Section: .. / 0604-advisories /
| /// File Name: |
glsa-200604-11.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200604-11 - Luigi Auriemma discovered a vulnerability in the Crossfire game server, in the handling of the oldsocketmode option when processing overly large requests. Versions less than 1.9.0 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3541 | | Last Modified: | Apr 27 18:00:15 2006 |
| MD5 Checksum: | 873e124cbacb95617a5e28b8ed882563 |
|
| /// File Name: |
glsa-200604-12.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200604-12 - Several vulnerabilities were found in Mozilla Firefox. Versions 1.0.8 and 1.5.0.2 were released to fix them. Versions less than 1.0.8 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 5966 | | Last Modified: | Apr 27 18:00:22 2006 |
| MD5 Checksum: | 55aa99e9810adda91f7a4803476d5730 |
|
| /// File Name: |
glsa-200604-13.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200604-13 - Jan Braun has discovered that the fbgs script provided by fbida insecurely creates temporary files in the /var/tmp directory. Versions less than 2.03-r3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3058 | | Last Modified: | Apr 27 18:00:31 2006 |
| MD5 Checksum: | 24575d9bd08e2b931f7e28f7285666bb |
|
| /// File Name: |
glsa-200604-14.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200604-14 - infamous41md discovered multiple buffer overflows in Dia's XFig file import plugin. Versions less than 0.94-r5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2899 | | Last Modified: | Apr 27 18:00:38 2006 |
| MD5 Checksum: | dac2929cdf14d32f2fd1f11ee4772558 |
|
| /// File Name: |
glsa-200604-15.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200604-15 - Ludwig Nussel discovered that xine-ui incorrectly implements formatted printing. Versions less than 0.99.4-r5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2566 | | Last Modified: | Apr 28 20:58:16 2006 |
| MD5 Checksum: | 7cfb5f04d14cc11e6f0c47b41ca0d9b5 |
|
| /// File Name: |
glsa-200604-16.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200604-16 - Federico L. Bossi Bonin discovered that when handling MPEG streams xine-lib fails to make a proper boundary check of the input data supplied by the user before copying it to an insufficiently sized memory buffer. Versions less than 1.1.2_pre20060328-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2715 | | Last Modified: | Apr 28 20:58:22 2006 |
| MD5 Checksum: | a01e53341e3725fdd8da9a59c0196303 |
|
| /// File Name: |
glsa-200604-17.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200604-17 - Ethereal is vulnerable to numerous vulnerabilities, potentially resulting in the execution of arbitrary code. Versions less than 0.99.0 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3606 | | Last Modified: | Apr 28 20:58:35 2006 |
| MD5 Checksum: | 53b72e45d4b429de091a7628d86f8124 |
|
| /// File Name: |
glsa-200604-18.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200604-18 - Several vulnerabilities were found in Mozilla Suite. Version 1.7.13 was released to fix them. Versions less than 1.7.13 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 5546 | | Last Modified: | Apr 28 20:59:30 2006 |
| MD5 Checksum: | 95005cf1fb52e3c3eb4d5ad375a5e2d0 |
|
| /// File Name: |
google-reader.txt |
Description:
|
Google reader is supposed to display only those contents which the user has subscribed to however two vulnerabilities has been identified which may allow an attacker to entice it's victim (using google reader service) to view unwanted web contents carrying malicious payloads.
| | Author: | Debasis Mohanty | | Homepage: | http://www.hackingspirits.com | | File Size: | 3271 | | Last Modified: | Apr 13 21:02:21 2006 |
| MD5 Checksum: | b00754e81d529b49b6a488d82a1630a6 |
|
| /// File Name: |
googlereader.txt |
Description:
|
Google reader is supposed to display only those contents which the user has subscribed to however two vulnerabilities has been identified which may allow an attacker to entice it's victim (using google reader service) to view unwanted web contents carrying malicious payloads.
| | Homepage: | http://www.hackingspirits.com | | File Size: | 3271 | | Last Modified: | Apr 17 14:23:34 2006 |
| MD5 Checksum: | b00754e81d529b49b6a488d82a1630a6 |
|
| /// File Name: |
HijackArt.txt |
Description:
|
Defacing The Art Of Hijacking Spamming And EMail Viruses - A paper analyzing the methodology of hijacking a users web browser focusing mainly on Internet Explorer.
| | Author: | AdityaSood | | Homepage: | http://rxlabs.metaeye.Org | | File Size: | 18923 | | Last Modified: | Apr 28 16:58:37 2006 |
| MD5 Checksum: | f19bb9abdfeb0d8cd14c086a813b8f46 |
|
| /// File Name: |
HP-management.txt |
Description:
|
CompaqHTTPServer/9.9 and HP System Management Homepage 2.1.3.132 and above suffer from a remote authentication bypass vulnerability.
| | Author: | SRC Telindus | | File Size: | 2767 | | Last Modified: | Apr 19 15:32:10 2006 |
| MD5 Checksum: | 16349be1116b48ce658d8dc729237b25 |
|
| /// File Name: |
IE-DBCS.txt |
Description:
|
Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability: This vulnerability affects systems that use Double-Byte Character Sets. Systems that are affected are Windows language versions that use a Double Byte Character Set language. Examples of languages that use DBCS are Chinese, Japanese, and Korean languages. Customers using other language versions of Windows might also be affected if "Language for non-Unicode programs" has been set to a Double Byte Character Set language.
| | Author: | Sowhat | | Homepage: | http://secway.org | | File Size: | 3385 | | Last Modified: | Apr 13 21:00:47 2006 |
| MD5 Checksum: | 8cf943f33e793206de04581f8a239e3f |
|
| /// File Name: |
IE-UserInterface.txt |
Description:
|
Microsoft Internet Explorer suffers from a potential user interaction race in its handling of security dialogs. As a result, it may be possible for a malicious web site to install software on a visiting system or take other actions that may compromise the privacy or the security of the visitor.
| | Author: | Matthew Murphy | | Homepage: | http://student.missouristate.edu/m/matthew007/advisories.asp?adv=2006-02 | | File Size: | 13323 | | Last Modified: | Apr 28 21:19:53 2006 |
| MD5 Checksum: | 6eaac5db57a5b06689dc6f14bcce938e |
|
| /// File Name: |
iespoof-flash.txt |
Description:
|
It is possible to spoof the address bar in IE by using Shockwave Flash.
| | Author: | hainamluke | | File Size: | 935 | | Last Modified: | Apr 10 21:22:19 2006 |
| MD5 Checksum: | 77f7019a3c0bd596805ee31e4654763a |
|
| /// File Name: |
InstantPhotoGallery.txt |
Description:
|
Instant Photo Gallery suffers from XSS.
| | Author: | Qex | | File Size: | 191 | | Last Modified: | Apr 28 11:25:12 2006 |
| MD5 Checksum: | ca6b186cd24160c69a1675b0cd5c29c1 |
|
| /// File Name: |
Invision2.1.5.txt |
Description:
|
Invision Power Board 2.1.5 and possibly earlier versions suffer from a flaw that could allow for remote code execution.
| | Homepage: | http://HackThisSite.org | | Related Exploit: | invvy-v2.pl | | File Size: | 3249 | | Last Modified: | Apr 28 11:41:22 2006 |
| MD5 Checksum: | f9aa8d5398944f2861877e156ae63da9 |
|
| /// File Name: |
Jbook-gb.txt |
Description:
|
Jbook Guestbook suffers from XSS in index.php
| | Author: | Moroccan Security Team | | File Size: | 360 | | Last Modified: | Apr 12 14:13:17 2006 |
| MD5 Checksum: | 662a7c4dafbc55de594ed0547ac65aaa |
|
| /// File Name: |
jupiter-1.1.5.txt |
Description:
|
jupiter CMS 1.1.5 is vulnerable to XSS and full path disclosure in online.php.
| | Homepage: | http://kandangjamur.net/ | | File Size: | 613 | | Last Modified: | Apr 12 02:47:46 2006 |
| MD5 Checksum: | 739fc9405dd897c1f9675b03b42a0ca0 |
|
| /// File Name: |
kapda-37.txt |
Description:
|
[KAPDA::#37] - CoMoblog XSS
| | Author: | KAPDA | | Homepage: | http://www.KAPDA.ir | | File Size: | 459 | | Last Modified: | Mar 31 19:16:25 2006 |
| MD5 Checksum: | ac80c3d27faa074712c9400d0178834c |
|
| /// File Name: |
LandDownUnder.txt |
Description:
|
Land Down Under 802 and below suffer from a path disclosure vulnerability.
| | Homepage: | http://Aria-Security.net | | File Size: | 1458 | | Last Modified: | Apr 28 21:46:41 2006 |
| MD5 Checksum: | cf438c534aa71ec36ac81b7aaa160cea |
|
| /// File Name: |
Lifetype.txt |
Description:
|
Lifetype v1.0.3 suffers from XSS and full path disclosure vulnerabilities.
| | Author: | crasher | | Homepage: | http://kecoak.or.id | | File Size: | 1475 | | Last Modified: | Apr 17 19:12:35 2006 |
| MD5 Checksum: | b3167cc6a014858b31df377b79d85cfc |
|
| /// File Name: |
Linpha1.1.0.txt |
Description:
|
Linpha 1.1.0 suffers from a XSS vulnerability.
| | Author: | d4igoro | | File Size: | 687 | | Last Modified: | Apr 28 17:19:43 2006 |
| MD5 Checksum: | 9c51c6754c42ca57b8475d09474de3b6 |
|
| /// File Name: |
linux-cisco-PSIRT.txt |
Description:
|
Cisco PSIRT's response to the privilege escalation vulnerability in multiple Linux based Cicso products including: Cisco Wireless LAN Solution Engine (WLSE), Cisco Hosting Solution Engine (HSE), Cisco User Registration Tool (URT), Cisco Ethernet Subscriber Solution Engine (ESSE), CiscoWorks2000 Service Management Solution (SMS)
| | Homepage: | http://www.cisco.com/ | | File Size: | 8320 | | Last Modified: | Apr 28 20:21:12 2006 |
| MD5 Checksum: | fdc41aaabb9045f663e998236034f0a9 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
