Section: .. / 0606-advisories /
| /// File Name: |
CyBoards-1.25.txt |
Description:
|
CyBoards PHP Lite v1.25 suffer from a remote file inclusion vulnerability in common.php.
| | Homepage: | http://wWw.SaVSaK.CoM | | File Size: | 614 | | Last Modified: | Jun 11 05:07:18 2006 |
| MD5 Checksum: | 4a317289486c1cae1d92967c4a9bdb0c |
|
| /// File Name: |
Dell-Openmanage.txt |
Description:
|
The Dell OpenManage boot cd starts up a SSH server that allows passwordless login in addition to running an X server that accepts connections from anywhere.
| | Author: | wiz561 | | File Size: | 887 | | Last Modified: | Jun 14 06:14:36 2006 |
| MD5 Checksum: | 360fc8226d4a7d37b3a6e5abceb7d40f |
|
| /// File Name: |
dellOpen.txt |
Description:
|
The Dell PowerEdge Installation and Server Management Disc boots a system with X11 open to the world and sshd spawned that allows anyone access.
| | Author: | Mike | | File Size: | 1028 | | Last Modified: | Jun 12 09:40:07 2006 |
| MD5 Checksum: | b3b283e66f0049194bf84f1d5944e17f |
|
| /// File Name: |
DRUPAL-SA-2006-005.txt |
Description:
|
Drupal security advisory DRUPAL-SA-2006-005: A security vulnerability in the database layer allowed certain queries to be submitted to the database without going through Drupal's query sanitizer.
| | Author: | Uwe Hermann | | Homepage: | http://drupal.org/security | | File Size: | 2026 | | Last Modified: | Jun 3 06:21:22 2006 |
| MD5 Checksum: | 34f3d794cb2ffae1f36056909dc2b876 |
|
| /// File Name: |
DRUPAL-SA-2006-006.txt |
Description:
|
Drupal security advisory DRUPAL-SA-2006-006: Certain -- alas, typical -- configurations of Apache allow execution of carefully named arbitrary scripts in the files directory. Drupal now will attempt to automatically create a .htaccess file in your "files" directory to protect you.
| | Author: | Uwe Hermann | | Homepage: | http://drupal.org/security | | File Size: | 2169 | | Last Modified: | Jun 3 06:18:59 2006 |
| MD5 Checksum: | ee0e7bbcaacd9d55083ac6ad2676e689 |
|
| /// File Name: |
DRUPAL-SA-2006-007.txt |
Description:
|
Drupal security advisory DRUPAL-SA-2006-007: Recently, the Drupal security team was informed of a potential exploit that would allow untrusted code to be executed upon a successful request by a malicious user. If a dynamic script with multiple extensions such as file.php.pps or file.sh.txt is uploaded and then accessed from a web browser under certain common Apache configurations, it will cause the script inside to be executed. We deemed this exploit critical and released Drupal 4.6.7 and 4.7.1 six hours after the report was filed. The fix was to create a .htaccess file to remove all dynamic script handlers, such as PHP, from the "files" directory.
| | Author: | Uwe Hermann | | Homepage: | http://drupal.org/security | | File Size: | 3799 | | Last Modified: | Jun 3 06:19:45 2006 |
| MD5 Checksum: | 2a54a65484f220d3d3d64521c05cfa2d |
|
| /// File Name: |
DRUPAL-SA-2006-008.txt |
Description:
|
Drupal security advisory DRUPAL-SA-2006-008: Bart Jansens reported that it is possible for a malicious user to insert and execute XSS into free tagging terms, due to lack of validation on output of the page title. The fix wraps the display of terms in check_plain().
| | Author: | Uwe Hermann | | Homepage: | http://drupal.org/security | | File Size: | 2155 | | Last Modified: | Jun 3 06:20:18 2006 |
| MD5 Checksum: | f5a678d3c77700484b9404f1451dc065 |
|
| /// File Name: |
dsa-1083-1.txt |
Description:
|
Debian Security Advisory 1083-1: Mehdi Oudad and Kevin Fernandez discovered a buffer overflow in the ktools library which is used in motor, an integrated development environment for C, C++ and Java, which may lead local attackers to execute arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 9672 | | Last Modified: | Jun 1 03:37:56 2006 |
| MD5 Checksum: | d82a081006865d96c7c219246d6fcb47 |
|
| /// File Name: |
dsa-1084-1.txt |
Description:
|
Debian Security Advisory 1084-1: Niko Tyni discovered a buffer overflow in the processing of network data in typespeed, a game for testing and improving typing speed, which could lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 7860 | | Last Modified: | Jun 1 03:38:04 2006 |
| MD5 Checksum: | d1a204d1019ece251b22eef5fc20d018 |
|
| /// File Name: |
dsa-1085-1.txt |
Description:
|
Debian Security Advisory 1085-1: Several vulnerabilities have been discovered in lynx, the popular text-mode WWW browser.
| | Homepage: | http://www.debian.org/security | | File Size: | 8691 | | Last Modified: | Jun 3 06:11:26 2006 |
| MD5 Checksum: | 35151773e081df90c80c50a2857af8e2 |
|
| /// File Name: |
dsa-1086-1.txt |
Description:
|
Debian Security Advisory 1086-1: The xmcdconfig creates directories world-writeable allowing local users to fill the /usr and /var partition and hence cause a denial of service. This problem has been half-fixed since version 2.3-1.
| | Homepage: | http://www.debian.org/security | | File Size: | 11075 | | Last Modified: | Jun 3 06:11:35 2006 |
| MD5 Checksum: | afbb455a944da6519866e5eef44f37c0 |
|
| /// File Name: |
dsa-1088-1.txt |
Description:
|
Debian Security Advisory 1088-1 - Mehdi Oudad and Kevin Fernandez discovered a buffer overflow in the ktools library which is used in centericq, a text-mode multi-protocol instant messenger client, which may lead local or remote attackers to execute arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 13943 | | Related CVE(s): | CVE-2005-3863 | | Last Modified: | Jun 5 10:24:01 2006 |
| MD5 Checksum: | 599bdc83a413a56b5cb984c1df3dbd5a |
|
| /// File Name: |
dsa-1090-1.txt |
Description:
|
Debian Security Advisory 1090-1: A vulnerability has been discovered in SpamAssassin, a Perl-based spam filter using text analysis, that can allow remote attackers to execute arbitrary commands.
| | Homepage: | http://www.debian.org/security | | File Size: | 5568 | | Last Modified: | Jun 11 04:18:12 2006 |
| MD5 Checksum: | 7104c4714e63c36f2d0e19bbfa6eacb8 |
|
| /// File Name: |
dsa-1091-1.txt |
Description:
|
Debian Security Advisory 1091-1: Several problems have been discovered in the TIFF library.
| | Homepage: | http://www.debian.org/security | | File Size: | 18748 | | Last Modified: | Jun 11 04:17:37 2006 |
| MD5 Checksum: | 742f82e0c7aa1bad6f685faf531ae3cc |
|
| /// File Name: |
dsa-1092-1.txt |
Description:
|
Debian Security Advisory 1092-1: Josh Berkus and Tom Lane discovered that MySQL 4.1, a popular SQL database, incorrectly parses strings escaped with mysql_real_escape() which could lead to SQL injection. This problem does only exist in versions 4.1 and 5.0.
| | Homepage: | http://www.debian.org/security | | File Size: | 11968 | | Last Modified: | Jun 11 04:17:44 2006 |
| MD5 Checksum: | 4da430dcb9ea283da945b874bd545f8a |
|
| /// File Name: |
dsa-1093-1.txt |
Description:
|
Debian Security Advisory 1093-1: Several format string vulnerabilities have been discovered in xine-ui, the user interface of the xine video player, which may cause a denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 4941 | | Last Modified: | Jun 11 04:17:50 2006 |
| MD5 Checksum: | a5e6d1690242748786265df2c0dff0a6 |
|
| /// File Name: |
dsa-1094-1.txt |
Description:
|
Debian Security Advisory 1094-1: Joxean Koret discovered several cross-site scripting vulnerabilities in Gforge, an online collaboration suite for software development, which allow injection of web script code.
| | Homepage: | http://www.debian.org/security | | File Size: | 5209 | | Last Modified: | Jun 11 04:17:57 2006 |
| MD5 Checksum: | de1732dd0c480a9a3e736a4938963d75 |
|
| /// File Name: |
dsa-1095-1.txt |
Description:
|
Debian Security Advisory 1095-1: Several problems have been discovered in the FreeType 2 font engine.
| | Homepage: | http://www.debian.org/security | | File Size: | 16056 | | Last Modified: | Jun 11 04:18:04 2006 |
| MD5 Checksum: | 494845561c6b8fb29dfa26debccefece |
|
| /// File Name: |
dsa-1096-1.txt |
Description:
|
Debian Security Advisory 1096-1: A vulnerability has been discovered in webcalendar, a PHP-based multi-user calendar, that allows a remote attacker to execute arbitrary PHP code when register_globals is turned on.
| | Homepage: | http://www.debian.org/security | | File Size: | 3173 | | Last Modified: | Jun 14 06:43:31 2006 |
| MD5 Checksum: | 5908adc8d70e333c73540af9b8771c39 |
|
| /// File Name: |
dsa-1097-1.txt |
Description:
|
Debian Security Advisory 1097-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 36495 | | Related CVE(s): | CVE-2006-0038, CVE-2006-0039, CVE-2006-0741, CVE-2006-0742, CVE-2006-1056, CVE-2006-1242, CVE-2006-1343, CVE-2006-1368, CVE-2006-1524, CVE-2006-1525, CVE-2006-1857, CVE-2006-1858, CVE-2006-1864, CVE-2006-2271, CVE-2006-2272, CVE-2006-2274 | | Last Modified: | Jun 21 09:56:55 2006 |
| MD5 Checksum: | 5b1fe16837929aa49489a2f857d32205 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
