Section: .. / 0601-advisories /
| /// File Name: |
FreeBSD-SA-06-02.ee.txt |
Description:
|
FreeBSD Security Advisory - The ispell_op function used by ee(1) while executing spell check operations employs an insecure method of temporary file generation. This method produces predictable file names based on the process ID and fails to confirm which path will be over written with the user.
| | Homepage: | http://www.freebsd.org/security/ | | File Size: | 5165 | | Related CVE(s): | CAN-2006-0055 | | Last Modified: | Jan 15 02:39:30 2006 |
| MD5 Checksum: | b9ff2feeff308372cbe743a954fe1571 |
|
| /// File Name: |
FreeBSD-SA-06-04.ipfw.txt |
Description:
|
FreeBSD Security Advisory - ipfw maintains a pointer to layer 4 header information in the event that it needs to send a TCP reset or ICMP error message to discard packets. Due to incorrect handling of IP fragments, this pointer fails to get initialized.
| | Homepage: | http://www.freebsd.org/security/ | | File Size: | 3551 | | Related CVE(s): | CAN-2006-0054 | | Last Modified: | Jan 15 02:41:24 2006 |
| MD5 Checksum: | d3e9c839d07973392a022c0ef6c925c9 |
|
| /// File Name: |
FSA-2006-01.txt |
Description:
|
Fortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered a buffer overflow vulnerability in the Apple QuickTime Player. Apple QuickTime has a buffer overflow vulnerability in parsing the specially crafted TIFF image files. This is due to application failure to sanitize the parameter StripByteCounts while parsing TIFF image files. A remote attacker could construct a web page with specially crafted tiff file and entice a victim to view it, when the user opens the TIFF image with Internet Explorer or Apple QuickTime Player, it will cause a memory access violation, and leading to potential arbitrary command execution.
| | Author: | Dejun Meng | | File Size: | 1540 | | Related CVE(s): | CVE-2005-3711 | | Last Modified: | Jan 15 17:38:48 2006 |
| MD5 Checksum: | 3bbccbc8968185754fb5e49537e6d12a |
|
| /// File Name: |
FSA-2006-02.txt |
Description:
|
Fortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered a vulnerability in the Apple QuickTime Player. Apple QuickTime has a vulnerability in parsing the specially crafted TIFF image files. This is due to application failure to sanitize the parameter StripOffsets value while parsing TIFF image files. A remote attacker could construct a web page with specially crafted tiff file and entice a victim to view it, when the user opens the TIFF image with Internet Explorer or Apple QuickTime Player, it will cause a memory access violation, leading to potential arbitrary command execution.
| | Author: | Dejun Meng | | File Size: | 1487 | | Related CVE(s): | CVE-2005-3711 | | Last Modified: | Jan 15 17:41:28 2006 |
| MD5 Checksum: | c7fd69be44413ae53a08c20785f0d143 |
|
| /// File Name: |
FSA-2006-03.txt |
Description:
|
Fortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered a Denial of Service Vulnerability in the Apple QuickTime Player. Apple QuickTime has a denial of service vulnerability in parsing the specially crafted TIFF image files. This is due to an application failure to sanitize the parameter ImageWidth value while parsing TIFF image files. A remote attacker could construct a web page with a specially crafted tiff file and entice a victim to view it, when the user opens the TIFF image with Internet Explorer or Apple QuickTime Player, it will a cause memory access violation, leading to denial of service.
| | Author: | Dejun Meng | | File Size: | 1542 | | Related CVE(s): | CVE-2005-3710 | | Last Modified: | Jan 15 17:42:59 2006 |
| MD5 Checksum: | 6248ad9efb497e7b42f16c9c01c973d9 |
|
| /// File Name: |
FSA-2006-04.txt |
Description:
|
Fortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered an improper memory access vulnerability in the Apple QuickTime Player. The vulnerability exists when parsing specially crafted TGA image files. A remote attacker could construct a web page with a specially crafted TGA file and entice a victim to view it, when the user opens the TGA image with Internet Explorer or Apple QuickTime Player, it will cause memory access violation, leading to potential arbitrary command execution.
| | Author: | Dejun Meng | | File Size: | 2123 | | Related CVE(s): | CVE-2005-3707 | | Last Modified: | Jan 15 17:45:18 2006 |
| MD5 Checksum: | d4bcc79ffc9528db2560678fa4f82600 |
|
| /// File Name: |
FSA-2006-05.txt |
Description:
|
Fortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered a buffer overflow vulnerability in the Apple QuickTime Player. Apple QuickTime has a buffer overflow vulnerability in parsing the specially crafted TGA image files. This is due to application failure to sanitize the parameter ImageWidth value while parsing TGA image files. A remote attacker could construct a web page with a specially crafted TGA file and entice a victim to view it, when the user opens the TGA image with Internet Explorer or Apple QuickTime Player, it will cause a memory access violation, leading to potential arbitrary command execution.
| | Author: | Dejun Meng | | File Size: | 2222 | | Related CVE(s): | CVE-2005-3708 | | Last Modified: | Jan 15 17:50:03 2006 |
| MD5 Checksum: | b9a5dce603155c48cd21d11730128a39 |
|
| /// File Name: |
FSA-2006-06.txt |
Description:
|
Fortinet Security Advisory - Fortinet Security Research Team (FSRT) has discovered a buffer overflow vulnerability in the Apple QuickTime Player. Apple QuickTime has a buffer overflow vulnerability in parsing specially crafted TGA image files. This is due to an application failure to sanitize the parameter Color Map Entry Size while parsing TGA image files. A remote attacker could construct a web page with a specially crafted TGA file and entice a victim to view it, when the user opens the TGA image with Internet Explorer or Apple QuickTime Player, it will cause a memory access violation, leading to potential arbitrary command execution.
| | Author: | Dejun Meng | | File Size: | 2220 | | Related CVE(s): | CVE-2005-3709 | | Last Modified: | Jan 15 17:51:40 2006 |
| MD5 Checksum: | b39146fad82c330a44041510cba5a0d7 |
|
| /// File Name: |
FSA-2006-07.txt |
Description:
|
Fortinet Security Advisory: FSA-2006-07 - Fortinet Security Research Team (FSRT) has discovered a URI buffer overflow Vulnerability in the BitComet P2P Client software. It indicates a possible exploit of buffer overflow vulnerability in BitComet. BitComet is one of the most popular P2P Client for file sharing, which uses bittorrent protocol. There is a bug in BitComet, a remote attacker could construct a special .torrent file and put it on any bt publish web site. When a user downloads the .torrent file and clicks on publishers name, BitComet will crash. An attacker can run arbitrary Command on victims host by specially crafted .torrent file.
| | Author: | Fortinet Research | | File Size: | 1818 | | Last Modified: | Jan 25 08:55:51 2006 |
| MD5 Checksum: | de298f443a5f52b7c96eb94db0e3321d |
|
| /// File Name: |
glsa-200601-01.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-01 - Tavis Ormandy of the Gentoo Linux Security Audit Team has discovered that the pinentry ebuild incorrectly sets the permissions of the pinentry binaries upon installation, so that the sgid bit is set making them execute with the privileges of group ID 0. Versions less than 0.7.2-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2431 | | Last Modified: | Jan 4 06:25:34 2006 |
| MD5 Checksum: | d18bf2b22c9fe2f67dd07023064b7cbb |
|
| /// File Name: |
glsa-200601-02.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-02 - KPdf and KWord both include Xpdf code to handle PDF files. This Xpdf code is vulnerable to several heap overflows (GLSA 200512-08) as well as several buffer and integer overflows discovered by Chris Evans. Versions less than 3.4.3-r3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4821 | | Related CVE(s): | CAN-2005-3191, CAN-2005-3192, CAN-2005-3193 | | Last Modified: | Jan 5 03:10:09 2006 |
| MD5 Checksum: | 770b399d5b0749ee80133555e8dda679 |
|
| /// File Name: |
glsa-200601-03.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-03 - Patrice Fournier discovered that HylaFAX runs the notify script on untrusted user input. Furthermore, users can log in without a password when HylaFAX is installed with the pam USE-flag disabled. Versions less than 4.2.3-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2867 | | Last Modified: | Jan 8 06:33:52 2006 |
| MD5 Checksum: | 83ffe9f2f439954f90015fa3ca4bd7b0 |
|
| /// File Name: |
glsa-200601-04.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-04 - Tim Shelton discovered that vmnet-natd, the host module providing NAT-style networking for VMware guest operating systems, is unable to process incorrect 'EPRT' and 'PORT' FTP requests. Versions less than 5.5.1.19175 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2947 | | Last Modified: | Jan 8 19:28:23 2006 |
| MD5 Checksum: | c0f65423d0f84c342825ad60d991290c |
|
| /// File Name: |
glsa-200601-05.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-05 - The error logging functions of mod_auth_pgsql fail to validate certain strings before passing them to syslog, resulting in format string vulnerabilities. Versions less than 2.0.3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2707 | | Last Modified: | Jan 11 07:13:31 2006 |
| MD5 Checksum: | c37ba73e107db83794f84cf120c6b92e |
|
| /// File Name: |
glsa-200601-06.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-06 - Simon Kilvington has reported a vulnerability in FFmpeg libavcodec. The flaw is due to a buffer overflow error in the avcodec_default_get_buffer() function. This function doesn't properly handle specially crafted PNG files as a result of a heap overflow. Versions less than 1.1.1-r3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3382 | | Last Modified: | Jan 11 07:16:11 2006 |
| MD5 Checksum: | ad9946839fab259215882f69e4a83ae6 |
|
| /// File Name: |
glsa-200601-07.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-07 - Zero Day Initiative (ZDI) reported a heap buffer overflow vulnerability. The vulnerability is due to an incorrect boundary check of the user-supplied data prior to copying it to an insufficiently sized memory buffer. The flaw occurs when the application attempts to handle compressed UPX files. Versions less than 0.88 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2666 | | Last Modified: | Jan 15 18:01:45 2006 |
| MD5 Checksum: | ed97ef0c5184cd8a27aac017e0b0f40b |
|
| /// File Name: |
glsa-200601-08.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-08 - Damian Put has reported a flaw due to an integer overflow in the get_bhead() function, leading to a heap overflow when processing malformed .blend files. Versions less than 2.40 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2623 | | Last Modified: | Jan 15 18:02:11 2006 |
| MD5 Checksum: | 2d68f9edd80be3cf81b535ad831814e6 |
|
| /// File Name: |
glsa-200601-09.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-09 - H D Moore discovered that Wine implements the insecure-by-design SETABORTPROC GDI Escape function for Windows Metafile (WMF) files. Versions less than 20050930 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2641 | | Last Modified: | Jan 15 18:02:32 2006 |
| MD5 Checksum: | 05a2a5f0660d7d586e9e46c8ad5703aa |
|
| /// File Name: |
glsa-200601-10.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-10 - Adam Gowdiak discovered multiple vulnerabilities in the Java Runtime Environment's Reflection APIs that may allow untrusted applets to elevate privileges. Versions less than 1.4.2.09 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4218 | | Last Modified: | Jan 22 00:56:35 2006 |
| MD5 Checksum: | 864ded9758612470ea0c0852d6d9ffbb |
|
| /// File Name: |
glsa-200601-11.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-11 - Maksim Orlovich discovered an incorrect bounds check in kjs when handling URIs. Versions less than 3.4.3-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2742 | | Last Modified: | Jan 25 09:31:02 2006 |
| MD5 Checksum: | 9a77663768cfd3a1f5ad681c82f30094 |
|
| /// File Name: |
glsa-200601-12.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-12 - Christophe Truc discovered that Trac fails to properly sanitize input passed in the URL. Versions less than 0.9.3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2734 | | Last Modified: | Jan 27 07:46:19 2006 |
| MD5 Checksum: | 20d6daeceb53b5ef8cbcb604eb1c34df |
|
| /// File Name: |
glsa-200601-13.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-13 - Peter Schumacher discovered that Gallery fails to sanitize the fullname set by users, possibly leading to a cross-site scripting vulnerability. Versions less than 1.5.2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3232 | | Last Modified: | Jan 27 07:46:09 2006 |
| MD5 Checksum: | ee2eaba254a342d1faad59ff80a1983f |
|
| /// File Name: |
glsa-200601-14.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-14 - Michael Jennings discovered an exploitable buffer overflow in the configuration engine of LibAST. Versions less than 0.7 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2625 | | Last Modified: | Jan 30 02:23:27 2006 |
| MD5 Checksum: | a0deb13fa89cb6641fea43edb09fc761 |
|
| /// File Name: |
glsa-200601-15.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-15 - Andrew Christensen discovered that in older versions of Paros the database component HSQLDB is installed with an empty password for the database administrator sa. Versions less than or equal to 3.2.5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2645 | | Last Modified: | Jan 30 02:24:03 2006 |
| MD5 Checksum: | 89c98e04f637d9f855db5e59f9aad074 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
