Section: .. / 0608-advisories /
| /// File Name: |
MDKSA-2006-155.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-155 - Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun bitmap images that trigger heap-based buffer overflows. An integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large bytes_per_pixel, columns, and rows values, which trigger a heap-based buffer overflow.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 5285 | | Related CVE(s): | CVE-2006-3743, CVE-2006-3744, CVE-2006-4144 | | Last Modified: | Aug 29 13:09:43 2006 |
| MD5 Checksum: | e512f9d3613621def450aad30b76ea2d |
|
| /// File Name: |
glsa-200608-28.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200608-28 - The sscanf() PHP function contains an array boundary error that can be exploited to dereference a null pointer. This can possibly allow the bypass of the safe mode protection by executing arbitrary code. Versions less than 5.1.4-r6 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2940 | | Last Modified: | Aug 29 13:07:27 2006 |
| MD5 Checksum: | 0f87c08c2790a2f549fcaa75499511db |
|
| /// File Name: |
glsa-200608-27.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200608-27 - In November 2005, Zone-H Research reported a boundary error in the ktools library in the VGETSTRING() macro of kkstrtext.h, which may cause a buffer overflow via an overly long input string. Versions less than 3.4.0-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2892 | | Last Modified: | Aug 29 13:06:50 2006 |
| MD5 Checksum: | ba321d1d7e73806185ca8165c086bd4b |
|
| /// File Name: |
glsa-200608-26.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200608-26 - The following vulnerabilities have been discovered in Wireshark. Firstly, if the IPsec ESP parser is used it is susceptible to off-by-one errors, this parser is disabled by default; secondly, the SCSI dissector is vulnerable to an unspecified crash; and finally, the Q.2931 dissector of the SSCOP payload may use all the available memory if a port range is configured. By default, no port ranges are configured. Versions less than 0.99.3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3359 | | Last Modified: | Aug 29 13:06:28 2006 |
| MD5 Checksum: | 42042525794558383d89ddfe6017ab99 |
|
| /// File Name: |
MDKSA-2006-154.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-154 - The libXm library in LessTif versions 0.95.0 and earlier allows local users to gain privileges via the DEBUG_FILE environment variable, which is used to create world-writable files when libXm is run from a setuid program.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4833 | | Related CVE(s): | CVE-2006-4124 | | Last Modified: | Aug 29 13:00:05 2006 |
| MD5 Checksum: | 2173c0f4d5d32c1a6073bad6c3fc4a30 |
|
| /// File Name: |
MDKSA-2006-153.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-153 - A stack-based buffer overflow in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code. A buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format record in which the length character is not a valid hexadecimal character.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4407 | | Related CVE(s): | CVE-2005-4807, CVE-2006-2362 | | Last Modified: | Aug 29 12:58:56 2006 |
| MD5 Checksum: | db71ffc94da6ff91a51660da2b149cd4 |
|
| /// File Name: |
SYMSA-2006-09.txt |
Description:
|
Symantec Security Advisory - A connection from a SAP-DB/MaxDB WebDBM Client to the DBM Server causes a buffer overflow when the given database name is too large. This can result in the execution of arbitrary code in the context of the database server. Affected version is SAP-DB/MaxDB 7.6.00.22.
| | Author: | Oliver Karow | | Homepage: | http://www.symantec.com/research | | File Size: | 5067 | | Related CVE(s): | CVE-2006-4305 | | Last Modified: | Aug 29 12:57:14 2006 |
| MD5 Checksum: | 1a4f3efe490fe07cf59ec186e15920e4 |
|
| /// File Name: |
sa21561.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in CJ Tag Board, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21561/ | | File Size: | 2527 | | Last Modified: | Aug 29 12:55:20 2006 |
| MD5 Checksum: | 751d4d62e8e8b58beabb9382770850d3 |
|
| /// File Name: |
sa21634.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mozilla. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21634/ | | File Size: | 27601 | | Last Modified: | Aug 29 12:55:20 2006 |
| MD5 Checksum: | 0e940896b89fab3affc87a3de6d9fbd9 |
|
| /// File Name: |
sa21635.txt |
Description:
|
Secunia Security Advisory - kefka has discovered a vulnerability in HLstats, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/21635/ | | File Size: | 2278 | | Last Modified: | Aug 29 12:55:20 2006 |
| MD5 Checksum: | c67269bc6f4886e107f3cd5c1302e98b |
|
| /// File Name: |
sa21640.txt |
Description:
|
Secunia Security Advisory - SHiKaA has discovered a vulnerability in Web3news, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/21640/ | | File Size: | 2433 | | Last Modified: | Aug 29 12:55:20 2006 |
| MD5 Checksum: | e0e76daa908cced674318b84ff110fa4 |
|
| /// File Name: |
sa21650.txt |
Description:
|
Secunia Security Advisory - Some security issues have been reported in X.Org X11, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/21650/ | | File Size: | 2743 | | Last Modified: | Aug 29 12:55:20 2006 |
| MD5 Checksum: | 2d73067f532172fbdc55a8cc4d2efdaf |
|
| /// File Name: |
sa21660.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for multiple packages. This fixes some security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/21660/ | | File Size: | 2834 | | Last Modified: | Aug 29 12:55:20 2006 |
| MD5 Checksum: | bbcf42ded70c0a82adb9888773ffb59a |
|
| /// File Name: |
sa21666.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Joomla!, where some have unknown impacts, and others can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/21666/ | | File Size: | 3204 | | Last Modified: | Aug 29 12:55:20 2006 |
| MD5 Checksum: | e0c1d5ffdca0a078364594494b8477c5 |
|
| /// File Name: |
sa21667.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in PmWiki, which potentially can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/21667/ | | File Size: | 2350 | | Last Modified: | Aug 29 12:55:20 2006 |
| MD5 Checksum: | 3f9441fe5616c7b295864393675d1056 |
|
| /// File Name: |
glsa-200608-25.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200608-25 - Several X.org libraries and X.org itself contain system calls to set*uid() functions, without checking their result. Versions less than 1.0.4-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 5408 | | Last Modified: | Aug 28 23:18:22 2006 |
| MD5 Checksum: | 85856a37798bd3882480b4d577f911a8 |
|
| /// File Name: |
cybozuSQL.txt |
Description:
|
Some SQL injection vulnerabilities have been found in Cybozu Garoon 2 version 2.1.0 for Windows. When exploited by a logged on user, the vulnerabilities allow for manipulation of SQL statements which can lead to disclosure of information from the database, or to cause the backend MySQL database to consume large amount of CPU resources.
| | Author: | Tan Chew Keong | | Homepage: | http://vuln.sg/ | | File Size: | 820 | | Last Modified: | Aug 28 23:07:33 2006 |
| MD5 Checksum: | 347231623e54e0353d915054775d085c |
|
| /// File Name: |
cybozuFile.txt |
Description:
|
A vulnerability has been found in Cybozu Products. When exploited, the vulnerability allows an authenticated user to retrieve arbitrary files accessible to the web server process. Affected versions include Cybozu Office version 6.5 for Windows and Cybozu Share 360 version 2.5 for Windows.
| | Author: | Tan Chew Keong | | Homepage: | http://vuln.sg/ | | File Size: | 784 | | Last Modified: | Aug 28 23:06:16 2006 |
| MD5 Checksum: | e7e15384cfafa97eadf981ea2f98b541 |
|
| /// File Name: |
XSec-06-10.txt |
Description:
|
An invalid memory write in Internet Explorer may lead to a denial of service condition or execution of arbitrary code.
| | Author: | nop | | Homepage: | http://www.xsec.org/ | | File Size: | 1288 | | Last Modified: | Aug 28 23:03:33 2006 |
| MD5 Checksum: | d4f58ef069ccf8ef892bedfc0d937e92 |
|
| /// File Name: |
myspace.txt |
Description:
|
Myspace.com appears to have a worm propagating via user pages.
| | Author: | Matthew Wollenweber | | File Size: | 4173 | | Last Modified: | Aug 28 23:02:42 2006 |
| MD5 Checksum: | 5dc702af1a82b665f4cf519e20f3c8d5 |
|
| /// File Name: |
sa21645.txt |
Description:
|
Secunia Security Advisory - Redworm has discovered a vulnerability in MyBB, which can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/21645/ | | File Size: | 2433 | | Last Modified: | Aug 28 23:00:48 2006 |
| MD5 Checksum: | d4500bb20f8e23452eda21d200f4898e |
|
| /// File Name: |
sa21630.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in various Dell Color Laser Printers, which can be exploited by malicious people to bypass certain security restrictions or to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/21630/ | | File Size: | 3633 | | Last Modified: | Aug 28 23:00:37 2006 |
| MD5 Checksum: | 89297cf4241adbc5fd484dff9e26ff4b |
|
| /// File Name: |
sa21631.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and HTTP response smuggling attacks, disclose sensitive information and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/21631/ | | File Size: | 2768 | | Last Modified: | Aug 28 23:00:37 2006 |
| MD5 Checksum: | b197c050ec080c2809ac2752b09f4610 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
