|
|
Colapse all |
Post message
[ GLSA 200608-16 ] Warzone 2100 Resurrection: Multiple buffer overflows 2006-08-10 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [ GLSA 200608-17 ] libwmf: Buffer overflow vulnerability 2006-08-10 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [ GLSA 200608-15 ] MIT Kerberos 5: Multiple local privilege escalation (test Falco for security@) 2006-08-10 Raphael Marichez (falco gentoo org) PocketPC MMS - Remote Code Injection/Execution Vulnerability andDenial-of-Service 2006-08-10 Collin R. Mulliner (collin betaversion net) CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Buffer Overflow 2006-08-10 Mariano Nuñez Di Croce (mnunez cybsec com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 (The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_SAP_IGS_Remote_B uffer_Overflow.pdf ) CYBSEC S.A. www.cybsec.com Pre-Advisory Name: SAP Internet Graphics Service (IGS) Re [ more ] [ reply ] CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Denial of Service 2006-08-10 Mariano Nuñez Di Croce (mnunez cybsec com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 (The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_SAP_IGS_Remote_D enial_of_Service.pdf ) CYBSEC S.A. www.cybsec.com Pre-Advisory Name: SAP Internet Graphics Service (IGS) [ more ] [ reply ] Directory Traversal vulnerability in IPCheck Monitor Server 2006-08-10 auuw73 dsl pipex com Directory Traversal vulnerability in IPCheck Monitor Server -------------------------------------- Overview A directory traversal vulnerability has been identified in IPCheck Server Monitor Free/Trial/Professional, which may be exploited by potential attackers to retrieve files from the under [ more ] [ reply ] Sending multipart/form-data requests from Flash (with arbitrary headers) 2006-08-10 Amit Klein (AKsecurity) (aksecurity hotpop com) Hello lists, In my original "Forging HTTP request headers with Flash" paper (http://www.securityfocus.com/archive/1/441014), I mentioned forcing multipart/form-data input format to ensure that Flash's LoadVars isn't used to forge the request. However, there's a work-around for the attacker - usin [ more ] [ reply ] [SECURITY] [DSA 1149-1] New ncompress packages fix potential code execution 2006-08-10 joey infodrom org (Martin Schulze) PHPMyRing <= 4.2.0 (view_com.php) Remote SQL Injection 2006-08-10 simo64 morx org ####################################################################### # # PHPMyRing's (view_com.php) Remote SQL injection Exploit # # vulnerable code on view_com.php line ( 14 - 24) # # [code] # ------------------------------------------------------------------------ ----------- # if (!$ [ more ] [ reply ] XChat <= 2.6.4-1 (win version) Remote Denial of Service Exploit (php) 2006-08-09 ratboy727 gmail com TSRT-06-08: Microsoft Internet Help COM Object Memory Corruption Vulnerability 2006-08-08 TSRT 3com com TSRT-06-08: Microsoft Internet Help COM Object Memory Corruption Vulnerability http://www.tippingpoint.com/security/advisories/TSRT-06-08.html August 8, 2006 -- CVE ID: CVE-2006-3357 -- Affected Vendor: Microsoft -- Affected Products: Microsoft Windows Server 2003 SP1 and SP2 Microso [ more ] [ reply ] [SECURITY] [DSA 1148-1] New gallery packages fix several vulnerabilities 2006-08-09 Moritz Muehlenhoff (jmm debian org) TSRT-06-09: Microsoft DirectAnimation COM Object Memory Corruption Vulnerability 2006-08-08 TSRT 3com com TSRT-06-09: Microsoft DirectAnimation COM Object Memory Corruption Vulnerability http://www.tippingpoint.com/security/advisories/TSRT-06-09.html August 8, 2006 -- CVE ID: CVE-2006-3638 -- Affected Vendor: Microsoft -- Affected Products: Internet Explorer 6 All Versions Internet Explo [ more ] [ reply ] TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability 2006-08-08 TSRT 3com com TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability http://www.tippingpoint.com/security/advisories/TSRT-06-10.html August 8, 2006 -- CVE ID: CVE-2006-3086 -- Affected Vendor: Microsoft -- Affected Products: Microsoft Windows Server 2003 SP1 and SP2 [ more ] [ reply ] Stack and heap overflows in MODPlug Tracker/OpenMPT 1.17.02.43 and libmodplug 0.8 2006-08-09 Luigi Auriemma (aluigi autistici org) [ISR] - Novell Groupwise Webaccess (Cross-Site Scripting) 2006-08-08 Francisco Amato (famato infobyte com ar) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 :: :: [ISR] :: Infobyte Security Research :: www.infobyte.com.ar :: 08.08.2006 :: .:: SUMMARY Novell Groupwise WebAccess Cross-Site Scripting Version: Novell GroupWise WebAccess 7, 6.5 It is suspected that all previous versions of Groupwise W [ more ] [ reply ] Cwfm <= 0.9.1 (Language) Remote File Inclusion Vulnerability 2006-08-08 philipp niedziela gmx de +-------------------------------------------------------------------- + + Cwfm-0.9.1 (Language) Remote File Inclusion + + Original advisory: + + http://www.bb-pcsecurity.de/Websecurity/301/org/Cwfm-0.9.1_(Language)_Re mote_File_Inclusion.htm + +------------------------------------------------ [ more ] [ reply ] [ MDKSA-2006:139 ] - Updated krb5 packages fix local privilege escalation vulnerability 2006-08-09 security mandriva com [SECURITY] [DSA 1147-1] New drupal packages fix cross-site scripting 2006-08-09 Moritz Muehlenhoff (jmm debian org) BlogHoster v2.2 Post Comment Html Injection 2006-08-08 piiiiiii pppiiiiiiii (heliosz_time hotmail com) ## HeLiOsZ - Dark End Team - Internet Security Team ## BlogHoster v2.2 Post Comment Html Injection ## IRC: darkend.sytes.net #darkend , http://darkend.sytes.net & http://www.darkend.org ## Rish : Medium ## Type : web applet ## Creator: http://www.blogsplosion.com ## Exploit: - To exploit this is [ more ] [ reply ] CivicSpace Version 0.8.5 HTML injection 2006-08-09 HeLiOsZ RooT (heliosz_time hotmail com) ## HeLiOsZ - Dark End Team - Internet Security Team ## CivicSpace Version 0.8.5 HTML injection ## IRC: darkend.sytes.net #darkend , http://darkend.sytes.net & http://www.darkend.org ## Rish : Medium ## Type : web applet ## Creator: www.civicspacelabs.org ## Exploit: - To exploit this issue you m [ more ] [ reply ] [SECURITY] [DSA 1146-1] New krb5 packages fix privilege escalation 2006-08-09 joey infodrom org (Martin Schulze) Assessment of Vista Kernel Mode Security 2006-08-09 ATR-Bugtraq (atrbugtraq securityfocus com) Everyone - Symantec has just released an in depth report on the security of the Windows Vista kernel. This is a detailed technical report that discusses how Vista boots, how PatchGuard and Code Integrity work, as well as a technique on how to bypass them. You can find the paper here: http://www. [ more ] [ reply ] Latinchat Denial Of Service 2006-08-09 Vicente Perez (vp vicenteperez gmail com) Denial Of Service on Chat Magma Latinchat http://www.latinchat.com Researcher: Vicente Perez 1.-Overview Latinchat is one of the most known chat server, and used basically by latin american people. 2.-Description This system has a vulnerabily as DoS, taking system offline by a while. The f [ more ] [ reply ] |
|
Privacy Statement |
Gentoo Linux Security Advisory GLSA 200608-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
[ more ] [ reply ]