Section: .. / 0610-advisories /
| /// File Name: |
ZDI-06-035.txt |
Description:
|
ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory. Authentication is not required to exploit this vulnerability.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2739 | | Last Modified: | Oct 27 18:52:05 2006 |
| MD5 Checksum: | 928c64a06a35b3c6ce74278706c98a04 |
|
| /// File Name: |
glsa-200610-13.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200610-13 - Luigi Auriemma reported that the XM loader of Cheese Tracker contains a buffer overflow vulnerability in the loader_XM::load_intrument_internal() function from loaders/loader_xm.cpp. Versions less than 0.9.9-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2623 | | Last Modified: | Oct 27 18:51:20 2006 |
| MD5 Checksum: | 369448ff5048e7e7605530a62b69dbae |
|
| /// File Name: |
MDKSA-2006-187.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-187: An integer overflow was discovered in the way that Qt handled pixmap images. This flaw could be exploited by a remote attacker in a malicious website that, when viewed by an individual using an application that uses Qt (like Konqueror), would cause it to crash or possibly execute arbitrary code with the privileges of the user.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 17242 | | Last Modified: | Oct 27 18:47:53 2006 |
| MD5 Checksum: | 6c2bebf745cf9f732efbd0514af5d654 |
|
| /// File Name: |
CruiseWorks.txt |
Description:
|
Two vulnerabilities have been found in CruiseWorks. When exploited, the vulnerabilities allow an authenticated user to retrieve arbitrary files accessible to the web server process and to execute arbitrary code with privileges of the IIS IUSR_MACHINE account.
| | Author: | TAN Chew Keong | | Homepage: | http://vuln.sg/cruiseworks109d-en.html | | File Size: | 809 | | Last Modified: | Oct 27 16:46:55 2006 |
| MD5 Checksum: | 2ab742debc13449fdee056d54da5c558 |
|
| /// File Name: |
firefox-2.0.xss.txt |
Description:
|
Possible Firefox 2.0 Iframe cross site scripting vulnerability.
| | Author: | auto113922 | | File Size: | 530 | | Last Modified: | Oct 27 16:39:03 2006 |
| MD5 Checksum: | b14e97ed9699d198d2293d941b99ac74 |
|
| /// File Name: |
SYM06-022.txt |
Description:
|
SYM06-022 Symantec Device Driver Elevation of Privilege: Boon Seng Lim notified Symantec of a vulnerability in SAVRT.SYS which could allow a malicious user to use the output buffer of DeviceIOControl()to overwrite kernel addresses because the address space of the output buffer was not properly validated. A successful exploit could potentially allow a local attacker to execute code of their choice with elevated privileges, or to crash the system.
| | Homepage: | http://www.symantec.com/ | | File Size: | 2118 | | Last Modified: | Oct 27 16:22:36 2006 |
| MD5 Checksum: | c57189b4c03729cc26532a9d618a88c1 |
|
| /// File Name: |
Oracle-XDB.DBMS_XDBZ0.txt |
Description:
|
The package XDB.DBMS_XDBZ0 contains SQL injection vulnerabilities in the procedure enable_hierarchy_internal [DB01], disable_hierarchiy_internal [DB15]. Oracle fixed this problem by using bind variables and verifying table names.
| | Homepage: | http://www.red-database-security.com/ | | File Size: | 1266 | | Last Modified: | Oct 27 16:02:52 2006 |
| MD5 Checksum: | d06a30dc9b5e57841ebbd5718c7ab958 |
|
| /// File Name: |
Oracle-SYS.DBMS_SQLTUNE_INTERNAL.tx..> |
Description:
|
The package DBMS_SQLTUNE_INTERNAL contains SQL injection vulnerabilities. in I_SET_TUNING_PARAMETER and SELECT_SQLSET. Oracle fixed this by using bind variables in their dynamic SQL statements.
| | Homepage: | http://www.red-database-security.com/ | | File Size: | 1216 | | Last Modified: | Oct 27 16:01:58 2006 |
| MD5 Checksum: | 664b8704b1300b92075f054130c86a3b |
|
| /// File Name: |
Oracle-MDSYS.SDO_LRS.txt |
Description:
|
The Oracle package MDSYS.SDO_LRS contains a SQL injection vulnerability in the first parameter of convert_to_lrs_layer. Oracle forgot to fix this problem with the April CPU. Oracle fixed these vulnerabilities with the package DBMS_ASSERT. To exploit this vulnerability it is necessary to have the privilege to create a PL/SQL-function.
| | Homepage: | http://www.red-database-security.com/ | | File Size: | 1634 | | Last Modified: | Oct 27 16:01:33 2006 |
| MD5 Checksum: | c08a866ee3e3b65c0affcb9875a99500 |
|
| /// File Name: |
OracleReports.txt |
Description:
|
The Oracle Reports parameters showenv [REP01], parsequery [REP01], cellwrapper [REP02] and delimiter [REP02] are vulnerable against Cross-Site-Scripting.
| | Homepage: | http://www.red-database-security.com | | File Size: | 1312 | | Last Modified: | Oct 27 16:01:01 2006 |
| MD5 Checksum: | 6060750eb30eee3c2bd69fdd13b518c5 |
|
| /// File Name: |
Oracle9i-views.txt |
Description:
|
Oracle 9i - 10g Rel.2 Advisory: Updates, deletes and inserts are possible with least-privilege via inline views. A user with create session only can insert/update/delete data (e.g. the dual table). This bug is similar but not identical to the bug which was fixed in the July 2006 CPU (Modify Data via views). No workarounds available.
| | Homepage: | http://www.red-database-security.com | | File Size: | 1283 | | Last Modified: | Oct 27 16:00:20 2006 |
| MD5 Checksum: | cf762d9e0c828e3656cb4ee534d82499 |
|
| /// File Name: |
Oracle-WWV_FLOW_UTILITIES.txt |
Description:
|
The list of values (LOV) in Oracle wwv_flow_utilities.gen_popup_list contains a SQL injection vulnerability. Depending of the APEX application it is possible to inject custom SQL statements.
| | Homepage: | http://www.red-database-security.com/ | | File Size: | 2379 | | Last Modified: | Oct 27 15:58:53 2006 |
| MD5 Checksum: | 6ffde6f3c95ad4d2c95266135d924694 |
|
| /// File Name: |
PHPADSNEW-SA-2006-002.txt |
Description:
|
phpAdsNew / phpPgAds security advisory PHPADSNEW-SA-2006-002: Some scripts inside the admin interface were displaying parameters collected by the delivery scripts without proper sanitizing or escaping. The delivery scripts have public access, while the admin interface is restricted to logged in users. An attacker could inject HTML/XSS code which could be displayed/executed in a later time inside the admin interface.
| | Homepage: | http://phpadsnew.com/ | | File Size: | 1678 | | Last Modified: | Oct 27 15:55:00 2006 |
| MD5 Checksum: | 9eedf157e1b34d5f05630a8cee490cfd |
|
| /// File Name: |
Zwahlenshop.txt |
Description:
|
Zwahlen's Online Shop suffers from a cross site scripting vulnerability in article.htm.
| | Author: | MC Iglo | | File Size: | 229 | | Last Modified: | Oct 27 15:49:09 2006 |
| MD5 Checksum: | 01ccb3bf68f0baddba063cb77cd14b52 |
|
| /// File Name: |
10.21.06-1.txt |
Description:
|
iDefense Security Advisory 10.21.06 - Novell eDirectory NCP over IP length Heap Overflow Vulnerability: Remote exploitation of a heap overflow vulnerability in Novell Inc.'s eDirectory product could allow an attacker to execute arbitrary code in the context of the running daemon.
| | Homepage: | http://www.idefense.com/intelligence/vulnerabilities/ | | File Size: | 3623 | | Last Modified: | Oct 27 15:48:20 2006 |
| MD5 Checksum: | 6c66886fa28d55c86470553c39e15c80 |
|
| /// File Name: |
10.21.06-2.txt |
Description:
|
iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Heap Overflow Vulnerability - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s eDirectory product could allow an attacker to execute arbitrary code in the context of the running daemon.
| | Homepage: | http://www.idefense.com/intelligence/vulnerabilities/ | | File Size: | 3835 | | Last Modified: | Oct 27 15:47:38 2006 |
| MD5 Checksum: | 094931b68ae22029cc2a7590d8a98955 |
|
| /// File Name: |
10.21.06-3.txt |
Description:
|
iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Invalid Free Vulnerability - Remote exploitation of an invalid free vulnerability in Novell Inc.'s eDirectory product could allow an attacker to execute arbitrary code in the context of the running daemon.
| | Homepage: | http://www.idefense.com/intelligence/vulnerabilities/ | | File Size: | 3858 | | Last Modified: | Oct 27 15:45:28 2006 |
| MD5 Checksum: | a7b36f795b099b4a76e4610841f3cd86 |
|
| /// File Name: |
cmd.exe.txt |
Description:
|
It is possible to crash CMD.EXE in windows via a buffer overflow.
| | Author: | napa | | File Size: | 1524 | | Last Modified: | Oct 27 15:39:21 2006 |
| MD5 Checksum: | 4e9b8017ca827552a8a355a9331e83d7 |
|
| /// File Name: |
sa22397.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for Qt. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/22397/ | | File Size: | 8596 | | Last Modified: | Oct 27 14:39:08 2006 |
| MD5 Checksum: | cd98f7f5274db1ec4edff80a169f329a |
|
| /// File Name: |
sa22483.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in LedgerSMB, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/22483/ | | File Size: | 2497 | | Last Modified: | Oct 27 14:39:08 2006 |
| MD5 Checksum: | b7f10dbec410d97b224c19b026bd1e41 |
|
| /// File Name: |
sa22513.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in various Reflection products, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/22513/ | | File Size: | 2583 | | Last Modified: | Oct 27 14:39:08 2006 |
| MD5 Checksum: | c934c7f806534557759df245a63aea5a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
