exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 116 RSS Feed

Files Date: 2006-10-04 to 2006-10-05

Secunia Security Advisory 22249
Posted Oct 4, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in Rational RequisitePro RequisiteWeb, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.

tags | advisory, denial of service
SHA-256 | ac31d79ba2ee7a45df7485462cc191935475f8d7aa64c1a9db59df691cc66447
Secunia Security Advisory 22257
Posted Oct 4, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Taskjitsu, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 5d3768f08c1f91834068714802298da10ba0685607e6fd068d4b7ddd65bf4ddb
SUSE-SA-2006-058.txt
Posted Oct 4, 2006
Site suse.com

SUSE Security Announcement SUSE-SA:2006:058: OpenSSL DoS.

tags | advisory
systems | linux, suse
SHA-256 | 814a65ca6a6b291ade3d171ae2d11fbe2d8928e07217f85df9ad9a2fddb231d0
OpenPKG Security Advisory 2006.21
Posted Oct 4, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.021: According to a vendor security advisory [0], four security issues were discovered in the cryptography and SSL/TLS toolkit OpenSSL [1]:

tags | advisory
SHA-256 | c7cb5db4bb937f86334260fe04414bfd6b338242b4fa66170b199e6c1c18d3de
OpenPKG Security Advisory 2006.22
Posted Oct 4, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.022: OpenSSH DoS.

tags | advisory
SHA-256 | d5d9fa47506d765bdaf774904b158759facd51fb378669585a8a92078551dbe6
Debian Linux Security Advisory 1185-2
Posted Oct 4, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1185-2: The fix used to correct CVE-2006-2940 introduced code that could lead to the use of uninitialized memory. Such use is likely to cause the application using the openssl library to crash, and has the potential to allow an attacker to cause the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
SHA-256 | 6880b7627c46da20c45b6c8bdadb3abb0a4428841824ce3c7cb0fdc2dba0723a
Debian Linux Security Advisory 1187-1
Posted Oct 4, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1187-1: Jason Hoover discovered that migrationtools, a collection of scripts to migrate user data to LDAP creates several temporary files insecurely, which might lead to denial of service through a symlink attack.

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 3e2b0158142021a93b5072cd2ee2a35ca7140af4143e42821ac6d411fbbbc99f
Debian Linux Security Advisory 1186-1
Posted Oct 4, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1186-1: Will Drewry of the Google Security Team discovered several buffer overflows in cscope, a source browsing tool, which might lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
SHA-256 | 3b01e9515a4b5654e3741f8a3388605db6cc323e0c4ae01cb4a85e28e9850e9a
Debian Linux Security Advisory 1185-1
Posted Oct 4, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1185-1: Multiple vulnerabilities have been discovered in the OpenSSL cryptographic software package that could allow an attacker to launch a denial of service attack by exhausting system resources or crashing processes on a victim's computer.

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | 993fb5f0e0a4624b3c8dca7109529bc497421bbf34ca416cb85f30d8bfcad6ee
Ubuntu Security Notice 354-1
Posted Oct 4, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 354-1: firefox vulnerabilities

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 666f128229a911303f7f49fbe2f5d8f0d389e52f31fac78a220585ea652cad77
Ubuntu Security Notice 356-1
Posted Oct 4, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 356-1: Will Drewry, of the Google Security Team, discovered buffer overflows in GDB's DWARF processing. This would allow an attacker to execute arbitrary code with user privileges by tricking the user into using GDB to load an executable that contained malicious debugging information.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
SHA-256 | 6526ede538cdfc733bce4c7dc1f3b393b987f3bf2a7a7c889f40d3e51e6d6c54
Ubuntu Security Notice 355-1
Posted Oct 4, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 355-1: Tavis Ormandy discovered that the SSH daemon did not properly handle authentication packets with duplicated blocks. By sending specially crafted packets, a remote attacker could exploit this to cause the ssh daemon to drain all available CPU resources until the login grace time expired. (CVE-2006-4924)

tags | advisory, remote
systems | linux, ubuntu
SHA-256 | 94ba03a310cc66b8a3bfe985bc19c97dfa5a50137986bce1b66db7eb91e83033
Ubuntu Security Notice 353-1
Posted Oct 4, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 353-1: openssl vulnerabilities

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | ff97740e1b9cc91943604c64ee85b9fb0d4319e2b3967f3d5d811484de75d1e4
Mandriva Linux Security Advisory 2006.170
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-170-1: Webmin before 1.296 and Usermin before 1.226 does not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source code, list directories, and possibly execute programs.

tags | advisory, remote, cgi, xss
systems | linux, mandriva
SHA-256 | 3c76c2930ccf608016ddd235650304ae236d473a22631ce23d8f4bd7c53bef86
Mandriva Linux Security Advisory 2006.178
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-178: Openssl recently had several vulnerabilities which were patched (CVE-2006-2937,2940,3738,4339, 4343). Some versions of ntp are built against a static copy of the SSL libraries. As a precaution an updated copy built against the new libraries in being made available.

tags | advisory, vulnerability
systems | linux, mandriva
SHA-256 | 94af43fa19d7681fd3d3eb6907a00a8e849dc3b55dd5edc5976f12e61c31b6ff
Mandriva Linux Security Advisory 2006.177
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-177: Openssl recently had several vulnerabilities which were patched (CVE-2006-2937,2940,3738,4339, 4343). Some MySQL versions are built against a static copy of the SSL libraries. As a precaution an updated copy built against the new libraries in being made available.

tags | advisory, vulnerability
systems | linux, mandriva
SHA-256 | d3666128e6e88e5857ca3fa3fec3ad9d5a46dca5dca8b23bd857449fae5e8c7e
Mandriva Linux Security Advisory 2006.172
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-172-1: Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). When the test suite was run against OpenSSL two denial of service vulnerabilities were discovered.

tags | advisory, denial of service, vulnerability
systems | linux, mandriva
SHA-256 | 8d943089384616297b034876f068e5a5a287d56faa95ff67dc525e4affa72450
Mandriva Linux Security Advisory 2006.176
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-176: Xine-lib uses an embedded copy of ffmpeg and as such has been updated to address the following issue: Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4)sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10)shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
SHA-256 | ad6ff7914a99ca4b7ffdd358562a6c002bad97026ac395cc63efec13951081dd
Mandriva Linux Security Advisory 2006.175
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-175: Mplayer uses an embedded copy of ffmpeg and as such has been updated to address the following issue: Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4)sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10)shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
SHA-256 | 0853d15177f1b25b600333ad3e27d0f418567665474a4e1afda12231c97c2b64
Mandriva Linux Security Advisory 2006.174
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-174: Gstreamer-ffmpeg uses an embedded copy of ffmpeg and as such has been updated to address the following issue: Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4)sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10)shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
SHA-256 | cc0ed5fd8cb4a3d0ae9516e372be09c3d7e8df8305282a89780a9436a6893caa
Mandriva Linux Security Advisory 2006.173
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-173: Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4)sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10)shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
SHA-256 | 9364112a2d968612137724cec87b6bcc602fae6658876780e5c82c538e37dd67
Mandriva Linux Security Advisory 2006.172
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-172: Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). When the test suite was run against OpenSSL two denial of service vulnerabilities were discovered.

tags | advisory, denial of service, vulnerability
systems | linux, mandriva
SHA-256 | 811120c872e89a53550805e50d7c3ae778f50ee60071ce006c81802b6ec5313e
Mandriva Linux Security Advisory 2006.171
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-171: slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).

tags | advisory, remote, arbitrary
systems | linux, mandriva
SHA-256 | fcdbae6d250c68ab0b42828ace1427d1b460a50db628a402a1c379e91bd60b24
Mandriva Linux Security Advisory 2006.157
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-157-1: Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a URL in an rdf:resource field in an RDF XML document, which triggers overflows in many functions in lib/rdfparse.c.

tags | advisory, remote, web, denial of service, overflow, arbitrary
systems | linux, mandriva
SHA-256 | ea0bf29ebc4ad5451d420a004ada4c1dd9a17ce27f96ac3321f621f6ac5ef7a1
RISE-2006002.txt
Posted Oct 4, 2006
Authored by RISE Security | Site risesecurity.org

There exists a vulnerability within a architecture dependent function of the FreeBSD kernel (FreeBSD 5.2-RELEASE through FreeBSD 5.5-RELEASE), which when properly exploited can lead to local compromise of the vulnerable system. This vulnerability was fixed in FreeBSD 6.0-RELEASE, but production (legacy) releases 5.2 through 5.5 are still vulnerable.

tags | advisory, kernel, local
systems | freebsd
SHA-256 | 47ee00f36252f1652b78dad10fe001b7ca99781759d2b3060edd166609c2d021
Page 4 of 5
Back12345Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close