Section: .. / 0604-advisories /
| /// File Name: |
R7-0022.txt |
Description:
|
Rapid7 Advisory R7-0022 Symantec Scan Engine Known Immutable DSA Private Key
| | Homepage: | http://www.rapid7.com | | File Size: | 5388 | | Last Modified: | Apr 26 02:56:53 2006 |
| MD5 Checksum: | bbed4e656163ee62d7fd9f5b8767dbef |
|
| /// File Name: |
R7-0021.txt |
Description:
|
Rapid7 Advisory R7-0021 Symantec Scan Engine Authentication Fundamental Design Error
| | Homepage: | http://www.rapid7.com | | File Size: | 12277 | | Last Modified: | Apr 26 02:55:53 2006 |
| MD5 Checksum: | c298108281941fdf491818d9e29de5d1 |
|
| /// File Name: |
R7-0019.txt |
Description:
|
Rapid7 Advisory R7-0019 - Directory traversal vulnerability in SolarWinds TFTP Server for Windows
| | Author: | Rapid7 | | Homepage: | http://www.rapid7.com/ | | File Size: | 2805 | | Last Modified: | Apr 26 02:54:26 2006 |
| MD5 Checksum: | 715a26816b8644679e481a15a83d0236 |
|
| /// File Name: |
EV0124.txt |
Description:
|
eVuln ID: EV0124 - RateIt 2.2 SQL Injection Vulnerability
| | Author: | Aliaksandr Hartsuyeu | | Homepage: | http://evuln.com/ | | File Size: | 1060 | | Last Modified: | Apr 26 02:51:54 2006 |
| MD5 Checksum: | ac087a6dad51b3f2c1702f069c3f6886 |
|
| /// File Name: |
EV0123.txt |
Description:
|
eVuln ID: EV0123: MWNewsletter 1.0.0b SQL Injection and XSS Vulnerabilities
| | Author: | Aliaksandr Hartsuyeu | | Homepage: | http://evuln.com/ | | File Size: | 1336 | | Last Modified: | Apr 26 02:51:10 2006 |
| MD5 Checksum: | 7d4ea96bb84505e57806b07ab4332b98 |
|
| /// File Name: |
EV0121.txt |
Description:
|
eVuln ID: EV0121: N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities
| | Author: | Aliaksandr Hartsuyeu | | Homepage: | http://evuln.com/ | | File Size: | 1412 | | Last Modified: | Apr 26 02:49:54 2006 |
| MD5 Checksum: | 7d9f90fd8ea209886ec2458867a9112e |
|
| /// File Name: |
EV0120.txt |
Description:
|
eVuln ID: EV0120 MD News version 1 suffers from SQL injection and authentication bypass vulnerabilities.
| | Author: | Aliaksandr Hartsuyeu | | Homepage: | http://evuln.com/ | | File Size: | 1228 | | Last Modified: | Apr 26 02:48:54 2006 |
| MD5 Checksum: | 03362c7a3a0eda4cc7ccb780dfc390f2 |
|
| /// File Name: |
EV0119.txt |
Description:
|
eVuln ID: EV0119 wpBlog version 0.4 suffers from SQL injection in index.php
| | Author: | Aliaksandr Hartsuyeu | | Homepage: | http://evuln.com/ | | File Size: | 1071 | | Last Modified: | Apr 26 02:47:55 2006 |
| MD5 Checksum: | 75e67262b21a7979ebb255627ef4c745 |
|
| /// File Name: |
MDKSA-2006-072.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-072: A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel:
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 7689 | | Last Modified: | Apr 26 02:39:51 2006 |
| MD5 Checksum: | 789f0e0e65c3f501cbc345c5d7205fdb |
|
| /// File Name: |
MDKSA-2006-075.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-075: A number of vulnerabilities have been discovered in the Mozilla Firefox browser that could allow a remote attacker to craft malicious web pages that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, cookies, or other information from web pages. As well, some of these vulnerabilities can be exploited to execute arbitrary code with the privileges of the user running the browser.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4966 | | Last Modified: | Apr 26 02:38:58 2006 |
| MD5 Checksum: | 5ae1da3102d8f3806aebddd65c669a3c |
|
| /// File Name: |
MDKSA-2006-073.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-073: A vulnerability in the CMU Cyrus Simple Authentication and Security Layer (SASL) library versions less than 2.1.21, has an unknown impact and remote unauthenticated attack vectors, related to DIGEST-MD5 negotiation. In practice, Marcus Meissner found it is possible to crash the cyrus-imapd daemon with a carefully crafted communication that leaves out "realm=..." in the reply or the initial server response.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 9688 | | Last Modified: | Apr 26 02:38:39 2006 |
| MD5 Checksum: | c2ddb34a209d55da611e8f72f22919dc |
|
| /// File Name: |
USN-271-1.txt |
Description:
|
Ubuntu Security Notice 271-1: Multiple vulnerabilities in mozilla-firefox.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 13507 | | Last Modified: | Apr 26 02:29:36 2006 |
| MD5 Checksum: | 6cbc0cdc92eeee5aa59929b1285bf330 |
|
| /// File Name: |
USN-273-1.txt |
Description:
|
Ubuntu Security Notice 273-1: Yukihiro Matsumoto reported that Ruby's HTTP module uses blocking sockets. By sending large amounts of data to a server application that uses this module, a remote attacker could exploit this to render this application unusable and not respond any more to other clients (Denial of Service).
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 34550 | | Last Modified: | Apr 26 02:29:31 2006 |
| MD5 Checksum: | 4077b51e8ad47359de0037d0fa228a18 |
|
| /// File Name: |
USN-272-1.txt |
Description:
|
Ubuntu Security Notice 272-1: A Denial of Service vulnerability has been discovered in the SASL authentication library when using the DIGEST-MD5 plugin. By sending a specially crafted realm name, a malicious SASL server could exploit this to crash the application that uses SASL.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 14464 | | Last Modified: | Apr 26 02:29:27 2006 |
| MD5 Checksum: | 44f3ea065872c8b716b6819f9c7333b2 |
|
| /// File Name: |
dsa-1042-1.txt |
Description:
|
Debian Security Advisory 1042-1: The Mu Security research team discovered a denial of service condition in the Simple Authentication and Security Layer authentication library (SASL) during DIGEST-MD5 negotiation. This potentially affects multiple products that use SASL DIGEST-MD5 authentication including OpenLDAP, Sendmail, Postfix, etc.
| | Homepage: | http://www.debian.org/security | | File Size: | 18258 | | Last Modified: | Apr 26 02:25:40 2006 |
| MD5 Checksum: | 947234b45d709dc6044c923ebad6b596 |
|
| /// File Name: |
dsa-1041-1.txt |
Description:
|
Debian Security Advisory 1041-1: Erik Sjölund discovered that abc2ps, a translator for ABC music description files into PostScript, does not check the boundaries when reading in ABC music files resulting in buffer overflows.
| | Homepage: | http://www.debian.org/security | | File Size: | 7743 | | Last Modified: | Apr 26 02:25:33 2006 |
| MD5 Checksum: | 93f7a580acf333fec23db94ab70c38ed |
|
| /// File Name: |
dsa-1040-1.txt |
Description:
|
Debian Security Advisory 1040-1: A vulnerability has been identified in gdm, a display manager for X, that could allow a local attacker to gain elevated privileges by exploiting a race condition in the handling of the .ICEauthority file.
| | Homepage: | http://www.debian.org/security | | File Size: | 5088 | | Last Modified: | Apr 26 02:25:22 2006 |
| MD5 Checksum: | cd3328064f2f7cb207c3109fbd4a5899 |
|
| /// File Name: |
dsa-1039-1.txt |
Description:
|
Debian Security Advisory 1039-1: Several vulnerabilities have been discovered in in blender, a very fast and versatile 3D modeler/renderer.
| | Homepage: | http://www.debian.org/security | | File Size: | 5500 | | Last Modified: | Apr 26 02:25:15 2006 |
| MD5 Checksum: | c12034de164aaa263e4748fbf78e9328 |
|
| /// File Name: |
dsa-1038-1.txt |
Description:
|
Debian Security Advisory 1038-1: Andrea Barisani discovered that xzgv, a picture viewer for X with a thumbnail-based selector, attempts to decode JPEG images within the CMYK/YCCK colour space incorrectly, which could lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 7557 | | Last Modified: | Apr 26 02:25:07 2006 |
| MD5 Checksum: | 60f1ff25dbb101be023c4245fa0709b6 |
|
| /// File Name: |
dsa-1037-1.txt |
Description:
|
Debian Security Advisory 1037-1: Andrea Barisani discovered that zgv, an svgalib graphics viewer, attempts to decode JPEG images within the CMYK/YCCK colour space incorrectly, which could lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 3744 | | Last Modified: | Apr 26 02:24:59 2006 |
| MD5 Checksum: | 649539fddad82ad3e13749c39b04a128 |
|
| /// File Name: |
sa19651.txt |
Description:
|
Secunia Security Advisory - r0t has reported some vulnerabilities in Net Clubs Pro, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/19651/ | | File Size: | 2030 | | Last Modified: | Apr 25 18:06:23 2006 |
| MD5 Checksum: | e7a272ef5eb2bb4c7f45eeeaed52938b |
|
| /// File Name: |
sa19684.txt |
Description:
|
Secunia Security Advisory - VietMafia has reported a vulnerability in I-Rater Platinum, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/19684/ | | File Size: | 1770 | | Last Modified: | Apr 25 18:06:23 2006 |
| MD5 Checksum: | 8d53314f9543e5affa9c9112e3cd08c2 |
|
| /// File Name: |
sa19686.txt |
Description:
|
Secunia Security Advisory - Tom Ferris has reported some potential vulnerabilities in Mac OS X, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19686/ | | File Size: | 2801 | | Last Modified: | Apr 25 18:06:23 2006 |
| MD5 Checksum: | 1614ef20bf03d0911c71bf70decd9b5f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
