: | Nov 8 18:30:42 2006 |
| MD5 Checksum: | 813f70ae6a221d728b3368a58161b8a1 |
|
| /// File Name: |
MDKSA-2006-208.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-208 - An unspecified vulnerability in OpenLDAP allows remote attackers to cause a denial of service (daemon crash) via a certain combination of SASL Bind requests that triggers an assertion failure in libldap.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 9400 | | Related CVE(s): | CVE-2006-5779 | | Last Modified: | Nov 16 11:33:14 2006 |
| MD5 Checksum: | f0c1c532227c9ff07f1e441a5d477e05 |
|
| /// File Name: |
sa22659.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for ethereal. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/22659/ | | File Size: | 9334 | | Last Modified: | Nov 1 16:33:49 2006 |
| MD5 Checksum: | 65b09a3e36891ba5b20219598c3b2367 |
|
| /// File Name: |
sa22834.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for ImageMagick. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22834/ | | File Size: | 9232 | | Last Modified: | Nov 15 22:19:38 2006 |
| MD5 Checksum: | 0a69420f2537a59acedb5937af3f5286 |
|
| /// File Name: |
USN-383-1.txt |
Description:
|
Ubuntu Security Notice 383-1 - Tavis Ormandy discovered that libpng did not correctly calculate the size of sPLT structures when reading an image. By tricking a user or an automated system into processing a specially crafted PNG file, an attacker could exploit this weakness to crash the application using the library.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 9219 | | Related CVE(s): | CVE-2006-5793 | | Last Modified: | Nov 18 20:47:03 2006 |
| MD5 Checksum: | 7a604cad4a9aa146e9d607a0f365d182 |
|
| /// File Name: |
sa22745.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for librpm4. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22745/ | | File Size: | 9173 | | Last Modified: | Nov 6 13:07:49 2006 |
| MD5 Checksum: | 904d41f95245e23f0464c69274e0826a |
|
| /// File Name: |
sa22980.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for MozillaFirefox, MozillaThunderbird, and seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22980/ | | File Size: | 9164 | | Last Modified: | Nov 17 18:30:18 2006 |
| MD5 Checksum: | 248e8badeed0b7ac5b0386b5fc4734a6 |
|
| /// File Name: |
USN-384-1.txt |
Description:
|
Ubuntu Security Notice 384-1 - Evgeny Legerov discovered that the OpenLDAP libraries did not correctly truncate authcid names. This situation would trigger an assert and abort the program using the libraries. A remote attacker could send specially crafted bind requests that would lead to an LDAP server denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 9011 | | Related CVE(s): | CVE-2006-5779 | | Last Modified: | Nov 21 02:24:09 2006 |
| MD5 Checksum: | 97d073428c4a8c11f1c73b6744d0b6bf |
|
| /// File Name: |
sa23000.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for proftpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/23000/ | | File Size: | 8540 | | Last Modified: | Nov 25 23:47:38 2006 |
| MD5 Checksum: | da3f08944c6d35df363503c72c031000 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
