Section: .. / 0611-advisories /
| /// File Name: |
Gotfault-05.txt |
Description:
|
Gotfault Security - Advisory #05 - 27/10/06: Mozilla Firefox versions 1.5.0.7 and below and 2.0 are vulnerable to a DoS condition within its javascript Range object. In a special condition, a NULL Pointer Deference occurs and Firefox crashes.
| | Homepage: | http://gotfault.net | | File Size: | 8462 | | Last Modified: | Oct 31 18:27:36 2006 |
| MD5 Checksum: | 86e20d14f971d917f97ad727e8934c28 |
|
| /// File Name: |
USN-378-1.txt |
Description:
|
Ubuntu Security Notice 378-1 - An error was found in the RPM library's handling of query reports. In some locales, certain RPM packages would cause the library to crash. If a user was tricked into querying a specially crafted RPM package, the flaw could be exploited to execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 8407 | | Related CVE(s): | CVE-2006-5466 | | Last Modified: | Nov 6 00:08:37 2006 |
| MD5 Checksum: | a003845c4cad2d673bcaa864b2f39ea7 |
|
| /// File Name: |
MDKSA-2006-196.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-196: The Hardened-PHP Project discovered buffer overflows in htmlentities/htmlspecialchars internal routines to the PHP Project. Of course the whole purpose of these functions is to be filled with user input. (The overflow can only be when UTF-8 is used)
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 8280 | | Last Modified: | Nov 3 18:02:46 2006 |
| MD5 Checksum: | f9729a71047aec99b0736602d9135186 |
|
| /// File Name: |
sa23110.txt |
Description:
|
Secunia Security Advisory - Ubuntu has isssued an update for gnupg. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23110/ | | File Size: | 8173 | | Last Modified: | Nov 30 11:12:25 2006 |
| MD5 Checksum: | f18f83bc70fa94b10c6b8b81f7238dd2 |
|
| /// File Name: |
MDKSA-2006-204.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-204 - A vulnerability in the privilege separation functionality in OpenSSH was discovered, caused by an incorrect checking for bad signatures in sshd's privsep monitor. As a result, the monitor and the unprivileged process can get out sync. The OpenSSH team indicated that this bug is not known to be exploitable in the absence of additional vulnerabilities.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 8002 | | Related CVE(s): | CVE-2006-5794 | | Last Modified: | Nov 8 22:24:28 2006 |
| MD5 Checksum: | 0138f4f4460696fdf58ec6352bd8eb52 |
|
| /// File Name: |
sa22744.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for imlib2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/22744/ | | File Size: | 7765 | | Last Modified: | Nov 6 13:07:49 2006 |
| MD5 Checksum: | b2de7ffc1e375a326521a68a268ab3a5 |
|
| /// File Name: |
sa23155.txt |
Description:
|
Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
| | Homepage: | http://secunia.com/advisories/23155/ | | File Size: | 7747 | | Last Modified: | Nov 29 10:21:40 2006 |
| MD5 Checksum: | 155fbc258dcc0ee269bda687839453eb |
|
| /// File Name: |
SSRT061266.txt |
Description:
|
HP Security Bulletin - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access.
| | Homepage: | http://www.hp.com/ | | File Size: | 7663 | | Related CVE(s): | CVE-2006-4339 | | Last Modified: | Nov 2 21:10:30 2006 |
| MD5 Checksum: | 7059a2e4d6a736a8705ab8cbc3df5c63 |
|
| /// File Name: |
sa22798.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for texinfo. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22798/ | | File Size: | 7630 | | Last Modified: | Nov 10 11:02:24 2006 |
| MD5 Checksum: | 4a187d4ef9053027987fa5305f47451b |
|
| /// File Name: |
MDKSA-2006-198.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-198 - M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load() function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an application using Imlib2 attempts to view the image. The tga loader fails to bounds check input data to make sure the input data doesn't load outside the memory mapped region. The RLE decoding loops of the load() function in the tga loader does not check that the count byte of an RLE packet doesn't cause a heap overflow of the pixel buffer. The load() function of the pnm loader writes arbitrary length user data into a fixed size stack allocated buffer buf[] without bounds checking.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 7454 | | Related CVE(s): | CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809 | | Last Modified: | Nov 8 18:30:17 2006 |
| MD5 Checksum: | 3216de2651f9fec6521ba221af69fe1f |
|
| /// File Name: |
SSRT061184-2.txt |
Description:
|
HPSBMA02138 SSRT061184 rev.2 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution
| | Homepage: | http://www.hp.com | | File Size: | 7422 | | Last Modified: | Nov 1 17:17:52 2006 |
| MD5 Checksum: | 0ab5b628038b1f25c9aa9595573b2d57 |
|
| /// File Name: |
SSRT061157-3.txt |
Description:
|
HPSBMA02121 SSRT061157 rev.3 - HP OpenView Storage Data Protector Remote Unauthorized Arbitrary Command Execution
| | Homepage: | http://www.hp.com | | File Size: | 7370 | | Last Modified: | Nov 1 17:17:37 2006 |
| MD5 Checksum: | 6adc76485963ec015816e41866a7f2e5 |
|
| /// File Name: |
dsa-1215-1.txt |
Description:
|
Debian Security Advisory 1215-1 - Several remote vulnerabilities have been discovered in the Xine multimedia library, which may lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 7313 | | Related CVE(s): | CVE-2006-4799, CVE-2006-4800 | | Last Modified: | Nov 21 02:19:50 2006 |
| MD5 Checksum: | 42521e959ab7bbc8f67f929aca466303 |
|
| /// File Name: |
SSRT061237-1.txt |
Description:
|
HPSBTU02168 SSRT061237 rev.1 - HP Tru64 UNIX Running gzip, gunzip, and gzcat, Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS)
| | Homepage: | http://www.hp.com | | File Size: | 7311 | | Last Modified: | Nov 1 17:17:18 2006 |
| MD5 Checksum: | d147323a959387c70a7047f0fe010e28 |
|
| /// File Name: |
MDKSA-2006-193.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-193: Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 7308 | | Last Modified: | Nov 1 17:19:25 2006 |
| MD5 Checksum: | 1426136a4d924930eb1a5e843d54eb2f |
|
| /// File Name: |
SSRT061265-1.txt |
Description:
|
HPSBUX02164 SSRT061265 rev.1 - HP-UX VirtualVault Running Apache 1.3.X Remote Denial of Service (DoS) and Arbitrary Code Execution.
| | Homepage: | http://www.hp.com | | File Size: | 7294 | | Last Modified: | Nov 2 19:29:19 2006 |
| MD5 Checksum: | 1c42d78896f3e9ae89efbf6a18f54593 |
|
| /// File Name: |
sa23150.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23150/ | | File Size: | 7242 | | Last Modified: | Nov 29 10:21:40 2006 |
| MD5 Checksum: | 7c9875c19380f3dd407dea80f5b9fe51 |
|
| /// File Name: |
dsa-1219-1.txt |
Description:
|
Debian Security Advisory 1219-1 - The GNU texinfo package has been found susceptible to insecure file handling and buffer overflow flaws.
| | Homepage: | http://www.debian.org/security | | File Size: | 7145 | | Related CVE(s): | CVE-2005-3011, CVE-2006-4810 | | Last Modified: | Nov 29 11:17:26 2006 |
| MD5 Checksum: | 4801675a34029726bda216edaa28938c |
|
| /// File Name: |
dsa-1205-1.txt |
Description:
|
Debian Security Advisory 1205-1: Marco d'Itri discovered that thttpd, a small, fast and secure webserver, makes use of insecure temporary files when its logfiles are rotated, which might lead to a denial of service through a symlink attack.
| | Homepage: | http://www.debian.org/security | | File Size: | 7138 | | Last Modified: | Nov 3 18:04:53 2006 |
| MD5 Checksum: | 3d170dd83d52348a9de5a1ebf06ee65d |
|
| /// File Name: |
sa22649.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for screen. This fixes some vulnerabilities, which can be exploited to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22649/ | | File Size: | 7097 | | Last Modified: | Nov 2 10:01:38 2006 |
| MD5 Checksum: | af8993568de76437dbab99196a2f914d |
|
| /// File Name: |
sa22712.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for thttpd. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/22712/ | | File Size: | 7082 | | Last Modified: | Nov 6 13:07:49 2006 |
| MD5 Checksum: | b7b03ad1e1b68fd3eef202503fc66a71 |
|
| /// File Name: |
USN-376-1.txt |
Description:
|
Ubuntu Security Notice 376-1 - M. Joonas Pihlaja discovered that imlib2 did not sufficiently verify the validity of ARGB, JPG, LBM, PNG, PNM, TGA, and TIFF images. If a user were tricked into viewing or processing a specially crafted image with an application that uses imlib2, the flaws could be exploited to execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 7003 | | Related CVE(s): | CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809 | | Last Modified: | Nov 6 00:04:59 2006 |
| MD5 Checksum: | ca6c6312d8d85bd2f200e8fb5afb8212 |
|
| /// File Name: |
USN-376-2.txt |
Description:
|
Ubuntu Security Notice 376-2: USN-376-1 provided an update to imlib2 to fix several security vulnerabilities. Unfortunately the update broke JPG file handling in certain situations. This update corrects this problem. We apologize for the inconvenience.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6869 | | Last Modified: | Nov 8 18:30:10 2006 |
| MD5 Checksum: | 4c8fb56bccc01a4c734cc9adaf25f7f8 |
|
| /// File Name: |
USN-379-1.txt |
Description:
|
Ubuntu Security Notice 379-1 - Miloslav Trmac discovered a buffer overflow in texinfo's index processor. If a user is tricked into processing a .texi file with texindex, this could lead to arbitrary code execution with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6753 | | Related CVE(s): | CVE-2006-4810 | | Last Modified: | Nov 13 10:38:22 2006 |
| MD5 Checksum: | 622c73f9b543b2cf4d53eb7b07e702d8 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
