Section: .. / 0607-advisories /
| /// File Name: |
sa20897.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for Opera. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system or to display the SSL certificate from a trusted site on an untrusted site.
| | Homepage: | http://secunia.com/advisories/20897/ | | File Size: | 3941 | | Last Modified: | Jul 4 05:54:18 2006 |
| MD5 Checksum: | 4e998f3b3b2fc2127ba95bd812139af0 |
|
| /// File Name: |
sa20890.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for kdebase3-kdm. This fixes a vulnerability, which can be exploited by malicious, local users to gain knowledge of sensitive information.
| | Homepage: | http://secunia.com/advisories/20890/ | | File Size: | 3940 | | Last Modified: | Jul 4 05:53:37 2006 |
| MD5 Checksum: | 8dc72d73bcbc76f5a1519e4509d03250 |
|
| /// File Name: |
secunia-XPCOM.txt |
Description:
|
Secunia Research has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an memory corruption error within the handling of simultaneously happening XPCOM events resulting in the use of a deleted timer object. Successful exploitation allows execution of arbitrary code. Versions below 1.5.0.5 are susceptible.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 3939 | | Related CVE(s): | CVE-2006-3113 | | Last Modified: | Jul 27 23:24:45 2006 |
| MD5 Checksum: | bde6b1169cfc76eb2977349723567c93 |
|
| /// File Name: |
sa18966.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in VisNetic Mail Server, which can be exploited by malicious users and by malicious people to disclose potentially sensitive information and to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18966/ | | File Size: | 3915 | | Last Modified: | Jul 17 03:39:34 2006 |
| MD5 Checksum: | 3fb5f809d3010a085c1d7c14145da2d9 |
|
| /// File Name: |
sa21010.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21010/ | | File Size: | 3896 | | Last Modified: | Jul 12 03:20:23 2006 |
| MD5 Checksum: | fbbd2ef86abad9181e5fdba0c1f05feb |
|
| /// File Name: |
nst-24.txt |
Description:
|
Graffiti Forums version 1.0 suffers from SQL injection vulnerabilities.
| | Author: | Paisterist | | Homepage: | http://www.neosecurityteam.net/ | | File Size: | 3824 | | Last Modified: | Jul 12 04:09:08 2006 |
| MD5 Checksum: | 2b4b878fc415927a205a667daf074ec7 |
|
| /// File Name: |
USN-321-1.txt |
Description:
|
Ubuntu Security Notice 321-1 - Jean-David Maillefer discovered a format string bug in the date_format() function's error reporting. By calling the function with invalid arguments, an authenticated user could exploit this to crash the server.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 3822 | | Related CVE(s): | CVE-2006-3469 | | Last Modified: | Jul 24 00:55:43 2006 |
| MD5 Checksum: | eaa93b60759dd9f23239c1904a434a9f |
|
| /// File Name: |
MDKSA-2006-119.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-119 - Marcus Meissner discovered that pppd's winbind plugin did not check for the result of the setuid() call which could allow an attacker to exploit this on systems with certain PAM limits enabled to execute the NTLM authentication helper as root. This could possibly lead to privilege escalation dependent upon the local winbind configuration.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 3774 | | Related CVE(s): | CVE-2006-2194 | | Last Modified: | Jul 12 05:10:23 2006 |
| MD5 Checksum: | 3b48e0ee721a6e265751c2686b2998fe |
|
| /// File Name: |
RocksClusters-4.1.txt |
Description:
|
Rocks Clusters versions less than or equal to 4.1 is vulnerable to local root privilege escalation due to improper validating of arguments in two of its suid and world executable binaries, "mount-loop" and "umount-loop".
| | Author: | Xavier | | Homepage: | http://xavier.tigerteam.se/ | | File Size: | 3759 | | Last Modified: | Jul 18 17:19:56 2006 |
| MD5 Checksum: | 49d88b2596e04d63c901b427eb8af22c |
|
| /// File Name: |
MDKSA-2006-115.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-115 - A stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 3746 | | Related CVE(s): | CAN-2006-3242 | | Last Modified: | Jul 2 03:13:50 2006 |
| MD5 Checksum: | 0d81d64d3455a97205efb135418d0b1d |
|
| /// File Name: |
major_rls26.txt |
Description:
|
Woltlab Burning Board suffers from multiple cookie manipulation and session fixation flaws. Versions found affected are 1.1.1, 1.2, 2.1.3, 2.1.5, 2.2, 2.2.1, and 2.2.2. Others may also be affected.
| | Author: | David "Aesthetico" Vieira-Kurz | | Homepage: | http://www.majorsecurity.de | | File Size: | 3746 | | Last Modified: | Jul 26 03:01:47 2006 |
| MD5 Checksum: | 8b4a96a83f60bda479fd6ccd7f64a99f |
|
| /// File Name: |
AD20060711.txt |
Description:
|
An array boundary condition in Microsoft Office may be violated by a malicious .xls file in order to redirect execution into attacker-supplied data. Exploitation requires that the attacker coerce or persuade the victim to open a malicious .xls file. Affected products include Microsoft Office 2000 SP3, XP SP3, 2003 SP1/SP2, and possibly others.
| | Author: | Sowhat | | Homepage: | http://secway.org/ | | File Size: | 3700 | | Related CVE(s): | CVE-2006-1306 | | Last Modified: | Jul 12 05:36:54 2006 |
| MD5 Checksum: | a9df03e1831592422714c1cee8a743b6 |
|
| /// File Name: |
sa20911.txt |
Description:
|
Secunia Security Advisory - Three vulnerabilities have been reported in StarOffice, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/20911/ | | File Size: | 3680 | | Last Modified: | Jul 4 05:53:37 2006 |
| MD5 Checksum: | debf777ae671c0ebc37d0e67b1dc0e4e |
|
| /// File Name: |
sa20964.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for libmms. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/20964/ | | File Size: | 3671 | | Last Modified: | Jul 8 05:35:52 2006 |
| MD5 Checksum: | 715517eb12752b9984b1fa224493426d |
|
| /// File Name: |
sa21119.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/21119/ | | File Size: | 3597 | | Last Modified: | Jul 20 03:49:23 2006 |
| MD5 Checksum: | cce18736619e82a0af6577ad58eca157 |
|
| /// File Name: |
sa20962.txt |
Description:
|
Secunia Security Advisory - rgod has discovered some vulnerabilities in Pivot, which can be exploited by malicious users to bypass certain security restrictions and compromise a vulnerable system, and by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/20962/ | | File Size: | 3595 | | Last Modified: | Jul 12 03:20:23 2006 |
| MD5 Checksum: | eb061dc927b7bb048cceaf335940eba0 |
|
| /// File Name: |
SA2006-07.txt |
Description:
|
The NSFocus Security Team discovered a remote denial of service vulnerability in ISS RealSecure/BlackICE product lines' detection of the MailSlot Heap Overflow as discussed in MS06-035.
| | Author: | Chen Qing | | Homepage: | http://www.nsfocus.com/ | | File Size: | 3593 | | Related CVE(s): | CVE-2006-3840 | | Last Modified: | Jul 27 23:19:00 2006 |
| MD5 Checksum: | c4b7da5cb6a1bb73e20f9661c46d3c5a |
|
| /// File Name: |
sa21066.txt |
Description:
|
Secunia Security Advisory - DarkFig has discovered some vulnerabilities in boastMachine, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks or gain knowledge of sensitive information and by malicious users to conduct SQL injection attacks or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21066/ | | File Size: | 3576 | | Last Modified: | Jul 18 16:56:43 2006 |
| MD5 Checksum: | b5554591c53f7b148ab7479f19468eeb |
|
| /// File Name: |
secunia-AutoVue.txt |
Description:
|
Secunia Research has discovered a vulnerability in AutoVue SolidModel Professional Desktop Edition, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the handling of ARJ, RAR, and ZIP archives. This can be exploited to cause a stack-based buffer overflow when a malicious archive containing a file with an overly long filename is opened. Successful exploitation allows execution of arbitrary code. AutoVue SolidModel Professional Desktop Edition version 19.1 Build 5993 is affected. Other versions may also be affected.
| | Author: | Tan Chew Keong | | Homepage: | http://secunia.com/ | | File Size: | 3570 | | Related CVE(s): | CVE-2006-3350 | | Last Modified: | Jul 27 21:54:29 2006 |
| MD5 Checksum: | c224b91fd18fa7800c8b62df0d7b94fb |
|
| /// File Name: |
sa20987.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for ppp. This fixes a vulnerability, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/20987/ | | File Size: | 3536 | | Last Modified: | Jul 12 03:20:23 2006 |
| MD5 Checksum: | bddaa912bdc65b37d396c74ef8a5ed06 |
|
| /// File Name: |
scip-2351.txt |
Description:
|
Kyberna AG ky2help is susceptible to SQL injection attacks.
| | Author: | Marc Ruef | | Homepage: | http://www.scip.ch/ | | File Size: | 3524 | | Last Modified: | Jul 9 06:48:57 2006 |
| MD5 Checksum: | c2ac86924ebbf059ddc9a8f66ef78a8b |
|
| /// File Name: |
sa20899.txt |
Description:
|
Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix some vulnerabilities and security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges, and by malicious people to cause a DoS (Denial of Service), bypass certain security restrictions, or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20899/ | | File Size: | 3499 | | Last Modified: | Jul 4 05:53:37 2006 |
| MD5 Checksum: | 6815edadc1540628aab30c1e29ee002a |
|
| /// File Name: |
secunia-BitZipper.txt |
Description:
|
Secunia Research has discovered a vulnerability in BitZipper, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in UNACEV2.DLL when extracting an ACE archive containing a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when a user extracts a specially crafted ACE archive. BitZipper version 4.1 SR-1 is affected.
| | Homepage: | http://secunia.com/ | | File Size: | 3497 | | Related CVE(s): | CVE-2005-2856 | | Last Modified: | Jul 20 04:18:39 2006 |
| MD5 Checksum: | ceaea1cc244de9cdab7e77054f732258 |
|
| /// File Name: |
sa21159.txt |
Description:
|
Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix some vulnerabilities where some have an unknown impact, and others can be exploited by malicious people to bypass certain security restrictions, disclose various information, or cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/21159/ | | File Size: | 3476 | | Last Modified: | Jul 26 01:33:34 2006 |
| MD5 Checksum: | c87bdec9f1ef3ee866d8bebec61afc34 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
