Section: .. / 0610-advisories /
| /// File Name: |
youtube-xss.txt |
Description:
|
YouTube.com suffers from a cross site scripting flaw in the hidden form field "field_sendmessage_subject".
| | Author: | Darren Bounds | | File Size: | 1790 | | Last Modified: | Oct 4 16:46:55 2006 |
| MD5 Checksum: | aa5f6f440fc22efc83e34c0f130bb0c1 |
|
| /// File Name: |
MacOSXMach.txt |
Description:
|
MacOS X uses Mach exception ports to support the CrashReporter "Application Quit Unexpectedly" dialog, Problem Report dialog, process debugging, and crash dumps logs. On vulnerable operating systems, attackers can exploit the inheritance of Mach exception ports to inject code into SUID processes, allowing nonprivileged users to assume root privileges.
| | Author: | Matasano Advisories | | Homepage: | http://www.matasano.com | | File Size: | 2731 | | Last Modified: | Oct 4 16:20:08 2006 |
| MD5 Checksum: | 8b4c848acd2ace2a1e37dc5a91bfaeb6 |
|
| /// File Name: |
MU-200609-01.txt |
Description:
|
Mu Security Advisory: Multiple Pre-Authentication Vulnerabilities in MailEnable SMTP [MU-200609-01]
| | Homepage: | http://labs.musecurity.com/ | | File Size: | 2897 | | Last Modified: | Oct 4 16:18:17 2006 |
| MD5 Checksum: | c02c7abd753073b80b15682a4fb34b0b |
|
| /// File Name: |
rPSA-2006-0176-1.txt |
Description:
|
rPath Security Advisory: 2006-0176-1: Previous versions of the openldap package contain a slapd daemon which allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN), a privilege escalation vulnerability.
| | Homepage: | http://www.rpath.com | | File Size: | 976 | | Last Modified: | Oct 4 16:17:35 2006 |
| MD5 Checksum: | e3ec7508e2709480ce4b7e505c0157f6 |
|
| /// File Name: |
rPSA-2006-0175-2.txt |
Description:
|
rPath Security Advisory: 2006-0175-2 Previous versions of the openssl package are vulnerable to multiple attacks. Three of the vulnerabilities are denials of service, but the other is a buffer overflow that is expected to create remote unauthorized access vulnerabilities in other applications. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
| | Homepage: | http://www.rpath.com | | File Size: | 1835 | | Last Modified: | Oct 4 16:17:01 2006 |
| MD5 Checksum: | 902c8d97479182bc95a55e9ba90786b6 |
|
| /// File Name: |
SiteScope8.2.txt |
Description:
|
SiteScope 8.2 (8.1.2.0) suffers from a flaw that can allow an attacker to conduct cross site scripting attacks.
| | Author: | ozkan.aziz | | Homepage: | http://Whitehat.org.uk | | File Size: | 1637 | | Last Modified: | Oct 4 16:16:14 2006 |
| MD5 Checksum: | 8cde971ad8f392dbf489d2ba5b987e35 |
|
| /// File Name: |
JoomlaBSQ.txt |
Description:
|
Secunia Research 29/09/2006: Joomla BSQ Sitestats Component Multiple Vulnerabilities
| | Homepage: | http://secunia.com/ | | File Size: | 5646 | | Last Modified: | Oct 4 16:11:19 2006 |
| MD5 Checksum: | bec7e11fcd3837ec94f390c475a2ff31 |
|
| /// File Name: |
PostNuke0.762.txt |
Description:
|
The admin section of PostNuke 0.762 suffers from a SQL injection flaw.
| | Author: | Omid | | Homepage: | http://www.hackers.ir/. | | File Size: | 2241 | | Last Modified: | Oct 4 15:34:23 2006 |
| MD5 Checksum: | fb3196ac8d6dfdf47b1c03715d7a3203 |
|
| /// File Name: |
bSpeak1.10.txt |
Description:
|
bSpeak 1.10 suffers from a cross site scripting vulnerability.
| | Author: | Prohibited | | File Size: | 573 | | Last Modified: | Oct 4 15:32:14 2006 |
| MD5 Checksum: | 363569bfba3a984cf3dd98ae7f89885e |
|
| /// File Name: |
SAP-ITS-xss.txt |
Description:
|
A cross site scripting vulnerability has been uncovered in SAP Internet Transaction Server Versions 6.1 and 6.2. This allows an attacker to submit a crafted link to users of the vulnerable Web application in order to abuse their trust and steal their authentication credentials or hijack their sessions when the targeted web site contains a login page.
| | Author: | ILION Research Labs | | File Size: | 1174 | | Last Modified: | Oct 4 15:06:50 2006 |
| MD5 Checksum: | f266e0cf909cd5d63f063e1bb1876216 |
|
| /// File Name: |
sa22188.txt |
Description:
|
Secunia Security Advisory - ShAnKaR has discovered a vulnerability in phpBB, which can be exploited by malicious users to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22188/ | | File Size: | 2364 | | Last Modified: | Oct 4 15:03:50 2006 |
| MD5 Checksum: | de9f423e0ebfefe85a799cca386ebace |
|
| /// File Name: |
sa22144.txt |
Description:
|
Secunia Security Advisory - mozi2weed has discovered a vulnerability in phpMyProfiler, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22144/ | | File Size: | 2282 | | Last Modified: | Oct 4 14:19:19 2006 |
| MD5 Checksum: | e281522d86af9256e4042bea8f5ecbd7 |
|
| /// File Name: |
sa22194.txt |
Description:
|
Secunia Security Advisory - Kacper has discovered a vulnerability in Travelsized CMS, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22194/ | | File Size: | 2165 | | Last Modified: | Oct 4 14:19:19 2006 |
| MD5 Checksum: | e83adac3cc66396c9825fada8f251bfb |
|
| /// File Name: |
sa22204.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun JDK / SDK, which potentially can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/22204/ | | File Size: | 2723 | | Last Modified: | Oct 4 14:19:19 2006 |
| MD5 Checksum: | 3cfc45620cc16e129e70f2169f0d2ff3 |
|
| /// File Name: |
sa22210.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to conduct man-in-the-middle, spoofing, and cross-site scripting attacks, and compromise a user's system.
| | Homepage: | http://secunia.com/advisories/22210/ | | File Size: | 2107 | | Last Modified: | Oct 4 14:19:19 2006 |
| MD5 Checksum: | e2b25f3c6e0e6746dfbc935be1ab61eb |
|
| /// File Name: |
sa22216.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Kolab Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22216/ | | File Size: | 2056 | | Last Modified: | Oct 4 14:19:19 2006 |
| MD5 Checksum: | efc8183d7ba4fd046997435e35b4cb50 |
|
| /// File Name: |
sa22226.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged a vulnerability in various products included in Solaris, which potentially can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/22226/ | | File Size: | 2174 | | Last Modified: | Oct 4 14:19:19 2006 |
| MD5 Checksum: | 463c29fdae6d803b25edec494537c218 |
|
| /// File Name: |
sa22227.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mailman. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks.
| | Homepage: | http://secunia.com/advisories/22227/ | | File Size: | 4677 | | Last Modified: | Oct 4 14:19:19 2006 |
| MD5 Checksum: | 95182de22759b7d9f0ad16f16abac75a |
|
| /// File Name: |
sa22229.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in CA Unicenter Web Services Distributed Management (WSDM), which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/22229/ | | File Size: | 2567 | | Last Modified: | Oct 4 14:19:19 2006 |
| MD5 Checksum: | 4b47c1772a5cd67e8231c6b851852038 |
|
| /// File Name: |
sa22245.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for openssh. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22245/ | | File Size: | 4567 | | Last Modified: | Oct 4 14:19:19 2006 |
| MD5 Checksum: | d20eee78892ee688082097dc13fc1346 |
|
| /// File Name: |
sa22249.txt |
Description:
|
Secunia Security Advisory - IBM has acknowledged a vulnerability in Rational RequisitePro RequisiteWeb, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22249/ | | File Size: | 2081 | | Last Modified: | Oct 4 14:19:19 2006 |
| MD5 Checksum: | 9dc786d813d72f3991695450f7004cb9 |
|
| /// File Name: |
sa22257.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Taskjitsu, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/22257/ | | File Size: | 2199 | | Last Modified: | Oct 4 14:19:19 2006 |
| MD5 Checksum: | 43fcc0e5070bffb29fa23f9db6c18739 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
