Section: .. / 0604-advisories /
| /// File Name: |
MDKSA-2006-078.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-078: A number of vulnerabilities have been discovered in the Mozilla Thunderbird email client that could allow a remote attacker to craft malicious web emails that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, or other information. As well, some of these vulnerabilities can be exploited to execute arbitrary code with the privileges of the user running the program.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4435 | | Last Modified: | Apr 28 20:57:25 2006 |
| MD5 Checksum: | ead2d7314f0a8cef68ad3754f7127bf5 |
|
| /// File Name: |
MDKSA-2006-079.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-079: A vulnerability in how ruby's HTTP module uses blocking sockets was reported by Yukihiro Matsumoto. By sending large amounts of data to a server application using this module, a remote attacker could exploit it to render the application unusable and not respond to other client requests.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4844 | | Last Modified: | Apr 28 20:57:35 2006 |
| MD5 Checksum: | a337027887412a7d3d69b1f0119cf0e7 |
|
| /// File Name: |
Mini-NUKEv2.3.txt |
Description:
|
Mini-NUKE v2.3 suffers from a SQL injection vulnerability.
| | Author: | CrAzY.CrAcKeR | | File Size: | 403 | | Last Modified: | Apr 28 14:49:05 2006 |
| MD5 Checksum: | cc6ccadcd825a90baeb80eca1691efb4 |
|
| /// File Name: |
ModX-0.9.1.txt |
Description:
|
ModX v0.9.1 suffers from XSS and a directory transversal vulnerability.
| | Author: | crasher | | Homepage: | http://kecoak.or.id | | File Size: | 1600 | | Last Modified: | Apr 17 19:14:37 2006 |
| MD5 Checksum: | 1c94dd212fc79a8de42436dddc806c95 |
|
| /// File Name: |
ms-fp-2.txt |
Description:
|
FrontPage Server Extensions 2002 (included in Windows Sever 2003 IIS 6.0 and available as a separate download for Windows 2000 and XP) has a web page /_vti_bin/_vti_adm/fpadmdll.dll that is used for administrative purposes. This web page is vulnerable to cross site scripting attacks allowing an attacker to run client-side script on behalf of an FPSE user. If the victim is an administrator, the attacker could take complete control of a Front Page Server Extensions 2002 server. POC exploit examples included.
| | Author: | Argeniss - Information Security | | Homepage: | http://www.argeniss.com/products.html | | File Size: | 3147 | | Last Modified: | Apr 19 16:23:32 2006 |
| MD5 Checksum: | 0893198c23d33b143d162fd79277c303 |
|
| /// File Name: |
ms-fp.txt |
Description:
|
The FrontPage Server Extensions 2002 (included in Windows Sever 2003 IIS 6.0 and available as a separate download for Windows 2000 and XP) has a web page /_vti_bin/_vti_adm/fpadmdll.dll that is used for administrative purposes. This web page is vulnerable to cross site scripting attacks allowing an attacker to run client-side script on behalf of an FPSE user. If the victim is an administrator, the attacker could take complete control of a Front Page Server Extensions 2002 server.
| | Author: | Argeniss | | Homepage: | qhttp://www.argeniss.com/products.html | | File Size: | 2945 | | Last Modified: | Apr 19 15:39:54 2006 |
| MD5 Checksum: | d51f3b4bed1de57eb87ba6f41c0f96c9 |
|
| /// File Name: |
ms-hosts.txt |
Description:
|
The microsoft DNS resolver hardcodes many hostnames such as go.microsoft.com, msdn.microsoft.com, windowsupdate.com, etc preventing the use of a hosts file.
| | Author: | Dave Korn | | File Size: | 10798 | | Last Modified: | Apr 19 17:17:54 2006 |
| MD5 Checksum: | ade870cb49957c9d39449ba91231e3be |
|
| /// File Name: |
mshtml.dll.txt |
Description:
|
There appears to be a vulnerability in how Microsoft Internet Explorer handles (or fails to handle) certain combinations of nested OBJECT tags. This may lead to execution of code.
| | Author: | Michal Zalewski | | File Size: | 2769 | | Last Modified: | Apr 28 13:29:04 2006 |
| MD5 Checksum: | 4adb50bcba8cfc64ca6f57f787ca5953 |
|
| /// File Name: |
MSIE6.0SP2.txt |
Description:
|
Multiple Vulnerabilities in MS IE 6.0 SP2: All of these bugs are located in `mshtml.dll' and are caused by incorrect handling of specially crafted HTML documents. The severity of the first security issue (mshtml.dll#7d6d2db4) is low because it is a non-exploitable Null Pointer Dereference vulnerability and leads to DoS. The second (mshtml.dll#7d519030) and third (mshtml.dll#7d529d35) vulnerability are similar and the Microsoft Security Response Center rated them as critical because, on the face of it, they could produce an exploitable memory corruption.
| | Author: | Thomas Waldegger - BuHa-Security | | Homepage: | http://buha.info/board/ | | File Size: | 2630 | | Last Modified: | Apr 19 16:00:05 2006 |
| MD5 Checksum: | 145fe60991fff2fed76b5080fa07e04b |
|
| /// File Name: |
MU-200604-01.txt |
Description:
|
MU-200604-01: Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service - A denial of service condition exists in the SASL authentication library during DIGEST-MD5 negotiation. This potentially affects multiple products that use SASL DIGEST-MD5 authentication including OpenLDAP, Sendmail, Postfix, Apple, etc.
| | Homepage: | http://labs.musecurity.com | | File Size: | 2709 | | Last Modified: | Apr 12 02:26:05 2006 |
| MD5 Checksum: | 8c29f1fa46d945e3faafaa74f81f937e |
|
| /// File Name: |
MyBB1.10-2.txt |
Description:
|
Yet another XSS vulnerability in MyBB 1.10.
| | Author: | Shabgard Security Team | | Homepage: | http://www.shabgard.org | | File Size: | 489 | | Last Modified: | Apr 19 15:51:31 2006 |
| MD5 Checksum: | c45208a1e556c57b8ad5239aff8bf93f |
|
| /// File Name: |
MySmartBB-1.1.x.txt |
Description:
|
MySmartBB v1.1.x suffers from SQL injection and XSS.
| | Author: | BoNy-m | | File Size: | 453 | | Last Modified: | Apr 28 21:15:48 2006 |
| MD5 Checksum: | ff425bd76f857fd8b3610536b665f564 |
|
| /// File Name: |
NetAccess-na75.txt |
Description:
|
Multiple vulnerabilities have been identified in IP3 Networks 'NetAccess' NA75 appliance. Vulnerabilities include SQL injection, command execution, and information disclosure.
| | Author: | Moonen | | File Size: | 4261 | | Last Modified: | Apr 28 20:33:05 2006 |
| MD5 Checksum: | 8bb045641d41726048b9e83df3bb82ff |
|
| /// File Name: |
NeuronBlog-1.1.txt |
Description:
|
NeuronBlog versions less than or equal to 1.1 suffer from XSS.
| | Author: | qex | | File Size: | 137 | | Last Modified: | Apr 19 17:34:57 2006 |
| MD5 Checksum: | dcfa6094e9031f558036cdd243297d8a |
|
| /// File Name: |
NextAge.txt |
Description:
|
NextAge Shopping Cart suffers from XSS.
| | Homepage: | http://www.aria-security.net | | File Size: | 1700 | | Last Modified: | Apr 28 11:39:24 2006 |
| MD5 Checksum: | 945bab3920671719ad9fd2d9cb13a8d1 |
|
| /// File Name: |
ng-WGT624.txt |
Description:
|
The Netgear WGT624 contains a default admin username and password that can be used to access the device via the serial port.
| | Author: | tranceformer | | File Size: | 601 | | Last Modified: | Apr 17 19:04:57 2006 |
| MD5 Checksum: | 7db8ed223ff5af97c754c275d88e3d22 |
|
| /// File Name: |
open_basedir-bypass.txt |
Description:
|
It is possible to bypass the open_basedir restriction in PHP 4.4.2 and 5.1.2 by using the tempnam() function.
| | Author: | cXIb8O3 | | Homepage: | http://SecurityReason.Com | | File Size: | 3288 | | Last Modified: | Apr 13 20:50:53 2006 |
| MD5 Checksum: | 5d9be86da1137028ff9f06ae328d5114 |
|
| /// File Name: |
OpenBulletinBoard.txt |
Description:
|
Open Bulletin Board suffers from multiple XSS and SQL injection vulnerabilities.
| | Author: | qex | | File Size: | 223 | | Last Modified: | Apr 28 21:17:15 2006 |
| MD5 Checksum: | 9d2b6aecb7e49650e8a770fc8564c014 |
|
| /// File Name: |
OpenTTD.txt |
Description:
|
OpenTTD versions less than or equal to 0.4.7 suffers from several flaws.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.altervista.org | | File Size: | 3804 | | Last Modified: | Apr 28 12:00:49 2006 |
| MD5 Checksum: | 5cb5deecbf4035b741a19278e11ee3bb |
|
| /// File Name: |
oracle-10gR1.txt |
Description:
|
Oracle Database 10gR1 suffers from a buffer overflow in VERIFY_LOG procedure (DB03) Oracle Database Server provides the DBMS_SNAPSHOT_UTL package that includes capability to manage materialized views. This package contains the public procedure VERIFY_LOG that is vulnerable to buffer overflow. By default DBMS_SNAPSHOT_UTL has EXECUTE permission to PUBLIC so any Oracle database user can exploit this vulnerability.
| | Author: | Argeniss - Information Security | | Homepage: | http://www.argeniss.com | | File Size: | 2020 | | Last Modified: | Apr 28 14:12:22 2006 |
| MD5 Checksum: | b49a0be025c700042e26b51c1143b0f4 |
|
| /// File Name: |
os2a_1005.txt |
Description:
|
A buffer overflow vulnerability exists in the implementation of split() function in NASL. This causes nasl to consume a large amount of CPU and memory resources and stop responding. Execution of arbitrary commands on the vulnerable host may be possible. This affects Nessus 3.0.2, 2.2.7 and prior releases.
| | Author: | OS2A BTO | | File Size: | 4358 | | Last Modified: | Apr 28 11:46:52 2006 |
| MD5 Checksum: | c884a7852bf2709e0b0eb7a53754fb4b |
|
| /// File Name: |
osCommerce-2.2-extras.txt |
Description:
|
If the "extras" folder is placed inside the webroot on osCommerce versions less than v2.2 any file can be read on the target system, including php source code with the database details.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org | | File Size: | 1558 | | Last Modified: | Apr 17 19:19:19 2006 |
| MD5 Checksum: | c94b99c1a0796f3af2d46b3b24630938 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
