Section: .. / 0601-advisories /
| /// File Name: |
sa18618.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for phpMyAdmin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18618/ | | File Size: | 3857 | | Last Modified: | Jan 27 07:43:36 2006 |
| MD5 Checksum: | 1ff067d1e0b000a5a9fe1323b523a695 |
|
| /// File Name: |
sa18611.txt |
Description:
|
Secunia Security Advisory - kcope has discovered a vulnerability in Mercury Mail Transport System, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18611/ | | File Size: | 2030 | | Last Modified: | Jan 27 07:43:36 2006 |
| MD5 Checksum: | 15960496381c58f408e2d9bb90adbfc4 |
|
| /// File Name: |
sa18590.txt |
Description:
|
Secunia Security Advisory - Peter Winter-Smith of NGSSoftware has reported a vulnerability in Red Hat Directory Server and Red Hat Certificate System, which can be exploited by malicious, local users to gain escalated privileges and potentially by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18590/ | | File Size: | 2745 | | Last Modified: | Jan 27 07:43:36 2006 |
| MD5 Checksum: | 4f4ad7080931938d39a30a2c8c89da7d |
|
| /// File Name: |
sa18616.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for ipsec-tools. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18616/ | | File Size: | 2115 | | Last Modified: | Jan 26 11:07:43 2006 |
| MD5 Checksum: | de18aee016fa0f13f7ebb1c725007a53 |
|
| /// File Name: |
sa18615.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Sun StorEdge Enterprise Backup and Solstice Backup, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18615/ | | File Size: | 2349 | | Last Modified: | Jan 26 11:07:43 2006 |
| MD5 Checksum: | 0417b0506d8b818d6d26ea435055e879 |
|
| /// File Name: |
sa18613.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Cisco IOS, which can be exploited by malicious, local users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/18613/ | | File Size: | 2520 | | Last Modified: | Jan 26 11:07:43 2006 |
| MD5 Checksum: | a756f85273946818527ff2c7fe34e5af |
|
| /// File Name: |
sa18612.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mailman. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18612/ | | File Size: | 4265 | | Last Modified: | Jan 26 11:07:43 2006 |
| MD5 Checksum: | 6f09570443f3f9491b2dd9ef134c1e63 |
|
| /// File Name: |
sa18602.txt |
Description:
|
Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered a vulnerability in ExpressionEngine, which can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/18602/ | | File Size: | 1954 | | Last Modified: | Jan 26 11:07:43 2006 |
| MD5 Checksum: | c49ebec8dd5a9faa7f928fc2085dd1dd |
|
| /// File Name: |
sa18597.txt |
Description:
|
Secunia Security Advisory - matrix_killer has discovered two vulnerabilities in Phpclanwebsite, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/18597/ | | File Size: | 1863 | | Last Modified: | Jan 26 11:07:43 2006 |
| MD5 Checksum: | 20b6dcf395ebc7c37e0c349585bbe482 |
|
| /// File Name: |
sa18596.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged a vulnerability in Predictive Dialing System (PDS), which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/18596/ | | File Size: | 1652 | | Last Modified: | Jan 26 11:07:43 2006 |
| MD5 Checksum: | cc19aab126513aa7ceb1a195f691d8a9 |
|
| /// File Name: |
fireclicking.txt |
Description:
|
Using custom Microsoft Agent characters it is possible to cover any kind of windows, including security or download dialogs. This is an expected feature of the Microsoft Agent control. Because custom characters are fully scriptable, can have any kind of shape and are downloaded automatically, this can be used as a flexible tool to cover and/or spoof any kind of window and lure the user to execute arbitrary code by performing one or two clicks (depending on security zone configuration and Windows version).
| | Author: | Michael Krax | | Homepage: | http://www.mikx.de/fireclicking/ | | File Size: | 3217 | | Last Modified: | Jan 26 10:43:21 2006 |
| MD5 Checksum: | 64aab85262376be4b710a7ace4d6f5f4 |
|
| /// File Name: |
rh-servers.txt |
Description:
|
Peter Winter-Smith of NGSSoftware has discovered a high risk vulnerability in Red Hat Directory Server and Red Hat Certificate Server. It is possible that under certain circumstances these flaws could permit an unauthenticated attacker to remotely compromise the Directory or Certificate server, in other circumstances this flaw could facilitate local privilege escalation to root.
| | Author: | NGSSoftware Insight Security Research | | Homepage: | http://www.ngssoftware.com | | File Size: | 2701 | | Last Modified: | Jan 26 10:25:21 2006 |
| MD5 Checksum: | 29d4e8fe239421f630edef10147905a8 |
|
| /// File Name: |
Claroline1.7.2-sso.txt |
Description:
|
Unavailable.
| | File Size: | 1212 | | Last Modified: | Jan 26 10:12:38 2006 |
| MD5 Checksum: | 2b6035bd83310fc5882bfa6f8ec52726 |
|
| /// File Name: |
RockLiffe-wconsole.txt |
Description:
|
RockLiffe MailSite wconsole.dll Denial of Service/Script Injection Vulnerability
| | Author: | OS2A BTO | | File Size: | 2544 | | Last Modified: | Jan 26 10:08:27 2006 |
| MD5 Checksum: | 2b7108096bd59ca020a0f100a2e18d0f |
|
| /// File Name: |
msvc-featurebug.txt |
Description:
|
MSVC 6.0 run file bug - Generally authors offer code as a project with source, headers, and msvc project files if it is a fairly big project. Most users will simply open up the project.dsw file, ( especialy if it says to do so in a readme.txt or other compiler instructions ) which in turn loads the project.dsp files, which provides the compiler directives. A malicious attacker could embed commands to be executed in the project files, and execute any local code of his choosing.
| | Author: | Morning Wood | | Homepage: | http://exploitlabs.com/ | | Related Exploit: | msvc-featurebug-POC.zip | | File Size: | 2853 | | Last Modified: | Jan 26 07:03:41 2006 |
| MD5 Checksum: | 0c248cd49ab8ad3ee57aa294c53a01a9 |
|
| /// File Name: |
dsa-955-1.txt |
Description:
|
Debian Security Advisory DSA 955-1 - Two denial of service bugs were found in the mailman list server. In one, attachment filenames containing UTF8 strings were not properly parsed, which could cause the server to crash. In another, a message containing a bad date string could cause a server crash.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 5179 | | Last Modified: | Jan 26 06:12:15 2006 |
| MD5 Checksum: | 3700e7de87f9033c7a5bda74941ef3de |
|
| /// File Name: |
dsa-947-2.txt |
Description:
|
Debian Security Advisory DSA 947-2 - A heap overflow has been discovered in ClamAV, a virus scanner, which could allow an attacker to execute arbitrary code by sending a carefully crafted UPX-encoded executable to a system runnig ClamAV. In addition, other potential overflows have been corrected.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 3663 | | Last Modified: | Jan 26 06:10:43 2006 |
| MD5 Checksum: | 33920a0de2e3661f67dba0311d846313 |
|
| /// File Name: |
SUSE-SA-2006-003.txt |
Description:
|
SUSE Security Announcement - Maksim Orlovich discovered a bug in the JavaScript interpreter used by Konqueror. UTF-8 encoded URLs could lead to a buffer overflow that causes the browser to crash or execute arbitrary code. Attackers could trick users into visiting specially crafted web sites that exploit this bug (CVE-2006-0019).
| | Author: | Ludwig Nussel | | Homepage: | http://www.suse.com | | File Size: | 16441 | | Last Modified: | Jan 26 06:06:08 2006 |
| MD5 Checksum: | d4aa6a76a958cfcb774a256f84cd94a1 |
|
| /// File Name: |
sa18609.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18609/ | | File Size: | 2483 | | Last Modified: | Jan 25 18:27:50 2006 |
| MD5 Checksum: | c6d5bbe9fa4743ae3a77aac253a3d073 |
|
| /// File Name: |
sa18608.txt |
Description:
|
Secunia Security Advisory - HP has acknowledged some vulnerabilities and security issues in HP OfO (Oracle for Openview), which can be exploited with unknown impact, to gain knowledge of certain information, overwrite arbitrary files, and to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/18608/ | | File Size: | 2019 | | Last Modified: | Jan 25 18:27:50 2006 |
| MD5 Checksum: | ac06d66db2d896a4419111f242984e47 |
|
| /// File Name: |
sa18607.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for imagemagick. This fixes two vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18607/ | | File Size: | 11757 | | Last Modified: | Jan 25 18:27:50 2006 |
| MD5 Checksum: | 4c493cffe9ab9f48db5894fbcb7ee853 |
|
| /// File Name: |
sa18606.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for flyspray. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/18606/ | | File Size: | 2323 | | Last Modified: | Jan 25 18:27:50 2006 |
| MD5 Checksum: | 6b0575668d12ca6a09dc274c1c68f6e2 |
|
| /// File Name: |
sa18605.txt |
Description:
|
Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered a security issue in Text Rider, which can be exploited by malicious people to disclose sensitive information and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18605/ | | File Size: | 2121 | | Last Modified: | Jan 25 18:27:50 2006 |
| MD5 Checksum: | f42fc1826339a4a4d0e63dd9798ba514 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
