Section: .. / 0605-advisories /
| /// File Name: |
SSRT061133.txt |
Description:
|
HP Security Bulletin - A vulnerability has been identified in Sendmail which may allow a remote attacker to execute arbitrary code.
| | Homepage: | http://www.hp.com | | File Size: | 11857 | | Related CVE(s): | CVE-2006-0058 | | Last Modified: | May 22 02:58:10 2006 |
| MD5 Checksum: | d7b62d639fe55b268f77be3d0395f710 |
|
| /// File Name: |
cisco-sa-20060510-avs.txt |
Description:
|
Cisco Security Advisory - Cisco Application Velocity System's (AVS) default configuration allows transparent relay of TCP connections to any reachable destination TCP port if the receiving TCP service can process requests embedded in a HTTP POST method message. This issue does not require a software upgrade and can be mitigated by a configuration command for all affected customers. Vulnerable versions include AVS 3110 4.0, 5.0, and prior versions. Also affected is AVS 3120 5.0.0 and prior versions.
| | Homepage: | http://www.cisco.com/ | | File Size: | 11816 | | Last Modified: | May 21 14:36:32 2006 |
| MD5 Checksum: | 19868f62a354d3fa8c4d4f1f2be6e94b |
|
| /// File Name: |
cisco-sa-20060524-vpnclient.txt |
Description:
|
Cisco Security Advisory: Windows VPN Client Local Privilege Escalation Vulnerability - The Cisco VPN Client for Windows is affected by a local privilege escalation vulnerability that allows non-privileged users to gain administrative privileges. A user needs to authenticate and start an interactive Windows session to be able to exploit this vulnerability.
| | Homepage: | http://www.cisco.com | | File Size: | 11794 | | Last Modified: | May 29 01:05:19 2006 |
| MD5 Checksum: | 52f7c86d63fe442d9495ed7773c5aa03 |
|
| /// File Name: |
cisco-sa-20060501-cue.txt |
Description:
|
Cisco Security Advisory - Cisco Unity Express (CUE) contains a vulnerability that might allow an authenticated user to change the password for another user by using the HTTP management interface, if the password for the user being modified is marked as expired. This can result in a privilege escalation attack and complete administrative control of a CUE module, if the password being changed belongs to an administrator.
| | Homepage: | http://www.cisco.com | | File Size: | 11705 | | Last Modified: | May 5 05:59:59 2006 |
| MD5 Checksum: | e73d896546b64f7423f2806426a10956 |
|
| /// File Name: |
sa19872.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for asterisk. This fixes some vulnerabilities, which can be exploited by malicious users to disclose sensitive information, and by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/19872/ | | File Size: | 11604 | | Last Modified: | May 1 04:24:17 2006 |
| MD5 Checksum: | d853ce95ce2c5dc98d0b0d20e9d92aa0 |
|
| /// File Name: |
sa20202.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for kernel-source-2.4.18. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information, cause a DoS (Denial of Service), gain escalated privileges, and by malicious people to cause a DoS, and disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/20202/ | | File Size: | 11123 | | Last Modified: | May 23 12:45:46 2006 |
| MD5 Checksum: | 2176f0ee0f7651ebbd9866f8e42f6fe4 |
|
| /// File Name: |
FLSA-2006-152868.txt |
Description:
|
Fedora Legacy Update Advisory FLSA:152868 - Updated tetex packages that fix several security issues are now available.
| | Homepage: | http://fedoralegacy.org | | File Size: | 10959 | | Last Modified: | May 17 17:35:14 2006 |
| MD5 Checksum: | 35d7bc6a1aed44d91ecf2633b33baa61 |
|
| /// File Name: |
sa20241.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mysql-dfsg. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, disclose potentially sensitive information, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20241/ | | File Size: | 10861 | | Last Modified: | May 23 12:45:46 2006 |
| MD5 Checksum: | a5da85482707ee8b158359d52b426fe2 |
|
| /// File Name: |
sa20330.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for tiff. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/20330/ | | File Size: | 10703 | | Last Modified: | May 29 18:46:46 2006 |
| MD5 Checksum: | 90aea00f53eeeea3282ae1e1723c7347 |
|
| /// File Name: |
dsa-1070-1.txt |
Description:
|
Debian Security Advisory 1070-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
| | Author: | Martin Schulze, Dann Frazier | | Homepage: | http://www.debian.org/security/ | | File Size: | 10473 | | Related CVE(s): | CVE-2004-0427, CVE-2005-0489, CVE-2004-0394, CVE-2004-0447, CVE-2004-0554, CVE-2004-0565, CVE-2004-0685, CVE-2005-0001, CVE-2004-0883, CVE-2004-0949, CVE-2004-1016, CVE-2004-1333, CVE-2004-0997, CVE-2004-1335, CVE-2004-1017, CVE-2005-0124, CVE-2005-0528, CVE-2003-0984, CVE-2004-1070, CVE-2004-1071, CVE-2004-1072, CVE-2004-1073, CVE-2004-1074, CVE-2004-0138, CVE-2004-1068, CVE-2004-1234, CVE-2005-0003, CVE-2004-1235, CVE-2005-0504, CVE-2005-0384, CVE-2005-0135 | | Last Modified: | May 22 02:34:27 2006 |
| MD5 Checksum: | 1a87ad816468b3802b21395a8e39d989 |
|
| /// File Name: |
sa20333.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mysql-dfsg. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, disclose potentially sensitive information, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20333/ | | File Size: | 10375 | | Last Modified: | May 29 18:46:46 2006 |
| MD5 Checksum: | 0e56485a5cf42e125235f9b6a48f305a |
|
| /// File Name: |
dsa-1055-1.txt |
Description:
|
Debian Security Advisory 1055-1: Martijn Wargers and Nick Mott described crashes of Mozilla due to the use of a deleted controller context. In theory this could be abused to execute malicious code. Since Mozilla and Firefox share the same codebase, Firefox may be vulnerable as well.
| | Homepage: | http://www.debian.org/security | | File Size: | 9759 | | Last Modified: | May 17 17:28:21 2006 |
| MD5 Checksum: | 9e95b667ea22add79d8851fe29784077 |
|
| /// File Name: |
cisco-websense-bypass.txt |
Description:
|
For each HTTP request the Cisco PIX or other Cisco device forwards individual packets to Websense to determine whether or not the request should be permitted. However, when splitting the HTTP request into two or more packets on the HTTP method it is possible to circumvent the filtering mechanism. Affected versions are Websense 5.5.2, Cisco PIX OS / ASA versions below 7.0.4.12, Cisco PIX OS versions below 6.3.6(112), FWSM 2.3.x, and FWSM 3.x.
| | Author: | George D. Gal | | File Size: | 9731 | | Related CVE(s): | CVE-2006-0515 | | Last Modified: | May 17 02:54:00 2006 |
| MD5 Checksum: | e4117b7343ffc213b150f115207bd0a9 |
|
| /// File Name: |
dsa-1072-1.txt |
Description:
|
Debian Security Advisory 1072-1 - A buffer overflow has been discovered in nagios, a host, service and network monitoring and management system, that could be exploited by remote attackers to execute arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 9657 | | Related CVE(s): | CVE-2006-2162, CVE-2006-2489 | | Last Modified: | May 24 04:57:49 2006 |
| MD5 Checksum: | ebd79c18dbc8b912fc337a0efc62dfd3 |
|
| /// File Name: |
CAID-34013.txt |
Description:
|
CAID 34013 - A potential vulnerability issue exists in our CAIRIM LMP solution for z/OS. CAIRIM is delivered as part of CA's z/OS Common Services, and the LMP component provides licensing services to many of CA's z/OS solutions. IBM Global Services discovered an integrity problem, which could be exploited by an expert user of a z/OS system that utilizes CA's CAIRIM LMP component. We worked with IBM Global Services to understand the nature of the problem and to make certain that the remedy we have now provided addresses the problem completely.
| | Author: | Ken Williams | | Homepage: | http://ca.com/ | | File Size: | 9599 | | Last Modified: | May 6 17:50:18 2006 |
| MD5 Checksum: | 9ab24c9ae1d5ec47ce2be89ca9649849 |
|
| /// File Name: |
USN-283-1.txt |
Description:
|
Ubuntu Security Notice 283-1 - Stefano Di Paola discovered an information leak in the login packet parser. By sending a specially crafted malformed login packet, a remote attacker could exploit this to read a random piece of memory, which could potentially reveal sensitive data. Stefano Di Paola also found a similar information leak in the parser for the COM_TABLE_DUMP request.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 9508 | | Related CVE(s): | CVE-2006-1516, CVE-2006-1517 | | Last Modified: | May 9 16:47:08 2006 |
| MD5 Checksum: | 64b42f33a66b1a93676c4da0e2b56e53 |
|
| /// File Name: |
sa20253.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mysql. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, disclose potentially sensitive information, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20253/ | | File Size: | 9442 | | Last Modified: | May 23 12:45:46 2006 |
| MD5 Checksum: | e4f1bac3aa53b80e3bd19fa35d26336a |
|
| /// File Name: |
dsa-1067-1.txt |
Description:
|
Debian Security Advisory 1067-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
| | Author: | Martin Schulze, Dann Frazier | | Homepage: | http://www.debian.org/security/ | | File Size: | 9383 | | Related CVE(s): | CVE-2004-0427, CVE-2005-0489, CVE-2004-0394, CVE-2004-0447, CVE-2004-0554, CVE-2004-0565, CVE-2004-0685, CVE-2005-0001, CVE-2004-0883, CVE-2004-0949, CVE-2004-1016, CVE-2004-1333, CVE-2004-0997, CVE-2004-1335, CVE-2004-1017, CVE-2005-0124, CVE-2005-0528, CVE-2003-0984, CVE-2004-1070, CVE-2004-1071, CVE-2004-1072, CVE-2004-1073, CVE-2004-1074, CVE-2004-0138, CVE-2004-1068, CVE-2004-1234, CVE-2005-0003, CVE-2004-1235, CVE-2005-0504, CVE-2005-0384, CVE-2005-0135 | | Last Modified: | May 22 02:29:12 2006 |
| MD5 Checksum: | 42387c7d775a6d17cce7ac7fc2c024c9 |
|
| /// File Name: |
sa20002.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for mysql. This fixes two vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/20002/ | | File Size: | 9344 | | Last Modified: | May 9 15:56:56 2006 |
| MD5 Checksum: | a45cc753554f3c1a772c8c39205d75bc |
|
| /// File Name: |
dsa-1081-1.txt |
Description:
|
Debian Security Advisory 1081-1: Luigi Auriemma discovered a buffer overflow in the processing of ASF files in libextractor, a library to extract arbitrary meta-data from files., which can lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 9315 | | Last Modified: | May 29 19:40:39 2006 |
| MD5 Checksum: | b94672113f7a934fb3dc30a432dfb18c |
|
| /// File Name: |
MDKSA-2006-081.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-081 - A problem was discovered in xorg-x11 where the X render extension would mis-calculate the size of a buffer, leading to an overflow that could possibly be exploited by clients of the X server.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 9311 | | Related CVE(s): | CVE-2006-1526 | | Last Modified: | May 6 16:05:12 2006 |
| MD5 Checksum: | dacbd8fde3d164b93c571e387cfc0f30 |
|
| /// File Name: |
dsa-1080-1.txt |
Description:
|
Debian Security Advisory 1080-1: A problem has been discovered in the IMAP component of Dovecot, a secure mail server that supports mbox and maildir mailboxes, which can lead to information disclosure via directory traversal by authenticated users.
| | Homepage: | http://www.debian.org/security | | File Size: | 9290 | | Last Modified: | May 29 19:40:24 2006 |
| MD5 Checksum: | 0c032fc7bbb81b62a3da0d4bab948b1a |
|
| /// File Name: |
dsa-1068-1.txt |
Description:
|
Debian Security Advisory 1068-1 - Jan Braun discovered that the fbgs script of fbi, an image viewer for the framebuffer environment, creates an directory in a predictable manner, which allows denial of service through symlink attacks.
| | Author: | Moritz Muehlenhoff | | Homepage: | http://www.debian.org/security/ | | File Size: | 9054 | | Related CVE(s): | CVE-2006-1695 | | Last Modified: | May 22 02:30:38 2006 |
| MD5 Checksum: | acb638b27457f63bb932542b52fcab0f |
|
| /// File Name: |
sa20368.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for motor. This fixes a vulnerability, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/20368/ | | File Size: | 8968 | | Last Modified: | May 31 17:33:01 2006 |
| MD5 Checksum: | 3b79404b0f76deb528533069ae0fd56a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
