Section: .. / 0605-advisories /
| /// File Name: |
sa20313.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for nagios. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20313/ | | File Size: | 6311 | | Last Modified: | May 30 22:22:26 2006 |
| MD5 Checksum: | 71584781659821ff40d4f3038429ed35 |
|
| /// File Name: |
sa20163.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for kernel-source-2.4.19. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information, cause a DoS (Denial of Service), gain escalated privileges, and by malicious people to cause a DoS, and disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/20163/ | | File Size: | 6280 | | Last Modified: | May 23 01:09:34 2006 |
| MD5 Checksum: | fa831f0ccb413daec7d8932222636e78 |
|
| /// File Name: |
FLSA-2006-164512.txt |
Description:
|
Fedora Legacy Update Advisory FLSA:164512 - A bug was found in the way fetchmail allocates memory for long lines. A remote attacker could cause a denial of service by sending a specially- crafted email.
| | Homepage: | http://fedoralegacy.org | | File Size: | 6274 | | Last Modified: | May 17 17:43:46 2006 |
| MD5 Checksum: | bee065c36fbe83bb42b3da38cba494f9 |
|
| /// File Name: |
MDKSA-2006-080.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-080: Ulf Harnhammar discovered that the freshclam tool does not do a proper check for the size of header data received from a web server. This could potentially allow a specially prepared HTTP server to exploit freshclam clients connecting to a database mirror and causing a DoS. The updated packages have been updated to Clamav 0.88.2 which corrects this problem.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 6272 | | Related CVE(s): | CVE-2006-1989 | | Last Modified: | May 2 02:23:44 2006 |
| MD5 Checksum: | b0dfc92ffcb94492e4df354fa32a0164 |
|
| /// File Name: |
SSRT061115-1.txt |
Description:
|
HPSBUX02114 SSRT061115 rev.1 - HP-UX Running Software Distributor Local Elevation of Privilege
| | Homepage: | http://www.hp.com | | File Size: | 6229 | | Last Modified: | May 25 22:57:34 2006 |
| MD5 Checksum: | 3fbdb54f0755b886f54c89912b7bd599 |
|
| /// File Name: |
SSRT061145.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified in Firefox for HP Tru64 UNIX and in the Mozilla Application Suite for HP Tru64 UNIX. The vulnerabilities could result in possible remote execution of arbitrary code or Denial of Service (DoS).
| | Homepage: | http://www.hp.com | | File Size: | 6191 | | Related CVE(s): | CVE-2006-1993 | | Last Modified: | May 22 02:59:44 2006 |
| MD5 Checksum: | d6a01651795b00ae9891b6362dc3cae8 |
|
| /// File Name: |
SSRT051074-5.txt |
Description:
|
HPSBUX02075 SSRT051074 rev.5 - HP-UX Running xterm Local Unauthorized Access
| | Homepage: | http://www.hp.com | | File Size: | 6114 | | Last Modified: | May 25 22:55:41 2006 |
| MD5 Checksum: | 422dc961570c326671bdd74b292b23e3 |
|
| /// File Name: |
MDKSA-2006-091.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-091: An integer overflow in the wordwrap() function could allow attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, triggering a heap-based buffer overflow
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 6086 | | Last Modified: | May 25 22:58:14 2006 |
| MD5 Checksum: | 790996ea9a300af239274d94cb229364 |
|
| /// File Name: |
ntdlldll.txt |
Description:
|
Microsoft Windows NTDLL.DLL is prone to an incorrect path conversion vulnerability. This flaw could be successful exploited by malicious users in order to bypass protection mechanisms implemented by certain antivirus and antispyware products.
| | Author: | Mario Ballano Bárcena | | Homepage: | http://www.48Bits.com | | File Size: | 6029 | | Last Modified: | May 21 14:04:22 2006 |
| MD5 Checksum: | 4b93c932eefcf07bfe159108a0545dc3 |
|
| /// File Name: |
USN-277-1.txt |
Description:
|
Ubuntu Security Notice 277-1 - Tavis Ormandy and Andrey Kiselev discovered that libtiff did not sufficiently verify the validity of TIFF files. By tricking an user into opening a specially crafted TIFF file with any application that uses libtiff, an attacker could exploit this to crash the application or even execute arbitrary code with the application's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6028 | | Related CVE(s): | CVE-2006-2024, CVE-2006-2025, CVE-2006-2026, CVE-2006-2120 | | Last Modified: | May 6 16:40:36 2006 |
| MD5 Checksum: | 2e67228960ffb16bdba3cd30dc48123b |
|
| /// File Name: |
sa20378.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities and security issues have been reported in Secure Elements Class 5 AVR, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, spoof the contents of messages, cause a DoS (Denial of Service) and potentially to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20378/ | | File Size: | 6010 | | Last Modified: | May 31 17:33:01 2006 |
| MD5 Checksum: | c534798763297e549e6583d16ab0fdf2 |
|
| /// File Name: |
raydiumx.txt |
Description:
|
Raydium versions SVN revision 309 and below suffer from buffer overflows, format string, and invalid memory access flaws.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | raydiumx.zip | | File Size: | 5977 | | Last Modified: | May 21 18:40:30 2006 |
| MD5 Checksum: | 98700ca05091113c9c05018423c8c422 |
|
| /// File Name: |
SSRT4848.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified with Motif applications running on HP-UX. The potential vulnerabilities could be exploited to allow remote execution of arbitrary code or Denial for Service (DoS).
| | Homepage: | http://www.hp.com | | File Size: | 5971 | | Last Modified: | May 24 04:55:30 2006 |
| MD5 Checksum: | 29b8d178fd1edd7333f501b88a30c7bf |
|
| /// File Name: |
sa19998.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for nagios. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/19998/ | | File Size: | 5879 | | Last Modified: | May 9 15:56:56 2006 |
| MD5 Checksum: | 5f518098e631452eecf0002918594c4e |
|
| /// File Name: |
sa20326.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for libextractor. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application that uses the library.
| | Homepage: | http://secunia.com/advisories/20326/ | | File Size: | 5815 | | Last Modified: | May 29 18:46:46 2006 |
| MD5 Checksum: | 39c4916ca4fd01538619f304e94501e2 |
|
| /// File Name: |
USN-287-1.txt |
Description:
|
Ubuntu Security Notice 287-1: The nagios CGI scripts did not sufficiently check the validity of the HTTP Content-Length attribute. By sending a specially crafted HTTP request with an invalidly large Content-Length value to the Nagios server, a remote attacker could exploit this to execute arbitrary code with web server privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5797 | | Last Modified: | May 29 19:43:55 2006 |
| MD5 Checksum: | 4adadba0298c4e39e2e1288d2f8a60e5 |
|
| /// File Name: |
USN-282-1.txt |
Description:
|
Ubuntu Security Notice 282-1 - The nagios CGI scripts did not sufficiently check the validity of the HTTP Content-Length attribute. By sending a specially crafted HTTP request with a negative Content-Length value to the Nagios server, a remote attacker could exploit this to execute arbitrary code with web server privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5789 | | Related CVE(s): | CVE-2006-2162 | | Last Modified: | May 9 16:45:04 2006 |
| MD5 Checksum: | 9e38fc437a0a03d94075fbd95654b6ec |
|
| /// File Name: |
USN-286-1.txt |
Description:
|
Ubuntu Security Notice 286-1: Several format string vulnerabilities have been discovered in dia. By tricking a user into opening a specially crafted dia file, or a file with a specially crafted name, this could be exploited to execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5692 | | Last Modified: | May 26 18:13:57 2006 |
| MD5 Checksum: | d5f1a212478ffe6cb7ef72769722ba82 |
|
| /// File Name: |
SSRT051057.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified in the HP-UX kernel. The potential vulnerability could be exploited by a local authorized user to create a Denial of Service (DoS).
| | Homepage: | http://www.hp.com | | File Size: | 5601 | | Last Modified: | May 24 04:56:37 2006 |
| MD5 Checksum: | 9fce54dbdd4f19825719b065b089b4de |
|
| /// File Name: |
sa20254.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for dia. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/20254/ | | File Size: | 5522 | | Last Modified: | May 25 04:22:54 2006 |
| MD5 Checksum: | 78278426a72766631f2cdf4f5bafe9e5 |
|
| /// File Name: |
FLSA-2006-152923.txt |
Description:
|
Fedora Legacy Update Advisory FLSA:152923 - A flaw was discovered in xloadimage where filenames were not properly quoted when calling the gunzip command. An attacker could create a file with a carefully crafted filename so that it would execute arbitrary commands if opened by a victim.
| | Homepage: | http://fedoralegacy.org | | File Size: | 5476 | | Last Modified: | May 17 17:45:53 2006 |
| MD5 Checksum: | 2ce6776465daf5b964122de0ea5dda6f |
|
| /// File Name: |
FLSA-2006-152898.txt |
Description:
|
Fedora Legacy Update Advisory FLSA:152898 - Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs. If a user connects to a malicious POP server, an attacker can execute arbitrary code as the user running emacs.
| | Homepage: | http://fedoralegacy.org | | File Size: | 5462 | | Last Modified: | May 17 17:44:28 2006 |
| MD5 Checksum: | 5ab7dda0da60ba35659105672f4b620b |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
