Section: .. / 0609-advisories /
| /// File Name: |
sa21738.txt |
Description:
|
Secunia Security Advisory - Sirdarckcat has reported some vulnerabilities in php-revista, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, bypass certain security restrictions, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21738/ | | File Size: | 3448 | | Last Modified: | Sep 6 08:32:48 2006 |
| MD5 Checksum: | 8d1180847755f1ba8c17a87e2880d491 |
|
| /// File Name: |
sa21893.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21893/ | | File Size: | 3425 | | Last Modified: | Sep 13 19:03:55 2006 |
| MD5 Checksum: | 2c3f9f869d3c35dd6712f9f89233f561 |
|
| /// File Name: |
sa21862.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been discovered in vCAP, which can be exploited by malicious people to disclose sensitive information, conduct cross-site scripting attacks, or cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/21862/ | | File Size: | 3386 | | Last Modified: | Sep 13 00:17:26 2006 |
| MD5 Checksum: | 61cd8d8e19da0d52e5af3303adb1a364 |
|
| /// File Name: |
sa22068.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in AirPort, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22068/ | | File Size: | 3378 | | Last Modified: | Sep 22 20:46:32 2006 |
| MD5 Checksum: | dccad8ea290a62e14a830b05b56dde12 |
|
| /// File Name: |
sa22023.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities and a weakness have been reported in CA eTrust Security Command Center, which can be exploited by malicious, local users to disclose or manipulate sensitive information, and by malicious people to disclose system information and bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/22023/ | | File Size: | 3372 | | Last Modified: | Sep 22 20:46:32 2006 |
| MD5 Checksum: | 4fd84807b5c6f9715d898c3c572800b5 |
|
| /// File Name: |
glsa-200609-05.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-05 - Daniel Bleichenbacher discovered that it might be possible to forge signatures signed by RSA keys with the exponent of 3. Versions less than 0.9.7k are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3330 | | Last Modified: | Sep 8 08:46:12 2006 |
| MD5 Checksum: | a5af2cbb97bb054ffa72f7e13664c758 |
|
| /// File Name: |
glsa-200609-16.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-16 - A vulnerability in jhot.php allows for an unrestricted file upload to the img/wiki/ directory. Additionally, an XSS exists in the highlight parameter of tiki-searchindex.php. Versions less than 1.9.5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3324 | | Last Modified: | Sep 27 01:33:51 2006 |
| MD5 Checksum: | e7396c1c1ce5cc251257495a2dbf689d |
|
| /// File Name: |
glsa-200609-14.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-14 - Tavis Ormandy of the Google Security Team discovered a stack and heap buffer overflow in the GIMP XCF Image decoder and multiple heap and integer overflows in the SUN bitmap decoder. Damian Put discovered a heap overflow in the SGI image decoder. Versions less than 6.2.9.5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3318 | | Last Modified: | Sep 27 01:33:37 2006 |
| MD5 Checksum: | 33ec0d9ea1a54338ddea7417e056eefd |
|
| /// File Name: |
sa21659.txt |
Description:
|
Secunia Security Advisory - James Bercegay has discovered some vulnerabilities in CubeCart, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, and to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/21659/ | | File Size: | 3307 | | Last Modified: | Sep 1 10:31:23 2006 |
| MD5 Checksum: | 9601b65dc129d8e3157c7128988425a1 |
|
| /// File Name: |
sa21826.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Stefan E. Newsscript, which can be exploited by malicious people to disclose potentially sensitive information or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21826/ | | File Size: | 3284 | | Last Modified: | Sep 13 00:17:26 2006 |
| MD5 Checksum: | 900cd072d849a96fb7e274a106401e18 |
|
| /// File Name: |
MDKSA-2006-170.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-170: Webmin before 1.296 and Usermin before 1.226 does not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source code, list directories, and possibly execute programs.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 3256 | | Last Modified: | Oct 3 01:39:15 2006 |
| MD5 Checksum: | 04b553f5d6581240b9004ff9cdb976a0 |
|
| /// File Name: |
sa21864.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in libXfont, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/21864/ | | File Size: | 3254 | | Last Modified: | Sep 13 19:03:55 2006 |
| MD5 Checksum: | d4e272c85526a46a0d1c41a7e4849e79 |
|
| /// File Name: |
sa21922.txt |
Description:
|
Secunia Security Advisory - Aliaksandr Hartsuyeu has reported some vulnerabilities within NX5Linx, which can be exploited by malicious people to disclose potentially sensitive information or conduct SQL injection and HTTP response-splitting attacks.
| | Homepage: | http://secunia.com/advisories/21922/ | | File Size: | 3219 | | Last Modified: | Sep 16 03:17:17 2006 |
| MD5 Checksum: | 1af525ce72f462020ec5ed08780f17d3 |
|
| /// File Name: |
glsa-200609-11.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-11 - Queries for SIG records will cause an assertion error if more than one SIG RRset is returned. Additionally, an INSIST failure can be triggered by sending multiple recursive queries if the response to the query arrives after all the clients looking for the response have left the recursion queue. Versions less than 9.3.2-r4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3218 | | Last Modified: | Sep 16 10:02:51 2006 |
| MD5 Checksum: | 082159a1cc8ea4434f4227d8c87d1214 |
|
| /// File Name: |
sa22031.txt |
Description:
|
Secunia Security Advisory - Kacper has discovered some vulnerabilities in Php Blue Dragon CMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22031/ | | File Size: | 3200 | | Last Modified: | Sep 22 01:56:25 2006 |
| MD5 Checksum: | 53a881119bac71c60664bb036fee1977 |
|
| /// File Name: |
sa21863.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Publisher, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21863/ | | File Size: | 3198 | | Last Modified: | Sep 13 00:17:26 2006 |
| MD5 Checksum: | fdb0f4ad8933a0575284df93ac1c8017 |
|
| /// File Name: |
sa21927.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/21927/ | | File Size: | 3188 | | Last Modified: | Sep 16 03:17:17 2006 |
| MD5 Checksum: | 16c5081638f248dad94f27894fa084f8 |
|
| /// File Name: |
glsa-200609-07.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200609-07 - Several integer overflows have been found in the CID font parser. Versions less than 1.2.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3185 | | Last Modified: | Sep 14 09:24:07 2006 |
| MD5 Checksum: | 716b6057c27d708ea960615dce336aba |
|
| /// File Name: |
sa21703.txt |
Description:
|
Secunia Security Advisory - DarkFig has discovered some vulnerabilities in ezContents, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21703/ | | File Size: | 3170 | | Last Modified: | Sep 1 10:31:54 2006 |
| MD5 Checksum: | fe1f97ba0b82e42932e76abed8ae2d18 |
|
| /// File Name: |
sa22046.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Cisco Intrusion Detection System and Cisco Intrusion Prevention System, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/22046/ | | File Size: | 3159 | | Last Modified: | Sep 22 01:56:25 2006 |
| MD5 Checksum: | 2615e1beb8cfc99d72f621812b4a88eb |
|
| /// File Name: |
sa21884.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Symantec Client Security and Symantec AntiVirus Corporate Edition, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/21884/ | | File Size: | 3150 | | Last Modified: | Sep 15 00:28:53 2006 |
| MD5 Checksum: | 6443146baebf971d428bcf4d1e22fc8d |
|
| /// File Name: |
sa21680.txt |
Description:
|
Secunia Security Advisory - MATASANOS has discovered some vulnerabilities in YACS, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21680/ | | File Size: | 3144 | | Last Modified: | Sep 6 08:32:48 2006 |
| MD5 Checksum: | b42668f697b172907b27d89d8cc78f84 |
|
| /// File Name: |
sa22000.txt |
Description:
|
Secunia Security Advisory - Jonathan Rockway has reported some vulnerabilities in Feedsplitter, which can be exploited by malicious people to disclose certain sensitive information, conduct script insertion attacks, or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/22000/ | | File Size: | 3114 | | Last Modified: | Sep 22 20:46:32 2006 |
| MD5 Checksum: | f0644afab7756c9f89eaf48945cfa91e |
|
| /// File Name: |
secadv_20060905.txt |
Description:
|
OpenSSL Security Advisory - Daniel Bleichenbacher recently described an attack on PKCS #1 version 1.5 signatures. If an RSA key with exponent 3 is used it may be possible to forge a PKCS #1 version 1.5 signature signed by that key. Implementations may incorrectly verify the certificate if they are not checking for excess data in the RSA exponentiation result of the signature. Since there are CAs using exponent 3 in wide use, and PKCS #1 version 1.5 is used in X.509 certificates, all software that uses OpenSSL to verify X.509 certificates is potentially vulnerable, as well as any other use of PKCS #1 version 1.5. This includes software that uses OpenSSL for SSL or TLS. OpenSSL versions up to 0.9.7j and 0.9.8b are affected.
| | Homepage: | http://www.openssl.org/ | | File Size: | 3082 | | Related CVE(s): | CAN-2006-4339 | | Last Modified: | Sep 7 10:41:36 2006 |
| MD5 Checksum: | 7f355d2434c311c39a165bf5d82e0bd4 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
