Section: .. / 0601-advisories /
| /// File Name: |
sa18472.txt |
Description:
|
Secunia Security Advisory - Preddy has reported a vulnerability in Widexl Download Tracker, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/18472/ | | File Size: | 1817 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 6ce1479d6b30399be97b78b51ba13e24 |
|
| /// File Name: |
sa18471.txt |
Description:
|
Secunia Security Advisory - Preddy has discovered a vulnerability in WP-Stats, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/18471/ | | File Size: | 1730 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 8ad925407f225cf2a63c186125410e73 |
|
| /// File Name: |
sa18470.txt |
Description:
|
Secunia Security Advisory - Preddy has reported two vulnerabilities in GTP iCommerce, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/18470/ | | File Size: | 1854 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 177bac0137f5196a31dd3613dfdf7887 |
|
| /// File Name: |
sa18469.txt |
Description:
|
Secunia Security Advisory - Preddy has reported a vulnerability in Netbula Anyboard, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/18469/ | | File Size: | 1794 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 590951bf6625dbd991f0a61fd6e16a41 |
|
| /// File Name: |
sa18468.txt |
Description:
|
Secunia Security Advisory - Preddy has reported some vulnerabilities in Faq-O-Matic, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/18468/ | | File Size: | 2036 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 54775f3632c95ff5ae454eb4720508ed |
|
| /// File Name: |
sa18466.txt |
Description:
|
Secunia Security Advisory - Kevin Finisterre has reported a vulnerability in AmbiCom Blue Neighbors, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18466/ | | File Size: | 2095 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 78c2f60b174e28d82a4db03d0ce85926 |
|
| /// File Name: |
sa18464.txt |
Description:
|
Secunia Security Advisory - Aliaksandr Hartsuyeu has reported some vulnerabilities in Bit 5 Blog, which can be exploited by malicious people to conduct script insertion and SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/18464/ | | File Size: | 2285 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 406b91b81ff003c965b123a1525338cd |
|
| /// File Name: |
sa18463.txt |
Description:
|
Secunia Security Advisory - Trustix has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18463/ | | File Size: | 2349 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 86f30dc8e9c41c043348d520275f6283 |
|
| /// File Name: |
sa18462.txt |
Description:
|
Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered some vulnerabilities in Benders Calendar, which can be exploited by malicious users to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/18462/ | | File Size: | 1935 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | c5ba8161b32e274ac9f9c5da0fa9284e |
|
| /// File Name: |
sa18458.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in grsecurity, which can cause certain services to run with escalated privileges.
| | Homepage: | http://secunia.com/advisories/18458/ | | File Size: | 1870 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 49a06d5f7431f8b6e13964ba7c407f38 |
|
| /// File Name: |
sa18457.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Albatross, which can be exploited by malicious users to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18457/ | | File Size: | 1726 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 54b3537fdbc1047d8f4ff1e66167415f |
|
| /// File Name: |
sa18456.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for mailman. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18456/ | | File Size: | 4675 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 4f956b44133295f833d60560a54c3cd8 |
|
| /// File Name: |
sa18455.txt |
Description:
|
Secunia Security Advisory - Jesus Olmos Gonzalez has reported a vulnerability in 123 Flash Chat (123FlashChat) Server, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/18455/ | | File Size: | 2044 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | c4799c0b16bcd1bb8f67a7e3e241abbc |
|
| /// File Name: |
sa18449.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Mailman, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18449/ | | File Size: | 1657 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | 3e76e3a495523d7be01b3fcd42254531 |
|
| /// File Name: |
sa18435.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued updates for sun-jdk, sun-jre-bin, blackdown-jdk, and blackdown-jre. These fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18435/ | | File Size: | 2193 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | e8bdc9143d3387320f8da50636145d1e |
|
| /// File Name: |
sa18413.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for perl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable Perl application.
| | Homepage: | http://secunia.com/advisories/18413/ | | File Size: | 13364 | | Last Modified: | Jan 17 02:18:29 2006 |
| MD5 Checksum: | e102d9811ee82cbc787807abc41ce079 |
|
| /// File Name: |
nmrc-14Jan2006.txt |
Description:
|
This advisory documents an anomaly involving Microsoft's Wireless Network Connection. If a laptop connects to an ad-hoc network it can later start beaconing the ad-hoc network's SSID as its own ad-hoc network without the laptop owner's knowledge. This can allow an attacker to attach to the laptop as a prelude to further attack.
| | Author: | Simple Nomad | | Homepage: | http://www.nmrc.org | | File Size: | 9985 | | Last Modified: | Jan 15 18:24:42 2006 |
| MD5 Checksum: | f839868422e9ffeb14223e1c4f5afe8e |
|
| /// File Name: |
firefoxCross.txt |
Description:
|
Firefox is susceptible to cross domain scripting attacks via iframes.
| | File Size: | 1849 | | Last Modified: | Jan 15 18:23:57 2006 |
| MD5 Checksum: | f41801d52c2bb601052d584e0ed1f078 |
|
| /// File Name: |
01.13.06.txt |
Description:
|
iDefense Security Advisory 01.13.06 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s Open Enterprise Server Remote Manager allows attackers to execute arbitrary code. iDefense has confirmed this vulnerability in Novell SUSE Linux Enterprise Server 9. All previous versions are suspected vulnerable. Novell SUSE Linux Enterprise Server components are included in Novell Open Enterprise Server; as such, Open Enterprise Server is also vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3339 | | Related CVE(s): | CVE-2005-3655 | | Last Modified: | Jan 15 18:16:03 2006 |
| MD5 Checksum: | 48849109a4a18846114f813019abe2c4 |
|
| /// File Name: |
SUSA-SA-2006-002.txt |
Description:
|
SUSE Security Announcement - iDEFENSE reported a security problem with the Novell Remote Manager. By passing a huge or negative size via a HTTP request header to httpstkd it was possible to corrupt heap memory and so potentially execute code.
| | Homepage: | http://www.suse.com | | File Size: | 11665 | | Related CVE(s): | CVE-2005-3655 | | Last Modified: | Jan 15 18:05:25 2006 |
| MD5 Checksum: | 52287cb8c3781e32c8a4c1ca74588e11 |
|
| /// File Name: |
dsa-939-1.txt |
Description:
|
Debian Security Advisory DSA 939-1 - Daniel Drake discovered a problem in fetchmail, an SSL enabled POP3, APOP, IMAP mail gatherer/forwarder, that can cause a crash when the program is running in multidrop mode and receives messages without headers.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 5430 | | Related CVE(s): | CVE-2005-4348 | | Last Modified: | Jan 15 18:03:35 2006 |
| MD5 Checksum: | d2595ed978f31445e0dcc771e2bbcc2e |
|
| /// File Name: |
glsa-200601-09.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-09 - H D Moore discovered that Wine implements the insecure-by-design SETABORTPROC GDI Escape function for Windows Metafile (WMF) files. Versions less than 20050930 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2641 | | Last Modified: | Jan 15 18:02:32 2006 |
| MD5 Checksum: | 05a2a5f0660d7d586e9e46c8ad5703aa |
|
| /// File Name: |
glsa-200601-08.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-08 - Damian Put has reported a flaw due to an integer overflow in the get_bhead() function, leading to a heap overflow when processing malformed .blend files. Versions less than 2.40 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2623 | | Last Modified: | Jan 15 18:02:11 2006 |
| MD5 Checksum: | 2d68f9edd80be3cf81b535ad831814e6 |
|
| /// File Name: |
glsa-200601-07.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-07 - Zero Day Initiative (ZDI) reported a heap buffer overflow vulnerability. The vulnerability is due to an incorrect boundary check of the user-supplied data prior to copying it to an insufficiently sized memory buffer. The flaw occurs when the application attempts to handle compressed UPX files. Versions less than 0.88 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2666 | | Last Modified: | Jan 15 18:01:45 2006 |
| MD5 Checksum: | ed97ef0c5184cd8a27aac017e0b0f40b |
|
| /// File Name: |
FSA-2006-06.txt |
Description:
|
Fortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered a buffer overflow vulnerability in the Apple QuickTime Player. Apple QuickTime has a buffer overflow vulnerability in parsing specially crafted TGA image files. This is due to an application failure to sanitize the parameter Color Map Entry Size while parsing TGA image files. A remote attacker could construct a web page with a specially crafted TGA file and entice a victim to view it, when the user opens the TGA image with Internet Explorer or Apple QuickTime Player, it will cause a memory access violation, leading to potential arbitrary command execution.
| | Author: | Dejun Meng | | File Size: | 2220 | | Related CVE(s): | CVE-2005-3709 | | Last Modified: | Jan 15 17:51:40 2006 |
| MD5 Checksum: | b39146fad82c330a44041510cba5a0d7 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
