Section: .. / 0612-advisories /
| /// File Name: |
sa23235.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mozilla-thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23235/ | | File Size: | 14610 | | Last Modified: | Dec 6 03:07:49 2006 |
| MD5 Checksum: | 026248d14753a4d6615086ca5583b68e |
|
| /// File Name: |
sa23379.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/23379/ | | File Size: | 14411 | | Last Modified: | Dec 19 20:15:33 2006 |
| MD5 Checksum: | bfa7cd9aad721459850bd112e92c896c |
|
| /// File Name: |
sa23327.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/23327/ | | File Size: | 14409 | | Last Modified: | Dec 14 10:45:41 2006 |
| MD5 Checksum: | 7005c59f072fc8ddbae22bb51cfd0f23 |
|
| /// File Name: |
dsa-1222-2.txt |
Description:
|
Debian Security Advisory 1222-2 - Due to technical problems yesterday's proftpd update lacked a build for the amd64 architecture, which is now available. Several remote vulnerabilities have been discovered in the proftpd FTP daemon, which may lead to the execution of arbitrary code or denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 13828 | | Related CVE(s): | CVE-2006-5815, CVE-2006-6170, CVE-2006-6171 | | Last Modified: | Dec 6 05:07:30 2006 |
| MD5 Checksum: | 2ed558492cc7f916fdcedfd2b566ae70 |
|
| /// File Name: |
MDKSA-2006-226.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple cross site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the mailto parameter in webmail.php, the session and delete_draft parameters in compose.php, and unspecified vectors involving "a shortcoming in the magicHTML filter."
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 13326 | | Related CVE(s): | CVE-2006-6142 | | Last Modified: | Dec 12 16:36:31 2006 |
| MD5 Checksum: | e6cf4f13122fff7f8e9c02ae7bb996ee |
|
| /// File Name: |
dsa-1222-1.txt |
Description:
|
Debian Security Advisory 1222-1 - Several remote vulnerabilities have been discovered in the proftpd FTP daemon, which may lead to the execution of arbitrary code or denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 12860 | | Related CVE(s): | CVE-2006-5815, CVE-2006-6170, CVE-2006-6171 | | Last Modified: | Dec 6 04:22:52 2006 |
| MD5 Checksum: | 02e822beb4d5b026c47e84d724b0617d |
|
| /// File Name: |
sa23174.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for proftpd. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and by malicious users and malicious people to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23174/ | | File Size: | 12009 | | Last Modified: | Dec 6 03:07:49 2006 |
| MD5 Checksum: | 938512b975fa2e077fc32b1d9ea474fc |
|
| /// File Name: |
dsa-1225-1.txt |
Description:
|
Debian Security Advisory 1225-1 - Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. It was discovered that malformed FTP server responses could lead to denial of service. It was discovered that the correction for a cryptographic flaw in the handling of PKCS-1 certificates was incomplete, which allows the forgery of certificates. "shutdown" discovered that modification of JavaScript objects during execution could lead to the execution of arbitrary JavaScript bytecode. Jesse Ruderman and Martijn Wargers discovered several crashes in the layout engine, which might also allow execution of arbitrary code. Igor Bukanov and Jesse Ruderman discovered several crashes in the JavaScript engine, which might allow execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 10848 | | Related CVE(s): | CVE-2006-4310, CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5748 | | Last Modified: | Dec 6 06:20:15 2006 |
| MD5 Checksum: | 49657524c6239d50cb48b45b9a11f3fe |
|
| /// File Name: |
USN-386-1.txt |
Description:
|
Ubuntu Security Notice 386-1 - Daniel Kobras discovered multiple buffer overflows in ImageMagick's SGI file format decoder. By tricking a user or an automated system into processing a specially crafted SGI image, this could be exploited to execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 10375 | | Related CVE(s): | CVE-2006-5868 | | Last Modified: | Dec 1 01:08:11 2006 |
| MD5 Checksum: | 9298541603cda9ec8554e19588bb5024 |
|
| /// File Name: |
dsa-1229-1.txt |
Description:
|
Debian Security Advisory 1229-1 - Adam Boileau discovered an integer overflow in the Skinny channel driver in Asterisk, an Open Source Private Branch Exchange or telephone system, as used by Cisco SCCP phones, which allows remote attackers to execute arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 10244 | | Related CVE(s): | CVE-2006-5444 | | Last Modified: | Dec 7 09:57:49 2006 |
| MD5 Checksum: | 97d9169c0e99839747e13c57e0ae6877 |
|
| /// File Name: |
SSRT061288.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
| | Homepage: | http://www.hp.com | | File Size: | 10211 | | Last Modified: | Dec 22 01:18:33 2006 |
| MD5 Checksum: | 07d4129b1f7db1894f08d5d669085a85 |
|
| /// File Name: |
USN-388-1.txt |
Description:
|
Ubuntu Security Notice 388-1 - An integer overflow was discovered in KOffice's filtering code. By tricking a user into opening a specially crafted PPT file, attackers could crash KOffice or possibly execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 10132 | | Related CVE(s): | CVE-2006-6120 | | Last Modified: | Dec 6 03:48:58 2006 |
| MD5 Checksum: | f57535d905ed36797277368dbec3d23f |
|
| /// File Name: |
sa23212.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for asterisk. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23212/ | | File Size: | 9740 | | Last Modified: | Dec 7 07:24:29 2006 |
| MD5 Checksum: | 7d061ebb934774e75a64b7fffcf7b6bf |
|
| /// File Name: |
sa23202.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mozilla-firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23202/ | | File Size: | 9657 | | Last Modified: | Dec 6 03:07:49 2006 |
| MD5 Checksum: | 0b1a74e9d72fdf33c98bfd7cb8df0ee9 |
|
| /// File Name: |
sa23220.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for koffice. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23220/ | | File Size: | 9244 | | Last Modified: | Dec 6 03:07:49 2006 |
| MD5 Checksum: | 970e472abd0f9cd4eb32181a256216f0 |
|
| /// File Name: |
MDKSA-2006-222.txt |
Description:
|
Mandriva Linux Security Advisory - An integer overflow was discovered in KOffice's filtering code. By tricking a user into opening a specially crafted PPT file, attackers could crash KOffice or possibly execute arbitrary code with the user's privileges.
| | Homepage: | http://www.mandriva.com/security | | File Size: | 9058 | | Related CVE(s): | CVE-2006-6120 | | Last Modified: | Dec 6 05:35:18 2006 |
| MD5 Checksum: | 2d3d9f813ffa520ebb052422ee78c9f9 |
|
| /// File Name: |
sa23249.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for xine-lib. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23249/ | | File Size: | 8740 | | Last Modified: | Dec 6 03:07:49 2006 |
| MD5 Checksum: | 4a2f8179d0be5cffb05943320484c777 |
|
| /// File Name: |
sa23184.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for proftpd. This fixes some vulnerabilities, which can be exploited by malicious users and malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23184/ | | File Size: | 8546 | | Last Modified: | Dec 6 03:07:49 2006 |
| MD5 Checksum: | 72fd2d9b10780092eaaa8d39372c4693 |
|
| /// File Name: |
CORE-2006-1127.txt |
Description:
|
Core Security Technologies Advisory - A locally exploitable stack overflow vulnerability has been found in the mod_ctrls module of ProFTPD server. ProFTPD versions 1.3.0a and 1.3.0 are affected.
| | Author: | Alfredo Ortega | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 8433 | | Last Modified: | Dec 15 10:27:03 2006 |
| MD5 Checksum: | 6096a9dd5e3ec88cb5749723f3b93f9c |
|
| /// File Name: |
sa23300.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for kdegraphics. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/23300/ | | File Size: | 8235 | | Last Modified: | Dec 12 16:19:53 2006 |
| MD5 Checksum: | 20641f50daf1aa316aa4f07b74ae2d57 |
|
| /// File Name: |
sa23545.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for MozillaFirefox and MozillaThunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of certain information, conduct cross-site scripting attacks and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23545/ | | File Size: | 8046 | | Last Modified: | Dec 29 16:04:15 2006 |
| MD5 Checksum: | 164a1fd742b44af941bdf4684cca60da |
|
| /// File Name: |
sa23255.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for gnupg. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23255/ | | File Size: | 7968 | | Last Modified: | Dec 8 22:32:56 2006 |
| MD5 Checksum: | 54fc4a579b3645106ebd443e39e17384 |
|
| /// File Name: |
USN-392-1.txt |
Description:
|
Ubuntu Security Notice 392-1 - A buffer overflow was discovered in the Real Media input plugin in xine-lib. If a user were tricked into loading a specially crafted stream from a malicious server, the attacker could execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 7943 | | Related CVE(s): | CVE-2006-6172 | | Last Modified: | Dec 6 07:17:20 2006 |
| MD5 Checksum: | 4805d19f9bf436969ea48098b2db01c7 |
|
| /// File Name: |
MDKSA-2006-230.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006:230: The latest version of ClamAV, 0.88.7, fixes some bugs, including vulnerabilities with handling base64-encoded MIME attachment files that can lead to either a) a crash (CVE-2006-5874), or b) a bypass of virus detection (CVE-2006-6406).
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7917 | | Last Modified: | Dec 14 21:57:47 2006 |
| MD5 Checksum: | d28ef7c26354b45a14c625a3fc85ee46 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
