Section: .. / 0607-advisories /
| /// File Name: |
sa21229.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21229/ | | File Size: | 2031 | | Last Modified: | Jul 27 21:04:26 2006 |
| MD5 Checksum: | 538914425959399896185251b7be54ca |
|
| /// File Name: |
sa21234.txt |
Description:
|
Secunia Security Advisory - uNfz has reported a vulnerability in WMNews, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21234/ | | File Size: | 2148 | | Last Modified: | Jul 27 21:04:26 2006 |
| MD5 Checksum: | 4b62438ce3752324a42b38b177bc787f |
|
| /// File Name: |
sa21235.txt |
Description:
|
Secunia Security Advisory - Ben Wheeler has reported a vulnerability in TWiki, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21235/ | | File Size: | 2395 | | Last Modified: | Jul 27 21:04:26 2006 |
| MD5 Checksum: | db0b384dd726031eb58dfa3bed0bad5b |
|
| /// File Name: |
sa21239.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Dokeos, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/21239/ | | File Size: | 2255 | | Last Modified: | Jul 28 13:18:05 2006 |
| MD5 Checksum: | b97163df628645cc97c6edd5cabe2d67 |
|
| /// File Name: |
sa21251.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Sun Java System Application Server (SJSAS) and Sun Java System Web Server (SJSWS), which can be exploited by malicious people to gain knowledge of sensitive information.
| | Homepage: | http://secunia.com/advisories/21251/ | | File Size: | 4699 | | Last Modified: | Jul 28 13:18:05 2006 |
| MD5 Checksum: | 0abdeb437b4928c2ef7f8ee09a7c6248 |
|
| /// File Name: |
Savant2.txt |
Description:
|
Savant2 suffers from a remote file inclusion vulnerability.
| | Author: | botan | | File Size: | 1812 | | Last Modified: | Jul 24 01:02:12 2006 |
| MD5 Checksum: | ce6ef08a703c8873936ef08266f0a4e6 |
|
| /// File Name: |
scip-2351.txt |
Description:
|
Kyberna AG ky2help is susceptible to SQL injection attacks.
| | Author: | Marc Ruef | | Homepage: | http://www.scip.ch/ | | File Size: | 3524 | | Last Modified: | Jul 9 06:48:57 2006 |
| MD5 Checksum: | c2ac86924ebbf059ddc9a8f66ef78a8b |
|
| /// File Name: |
scip-2352.txt |
Description:
|
F5 FirePass 4100 versions below 6.x suffer from multiple cross site scripting flaws.
| | Author: | Marc Ruef | | Homepage: | http://www.scip.ch/ | | File Size: | 3052 | | Last Modified: | Jul 9 06:49:53 2006 |
| MD5 Checksum: | 13fae8fd01d2859c11fe3abf8cdac74a |
|
| /// File Name: |
SCOSA-2006.26.txt |
Description:
|
SCO Security Advisory SCOSA-2006.26 - The Mozilla 1.7.13 browser contains fixes for several security issues resolved by Mozilla.org developers since the release of Mozilla 1.7.12.
| | Author: | SCO | | Homepage: | http://www.sco.com/support/security/index.html | | File Size: | 3112 | | Last Modified: | Jul 13 18:57:20 2006 |
| MD5 Checksum: | 2ff655bb40295d62287b108ce0349359 |
|
| /// File Name: |
ScozNews-1.1.txt |
Description:
|
ScozNews Final-Php versions equal to and less than 1.1 suffer from a remote file inclusion vulnerability.
| | Homepage: | http://www.cyber-warrior.org | | File Size: | 628 | | Last Modified: | Jul 13 20:12:58 2006 |
| MD5 Checksum: | 823367a48e498341abf0cb49f1401c6e |
|
| /// File Name: |
secunia-AutoVue.txt |
Description:
|
Secunia Research has discovered a vulnerability in AutoVue SolidModel Professional Desktop Edition, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the handling of ARJ, RAR, and ZIP archives. This can be exploited to cause a stack-based buffer overflow when a malicious archive containing a file with an overly long filename is opened. Successful exploitation allows execution of arbitrary code. AutoVue SolidModel Professional Desktop Edition version 19.1 Build 5993 is affected. Other versions may also be affected.
| | Author: | Tan Chew Keong | | Homepage: | http://secunia.com/ | | File Size: | 3570 | | Related CVE(s): | CVE-2006-3350 | | Last Modified: | Jul 27 21:54:29 2006 |
| MD5 Checksum: | c224b91fd18fa7800c8b62df0d7b94fb |
|
| /// File Name: |
secunia-BitZipper.txt |
Description:
|
Secunia Research has discovered a vulnerability in BitZipper, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in UNACEV2.DLL when extracting an ACE archive containing a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when a user extracts a specially crafted ACE archive. BitZipper version 4.1 SR-1 is affected.
| | Homepage: | http://secunia.com/ | | File Size: | 3497 | | Related CVE(s): | CVE-2005-2856 | | Last Modified: | Jul 20 04:18:39 2006 |
| MD5 Checksum: | ceaea1cc244de9cdab7e77054f732258 |
|
| /// File Name: |
secunia-FileCOPA.txt |
Description:
|
Secunia Research has discovered a vulnerability in FileCOPA, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to an integer underflow error in the FTP service (filecpnt.exe) when processing directory arguments passed to certain FTP commands (e.g. "CWD", "DELE", "MDTM", and "MKD"). This can be exploited to cause a stack-based buffer overflow by passing a specially crafted, overly long argument to one of the affected FTP commands. Successful exploitation allows execution of arbitrary code. Versions below 1.01 are affected.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4247 | | Related CVE(s): | CVE-2006-3768 | | Last Modified: | Jul 26 05:00:37 2006 |
| MD5 Checksum: | cbcc6166e39d9608e8505eee337a6a75 |
|
| /// File Name: |
secunia-IceWarp2.txt |
Description:
|
Secunia Research has discovered two vulnerabilities in IceWarp Web Mail, which can be exploited by malicious users and by malicious people to disclose potentially sensitive information and compromise a vulnerable system. Merak Mail Server version 8.3.8.r with IceWarp Web Mail 5.6.0 is affected.
| | Author: | Tan Chew Keong | | Homepage: | http://secunia.com/ | | File Size: | 5055 | | Related CVE(s): | CVE-2006-0817, CVE-2006-0818 | | Last Modified: | Jul 20 04:22:24 2006 |
| MD5 Checksum: | 39bc9f41181dc657e3ae19ead7fc1ff6 |
|
| /// File Name: |
secunia-Visnetic2.txt |
Description:
|
Secunia Research has discovered two vulnerabilities in Visnetic Mail Server, which can be exploited by malicious users and by malicious people to disclose potentially sensitive information and to compromise a vulnerable system. Visnetic Mail Server version 8.3.5 is affected.
| | Author: | Tan Chew Keong | | Homepage: | http://secunia.com/ | | File Size: | 5107 | | Related CVE(s): | CVE-2006-0817, CVE-2006-0818 | | Last Modified: | Jul 20 04:20:46 2006 |
| MD5 Checksum: | a137661fb0be3c66a330d6b15bff1c40 |
|
| /// File Name: |
secunia-XPCOM.txt |
Description:
|
Secunia Research has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an memory corruption error within the handling of simultaneously happening XPCOM events resulting in the use of a deleted timer object. Successful exploitation allows execution of arbitrary code. Versions below 1.5.0.5 are susceptible.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 3939 | | Related CVE(s): | CVE-2006-3113 | | Last Modified: | Jul 27 23:24:45 2006 |
| MD5 Checksum: | bde6b1169cfc76eb2977349723567c93 |
|
| /// File Name: |
smbd-DoS.txt |
Description:
|
Samba versions 3.0.1 through 3.0.22 suffer from a memory exhaustion vulnerable in smbd that can result in a denial of service.
| | Homepage: | http://www.samba.org/ | | File Size: | 1632 | | Related CVE(s): | CAN-2006-1059 | | Last Modified: | Jul 12 05:03:38 2006 |
| MD5 Checksum: | 0fe61d58e1396ef0752d2060697ff0b1 |
|
| /// File Name: |
SMBinfodisclose.txt |
Description:
|
An information disclosure vulnerability exists in the Microsoft Server service that could allow an attacker to retrieve fragments of memory from an affected host via the host's SMB server. Affected products include Microsoft Windows 2000, Microsoft Windows XP with Service Pack 1, Microsoft Windows XP with Service Pack 2, Microsoft Windows Server 2003, and Microsoft Windows Server 2003 with Service Pack 1.
| | Author: | Mike Price, Rafal Wojtczuk | | File Size: | 2706 | | Related CVE(s): | CVE-2006-1315 | | Last Modified: | Jul 12 05:27:51 2006 |
| MD5 Checksum: | 9358377db91461b8a827dad50e37321b |
|
| /// File Name: |
sparklet094.txt |
Description:
|
Sparklet versions 0.9.4try3 and below suffer from a format string vulnerability.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | File Size: | 1972 | | Last Modified: | Jul 9 07:59:14 2006 |
| MD5 Checksum: | 57692b1f37a10774a9780c1fb9b8a8e2 |
|
| /// File Name: |
speedstreamDoS.txt |
Description:
|
Siemens Speedstream routers are susceptible to a denial of service condition when sent a malformed packet.
| | Author: | Jaime Blasco | | File Size: | 2184 | | Last Modified: | Jul 26 03:26:57 2006 |
| MD5 Checksum: | 86e77b9f30475716d92df56b3f29d363 |
|
| /// File Name: |
SSRT051057-2.txt |
Description:
|
HPSBUX02120 SSRT051057 rev.2 - HP-UX Local Denial of Service (DoS): A potential security vulnerability has been identified in the HP-UX kernel. The potential vulnerability could be exploited by a local authorized user to create a Denial of Service (DoS).
| | Author: | HP | | Homepage: | http://www.hp.com | | File Size: | 5809 | | Last Modified: | Jul 14 20:08:54 2006 |
| MD5 Checksum: | c7d8087372c25ad959ba5d23a4292106 |
|
| /// File Name: |
SSRT061154.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with the HP Tru64 UNIX operating system running NIS ypserv. The vulnerability could be remotely exploited to cause a Denial of Service (DoS).
| | Author: | HP | | Homepage: | http://www.hp.com | | File Size: | 6593 | | Last Modified: | Jul 20 05:50:50 2006 |
| MD5 Checksum: | 55b89fd2b216884a7257514ce216de6f |
|
| /// File Name: |
SSRT061201.txt |
Description:
|
HP Security Bulletin - Oracle(R) has issued a Critical Patch Update which contains solutions for a number of potential security vulnerabilities. These vulnerabilities may be exploited locally or remotely to compromise the confidentiality, availability or integrity of Oracle for OpenView (OfO).
| | Author: | HP | | Homepage: | http://www.hp.com | | File Size: | 8082 | | Last Modified: | Jul 24 00:34:19 2006 |
| MD5 Checksum: | ae5d50e42dc703f6210c72c32d054222 |
|
| /// File Name: |
SUSE-SA-2006-038.txt |
Description:
|
SUSE Security Announcement SUSE-SA:2006:038 - Multiple flaws have been addressed in Opera. An integer overflow vulnerability exists in the Opera Web Browser due to the improper handling of JPEG files. Also, Opera did not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.
| | Homepage: | http://www.suse.com | | File Size: | 14513 | | Related CVE(s): | CVE-2006-3198, CVE-2006-3331 | | Last Modified: | Jul 9 06:01:46 2006 |
| MD5 Checksum: | 58c188bfe06b8200d76e994a6e6dbd2d |
|
| /// File Name: |
SUSE-SA-2006-039.txt |
Description:
|
SUSE Security Announcement SUSE-SA:2006:039 - The KDE Display Manager KDM stores the type of the previously used session in the user's home directory. By using a symlink a local attacker could trick kdm into also storing content of files that are normally not accessible by users, like for instance /etc/shadow.
| | Homepage: | http://www.suse.com | | File Size: | 14404 | | Related CVE(s): | CVE-2006-2449 | | Last Modified: | Jul 9 06:03:08 2006 |
| MD5 Checksum: | afd0358626f0526244b53ab6e7aae08b |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
