Section: .. / 0606-advisories /
| /// File Name: |
MDKSA-2006-095.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-095: A stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 5788 | | Last Modified: | Jun 11 04:21:16 2006 |
| MD5 Checksum: | 295b5101a7d564b8c1c74cc0c8c85c2b |
|
| /// File Name: |
MDKSA-2006-096.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-096: A stack-based buffer overflow in st.c in slurpd for OpenLDAP might allow attackers to execute arbitrary code via a long hostname.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 8489 | | Last Modified: | Jun 11 04:21:26 2006 |
| MD5 Checksum: | 62c2d2fac61e071395f05b5ce43b7701 |
|
| /// File Name: |
MDKSA-2006-097.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-097: SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 5498 | | Last Modified: | Jun 11 04:21:33 2006 |
| MD5 Checksum: | 4368baf386bf27035f0639fbb6323897 |
|
| /// File Name: |
MDKSA-2006-098.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-098: PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 12595 | | Last Modified: | Jun 11 04:21:41 2006 |
| MD5 Checksum: | 4261e1ee878f9868b455c043769cc88a |
|
| /// File Name: |
MDKSA-2006-099-1.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-099-1: Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 6762 | | Last Modified: | Jun 14 06:08:48 2006 |
| MD5 Checksum: | 0d36dca153492580ebba493be291982b |
|
| /// File Name: |
MDKSA-2006-099.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-099: Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 6668 | | Last Modified: | Jun 14 06:08:07 2006 |
| MD5 Checksum: | 653632424c229f6f1153621eba621f92 |
|
| /// File Name: |
MDKSA-2006-100.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-100: A vulnerability in gdm could allow a user to activate the gdm setup program if the administrator configured a gdm theme that provided a user list. The user could do so by choosing the setup option from the menu, clicking the user list, then entering his own password instead of root's.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 2834 | | Last Modified: | Jun 14 06:09:41 2006 |
| MD5 Checksum: | 3ab4449c53f2e9bd33950a7245a4d7f3 |
|
| /// File Name: |
MDKSA-2006-101.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-101- A PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 2850 | | Last Modified: | Jun 21 10:21:35 2006 |
| MD5 Checksum: | 9419a6bec30457102b19ef911872d974 |
|
| /// File Name: |
MDKSA-2006-102.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-102- A buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in a sprintf call. Corporate Server 3 and Corporate Desktop 3 are not affected by this vulnerability as tiff2pdf was not part of the libtiff version shipped in those products.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4871 | | Last Modified: | Jun 21 10:22:14 2006 |
| MD5 Checksum: | 15dd14dfe851008600447d167b67425e |
|
| /// File Name: |
MDKSA-2006-103.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-103 - A flaw was discovered in the way that spamd processes the virtual POP usernames passed to it. If running with the --vpopmail and --paranoid flags, it is possible for a remote user with the ability to connect to the spamd daemon to execute arbitrary commands as the user running spamd.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 5431 | | Last Modified: | Jun 21 10:25:46 2006 |
| MD5 Checksum: | c86f342d5840ff2c6fcf27e1c9b1b43a |
|
| /// File Name: |
MDKSA-2006-104.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-104 - A vulnerability in the way Sendmail handles multi-part MIME messages was discovered that could allow a remote attacker to create a carefully crafted message that could crash the sendmail process during delivery.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 5287 | | Last Modified: | Jun 25 23:25:47 2006 |
| MD5 Checksum: | dedf8270f5f765ba9e191105cfe06af3 |
|
| /// File Name: |
MDKSA-2006-105.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-105 - A problem with how kdm manages the ~/.dmrc file was discovered by Ludwig Nussel. By using a symlink attack, a local user could get kdm to read arbitrary files on the system, including privileged system files and those belonging to other users.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 9946 | | Related CVE(s): | CVE-2006-2449 | | Last Modified: | Jun 26 06:48:36 2006 |
| MD5 Checksum: | f474b78ef730e71751067aef3c2a1095 |
|
| /// File Name: |
MDKSA-2006-106.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-106 - A problem with how kdm manages the ~/.dmrc file was discovered by Ludwig Nussel. By using a symlink attack, a local user could get kdm to read arbitrary files on the system, including privileged system files and those belonging to other users. Mandriva's mdkkdm also suffers from this same problem and has been patched to correct it. Only Corporate 3 is affected; in Mandriva Linux 2006, mdkkdm is in contribs.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 2529 | | Related CVE(s): | CVE-2006-2449 | | Last Modified: | Jun 26 06:49:46 2006 |
| MD5 Checksum: | a8943172d7a9ab5c2916ec8deb79eeff |
|
| /// File Name: |
MDKSA-2006-107.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-107 - A vulnerability in the artswrapper program, when installed setuid root, could enable a local user to elevate their privileges to that of root. By default, Mandriva Linux does not ship artswrapper setuid root, however if a user or system administrator enables the setuid bit on artswrapper, their system could be at risk.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 3641 | | Related CVE(s): | CVE-2006-2916 | | Last Modified: | Jun 27 06:54:13 2006 |
| MD5 Checksum: | b6a0653e9458df60ecc606bf7371ce94 |
|
| /// File Name: |
MDKSA-2006-108.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-108 - A buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 8580 | | Related CVE(s): | CVE-2006-2802 | | Last Modified: | Jun 27 06:55:24 2006 |
| MD5 Checksum: | b151e275e704e65bb5aca272e1b46815 |
|
| /// File Name: |
MDKSA-2006-109.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-109 - A boundary checking error was discovered in the wv2 library, used for accessing Microsoft Word documents. This error can lead to an integer overflow induced by processing certain Word files.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 3171 | | Related CVE(s): | CVE-2006-2197 | | Last Modified: | Jun 27 06:56:04 2006 |
| MD5 Checksum: | f6f11ec92fc74217c7e33e6345a56b81 |
|
| /// File Name: |
MDKSA-2006-110.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-110 - A vulnerability was discovered in GnuPG 1.4.3 and 1.9.20 (and earlier) that could allow a remote attacker to cause gpg to crash and possibly overwrite memory via a message packet with a large length.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 3758 | | Related CVE(s): | CVE-2006-3082 | | Last Modified: | Jun 27 06:56:53 2006 |
| MD5 Checksum: | a41096f66d2ecdf4ca9b539ac52b275f |
|
| /// File Name: |
MDKSA-2006-111.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-111 - Mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function. MySQL 4.0.18 in Corporate 3.0 and MNF 2.0 is not affected by this issue.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 5375 | | Related CVE(s): | CVE-2006-3081 | | Last Modified: | Jun 27 08:14:22 2006 |
| MD5 Checksum: | 6b2353153d0fd1792979057de4697bc9 |
|
| /// File Name: |
MDKSA-2006-112.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-112: The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 3967 | | Last Modified: | Jun 29 05:58:41 2006 |
| MD5 Checksum: | 9174f8121c7d76d843b2d0f6432895c6 |
|
| /// File Name: |
MDKSA-2006-113.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-113: Integer overflows were reported in the GD Graphics Library (libgd) 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx() function. Tetex contains an embedded copy of the GD library code.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 7907 | | Last Modified: | Jun 29 05:58:52 2006 |
| MD5 Checksum: | 0907f87cc3b7d85efc8016d20b55432c |
|
| /// File Name: |
MDKSA-2006-114.txt |
Description:
|
Mandriva Linux Security Advisory MDKSA-2006-114: Integer overflows were reported in the GD Graphics Library (libgd) 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx() function. Libwmf contains an embedded copy of the GD library code.
| | Homepage: | http://www.mandriva.com/security/advisories | | File Size: | 4573 | | Last Modified: | Jun 29 05:59:04 2006 |
| MD5 Checksum: | 168e15a401a6cc8b08eb1534f762d707 |
|
| /// File Name: |
MPCS02.txt |
Description:
|
MPCS version 0.2 appears susceptible to cross site scripting attacks.
| | Author: | luny | | File Size: | 496 | | Last Modified: | Jun 26 08:14:44 2006 |
| MD5 Checksum: | 828c99c4706e6e42231a39e05f31419c |
|
| /// File Name: |
ms06030notfixed.txt |
Description:
|
A quick note discussing that Microsoft has not fixed the NtClose/ZwClose DeadLock vulnerability as described in MS06-030.
| | Homepage: | http://www.reversemode.com | | File Size: | 1038 | | Last Modified: | Jun 26 06:21:35 2006 |
| MD5 Checksum: | e09f5cd54acfce3a64ce407e6f22270b |
|
| /// File Name: |
msie6.txt |
Description:
|
Microsoft Internet Explorer is susceptible to a web filter bypass flaw using ASCII.
| | Author: | Kurt Huwig | | Homepage: | http://www.iku-ag.de/ | | File Size: | 2652 | | Last Modified: | Jun 27 07:00:37 2006 |
| MD5 Checksum: | 7807e62425dc55a9170c55207a61ec4e |
|
| /// File Name: |
MU-200606-01.txt |
Description:
|
A remote buffer overflow condition in Real Helix's RTSP service could allow for arbitrary code execution. The vulnerable code is triggered with the use of a malformed HTTP header. A second vulnerability of equal criticality was also discovered. This bug involved the parsing of HTTP URLs. Affected versions include Real Networks Helix DNA Server 11.0.x and Real Networks Helix DNA Server 10.0.x.
| | Homepage: | http://labs.musecurity.com | | File Size: | 2598 | | Last Modified: | Jun 27 07:27:56 2006 |
| MD5 Checksum: | 2ff856d770db4d9c4768675243cf4958 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
