Section: .. / 0610-advisories /
| /// File Name: |
sa22324.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in OpenBSD's systrace, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information, cause a DoS (Denial of Service) and gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/22324/ | | File Size: | 2540 | | Last Modified: | Oct 9 19:01:07 2006 |
| MD5 Checksum: | 9745dfbdcfd2e5845c08aa252f0cea25 |
|
| /// File Name: |
sa22325.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Secure Global Desktop Software, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/22325/ | | File Size: | 2099 | | Last Modified: | Oct 9 19:01:07 2006 |
| MD5 Checksum: | a37e65f7416d839f19e7ac9c3309678a |
|
| /// File Name: |
sa22326.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Linksys WRT54GXv2, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/22326/ | | File Size: | 2260 | | Last Modified: | Oct 9 19:01:07 2006 |
| MD5 Checksum: | e08e5d6becfeabc74d07329125814fc5 |
|
| /// File Name: |
sa22330.txt |
Description:
|
Secunia Security Advisory - OpenBSD has issued an update for OpenSSL. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22330/ | | File Size: | 2142 | | Last Modified: | Oct 9 19:01:07 2006 |
| MD5 Checksum: | ecb035c23c34345e433777dce3b697de |
|
| /// File Name: |
MDKSA-2006-180.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-180 - An integer overflow was discovered in the PHP memory handling routines. If a script can cause memory allocation based on untrusted user data, a remote attacker sending a carefully crafted request could execute arbitrary code as the 'apache' user.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4213 | | Related CVE(s): | CVE-2006-4812 | | Last Modified: | Oct 9 00:10:59 2006 |
| MD5 Checksum: | 6d14c4619131e2f4239a801abaadbfa8 |
|
| /// File Name: |
TSRT-06-12.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates ARCserver Backup. Authentication is not required exploit this vulnerability and both the client and server are affected. The problem specifically exists within the handling of long messages received over the Mailslot named 'CheyenneDS'. As no explicit MaxMessageSize is supplied in the call to CreateMailslot, an attacker can cause an exploitable stack-based buffer overflow.
| | Author: | Pedram Amini | | Homepage: | http://www.tippingpoint.com/ | | File Size: | 3515 | | Related CVE(s): | CVE-2006-5142 | | Last Modified: | Oct 9 00:09:59 2006 |
| MD5 Checksum: | b774c7f50fe5eba9e9562c847a8b8a6b |
|
| /// File Name: |
TSRT-06-11.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup, Enterprise Backup, Server Protection Suite and Business Protection Suite. Authentication is not required to exploit this vulnerability and both client and servers are affected. The problem specifically exists within DBASVR.exe, the Backup Agent RPC Server. This service exposes a number of vulnerable RPC routines through a TCP endpoint with ID 88435ee0-861a-11ce-b86b-00001b27f656 on port 6071. The most trivial of the exposed vulnerabilities results in an exploitable stack overflow.
| | Author: | Pedram Amini | | Homepage: | http://www.tippingpoint.com/ | | File Size: | 2942 | | Related CVE(s): | CVE-2006-5143 | | Last Modified: | Oct 9 00:09:16 2006 |
| MD5 Checksum: | 4edad7ba52b64afcc4ab0f7a674bdc57 |
|
| /// File Name: |
ZDI-06-031.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup, Enterprise Backup, Server Protection Suite and Business Protection Suite. Authentication is not required to exploit this vulnerability. The problem specifically exists within ASCORE.dll, a DLL used by the Message Engine RPC server. This service exposes a heap overflow vulnerability through RPC opcode 43 (0x2b) and a stack overflow vulnerability through RPC opcode 45 (0x2d) on TCP port 6503 endpoint with ID dc246bf0-7a7a-11ce-9f88-00805fe43838. The flaws are exposed when passing long strings as the second parameter to either opcode.
| | Author: | livesploit.com | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3179 | | Related CVE(s): | CVE-2006-5143 | | Last Modified: | Oct 8 23:59:23 2006 |
| MD5 Checksum: | ade772e5243f4e4854d93208076f6c6a |
|
| /// File Name: |
ZDI-06-030.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup, Enterprise Backup, Server Protection Suite and Business Protection Suite. Authentication is not required to exploit this vulnerability and both client and servers are affected. The problem specifically exists within the discovery service which communicates initially over UDP port 41524 and then over TCP port 41523. Due to invalid bounds checking during TCP communications, a stack based buffer overflow may occur in ASBRDCST.DLL during a call to vsprintf().
| | Author: | livesploit.com | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3133 | | Related CVE(s): | CVE-2006-5143 | | Last Modified: | Oct 8 23:24:04 2006 |
| MD5 Checksum: | d4188ddc160454b7abaecbe3a3324682 |
|
| /// File Name: |
10.05.06.txt |
Description:
|
iDefense Security Advisory 10.05.06 - Local exploitation of a design error vulnerability in Symantec Corp. AntiVirus can allow an attacker to execute arbitrary code with kernel privileges. The vulnerability specifically exists due to improper address space validation when the NAVENG and NAVEX15 device drivers process IOCTL 0x222AD3, 0x222AD7, and 0x222ADB. An attacker can overwrite a user supplied address, including code segments, with a constant double word value by supplying a specially crafted Irp to the IOCTL handler function. iDefense has confirmed the existence of this vulnerability within version 10 of Symantec Client Security as of this writing. Previous versions, as well as relating products, which contain the NAVENG.SYS and NAVEX15.SYS drivers are suspected to be vulnerable as well.
| | Author: | Ruben Santamarta | | Homepage: | http://www.idefense.com | | File Size: | 3734 | | Related CVE(s): | CVE-2006-4927 | | Last Modified: | Oct 8 23:22:36 2006 |
| MD5 Checksum: | 0173f2475ead8ed40d2478d5326cdedf |
|
| /// File Name: |
ipb217.txt |
Description:
|
Invision Power Board versions 2.1.7 and below suffer from a flaw where an admin can be redirected and forced to execute SQL commands through IPB's SQL Toolbox.
| | Author: | Rapigator | | File Size: | 2006 | | Last Modified: | Oct 8 23:20:30 2006 |
| MD5 Checksum: | 904d9374f10de88bce3ce0d07358cced |
|
| /// File Name: |
linksysDoS-spa921.txt |
Description:
|
The Linksys SPA-921 VoIP desktop phone version 1.0.0 suffers from a denial of service condition.
| | Author: | Shawn Merdinger | | File Size: | 517 | | Last Modified: | Oct 8 23:06:59 2006 |
| MD5 Checksum: | 643943c56b81389f6fb8a7f741802191 |
|
| /// File Name: |
grandstreamDoS.txt |
Description:
|
The GrandStream GXP-2000 VoIP desktop phone version 1.1.0.5 suffers from a denial of service condition.
| | Author: | Shawn Merdinger | | File Size: | 727 | | Last Modified: | Oct 8 23:05:59 2006 |
| MD5 Checksum: | fd12dbc946a7f65411495f08cba852bc |
|
| /// File Name: |
polycomDoS.txt |
Description:
|
The PolyCom IP-301 VoIP desktop phone suffers from multiple denial of service issues.
| | Author: | Shawn Merdinger | | File Size: | 722 | | Last Modified: | Oct 8 23:04:46 2006 |
| MD5 Checksum: | 2817fa2a20e9c0c62c135cd5b620d58f |
|
| /// File Name: |
advisory_082006.132.txt |
Description:
|
Hardened-PHP Project Security Advisory - PHP's open_basedir feature is meant to disallow scripts to access files outside a set of configured base directories. The checks for this are placed within PHP functions dealing with files before the actual open call is performed. Obviously there is a little span of time between the check and the actual open call. During this time span the checked path could have been altered and point to a file that is forbidden to be accessed due to open_basedir restrictions. PHP versions 4 and 5 are affected by this.
| | Author: | Stefan Esser | | Homepage: | http://www.hardened-php.net/ | | File Size: | 5594 | | Last Modified: | Oct 8 22:19:30 2006 |
| MD5 Checksum: | 2cb900474805e78b77ed508b99ef68e4 |
|
| /// File Name: |
sa22225.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to conduct cross-site scripting and HTTP response smuggling attacks, bypass certain security restrictions, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22225/ | | File Size: | 2520 | | Last Modified: | Oct 8 16:37:03 2006 |
| MD5 Checksum: | f5fc0ea1370d434a8b5f2fbc8f6660ef |
|
| /// File Name: |
sa22228.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Support Tool ActiveX Control included in various Symantec products, which potentially can be exploited by malicious people to disclose system information or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22228/ | | File Size: | 3372 | | Last Modified: | Oct 8 16:37:03 2006 |
| MD5 Checksum: | e7a722768321e60cb4a668a20d6d7ffe |
|
| /// File Name: |
sa22265.txt |
Description:
|
Secunia Security Advisory - Shawn Merdinger has reported a vulnerability in the Grandstream GXP-2000 VoIP Desktop Phone, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/22265/ | | File Size: | 2248 | | Last Modified: | Oct 8 16:37:03 2006 |
| MD5 Checksum: | cfcb03c203a8120acb0d514f801fe4cd |
|
| /// File Name: |
sa22272.txt |
Description:
|
Secunia Security Advisory - Rapigator has reported a vulnerability in Invision Power Board, which can be exploited by malicious users to conduct cross-site request forgery attacks.
| | Homepage: | http://secunia.com/advisories/22272/ | | File Size: | 2397 | | Last Modified: | Oct 8 16:37:03 2006 |
| MD5 Checksum: | 7c7ef2db00be691b91e2d1c8eff656c5 |
|
| /// File Name: |
sa22276.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Python, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22276/ | | File Size: | 2296 | | Last Modified: | Oct 8 16:37:03 2006 |
| MD5 Checksum: | 038adfdcc3112774ad44c43038daca85 |
|
| /// File Name: |
sa22278.txt |
Description:
|
Secunia Security Advisory - XORON has reported a vulnerability in PhpMyTeam, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22278/ | | File Size: | 2304 | | Last Modified: | Oct 8 16:37:03 2006 |
| MD5 Checksum: | 1864280c8bc47a30a4e3e7e3784a40a5 |
|
| /// File Name: |
sa22279.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/22279/ | | File Size: | 2538 | | Last Modified: | Oct 8 16:37:03 2006 |
| MD5 Checksum: | e4e06b58e0481b5a22f4b4d9b52a03fe |
|
| /// File Name: |
sa22283.txt |
Description:
|
Secunia Security Advisory - Pedram Amini has reported a vulnerability in BrightStor ARCserver Backup, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22283/ | | File Size: | 2435 | | Last Modified: | Oct 8 16:37:03 2006 |
| MD5 Checksum: | 9ac9bceaae768852478dc2f3739c13cb |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
