Section: .. / 0603-advisories /
| /// File Name: |
SCOSA-2006.12.txt |
Description:
|
SCO Security Advisory - OpenServer 6.0.0 : OpenSSH Multiple Vulnerabilities: Two security issues have been reported in OpenSSH, which can be exploited by malicious users to gain escalated privileges or bypass certain security restrictions.
| | Author: | SCO | | Homepage: | http://www.sco.com/support/security/index.html | | File Size: | 2852 | | Last Modified: | Mar 15 21:12:19 2006 |
| MD5 Checksum: | 6fe496733bf80234fc9fbfa2cd6da557 |
|
| /// File Name: |
SCOSA-2006.13.txt |
Description:
|
SCO Security Advisory - SCOSA-2006.13 - Vim is susceptible to an arbitrary command execution vulnerability with ModeLines. This issue is due to insufficient sanitization of user-supplied input.
| | Author: | SCO | | Homepage: | http://www.sco.com/support/security/index.html | | File Size: | 2844 | | Last Modified: | Mar 21 23:55:22 2006 |
| MD5 Checksum: | 1296210fb79a5512ef492ca9eb9d3fc7 |
|
| /// File Name: |
sa19347.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious, local users to gain escalated privileges or by malicious users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/19347/ | | File Size: | 2839 | | Last Modified: | Mar 23 21:22:03 2006 |
| MD5 Checksum: | 8320113b9a806f20886bbc5cb6b10757 |
|
| /// File Name: |
sa19336.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for beagle. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
| | Homepage: | http://secunia.com/advisories/19336/ | | File Size: | 2833 | | Last Modified: | Mar 22 14:23:07 2006 |
| MD5 Checksum: | 92e109a3813d5811dcafc73999e9674c |
|
| /// File Name: |
sa19090.txt |
Description:
|
Secunia Security Advisory - Scott Sinclair has reported a vulnerability in irssi, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/19090/ | | File Size: | 2818 | | Last Modified: | Mar 2 22:01:19 2006 |
| MD5 Checksum: | c33a46240ecda1e5d5ebdb38b70bfbde |
|
| /// File Name: |
sa19198.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19198/ | | File Size: | 2817 | | Last Modified: | Mar 21 20:21:03 2006 |
| MD5 Checksum: | 5f0cda6071c059f8c4bc60012be695ab |
|
| /// File Name: |
ZDI-06-003.txt |
Description:
|
Ipswitch Collaboration Suite 2006.02 and below suffers from a vulnerability in the IMAP daemon. A lack of bounds checking during the parsing of long arguments to the FETCH verb can result in an exploitable buffer overflow.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2771 | | Last Modified: | Mar 13 22:51:14 2006 |
| MD5 Checksum: | c4a211e18a34ccb1aea4f4cf0d51684c |
|
| /// File Name: |
sa19182.txt |
Description:
|
Secunia Security Advisory - Kiki has discovered some vulnerabilities in QwikiWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/19182/ | | File Size: | 2763 | | Last Modified: | Mar 11 03:24:56 2006 |
| MD5 Checksum: | 0ab4ac303016a98606011436593fd0a6 |
|
| /// File Name: |
glsa-200603-11.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200603-11 - Luigi Auriemma discovered that Freeciv could be tricked into the allocation of enormous chunks of memory when trying to uncompress malformed data packages, possibly leading to an out of memory condition which causes Freeciv to crash or freeze. Versions less than 2.0.8 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2755 | | Last Modified: | Mar 17 01:15:15 2006 |
| MD5 Checksum: | abffc8376a2e29f58ccb925f9fbce746 |
|
| /// File Name: |
03.02.06-1.txt |
Description:
|
iDefense Security Advisory 03.02.06 - Remote exploitation of a directory traversal vulnerability in Apple Computer Inc.'s MacOS X could allow attackers to overwrite arbitrary files with user-supplied contents. iDefense has confirmed the existence of this vulnerability in MacOS X 10.4.2. Versions 10.4.5 and earlier of the 10.4.x family and versions 10.3.9 of the 10.3.x family of both Mac OS X and Mac OS X Server are vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 2755 | | Related CVE(s): | CVE-2006-0391 | | Last Modified: | Mar 3 11:17:29 2006 |
| MD5 Checksum: | 656c5102cd9e61c84c5e848188976217 |
|
| /// File Name: |
glsa-200602-13.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200602-13 - The SetImageInfo function was found vulnerable to a format string mishandling. Daniel Kobras discovered that the handling of %-escaped sequences in filenames passed to the function is inadequate in ImageMagick GLSA 200602-06 and the same vulnerability exists in GraphicsMagick. Versions less than 1.1.7 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2747 | | Last Modified: | Mar 2 10:20:26 2006 |
| MD5 Checksum: | dca584621e625df95b471b97a995c50f |
|
| /// File Name: |
sa19434.txt |
Description:
|
Secunia Security Advisory - r0t has discovered some vulnerabilities in Connect Daily, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/19434/ | | File Size: | 2736 | | Last Modified: | Mar 31 09:50:26 2006 |
| MD5 Checksum: | 9530c18c3f8c6dbc86afcd074108818e |
|
| /// File Name: |
glsa-200603-20.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200603-20 - The Macromedia Flash Player contains multiple unspecified vulnerabilities. Versions less than 7.0.63 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2722 | | Last Modified: | Mar 21 22:45:58 2006 |
| MD5 Checksum: | cbab59e469de403ee9280ae557318894 |
|
| /// File Name: |
glsa-200603-05.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200603-05 - Jean-Sebastien Guay-Leroux discovered a boundary error in the fullpath() function in misc.c when processing overly long file and directory names in ZOO archives. Versions less than 2.10-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2718 | | Last Modified: | Mar 8 05:51:47 2006 |
| MD5 Checksum: | ce5ff45f38a770a93b6e68370dc50278 |
|
| /// File Name: |
glsa-200603-07.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200603-07 - Chris Moore discovered a buffer overflow in a special class of lexicographical scanners generated by flex. Only scanners generated by grammars which use either REJECT, or rules with a variable trailing context might be at risk. Versions less than 2.5.33-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2717 | | Last Modified: | Mar 11 03:39:22 2006 |
| MD5 Checksum: | 9e8dd77863964de8d4f54aa799c58596 |
|
| /// File Name: |
SSAG-001.txt |
Description:
|
Swedish Security Audit Group - [SSAG#001] :: cURL tftp:// URL Buffer Overflow: There is a buffer overflow in cURL when it fetches a long tftp:// URL with a path that is longer than 512 characters. Successful exploitation of this vulnerability allows attackers to execute code within the context of cURL. It affects cURL 7.15.0, 7.15.1* and 7.15.2*.
| | Author: | Ulf Harnhammar | | File Size: | 2715 | | Last Modified: | Mar 22 02:11:20 2006 |
| MD5 Checksum: | 058552d4ae327ac320d30bac7d232fe5 |
|
| /// File Name: |
sa19408.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19408/ | | File Size: | 2709 | | Last Modified: | Mar 28 07:26:42 2006 |
| MD5 Checksum: | 7fd0477f6cfc2154bf8d3a2e5e091e96 |
|
| /// File Name: |
sa19171.txt |
Description:
|
Secunia Security Advisory - Three vulnerabilities have been reported in Symantec Ghost, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information, modify certain data, and potentially gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/19171/ | | File Size: | 2699 | | Last Modified: | Mar 9 04:09:52 2006 |
| MD5 Checksum: | a65d58601f28aa20b29215eed470bf3a |
|
| /// File Name: |
sa19168.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Ipswitch IMail Server/Collaboration Suite, which can be exploited by malicious users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/19168/ | | File Size: | 2691 | | Last Modified: | Mar 11 03:24:56 2006 |
| MD5 Checksum: | dee2a86c6796755db33872e75c855d8e |
|
| /// File Name: |
CVE-2006-0745.txt |
Description:
|
CVE-2006-0745 - Local privilege escalation in X.Org server 1.0.0 and later and X11R6.9.0 and X11R7.0. When parsing arguments, the server takes care to check that only root can pass the options -modulepath, which determines the location to load many modules providing server functionality from, and -logfile, which determines the location of the logfile. Normally, these locations cannot be changed by unprivileged users.
| | Author: | Daniel Stone | | Related Exploit: | xmodulepath.tgz | | File Size: | 2691 | | Last Modified: | Mar 22 00:11:27 2006 |
| MD5 Checksum: | 60642fac47808949f86849e0c0176071 |
|
| /// File Name: |
glsa-200603-15.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200603-15 - Lincoln Stein discovered that Crypt::CBC fails to handle 16 bytes long initializiation vectors correctly when running in the RandomIV mode, resulting in a weaker encryption because the second part of every block will always be encrypted with zeros if the blocksize of the cipher is greater than 8 bytes. Versions less than 2.17 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2687 | | Last Modified: | Mar 21 22:46:14 2006 |
| MD5 Checksum: | fcedd08bcc8639730e6a5289232f5f6e |
|
| /// File Name: |
sa19435.txt |
Description:
|
Secunia Security Advisory - Aliaksandr Hartsuyeu has reported some vulnerabilities in VNews, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct script insertion and SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/19435/ | | File Size: | 2682 | | Last Modified: | Mar 31 09:50:26 2006 |
| MD5 Checksum: | a30ba8a48c654a9f395574cfa0badf40 |
|
| /// File Name: |
sa19366.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in FreeBSD, which potentially can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/19366/ | | File Size: | 2680 | | Last Modified: | Mar 23 21:22:03 2006 |
| MD5 Checksum: | a0c2146fd860ce09f53774f6bc696fa5 |
|
| /// File Name: |
MDKSA-2006-053.txt |
Description:
|
Mandriva Linux Security Advisory - A Denial of Service vulnerability was discovered in the civserver component of the freeciv game on certain incoming packets.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2679 | | Last Modified: | Mar 9 04:32:07 2006 |
| MD5 Checksum: | e8c0a1c6cba19747f9b43821e14a5509 |
|
| /// File Name: |
glsa-200602-14.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200602-14 - Javier Fernandez-Sanguino has discovered that the lib/toascii.nw and shell/roff.mm scripts insecurely create temporary files with predictable filenames. Versions less than 2.9-r5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2659 | | Last Modified: | Mar 2 10:20:52 2006 |
| MD5 Checksum: | 5d7ed5289b9c5a33f6fb71c903e330e9 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
