Section: .. / 0601-advisories /
| /// File Name: |
USN-235-1.txt |
Description:
|
Ubuntu Security Notice USN-235-1 - Charles Morris discovered a privilege escalation vulnerability in sudo. On executing Perl scripts with sudo, various environment variables that affect Perl's library search path were not cleaned properly. If sudo is set up to grant limited sudo execution of Perl scripts to normal users, this could be exploited to run arbitrary commands as the target user.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4553 | | Related CVE(s): | CVE-2005-4158 | | Last Modified: | Jan 8 06:16:17 2006 |
| MD5 Checksum: | daeb0e42bb6c6f4f3612de4c9a603f73 |
|
| /// File Name: |
USN-235-2.txt |
Description:
|
Ubuntu Security Notice USN-235-2 - USN-235-1 fixed a vulnerability in sudo's handling of environment variables. Tavis Ormandy noticed that sudo did not filter out the PYTHONINSPECT environment variable, so that users with the limited privilege of calling a python script with sudo could still escalate their privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4908 | | Related CVE(s): | CVE-2005-4158 | | Last Modified: | Jan 10 05:39:13 2006 |
| MD5 Checksum: | 8958705501f5ee195c029d9e31e371d8 |
|
| /// File Name: |
USN-236-1.txt |
Description:
|
Ubuntu Security Notice USN-236-1 - Chris Evans discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, and tetex-bin. By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the application that processes the document.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 19162 | | Related CVE(s): | CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627 | | Last Modified: | Jan 8 06:17:36 2006 |
| MD5 Checksum: | 3b89c5984a29f99449669b775fdef282 |
|
| /// File Name: |
USN-237-1.txt |
Description:
|
Ubuntu Security Notice USN-237-1 - Kurt Fitzner discovered that the NBD (network block device) server did not correctly verify the maximum size of request packets. By sending specially crafted large request packets, a remote attacker who is allowed to access the server could exploit this to execute arbitrary code with root privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 2333 | | Related CVE(s): | CVE-2005-3354 | | Last Modified: | Jan 8 06:32:55 2006 |
| MD5 Checksum: | ce39275a3d5c27f267a55a7ac698237e |
|
| /// File Name: |
USN-238-2.txt |
Description:
|
Ubuntu Security Notice USN-238-2 - Damian Put discovered that Blender did not properly validate a length value in .blend files. Negative values led to an insufficiently sized memory allocation. By tricking a user into opening a specially crafted .blend file, this could be exploited to execute arbitrary code with the privileges of the Blender user.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 2050 | | Related CVE(s): | CVE-2005-4470 | | Last Modified: | Jan 8 06:33:38 2006 |
| MD5 Checksum: | 0df14be9c51888dea426148b1f276df0 |
|
| /// File Name: |
USN-239-1.txt |
Description:
|
Ubuntu Security Notice USN-239-1 - Several format string vulnerabilities were discovered in the error logging handling of libapache2-mod-auth-pgsql. By sending specially crafted user names, an unauthenticated remote attacker could exploit this to crash the Apache server or possibly even execute arbitrary code with the privileges of Apache.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5127 | | Related CVE(s): | CVE-2005-3656 | | Last Modified: | Jan 10 05:19:58 2006 |
| MD5 Checksum: | c63bb4290dbb2697a9432ab2f2070308 |
|
| /// File Name: |
USN-240-1.txt |
Description:
|
Ubuntu Security Notice USN-240-1 - A buffer overflow was found in bogofilter's character set conversion handling. Certain invalid UTF-8 character sequences caused an invalid memory access. By sending a specially crafted email, a remote attacker could exploit this to crash bogofilter or possibly even execute arbitrary code with bogofilter's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 2958 | | Related CVE(s): | CVE-2005-4591 | | Last Modified: | Jan 15 16:23:57 2006 |
| MD5 Checksum: | 2002194252695e17bae56d6af62923d1 |
|
| /// File Name: |
USN-242-1.txt |
Description:
|
Ubuntu Security Notice USN-242-1 - Aliet Santiesteban Sifontes discovered a remote denial of service vulnerability in the attachment handler of mailman. An email with an attachment whose filename contained invalid UTF-8 characters caused mailman to crash. Mailman did not sufficiently verify the validity of email dates. Very large numbers in dates caused mailman to crash.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4374 | | Related CVE(s): | CVE-2005-3573, CVE-2005-4153 | | Last Modified: | Jan 22 00:54:38 2006 |
| MD5 Checksum: | b2f166cc50d43a8c725260c0bad97de9 |
|
| /// File Name: |
usn-244-1.txt |
Description:
|
Ubuntu Security Notice USN-244-1 - Multiple Linux kernel vulnerabilities.
| | Author: | Martin Pitt | | Homepage: | http://security.ubuntu.com/ | | File Size: | 96677 | | Last Modified: | Jan 22 23:59:05 2006 |
| MD5 Checksum: | 75e528bce5859c20af05ebe742b805c9 |
|
| /// File Name: |
usn-245-1.txt |
Description:
|
Ubuntu Security Notice USN-245-1 - Maksim Orlovich discovered that kjs, the Javascript interpreter engine used by Konqueror and other parts of KDE, did not sufficiently verify the validity of UTF-8 encoded URIs. Specially crafted URIs could trigger a buffer overflow.
| | Author: | Martin Pitt | | Homepage: | http://security.ubuntu.com/ | | File Size: | 7027 | | Last Modified: | Jan 22 23:56:22 2006 |
| MD5 Checksum: | 9cbe60ba089a7c969df34956a2d7dfeb |
|
| /// File Name: |
USN-245-1.txt |
Description:
|
Ubuntu Security Notice USN-245-1 - Maksim Orlovich discovered that kjs, the Javascript interpreter engine used by Konqueror and other parts of KDE, did not sufficiently verify the validity of UTF-8 encoded URIs. Specially crafted URIs could trigger a buffer overflow. By tricking an user into visiting a web site with malicious JavaScript code, a remote attacker could exploit this to execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6574 | | Last Modified: | Jan 25 09:24:56 2006 |
| MD5 Checksum: | fedd3633d540113f44a636fcc8b7cef6 |
|
| /// File Name: |
USN-246-1.txt |
Description:
|
Ubuntu Security Notice USN-246-1 - Multiple vulnerabilities in imagemagick.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 13476 | | Last Modified: | Jan 25 09:25:47 2006 |
| MD5 Checksum: | 106586444bbaa00d85e6345878d5aefe |
|
| /// File Name: |
WBNews-XSS.txt |
Description:
|
WBNews versions less than v1.1.0 suffer from XSS in the "Name" field.
| | Author: | DragoN | | File Size: | 205 | | Last Modified: | Jan 22 23:31:56 2006 |
| MD5 Checksum: | a22d430df32ef543b9bed5ac9cae045f |
|
| /// File Name: |
wccd-vuln.txt |
Description:
|
ThinkSECURE has discovered that certain well-known wireless chipsets, using vulnerable drivers under the Windows XP operating system and when configured to use WEP with Open Authentication, can be tricked by a 802.11-based wireless client adapter operating in master mode ("the attacker") to discard the WEP settings and negotiate a post- association connection with the attacker in the clear.
| | Author: | ThinkSECURE | | Homepage: | http://www.securitystartshere.net/page-vulns-wccd.htm | | File Size: | 5684 | | Last Modified: | Jan 22 23:01:21 2006 |
| MD5 Checksum: | 2d6a6971990fbf6c6f64e6c1e24758cb |
|
| /// File Name: |
whitedustTranslate.txt |
Description:
|
A severe problem with the way browsers translate the soft-hyphen (alt + 0173) character has been brought to light which malicious users could utilise alongside a multitude of injection methods as a way to gain unauthorized access and or to spoof content on websites. Both Microsoft Internet Explorer and Mozilla Firefox are affected.
| | Homepage: | http://www.whitedust.net/speaks/1998/ | | File Size: | 1360 | | Last Modified: | Jan 29 23:01:20 2006 |
| MD5 Checksum: | b28909e7213b7f085cd4ec456fcacb06 |
|
| /// File Name: |
xlpd.txt |
Description:
|
xlpd 2.1 is susceptible to a denial of service condition when receiving too many connections from the same IP address.
| | Author: | dr_insane | | File Size: | 848 | | Last Modified: | Jan 8 06:07:33 2006 |
| MD5 Checksum: | 557dc2b7f86ce2cb6089ab4d26c5da53 |
|
| /// File Name: |
Xmamebo.txt |
Description:
|
Xmame is susceptible to a buffer overflow vulnerability. mysec.org has confirmed this vulnerability on xmame 0.102. All previous versions are suspected vulnerable to this issue.
| | Author: | Lau KaiJern | | File Size: | 3925 | | Last Modified: | Jan 11 07:13:20 2006 |
| MD5 Checksum: | 1c142a943ad72bb3984c7bd53cd58bde |
|
| /// File Name: |
ZDI-06-001.txt |
Description:
|
Clam AntiVirus versions 0.80 through 0.87.1 suffer from a code execution flaw during the uncompressing of files compressed with with FSG version 1.33.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2543 | | Related CVE(s): | CAN-2006-0162 | | Last Modified: | Jan 15 17:06:24 2006 |
| MD5 Checksum: | 30512002d639462e152f9be6f1a8ebd5 |
|
| /// File Name: |
ZyXelP2000W.txt |
Description:
|
The Zyxel P2000W (Version 2) VoIP wireless phone has an undocumented port, UDP/9090, that provides an unauthenticated attacker information about the phone, specifically the phone's MAC address and software version.
| | Author: | Shawn Merdinger | | File Size: | 1083 | | Last Modified: | Jan 22 22:50:29 2006 |
| MD5 Checksum: | 96ca6bc9af5bca592324b49bf42a323f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
