Section: .. / 0604-advisories /
| /// File Name: |
dsa-1045-1.txt |
Description:
|
Debian Security Advisory 1045-1: Hendrik Weimer discovered that OpenVPN, the Virtual Private Network daemon, allows to push environment variables to a client allowing a malicious VPN server to take over connected clients.
| | Homepage: | http://www.debian.org/security | | File Size: | 4957 | | Last Modified: | Apr 28 20:58:42 2006 |
| MD5 Checksum: | 3320ba67986f013fd60f6e44900caf94 |
|
| /// File Name: |
glsa-200604-17.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200604-17 - Ethereal is vulnerable to numerous vulnerabilities, potentially resulting in the execution of arbitrary code. Versions less than 0.99.0 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3606 | | Last Modified: | Apr 28 20:58:35 2006 |
| MD5 Checksum: | 53b72e45d4b429de091a7628d86f8124 |
|
| /// File Name: |
glsa-200604-16.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200604-16 - Federico L. Bossi Bonin discovered that when handling MPEG streams xine-lib fails to make a proper boundary check of the input data supplied by the user before copying it to an insufficiently sized memory buffer. Versions less than 1.1.2_pre20060328-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2715 | | Last Modified: | Apr 28 20:58:22 2006 |
| MD5 Checksum: | a01e53341e3725fdd8da9a59c0196303 |
|
| /// File Name: |
glsa-200604-15.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200604-15 - Ludwig Nussel discovered that xine-ui incorrectly implements formatted printing. Versions less than 0.99.4-r5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2566 | | Last Modified: | Apr 28 20:58:16 2006 |
| MD5 Checksum: | 7cfb5f04d14cc11e6f0c47b41ca0d9b5 |
|
| /// File Name: |
dsa-1044-1.txt |
Description:
|
Debian Security Advisory 1044-1: Several security related problems have been discovered in Mozilla Firefox.
| | Homepage: | http://www.debian.org/security | | File Size: | 15664 | | Last Modified: | Apr 28 20:58:04 2006 |
| MD5 Checksum: | 694811342ae415e275b15baf48a56957 |
|
| /// File Name: |
dsa-1043-1.txt |
Description:
|
Debian Security Advisory 1043-1: Erik Sjölund discovered that abcmidi-yaps, a translator for ABC music description files into PostScript, does not check the boundaries when reading in ABC music files resulting in buffer overflows.
| | Homepage: | http://www.debian.org/security | | File Size: | 11336 | | Last Modified: | Apr 28 20:57:49 2006 |
| MD5 Checksum: | 75ae4bd04eaf84156dd4ec1e7e126cf1 |
|
| /// File Name: |
MDKSA-2006-079.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-079: A vulnerability in how ruby's HTTP module uses blocking sockets was reported by Yukihiro Matsumoto. By sending large amounts of data to a server application using this module, a remote attacker could exploit it to render the application unusable and not respond to other client requests.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4844 | | Last Modified: | Apr 28 20:57:35 2006 |
| MD5 Checksum: | a337027887412a7d3d69b1f0119cf0e7 |
|
| /// File Name: |
MDKSA-2006-078.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-078: A number of vulnerabilities have been discovered in the Mozilla Thunderbird email client that could allow a remote attacker to craft malicious web emails that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, or other information. As well, some of these vulnerabilities can be exploited to execute arbitrary code with the privileges of the user running the program.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4435 | | Last Modified: | Apr 28 20:57:25 2006 |
| MD5 Checksum: | ead2d7314f0a8cef68ad3754f7127bf5 |
|
| /// File Name: |
MDKSA-2006-077.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-077: A number of vulnerabilities have been discovered in the Ethereal network analyzer. These issues have been corrected in Ethereal version 0.99.0
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 3400 | | Last Modified: | Apr 28 20:57:16 2006 |
| MD5 Checksum: | c4f6eb0603e808048657c84be48ed387 |
|
| /// File Name: |
MDKSA-2006-076.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-076: A number of vulnerabilities have been discovered in the Mozilla Suite that could allow a remote attacker to craft malicious web pages that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, cookies, or other information from web pages. As well, some of these vulnerabilities can be exploited to execute arbitrary code with the privileges of the user running the browser.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 6356 | | Last Modified: | Apr 28 20:57:07 2006 |
| MD5 Checksum: | c20cce56713424613f1aa374a4994781 |
|
| /// File Name: |
EMC-Retrospect.txt |
Description:
|
EMC Insignia has released an update to Retrospect 6.5 and 7.0 Windows to address several recently identified security vulnerabilities.
| | Homepage: | http://kb.dantz.com/article.asp?article=9507&p=2 | | File Size: | 11185 | | Last Modified: | Apr 28 20:35:35 2006 |
| MD5 Checksum: | 36556ecb0e5e58df84346b59f8dc7b5e |
|
| /// File Name: |
NetAccess-na75.txt |
Description:
|
Multiple vulnerabilities have been identified in IP3 Networks 'NetAccess' NA75 appliance. Vulnerabilities include SQL injection, command execution, and information disclosure.
| | Author: | Moonen | | File Size: | 4261 | | Last Modified: | Apr 28 20:33:05 2006 |
| MD5 Checksum: | 8bb045641d41726048b9e83df3bb82ff |
|
| /// File Name: |
astathome.txt |
Description:
|
Two vulnerabilities was found in the ARI package included in the asterisk@home Distribution versions 0.7.15 and lower. These vulnerabilities allow a user to listen to voicemail from any other users and and to disclose configuration password.
| | Author: | Francois Harvey | | File Size: | 2125 | | Last Modified: | Apr 28 20:23:38 2006 |
| MD5 Checksum: | 4be1f2c8f7f51ebd83f939349a51149d |
|
| /// File Name: |
linux-cisco-PSIRT.txt |
Description:
|
Cisco PSIRT's response to the privilege escalation vulnerability in multiple Linux based Cicso products including: Cisco Wireless LAN Solution Engine (WLSE), Cisco Hosting Solution Engine (HSE), Cisco User Registration Tool (URT), Cisco Ethernet Subscriber Solution Engine (ESSE), CiscoWorks2000 Service Management Solution (SMS)
| | Homepage: | http://www.cisco.com/ | | File Size: | 8320 | | Last Modified: | Apr 28 20:21:12 2006 |
| MD5 Checksum: | fdc41aaabb9045f663e998236034f0a9 |
|
| /// File Name: |
linux-cisco.txt |
Description:
|
Assurance.com.au - Vulnerability Advisory: Multiple vulnerabilities in Linux based Cisco products. the "show" application has several vulnerabilities which allow an attacker to "break out" of the shell and execute commands (including /bin/sh) as the root user.
| | Homepage: | http://www.assurance.com.au/advisories/200604-cisco.txt | | File Size: | 5500 | | Last Modified: | Apr 28 20:18:23 2006 |
| MD5 Checksum: | e9d8d6cb02ee25d2043bdbc63e3beb52 |
|
| /// File Name: |
LiveUpdate-mac.txt |
Description:
|
Some components of Symantecs LiveUpdate for Macintosh do not set their execution path environment. A non-privileged user can change their execution path environment. If the user then executes one of these components, it will inherit the changed environment and use it to locate system commands. These components are configured to run with System Administrative privileges (SUID) and are vulnerable to a potential Trojan horse attack.
| | Homepage: | http://www.symantec.com/avcenter/security/Content/2006.04.17b.html | | File Size: | 1246 | | Last Modified: | Apr 28 20:13:41 2006 |
| MD5 Checksum: | 1bffdabb2b2b733a2aa7f350cdcbd684 |
|
| /// File Name: |
Ad-Aware.txt |
Description:
|
A paper discussing the various vulnerabilities in Ad-Aware.
| | Author: | Roy.Batty | | File Size: | 14487 | | Last Modified: | Apr 28 20:11:10 2006 |
| MD5 Checksum: | 27920d702e57f28ffbd214ea61a49bc2 |
|
| /// File Name: |
16.txt |
Description:
|
open security advisory #16 - Xine Media Player Format String Bug - There are 2 format string bugs in the latest version of Xine that could be exploited by a malicious person to execute code on the system of a remote user running the media player against a malicious playlist file. By passing a format specifier in the path of a file that is embedded in a remote playlist, it is possible to trigger this bug.
| | Author: | c0ntexb | | Homepage: | http://www.open-security.org | | File Size: | 4296 | | Last Modified: | Apr 28 17:25:03 2006 |
| MD5 Checksum: | 92858d7f11e1322f1c6da1305e571109 |
|
| /// File Name: |
Linpha1.1.0.txt |
Description:
|
Linpha 1.1.0 suffers from a XSS vulnerability.
| | Author: | d4igoro | | File Size: | 687 | | Last Modified: | Apr 28 17:19:43 2006 |
| MD5 Checksum: | 9c51c6754c42ca57b8475d09474de3b6 |
|
| /// File Name: |
FN15398.txt |
Description:
|
Findnot.com DNS Privacy Breach, DNS Spoofing Exposure, and ISP Monitoring Vulnerability - Several vulnerabilities have been reported in Findnot.com's SSH Proxy Service which can cause all DNS requests for lookup of sites visited to be resolved using local DNS servers.
| | Author: | 123 Privacy Advisories | | Homepage: | http://findnot.com | | File Size: | 5825 | | Last Modified: | Apr 28 17:11:47 2006 |
| MD5 Checksum: | 853ece9e020bd4aaaf3d8dfab6d6d27c |
|
| /// File Name: |
FN15294.txt |
Description:
|
Findnot.com IP Address Privacy Breach and Unencrypted Data Vulnerability - Several vulnerabilities have been reported in Findnot.com's Microsoft PPTP VPN Service Client, which can cause intermittent immediate loss of anonymity and privacy while using the service.
| | Author: | 123 Privacy Advisories | | File Size: | 7684 | | Last Modified: | Apr 28 17:09:59 2006 |
| MD5 Checksum: | 3b6d1f7db178452fcb159d6ffa7aecdb |
|
| /// File Name: |
HijackArt.txt |
Description:
|
Defacing The Art Of Hijacking Spamming And EMail Viruses - A paper analyzing the methodology of hijacking a users web browser focusing mainly on Internet Explorer.
| | Author: | AdityaSood | | Homepage: | http://rxlabs.metaeye.Org | | File Size: | 18923 | | Last Modified: | Apr 28 16:58:37 2006 |
| MD5 Checksum: | f19bb9abdfeb0d8cd14c086a813b8f46 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
