Section: .. / 0602-advisories /
| /// File Name: |
dsa-960-1.txt |
Description:
|
Debian Security Advisory DSA-960-1 - Niko Tyni discovered that the Mail::Audit module, a Perl library for creating simple mail filters, logs to a temporary file with a predictable filename in an insecure fashion when logging is turned on, which is not the case by default.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 4329 | | Related CVE(s): | CVE-2005-4536 | | Last Modified: | Feb 2 11:58:52 2006 |
| MD5 Checksum: | 9318ac1ecf2b6bfcb3124d1d03a05de4 |
|
| /// File Name: |
dsa-957-2.txt |
Description:
|
Debian Security Advisory DSA 957-2 - Florian Weimer discovered that delegate code in ImageMagick is vulnerable to shell command injection using specially crafted file names. This allows attackers to encode commands inside of graphic commands. With some user interaction, this is exploitable through Gnus and Thunderbird. This update filters out the '$' character as well, which was forgotton in the former update.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 27271 | | Related CVE(s): | CVE-2005-4601 | | Last Modified: | Feb 2 11:57:30 2006 |
| MD5 Checksum: | f21e9c7eaff11f09f1eacdb9f2617500 |
|
| /// File Name: |
sa18697.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious people to conduct HTTP response splitting attacks and potentially to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/18697/ | | File Size: | 3504 | | Last Modified: | Feb 2 11:48:32 2006 |
| MD5 Checksum: | 0ef3bef9357a54a9f26d39a511151988 |
|
| /// File Name: |
mgXSS.txt |
Description:
|
MG2 Image Gallery version 0.5.1 suffers from cross site scripting flaws.
| | Author: | Preben Nylokken | | File Size: | 362 | | Last Modified: | Feb 2 11:48:18 2006 |
| MD5 Checksum: | 917271602cd17a7793b3b747e9b1575d |
|
| /// File Name: |
glsa-200601-17.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-17 - Chris Evans has reported some integer overflows in Xpdf when attempting to calculate buffer sizes for memory allocation, leading to a heap overflow and a potential infinite loop when handling malformed input files. Versions less than 3.01-r5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4673 | | Last Modified: | Feb 2 11:33:04 2006 |
| MD5 Checksum: | 125840275c58cb93c34a6746d723e1ce |
|
| /// File Name: |
glsa-200601-16.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-16 - MyDNS contains an unspecified flaw that may allow a remote Denial of Service. Versions less than 1.1.0 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2415 | | Last Modified: | Feb 2 11:32:54 2006 |
| MD5 Checksum: | 34beec11c94e43edcf90ca938bca0a08 |
|
| /// File Name: |
dsa-959-1.txt |
Description:
|
Debian Security Advisory DSA 959-1 - The Debian Audit Project discovered that unalz, a decompressor for ALZ archives, performs insufficient bounds checking when parsing file names. This can lead to arbitrary code execution if an attacker provides a crafted ALZ archive.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 4695 | | Related CVE(s): | CVE-2005-3862 | | Last Modified: | Feb 2 11:31:24 2006 |
| MD5 Checksum: | 3ba1be5acb2d16b432b31b774178b7bb |
|
| /// File Name: |
sa18686.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for gd. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18686/ | | File Size: | 1711 | | Last Modified: | Feb 2 11:19:07 2006 |
| MD5 Checksum: | 9ce6dbbfc96028fb89957ba71e23080d |
|
| /// File Name: |
sa18684.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information, gain escalated privileges and cause a DoS (Denial of Service), or by malicious people to gain knowledge of potentially sensitive information and potentially cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18684/ | | File Size: | 2711 | | Last Modified: | Feb 2 11:19:07 2006 |
| MD5 Checksum: | fe3be03318cf624321303951e91b7ce5 |
|
| /// File Name: |
sa18637.txt |
Description:
|
Secunia Security Advisory - Hamid Ebadi has reported a vulnerability in FarsiNews, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18637/ | | File Size: | 1952 | | Last Modified: | Feb 2 11:19:07 2006 |
| MD5 Checksum: | 2858796da96bceec4693f3d9a35c08be |
|
| /// File Name: |
mybbInclude.txt |
Description:
|
MyBB version 1.2 suffers from a local file inclusion vulnerability in plugins.php.
| | Author: | D3vil-0x1 | | File Size: | 670 | | Last Modified: | Feb 2 11:13:12 2006 |
| MD5 Checksum: | ae6356a2db2fa7a21ffc549e4a33cd82 |
|
| /// File Name: |
aimOverflow.txt |
Description:
|
It appears that there may be a buffer overflow in AIM when supplied a large username to obtain buddy info.
| | Author: | Shell | | File Size: | 436 | | Last Modified: | Feb 2 11:12:04 2006 |
| MD5 Checksum: | 4f72fdf12607db2fa2746124edc2b77e |
|
| /// File Name: |
easyCMSxss.txt |
Description:
|
EasyCMS is susceptible to cross site scripting attacks.
| | Author: | Preben | | File Size: | 565 | | Last Modified: | Feb 2 11:10:49 2006 |
| MD5 Checksum: | d71fe71311cb793ae27816d0268bedc9 |
|
| /// File Name: |
etomiteCMS.txt |
Description:
|
Etomite CMS version 0.6 has been found backdoored after their site was compromised.
| | Author: | Luca Ercoli | | Homepage: | http://www.lucaercoli.it/ | | File Size: | 2386 | | Last Modified: | Feb 2 00:39:04 2006 |
| MD5 Checksum: | f4f72feed1658a6da072842fd83de60c |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
