Section: .. / 0605-advisories /
| /// File Name: |
SSRT2400.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running the BINDv4 Domain Name Server (DNS). The vulnerability could be exploited to poison the DNS cache leading to remote unauthorized access or Denial of Service (DoS).
| | Homepage: | http://www.hp.com | | File Size: | 6709 | | Last Modified: | May 22 02:59:00 2006 |
| MD5 Checksum: | fedaba6b4e5114827cf2a563f34f4b52 |
|
| /// File Name: |
SSRT4848.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified with Motif applications running on HP-UX. The potential vulnerabilities could be exploited to allow remote execution of arbitrary code or Denial for Service (DoS).
| | Homepage: | http://www.hp.com | | File Size: | 5971 | | Last Modified: | May 24 04:55:30 2006 |
| MD5 Checksum: | 29b8d178fd1edd7333f501b88a30c7bf |
|
| /// File Name: |
SSRT5911-1.txt |
Description:
|
HPSBMA02098 SSRT5911 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Privileged Access, Arbitrary Command Execution, Arbitrary File Creation
| | Homepage: | http://www.hp.com | | File Size: | 8561 | | Last Modified: | May 25 22:55:14 2006 |
| MD5 Checksum: | 49fb906ed7b33f585970a6cc09573b8c |
|
| /// File Name: |
sunSingle.txt |
Description:
|
Single CPU Sun systems running Solaris 7, 8, and 9 are all susceptible to a simple denial of service attack using ping.
| | Author: | Doug Hughes | | File Size: | 1111 | | Last Modified: | May 22 01:43:15 2006 |
| MD5 Checksum: | 447de24872395999371a563c3568fe1c |
|
| /// File Name: |
SuperLinkExchangeScriptv1.0.txt |
Description:
|
Super Link Exchange Script v1.0 suffers from SQL injection, XSS, and directory transversal vulnerabilities.
| | Author: | luny | | Homepage: | http://www.youfucktard.com | | File Size: | 1826 | | Last Modified: | May 29 03:13:06 2006 |
| MD5 Checksum: | 4dab44442930ceb59e91190dc2631eab |
|
| /// File Name: |
SUSE-SA-2006-023.txt |
Description:
|
SUSE Security Announcement SUSE-SA-2006-023 - Miscalculation of a buffer size in the X Render extension of the X.Org X11 server could potentially be exploited by users to cause a buffer overflow and run code with elevated privileges.
| | Homepage: | http://www.suse.com | | File Size: | 12752 | | Related CVE(s): | CVE-2006-1526 | | Last Modified: | May 6 16:39:45 2006 |
| MD5 Checksum: | c743b3e72176faf26e5266ed60a8f4c3 |
|
| /// File Name: |
SYMSA-2006-003.txt |
Description:
|
Symantec Vulnerability Research SYMSA-2006-003 - Cisco Secure ACS 3.x for Windows stores passwords for administrative users in the registry. The passwords are encrypted using the Crypto API Microsoft Base Cryptographic Provider version 1.0. Along with the passwords, ACS also stores the key used to encrypt the information.
| | Author: | Andreas Junestam | | Homepage: | http://www.symantec.com | | File Size: | 8874 | | Related CVE(s): | CVE-2006-0561 | | Last Modified: | May 17 02:59:28 2006 |
| MD5 Checksum: | 0becbb60b8417095fc88231c381bfd70 |
|
| /// File Name: |
TA06-129A.txt |
Description:
|
Technical Cyber Security Alert TA06-129A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Exchange Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Homepage: | http://cert.org/ | | File Size: | 4640 | | Related CVE(s): | CVE-2006-0027, CVE-2006-0024, CVE-2005-2628 | | Last Modified: | May 21 13:53:19 2006 |
| MD5 Checksum: | 366fc6c2a49729d2194d0828f1f2a80d |
|
| /// File Name: |
TA06-132A.txt |
Description:
|
Technical Cyber Security Alert TA06-132A - Apple has released Security Update 2006-003 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser, Mail, and other products. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Impacts of other vulnerabilities include bypassing security restrictions and denial of service.
| | Homepage: | http://cert.org/ | | File Size: | 3858 | | Last Modified: | May 21 23:14:36 2006 |
| MD5 Checksum: | 533105a0b6c952c53d495471e639a017 |
|
| /// File Name: |
TA06-132B.txt |
Description:
|
Technical Cyber Security Alert TA06-132B - Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
| | Homepage: | http://cert.org/ | | File Size: | 3942 | | Last Modified: | May 21 20:50:08 2006 |
| MD5 Checksum: | 27f0e5813b97d2345573ff793aff36b8 |
|
| /// File Name: |
TA06-139A.txt |
Description:
|
Technical Cyber Security Alert TA06-139A - Microsoft Word contains a buffer overflow vulnerability. Opening a specially crafted Word document, including documents hosted on web sites or attached to email messages, could trigger the vulnerability.
| | Homepage: | http://cert.org/ | | File Size: | 3890 | | Last Modified: | May 22 03:03:59 2006 |
| MD5 Checksum: | d91a5a215848766d599da6cdafdc1e0b |
|
| /// File Name: |
TamberForum-1.9.13.txt |
Description:
|
Tamber Forum versions less than or equal to 1.9.13 suffer from multiple SQL injection vulnerabilities.
| | Author: | ajannhwt | | File Size: | 1275 | | Last Modified: | May 29 03:17:53 2006 |
| MD5 Checksum: | d20700429ec24994f94e5386e66c3ba6 |
|
| /// File Name: |
Tikiwiki1.9.x.txt |
Description:
|
Tikiwiki 1.9.x suffers from multiple XSS vulnerabilities.
| | Author: | blwood | | Homepage: | http://www.blwood.net | | File Size: | 3835 | | Last Modified: | May 29 03:26:16 2006 |
| MD5 Checksum: | 05b538b4011412c50e821c90b7db95a9 |
|
| /// File Name: |
tinyBB-0.3.txt |
Description:
|
tinyBB versions less than or equal to 0.3 suffer from remote include vulnerabilities, SQL injection and XSS.
| | Homepage: | http://www.nukedx.com/ | | File Size: | 2792 | | Last Modified: | May 29 19:05:43 2006 |
| MD5 Checksum: | 972288c252a8b9aa039afe7b9518c4af |
|
| /// File Name: |
ToastsForums1.6.44.txt |
Description:
|
Toast Forums 1.6.44 suffers from XSS
| | Author: | ajannhwt | | File Size: | 510 | | Last Modified: | May 29 03:18:49 2006 |
| MD5 Checksum: | ee1a39595f4a20ca27cb078cfcd77b01 |
|
| /// File Name: |
TZO-042006-Zango.txt |
Description:
|
ZangoCash is susceptible to an insecure auto-update and file execution flaw.
| | Author: | Thierry Zoller | | Homepage: | http://secdev.zoller.lu/ | | File Size: | 3063 | | Last Modified: | May 21 14:02:29 2006 |
| MD5 Checksum: | 871734628b83158b0d136fd1ffabd20a |
|
| /// File Name: |
TZO-072006-Xampp.txt |
Description:
|
XAMPP version 1.5.2 is susceptible to multiple privilege escalation flaws and a rogue autostart vulnerability.
| | Author: | Thierry Zoller | | Homepage: | http://secdev.zoller.lu/ | | File Size: | 4735 | | Last Modified: | May 22 03:23:07 2006 |
| MD5 Checksum: | 0400aa7b17ef7dce2b10569b91329299 |
|
| /// File Name: |
UBBThreads-5.x-6.x.txt |
Description:
|
UBBThreads 5.x and 6.x suffer from multiple remote file inclusion vulnerabilities.
| | Homepage: | http://www.nukedx.com | | File Size: | 3840 | | Last Modified: | May 29 19:15:25 2006 |
| MD5 Checksum: | dc8d72e98380f3fc57cd84ec751bba86 |
|
| /// File Name: |
USN-274-2.txt |
Description:
|
Ubuntu Security Notice 274-2: USN-274-1 fixed a logging bypass in the MySQL server. Unfortunately it was determined that the original update was not sufficient to completely fix the vulnerability, thus another update is necessary. We apologize for the inconvenience.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6918 | | Last Modified: | May 17 17:46:56 2006 |
| MD5 Checksum: | 2cf25004ea62c6804b97e8395487c470 |
|
| /// File Name: |
USN-276-1.txt |
Description:
|
Ubuntu Security Notice 276-1 - A large number of mozilla-thunderbird related vulnerabilities have been patched for Ubuntu.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 14974 | | Related CVE(s): | CVE-2006-0292, CVE-2006-0296, CVE-2006-0748, CVE-2006-0749, CVE-2006-0884, CVE-2006-1045, CVE-2006-1727, CVE-2006-1728, CVE-2006-1730, CVE-2006-1731, CVE-2006-1732, CVE-2006-1733, CVE-2006-1734, CVE-2006-1735, CVE-2006-1737, CVE-2006-1738, CVE-2006-1739, CVE-2006-1741, CVE-2006-1742, CVE-2006-1790 | | Last Modified: | May 6 16:36:48 2006 |
| MD5 Checksum: | fa1ab4a3661b03b2d94833facd5d94e8 |
|
| /// File Name: |
USN-277-1.txt |
Description:
|
Ubuntu Security Notice 277-1 - Tavis Ormandy and Andrey Kiselev discovered that libtiff did not sufficiently verify the validity of TIFF files. By tricking an user into opening a specially crafted TIFF file with any application that uses libtiff, an attacker could exploit this to crash the application or even execute arbitrary code with the application's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6028 | | Related CVE(s): | CVE-2006-2024, CVE-2006-2025, CVE-2006-2026, CVE-2006-2120 | | Last Modified: | May 6 16:40:36 2006 |
| MD5 Checksum: | 2e67228960ffb16bdba3cd30dc48123b |
|
| /// File Name: |
USN-278-1.txt |
Description:
|
Ubuntu Security Notice 278-1 - Marcus Meissner discovered a race condition in gdm's handling of the ~/.ICEauthority file permissions. A local attacker could exploit this to become the owner of an arbitrary file in the system. When getting control over automatically executed scripts (like cron jobs), the attacker could eventually leverage this flaw to execute arbitrary commands with root privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 3125 | | Related CVE(s): | CVE-2006-1057 | | Last Modified: | May 6 16:53:08 2006 |
| MD5 Checksum: | a81bc1d285f5b1f4ad45cbd513d73d11 |
|
| /// File Name: |
USN-279-1.txt |
Description:
|
Ubuntu Security Notice 279-1 - Jayesh KS discovered that the nasl_split() function in the NASL (Nessus Attack Scripting Language) library did not check for a zero-length separator argument, which lead to an invalid memory allocation. This library is primarily used in the Nessus security scanner; a remote attacker could exploit this vulnerability to cause the Nessus daemon to crash.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4202 | | Related CVE(s): | CVE-2006-2093 | | Last Modified: | May 6 16:53:57 2006 |
| MD5 Checksum: | f71099bc40e5058fd03cb9af1c23da60 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
