.:[ packet storm ]:.
                             
beyond paranoid
beyond paranoid

 Section:  .. / 0612-advisories  /

Page 3 of 22
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 >> Files 50 - 75 of 546
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: dsa-1240-1.txt
Description:
 Debian Security Advisory 1240-1 - Teemu Salmela discovered that the links2 character mode web browser performs insufficient sanitizing of smb:// URIs, which might lead to the execution of arbitrary shell commands.
Homepage:http://www.debian.org/security
File Size:3904
Related CVE(s):CVE-2006-5925
Last Modified:Dec 22 01:28:46 2006
MD5 Checksum:9c7071225feb82126fb74828c98cbf9f

 ///  File Name: dsa-1241-1.txt
Description:
 Debian Security Advisory 1241-1 - In Squirrelmail, Martijn Brinkers discovered cross site scripting vulnerabilities in the the mailto parameter of webmail.php, the session and delete_draft parameters of compose.php and through a shortcoming in the magicHTML filter. An attacker could abuse these to execute malicious JavaScript in the user's webmail session.
Homepage:http://www.debian.org/security
File Size:3370
Related CVE(s):CVE-2006-6142
Last Modified:Dec 28 01:53:40 2006
MD5 Checksum:54dc60aafa95a2610bdcbcc6c0bb83a1

 ///  File Name: dsa-1242-1.txt
Description:
 Debian Security Advisory 1242-1 - Several remote vulnerabilities have been discovered in elog, a web-based electronic logbook, which may lead to the execution of arbitrary code.
Homepage:http://www.debian.org/security
File Size:5979
Related CVE(s):CVE-2006-5063, CVE-2006-5790, CVE-2006-5791, CVE-2006-6318
Last Modified:Dec 28 02:10:54 2006
MD5 Checksum:675e87522391e1a9f9e49fe74cd0334d

 ///  File Name: dsa-1243-1.txt
Description:
 Debian Security Advisory 1243-1 - Renaud Lifchitz discovered that gv, the PostScript and PDF viewer for X, performs insufficient boundary checks in the Postscript parsing code, which allows the execution of arbitrary code through a buffer overflow. Evince embeds a copy of gv and needs an update as well.
Homepage:http://www.debian.org/security
File Size:5220
Related CVE(s):CVE-2006-5864
Last Modified:Dec 28 02:26:50 2006
MD5 Checksum:e30292c1a015ebc42f2895df553de727

 ///  File Name: dsa-1244-1.txt
Description:
 Debian Security Advisory 1244-1 - It was discovered that the Xine multimedia library performs insufficient sanitizing of Real streams, which might lead to the execution of arbitrary code through a buffer overflow.
Homepage:http://www.debian.org/security
File Size:6984
Related CVE(s):CVE-2006-6172
Last Modified:Dec 29 16:10:26 2006
MD5 Checksum:3fedb8c23a2485d0c89bc919c7b67173

 ///  File Name: EEYE-adm21x.txt
Description:
 eEye Digital Security has discovered a stack buffer overflow in Adobe Download Manager, a utility typically installed for the purpose of downloading Adobe software such as Adobe (Acrobat) Reader. By opening a malicious AOM file, a user's system may be compromised by arbitrary code within the file, which executes with the privileges of that user. Adobe Download Manager versions 2.1.x and below are affected.
Author:Derek Soeder
Homepage:http://research.eeye.com/
File Size:4312
Last Modified:Dec 7 09:27:35 2006
MD5 Checksum:d9b53512b194efb4f36118fbce747de6

 ///  File Name: EEYE-Intel.txt
Description:
 eEye Digital Security has discovered a vulnerability in all Intel network adapter drivers ("NDIS miniport drivers") that could allow unprivileged code executing on an affected system to gain unfettered, kernel-level access. For instance, a malicious user, malware, or exploit payload taking advantage of an unrelated vulnerability could additionally exploit this vulnerability in order to completely compromise a system at the kernel level.
Author:Derek Soeder
Homepage:http://www.eeye.com
File Size:4911
Last Modified:Dec 8 23:03:05 2006
MD5 Checksum:8f5fd83e20858675b49c76f16aaa3256

 ///  File Name: emailTrick.txt
Description:
 Several e-mail virus scanners can be tricked into passing an EICAR test file. Affected include BitDefender Mail Protection for SMB 2.0, ClamAV 0.88.6, F-Prot Antivirus for Linux x86 Mail Servers 4.6.6, and Kaspersky Anti-Virus for Linux Mail Server 5.5.10.
Author:Hendrik Weimer
File Size:770
Last Modified:Dec 7 10:15:39 2006
MD5 Checksum:4cc1e72ad3bfa4e0d710900a34d76883

 ///  File Name: FreeBSD-SA-06-25.kmem.txt
Description:
 FreeBSD Security Advisory - The firewire(4) driver suffers from a kernel memory disclosure flaw.
Author:Rodrigo Rubira Branco
Homepage:http://security.freebsd.org/
File Size:5306
Related CVE(s):CVE-2006-6013
Last Modified:Dec 7 09:41:19 2006
MD5 Checksum:dc80f14315b4927aa1b8a7cb36eac7a3

 ///  File Name: FreeBSD-SA-06-26.gtar.txt
Description:
 FreeBSD Security Advisory - Symlinks created using the "GNUTYPE_NAMES" tar extension can be absolute due to lack of proper sanity checks.
Author:Teemu Salmela
Homepage:http://security.freebsd.org/
File Size:5180
Related CVE(s):CVE-2006-6097
Last Modified:Dec 7 09:42:56 2006
MD5 Checksum:c6a9e97182b0d31fffafd4d1857a0a56

 ///  File Name: glsa-200611-23.txt
Description:
 Gentoo Linux Security Advisory GLSA 200611-23 - Sebastian Krahmer of the SuSE Security Team discovered that the System.CodeDom.Compiler classes of Mono create temporary files with insecure permissions. Versions less than 1.1.13.8.1 are affected.
Homepage:http://security.gentoo.org
File Size:2655
Last Modified:Dec 1 01:12:58 2006
MD5 Checksum:ff15db32ee66b84b5be05f8b5c60f988

 ///  File Name: glsa-200611-24.txt
Description:
 Gentoo Linux Security Advisory GLSA 200611-24 - Tavis Ormandy of the Google Security Team discovered several vulnerabilities in the LZH decompression component used by LHa. The make_table function of unlzh.c contains an array index error and a buffer overflow vulnerability. The build_tree function of unpack.c contains a buffer underflow vulnerability. Additionally, unlzh.c contains a code that could run in an infinite loop. Versions less than 114i-r6 are affected.
Homepage:http://security.gentoo.org
File Size:3064
Last Modified:Dec 1 01:13:18 2006
MD5 Checksum:e8f90cedfeba359e26eddfe8d70a0e81

 ///  File Name: glsa-200611-25.txt
Description:
 Gentoo Linux Security Advisory GLSA 200611-25 - Evgeny Legerov has discovered that the truncation of an incoming authcid longer than 255 characters and ending with a space as the 255th character will lead to an improperly computed name length. This will trigger an assert in the libldap code. Versions less than 2.3.27-r3 are affected.
Homepage:http://security.gentoo.org
File Size:2740
Last Modified:Dec 1 01:13:39 2006
MD5 Checksum:c6b358ffea5503c0118e077171097046

 ///  File Name: glsa-200611-26.txt
Description:
 Gentoo Linux Security Advisory GLSA 200611-26 - Evgeny Legerov discovered a stack-based buffer overflow in the s_replace() function in support.c, as well as a buffer overflow in in the mod_tls module. Additionally, an off-by-two error related to the CommandBufferSize configuration directive was reported. Versions less than 1.3.0a are affected.
Homepage:http://security.gentoo.org
File Size:3361
Last Modified:Dec 6 04:44:43 2006
MD5 Checksum:91b7b167053bcdb0805650ea799e9eb0

 ///  File Name: glsa-200612-01.txt
Description:
 Gentoo Linux Security Advisory GLSA 200612-01 - The wv library fails to do proper arithmetic checks in multiple places, possibly leading to integer overflows. Versions less than 1.2.3-r1 are affected.
Homepage:http://security.gentoo.org
File Size:2523
Last Modified:Dec 8 22:40:18 2006
MD5 Checksum:8fa4ee8888e1abb657780f1e7fcf26b4

 ///  File Name: glsa-200612-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200612-02 - A possible buffer overflow has been reported in the Real Media input plugin. Versions less than 1.1.2-r3 are affected.
Homepage:http://security.gentoo.org
File Size:2628
Last Modified:Dec 11 16:52:38 2006
MD5 Checksum:0827e85ed7a3d3ee74d94bfdf663b536

 ///  File Name: glsa-200612-03-02.txt
Description:
 Gentoo Linux Security Advisory - The Resolution proposed in the original version of this Security Advisory did not correctly address the issue for users who also have GnuPG 1.9 installed.
Homepage:http://security.gentoo.org/
File Size:1701
Last Modified:Dec 11 17:05:40 2006
MD5 Checksum:6995281a49ecfffae5af4539e961d930

 ///  File Name: glsa-200612-03.txt
Description:
 Gentoo Linux Security Advisory GLSA 200612-03 - Hugh Warrington has reported a boundary error in GnuPG, in the ask_outfile_name() function from openfile.c: the make_printable_string() function could return a string longer than expected. Additionally, Tavis Ormandy of the Gentoo Security Team reported a design error in which a function pointer can be incorrectly dereferenced. Versions less than 1.4.6 are affected.
Homepage:http://security.gentoo.org
File Size:3226
Last Modified:Dec 11 17:00:01 2006
MD5 Checksum:9435c6adca0c17d1867da56d22f28d4c

 ///  File Name: glsa-200612-04.txt
Description:
 Gentoo Linux Security Advisory GLSA 200612-04 - Luigi Auriemma has reported various boundary errors in load_it.cpp and a boundary error in the CSoundFile::ReadSample() function in sndfile.cpp. Versions less than 0.8-r1 are affected.
Homepage:http://security.gentoo.org
File Size:2595
Last Modified:Dec 11 17:01:45 2006
MD5 Checksum:7e9c94e7aea202cabeb289fb96e8540f

 ///  File Name: glsa-200612-05.txt
Description:
 Gentoo Linux Security Advisory GLSA 200612-05 - Kees Cook of Ubuntu discovered that 'KLaola::readBigBlockDepot()' in klaola.cc fills 'num_of_bbd_blocks' while reading a .ppt (PowerPoint) file without proper sanitizing, resulting in an integer overflow subsequently overwriting the heap with parts of the file being read. Versions less than 1.5.0 are affected.
Homepage:http://security.gentoo.org
File Size:2805
Last Modified:Dec 11 17:02:25 2006
MD5 Checksum:94307aea25f2bec6f3956f87723fb498

 ///  File Name: glsa-200612-06.txt
Description:
 Gentoo Linux Security Advisory GLSA 200612-06 - It has been identified that Mozilla Thunderbird improperly handles Script objects while they are being executed, allowing them to be modified during execution. JavaScript is disabled in Mozilla Thunderbird by default. Mozilla Thunderbird has also been found to be vulnerable to various potential buffer overflows. Lastly, the binary release of Mozilla Thunderbird is vulnerable to a low exponent RSA signature forgery issue because it is bundled with a vulnerable version of NSS. Versions less than 1.5.0.8 are affected.
Homepage:http://security.gentoo.org
File Size:4529
Last Modified:Dec 11 17:02:55 2006
MD5 Checksum:808b73549b7a666b387a1d0f5cc207bf

 ///  File Name: glsa-200612-07.txt
Description:
 Gentoo Linux Security Advisory GLSA 200612-07 - Mozilla Firefox improperly handles Script objects while they are being executed. Mozilla Firefox has also been found to be vulnerable to various possible buffer overflows. Lastly, the binary release of Mozilla Firefox is vulnerable to a low exponent RSA signature forgery issue because it is bundled with a vulnerable version of NSS. Versions less than 1.5.0.8 are affected.
Homepage:http://security.gentoo.org
File Size:3868
Last Modified:Dec 11 17:03:24 2006
MD5 Checksum:3f9acfb4aa6a0ad36a57c6f5a9429778

 ///  File Name: glsa-200612-08.txt
Description:
 Gentoo Linux Security Advisory GLSA 200612-08 - The SeaMonkey project is vulnerable to arbitrary JavaScript bytecode execution and arbitrary code execution. Versions less than 1.0.6 are affected.
Homepage:http://security.gentoo.org
File Size:3050
Last Modified:Dec 11 17:03:46 2006
MD5 Checksum:79bf640cedc37859e97af278488a5fc5

 ///  File Name: glsa-200612-09.txt
Description:
 Gentoo Linux Security Advisory GLSA 200612-09 - Laurent Butti, Jerome Raznieski and Julien Tinnes reported a buffer overflow in the encode_ie() and the giwscan_cb() functions from ieee80211_wireless.c. Versions less than 0.9.2.1 are affected.
Homepage:http://security.gentoo.org
File Size:2690
Last Modified:Dec 11 17:04:18 2006
MD5 Checksum:f511caf375efd670a8493c9904d0f281

 ///  File Name: glsa-200612-10.txt
Description:
 Gentoo Linux Security Advisory GLSA 200612-10 - Tar does not properly extract archive elements using the GNUTYPE_NAMES record name, allowing files to be created at arbitrary locations using symlinks. Once a symlink is extracted, files after the symlink in the archive will be extracted to the destination of the symlink. Versions less than 1.16-r2 are affected.
Homepage:http://security.gentoo.org
File Size:2668
Last Modified:Dec 12 16:39:47 2006
MD5 Checksum:75d25dcaa798f18618c62729305b996e
 

 ///  Last 10 Files
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citectodbc-fivews.txt
  5. :· citect_scada_odbc.rb.txt
  6. :· flockweb-dos.txt
  7. :· google-chrome-dos4.txt
  8. :· google-download2.txt
  9. :· PLSA-2008-41.txt
  10. :· PLSA-2008-40.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· PLSA-2008-41.txt
  2. :· PLSA-2008-40.txt
  3. :· PLSA-2008-39.txt
  4. :· PLSA-2008-38.txt
  5. :· PLSA-2008-37.txt
  6. :· MDVSA-2008-188.txt
  7. :· glsa-200809-05.txt
  8. :· PLSA-2008-36.txt
  9. :· microworld-insecure.txt
  10. :· SSRT080119.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citect_scada_odbc.rb.txt
  5. :· flockweb-dos.txt
  6. :· google-chrome-dos4.txt
  7. :· google-download2.txt
  8. :· webcmsportal-blindsql.txt
  9. :· esfaq-sql.txt
  10. :· vastal-itechcosmetics.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· clamav-0.94.tar.gz
  2. :· distack-1.1.0-dev.tar.gz
  3. :· samhain-2.4.6.tar.gz
  4. :· sqlmap-0.6.tar.gz
  5. :· psbot.py.txt
  6. :· mimedefang-2.65.tar.gz
  7. :· advchk-2.11.tar.bz2
  8. :· kisgearth-0.01f.tar.bz2
  9. :· lynis-1.2.0.tar.gz
  10. :· fwknop-1.9.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· citectodbc-fivews.txt
  2. :· freebsd-revcon.txt
  3. :· insecurityoverview-samsung.pdf
  4. :· xcon2008-cfp.txt
  5. :· aslr-bypass.txt
  6. :· alphanumeric-shellcode.txt
  7. :· imagebase-shellcode.txt
  8. :· mysql-injection-newbies.txt
  9. :· draft-gont-opsec-ip-security-01.txt
  10. :· draft-ietf-tsvwg-port-randomization-02.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice