Section: .. / 0605-advisories /
| /// File Name: |
MDKSA-2006-090.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-090: A potential security problem was found in the useradd tool when it creates a new user's mailbox due to a missing argument to the open() call, resulting in the first permissions of the file being some random garbage found on the stack, which could possibly be held open for reading or writing before the proper fchmod() call is executed.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 3178 | | Last Modified: | May 25 22:58:08 2006 |
| MD5 Checksum: | 57d6562303445e2ff467f377ac004e03 |
|
| /// File Name: |
sa20032.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in IBM WebSphere Application Server, where some have unknown impacts and others may disclose sensitive information or bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/20032/ | | File Size: | 3134 | | Last Modified: | May 9 15:56:56 2006 |
| MD5 Checksum: | 1c5ad72ee83a6686ec37de948c9f649a |
|
| /// File Name: |
sa20316.txt |
Description:
|
Secunia Security Advisory - trueend5 has reported some vulnerabilities and weaknesses in Geeklog, which can be exploited by malicious people to disclose system information, and conduct cross-site scripting and SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/20316/ | | File Size: | 3128 | | Last Modified: | May 30 22:22:26 2006 |
| MD5 Checksum: | 0e67131c31839d520b43b1b961465f6e |
|
| /// File Name: |
USN-278-1.txt |
Description:
|
Ubuntu Security Notice 278-1 - Marcus Meissner discovered a race condition in gdm's handling of the ~/.ICEauthority file permissions. A local attacker could exploit this to become the owner of an arbitrary file in the system. When getting control over automatically executed scripts (like cron jobs), the attacker could eventually leverage this flaw to execute arbitrary commands with root privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 3125 | | Related CVE(s): | CVE-2006-1057 | | Last Modified: | May 6 16:53:08 2006 |
| MD5 Checksum: | a81bc1d285f5b1f4ad45cbd513d73d11 |
|
| /// File Name: |
sa20312.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for foomatic-filters. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/20312/ | | File Size: | 3103 | | Last Modified: | May 30 22:22:26 2006 |
| MD5 Checksum: | 1db6b726ce38c2bee5527c705c0e24ca |
|
| /// File Name: |
sa20182.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for kernel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/20182/ | | File Size: | 3098 | | Last Modified: | May 25 21:12:24 2006 |
| MD5 Checksum: | 108d5b88e84f5632bf2a14967e65058a |
|
| /// File Name: |
sa20117.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to cause files to be extracted to arbitrary locations on a user's system, bypass certain security restrictions, conduct cross-site scripting attacks, cause a DoS (Denial of Service), or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20117/ | | File Size: | 3073 | | Last Modified: | May 17 01:39:52 2006 |
| MD5 Checksum: | 9167998bb2fef6508d1a1a71471deac8 |
|
| /// File Name: |
TZO-042006-Zango.txt |
Description:
|
ZangoCash is susceptible to an insecure auto-update and file execution flaw.
| | Author: | Thierry Zoller | | Homepage: | http://secdev.zoller.lu/ | | File Size: | 3063 | | Last Modified: | May 21 14:02:29 2006 |
| MD5 Checksum: | 871734628b83158b0d136fd1ffabd20a |
|
| /// File Name: |
dsa-1057-1.txt |
Description:
|
Debian Security Advisory 1057-1: Several cross-site scripting vulnerabilities have been discovered in phpLDAPadmin, a web based interface for administering LDAP servers, that allows remote attackers to inject arbitrary web script or HTML.
| | Homepage: | http://www.debian.org/security | | File Size: | 3060 | | Last Modified: | May 17 17:28:33 2006 |
| MD5 Checksum: | fc64431d29c0b48e67395cb80bb302fa |
|
| /// File Name: |
quagga-broadcast.txt |
Description:
|
Quagga RIPD suffers from an unauthenticated route table broadcast issue. Verified on Quagga Suites 0.98.5 and 0.99.3.
| | Author: | Konstantin V. Gavrilenko | | Homepage: | http://www.arhont.com/ | | File Size: | 3058 | | Last Modified: | May 6 16:30:43 2006 |
| MD5 Checksum: | 7456ddf0728d922ab42ef51972b619fb |
|
| /// File Name: |
sa20248.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been discovered in Destiney Links Script, which can be exploited by malicious people to conduct script insertion attacks, cross-site scripting attacks, and to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/20248/ | | File Size: | 3049 | | Last Modified: | May 23 20:47:01 2006 |
| MD5 Checksum: | 2099c7ef080bdd7a6f4546b7c4c9f5c3 |
|
| /// File Name: |
glsa-200605-13.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200605-13 - The processing of the COM_TABLE_DUMP command by a MySQL server fails to properly validate packets that arrive from the client via a network socket. Versions less than 4.1.19 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3045 | | Last Modified: | May 17 17:32:14 2006 |
| MD5 Checksum: | b2ca69364a820fd3dee54092a1449d85 |
|
| /// File Name: |
dsa-1056-1.txt |
Description:
|
Debian Security Advisory 1056-1: David Maciejak noticed that webcalendar, a PHP-Based multi-user calendar, returns different error messages on login attempts for an invalid password and a non-existing user, allowing remote attackers to gain information about valid usernames.
| | Homepage: | http://www.debian.org/security | | File Size: | 3020 | | Last Modified: | May 17 17:28:28 2006 |
| MD5 Checksum: | 8df6312e2ed5b0ea238931182afddd37 |
|
| /// File Name: |
sa20044.txt |
Description:
|
Secunia Security Advisory - George D. Gal has reported a vulnerability in Cisco PIX/ASA/FWSM, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/20044/ | | File Size: | 2984 | | Last Modified: | May 9 15:56:56 2006 |
| MD5 Checksum: | a89667585daf9a0fed564af27c7e24c1 |
|
| /// File Name: |
MDKSA-2006-092.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-092: An unspecified vulnerability in mpg123 0.59r allows user-complicit attackers to trigger a segmentation fault and possibly have other impacts via a certain MP3 file, as demonstrated by mpg1DoS3.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 2981 | | Last Modified: | May 29 03:42:45 2006 |
| MD5 Checksum: | 93afd17973170b4ba0ce2b2c2ed67dff |
|
| /// File Name: |
dsa-1058-1.txt |
Description:
|
Debian Security Advisory 1058-1 - Hendrik Weimer discovered that specially crafted web requests can cause awstats, a powerful and featureful web server log analyzer, to execute arbitrary commands.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 2954 | | Related CVE(s): | CVE-2006-2237 | | Last Modified: | May 22 02:06:42 2006 |
| MD5 Checksum: | 2ecbc7810e4691fd5e14f8c47d4c35b8 |
|
| /// File Name: |
sa19984.txt |
Description:
|
Secunia Security Advisory - landser has reported a vulnerability in Quake 3 Engine, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19984/ | | File Size: | 2949 | | Last Modified: | May 5 20:32:43 2006 |
| MD5 Checksum: | e23109728b80b974dea173c19a9d65a1 |
|
| /// File Name: |
glsa-200605-01.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200605-01 - Xfocus Team discovered multiple integer overflows that may lead to a heap-based buffer overflow. Versions less than 1.0.20060415 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2948 | | Last Modified: | May 2 02:02:05 2006 |
| MD5 Checksum: | 7c6f5684e584cba01ec4c5addd941858 |
|
| /// File Name: |
dsa-1061-1.txt |
Description:
|
Debian Security Advisory 1061-1 - It has been discovered that popfile, a bayesian mail classifier, can be forced into a crash through malformed character sets within email messages, which allows denial of service.
| | Author: | Moritz Muehlenhoff | | Homepage: | http://www.debian.org/security/ | | File Size: | 2938 | | Related CVE(s): | CVE-2006-0876 | | Last Modified: | May 22 02:22:00 2006 |
| MD5 Checksum: | eb2b0f3eb650023054d39450753b3bf6 |
|
| /// File Name: |
sa20059.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Eserv/3, which can be exploited by malicious users to bypass certain security restrictions and to disclose potentially sensitive information, and by malicious people to gain access to potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/20059/ | | File Size: | 2936 | | Last Modified: | May 31 17:33:01 2006 |
| MD5 Checksum: | 5c29d8e84ba94951ccbc9184a3c2f579 |
|
| /// File Name: |
dsa-1060-1.txt |
Description:
|
Debian Security Advisory 1060-1 - Jan Rekorajski discovered that the kernel patch for virtual private servers does not limit context capabilities to the root user within the virtual server, which might lead to privilege escalation for some virtual server specific operations.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 2933 | | Related CVE(s): | CVE-2006-2110 | | Last Modified: | May 22 02:21:07 2006 |
| MD5 Checksum: | 6963d7926e2fd2d1ee74bbae2788a8b5 |
|
| /// File Name: |
sa19874.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/19874/ | | File Size: | 2921 | | Last Modified: | May 3 00:53:11 2006 |
| MD5 Checksum: | 8a7e9bf18659a065b83f0bccd45c8fed |
|
| /// File Name: |
sa20373.txt |
Description:
|
Secunia Security Advisory - darkgod has discovered two vulnerabilities in phpMyDesktop|arcade, which can be exploited by malicious people to conduct script insertion attacks, disclose sensitive information, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/20373/ | | File Size: | 2903 | | Last Modified: | May 31 17:33:01 2006 |
| MD5 Checksum: | 3cc6e122f50aefc0e40a4f2186df1007 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
