Section: .. / 0612-advisories /
| /// File Name: |
db2dos.txt |
Description:
|
IBM's DB2 suffers from a remote denial of service condition during CONNECT processing.
| | Author: | Vivek Rathod | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2511 | | Related CVE(s): | CVE-2006-4257 | | Last Modified: | Dec 15 10:25:23 2006 |
| MD5 Checksum: | 54076abe7eb3aa992558fb05a44fb143 |
|
| /// File Name: |
dlink-arp.txt |
Description:
|
The D-LINK DWL-2000AP+ with firmware version 2.11 is prone to two remote denial of service vulnerabilities because it fails to handle arp flooding.
| | Author: | poplix | | File Size: | 1221 | | Last Modified: | Dec 12 16:29:29 2006 |
| MD5 Checksum: | 4d569a21008153d7ab5140e0519efb08 |
|
| /// File Name: |
dsa-1205-2.txt |
Description:
|
Debian Security Advisory 1205-2 - Marco d'Itri discovered that thttpd, a small, fast and secure webserver, makes use of insecure temporary files when its logfiles are rotated, which might lead to a denial of service through a symlink attack. The original advisory for this issue did not contain fixed packages for all supported architectures which are corrected in this update.
| | Homepage: | http://www.debian.org/security | | File Size: | 7068 | | Related CVE(s): | CVE-2006-4248 | | Last Modified: | Dec 6 05:04:56 2006 |
| MD5 Checksum: | 07cd63b665e2ec67991dd49a4cccdbc6 |
|
| /// File Name: |
dsa-1214-2.txt |
Description:
|
Debian Security Advisory 1214-2 - Renaud Lifchitz discovered that gv, the PostScript and PDF viewer for X, performs insufficient boundary checks in the Postscript parsing code, which allows the execution of arbitrary code through a buffer overflow. The original update provided in DSA 1214-1 was insufficient; this update corrects this.
| | Homepage: | http://www.debian.org/security | | File Size: | 5207 | | Related CVE(s): | CVE-2006-5864 | | Last Modified: | Dec 28 02:25:54 2006 |
| MD5 Checksum: | d8ad768ef0c6bfe80de9c960a4c86534 |
|
| /// File Name: |
dsa-1221-1.txt |
Description:
|
Debian Security Advisory 1221-1 - "infamous41md" discovered a heap buffer overflow vulnerability in libgsf, a GNOME library for reading and writing structured file formats, which could lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 15029 | | Last Modified: | Dec 6 03:50:29 2006 |
| MD5 Checksum: | bc9d1e14e872bb07b374f42fc8293b7c |
|
| /// File Name: |
dsa-1222-1.txt |
Description:
|
Debian Security Advisory 1222-1 - Several remote vulnerabilities have been discovered in the proftpd FTP daemon, which may lead to the execution of arbitrary code or denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 12860 | | Related CVE(s): | CVE-2006-5815, CVE-2006-6170, CVE-2006-6171 | | Last Modified: | Dec 6 04:22:52 2006 |
| MD5 Checksum: | 02e822beb4d5b026c47e84d724b0617d |
|
| /// File Name: |
dsa-1222-2.txt |
Description:
|
Debian Security Advisory 1222-2 - Due to technical problems yesterday's proftpd update lacked a build for the amd64 architecture, which is now available. Several remote vulnerabilities have been discovered in the proftpd FTP daemon, which may lead to the execution of arbitrary code or denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 13828 | | Related CVE(s): | CVE-2006-5815, CVE-2006-6170, CVE-2006-6171 | | Last Modified: | Dec 6 05:07:30 2006 |
| MD5 Checksum: | 2ed558492cc7f916fdcedfd2b566ae70 |
|
| /// File Name: |
dsa-1223-1.txt |
Description:
|
Debian Security Advisory 1223-1 - Teemu Salmela discovered a vulnerability in GNU tar that could allow a malicious user to overwrite arbitrary files by inducing the victim to attempt to extract a specially crafted tar file containing a GNUTYPE_NAMES record with a symbolic link.
| | Homepage: | http://www.debian.org/security | | File Size: | 4862 | | Related CVE(s): | CVE-2006-6097 | | Last Modified: | Dec 6 05:06:14 2006 |
| MD5 Checksum: | 56fd74f2486c5eb66fff24adf279eb9c |
|
| /// File Name: |
dsa-1224-1.txt |
Description:
|
Debian Security Advisory 1224-1 - Several security related problems have been discovered in Mozilla and derived products. It was discovered that malformed FTP server responses could lead to denial of service. It was discovered that the correction for a cryptographic flaw in the handling of PKCS-1 certificates was incomplete, which allows the forgery of certificates. "shutdown" discovered that modification of JavaScript objects during execution could lead to the execution of arbitrary JavaScript bytecode. Jesse Ruderman and Martijn Wargers discovered several crashes in the layout engine, which might also allow execution of arbitrary code. Igor Bukanov and Jesse Ruderman discovered several crashes in the JavaScript engine, which might allow execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 29526 | | Related CVE(s): | CVE-2006-4310, CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5748 | | Last Modified: | Dec 6 06:18:55 2006 |
| MD5 Checksum: | 9142a11b12b30cdb9295f5a37476a982 |
|
| /// File Name: |
dsa-1225-1.txt |
Description:
|
Debian Security Advisory 1225-1 - Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. It was discovered that malformed FTP server responses could lead to denial of service. It was discovered that the correction for a cryptographic flaw in the handling of PKCS-1 certificates was incomplete, which allows the forgery of certificates. "shutdown" discovered that modification of JavaScript objects during execution could lead to the execution of arbitrary JavaScript bytecode. Jesse Ruderman and Martijn Wargers discovered several crashes in the layout engine, which might also allow execution of arbitrary code. Igor Bukanov and Jesse Ruderman discovered several crashes in the JavaScript engine, which might allow execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 10848 | | Related CVE(s): | CVE-2006-4310, CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5748 | | Last Modified: | Dec 6 06:20:15 2006 |
| MD5 Checksum: | 49657524c6239d50cb48b45b9a11f3fe |
|
| /// File Name: |
dsa-1225-2.txt |
Description:
|
Debian Security Advisory 1225-2 - This update covers packages for the little endian MIPS architecture missing in the original advisory. Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. It was discovered that malformed FTP server responses could lead to denial of service. It was discovered that the correction for a cryptographic flaw in the handling of PKCS-1 certificates was incomplete, which allows the forgery of certificates. "shutdown" discovered that modification of JavaScript objects during execution could lead to the execution of arbitrary JavaScript bytecode. Jesse Ruderman and Martijn Wargers discovered several crashes in the layout engine, which might also allow execution of arbitrary code. Igor Bukanov and Jesse Ruderman discovered several crashes in the JavaScript engine, which might allow execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 4576 | | Related CVE(s): | CVE-2006-4310, CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5748 | | Last Modified: | Dec 6 06:27:57 2006 |
| MD5 Checksum: | 39b737348c09eed1cc90af5d17adf9eb |
|
| /// File Name: |
dsa-1226-1.txt |
Description:
|
Debian Security Advisory 1226-1 - Teemu Salmela discovered that the links character mode web browser performs insufficient sanitizing of smb:// URIs, which might lead to the execution of arbitrary shell commands.
| | Homepage: | http://www.debian.org/security | | File Size: | 5291 | | Related CVE(s): | CVE-2006-5925 | | Last Modified: | Dec 6 06:30:56 2006 |
| MD5 Checksum: | d2a066ec0e4097a655ba7a441467513f |
|
| /// File Name: |
dsa-1227-1.txt |
Description:
|
Debian Security Advisory 1227-1 - Several security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird. It was discovered that malformed FTP server responses could lead to denial of service. It was discovered that the correction for a cryptographic flaw in the handling of PKCS-1 certificates was incomplete, which allows the forgery of certificates. "shutdown" discovered that modification of JavaScript objects during execution could lead to the execution of arbitrary JavaScript bytecode. Jesse Ruderman and Martijn Wargers discovered several crashes in the layout engine, which might also allow execution of arbitrary code. Igor Bukanov and Jesse Ruderman discovered several crashes in the JavaScript engine, which might allow execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 16079 | | Related CVE(s): | CVE-2006-4310, CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5748 | | Last Modified: | Dec 6 06:32:19 2006 |
| MD5 Checksum: | 394551b0027ce326ff0e261531693734 |
|
| /// File Name: |
dsa-1228-1.txt |
Description:
|
Debian Security Advisory 1228-1 - Teemu Salmela discovered that the elinks character mode web browser performs insufficient sanitizing of smb:// URIs, which might lead to the execution of arbitrary shell commands.
| | Homepage: | http://www.debian.org/security | | File Size: | 6805 | | Related CVE(s): | CVE-2006-5925 | | Last Modified: | Dec 6 07:52:31 2006 |
| MD5 Checksum: | 5d878222604b9d0cb04c1dedc8a865ca |
|
| /// File Name: |
dsa-1229-1.txt |
Description:
|
Debian Security Advisory 1229-1 - Adam Boileau discovered an integer overflow in the Skinny channel driver in Asterisk, an Open Source Private Branch Exchange or telephone system, as used by Cisco SCCP phones, which allows remote attackers to execute arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 10244 | | Related CVE(s): | CVE-2006-5444 | | Last Modified: | Dec 7 09:57:49 2006 |
| MD5 Checksum: | 97d9169c0e99839747e13c57e0ae6877 |
|
| /// File Name: |
dsa-1230-1.txt |
Description:
|
Debian Security Advisory 1230-1 - Rhys Kidd discovered a vulnerability in l2tpns, a layer 2 tunneling protocol network server, which could be triggered by a remote user to execute arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 4918 | | Related CVE(s): | CVE-2006-5873 | | Last Modified: | Dec 8 23:51:32 2006 |
| MD5 Checksum: | 1c21f599702654e863c4ec9e4f951527 |
|
| /// File Name: |
dsa-1231-1.txt |
Description:
|
Debian Security Advisory 1231-1 - Several remote vulnerabilities have been discovered in the GNU privacy, a free PGP replacement, which may lead to the execution of arbitrary code. Werner Koch discovered that a buffer overflow in a sanitizing function may lead to execution of arbitrary code when running gnupg interactively. Tavis Ormandy discovered that parsing a carefully crafted OpenPGP packet may lead to the execution of arbitrary code, as a function pointer of an internal structure may be controlled through the decryption routines.
| | Homepage: | http://www.debian.org/security | | File Size: | 5438 | | Related CVE(s): | CVE-2006-6169, CVE-2006-6235 | | Last Modified: | Dec 11 16:58:36 2006 |
| MD5 Checksum: | c1b599ab141f00a49f626f8ccaf65998 |
|
| /// File Name: |
dsa-1232-1.txt |
Description:
|
Debian Security Advisory 1232-1 - Stephen Gran discovered that malformed base64-encoded MIME attachments can lead to denial of service through a null pointer dereference.
| | Homepage: | http://www.debian.org/security | | File Size: | 15316 | | Related CVE(s): | CVE-2006-5874 | | Last Modified: | Dec 11 16:59:17 2006 |
| MD5 Checksum: | fa048a8141cc5acb96ca7f6c7ed03a7c |
|
| /// File Name: |
DSA-1234-1.txt |
Description:
|
Debian Security Advisory 1234-1: A denial of service vulnerability has been discovered in the CGI library included with Ruby, the interpreted scripting language for quick and easy object-oriented programming.
| | Homepage: | http://www.debian.org/security | | File Size: | 28943 | | Last Modified: | Dec 14 22:43:45 2006 |
| MD5 Checksum: | b9b3642a2d1b73563eb353d2fb1eb3cd |
|
| /// File Name: |
DSA-1235-1.txt |
Description:
|
Debian Security Advisory 1235-1: A denial of service vulnerability has been discovered in the CGI library included with Ruby, the interpreted scripting language for quick and easy object-oriented programming.
| | Homepage: | http://www.debian.org/security | | File Size: | 21332 | | Last Modified: | Dec 14 22:43:01 2006 |
| MD5 Checksum: | fee77b125724711e784faa7f76507aa1 |
|
| /// File Name: |
DSA-1236-1.txt |
Description:
|
Debian Security Advisory 1236-1: Antti-Juhani Kaijanaho discovered that enemies-of-carlotta, a simple manager for mailing lists, does not properly sanitise email addresses before passing them through to the system shell.
| | Homepage: | http://www.debian.org/security | | File Size: | 3072 | | Last Modified: | Dec 14 22:42:17 2006 |
| MD5 Checksum: | e3f93518e3400c6aa8542c43f694303d |
|
| /// File Name: |
dsa-1238-1.txt |
Description:
|
Debian Security Advisory 1238-1 - Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit.
| | Homepage: | http://www.debian.org/security | | File Size: | 15626 | | Last Modified: | Dec 19 20:30:55 2006 |
| MD5 Checksum: | f2a21c3a6628a74d5f6fdec50de7c11e |
|
| /// File Name: |
dsa-1239-1.txt |
Description:
|
Debian Security Advisory 1239-1 - Several remote vulnerabilities have been discovered in SQL Ledger, a web based double-entry accounting program, which may lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 3444 | | Last Modified: | Dec 19 20:30:22 2006 |
| MD5 Checksum: | 80a0997514f1c2f36117f9360c160291 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
