SecurityFocus

[USN-231-1] Linux kernel vulnerabilities 2005-12-22
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-231-1 December 22, 2005
linux-source-2.6.8.1/-2.6.10/-2.6.12 vulnerabilities
CVE-2005-3257, CVE-2005-3783, CVE-2005-3784, CVE-2005-3805,
CVE-2005-3806, CVE-2005-3808, CVE-2005-3848, CVE-2005-3857,
CVE-2005-3858

[ more ] [ reply ]

MDKSA-2005:235 - Updated kernel packages fix numerous vulnerabilities 2005-12-21
Mandriva Security Team (security mandriva com)

iDefense Security Advisory 12.21.05: Macromedia JRun 4 Web Server URL Parsing Buffer Overflow Vulnerability 2005-12-21
labs-no-reply (at) idefense (dot) com [email concealed] (labs-no-reply idefense com)

Macromedia JRun 4 Web Server URL Parsing Buffer Overflow Vulnerability

iDefense Security Advisory 12.21.05
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=360
December 21, 2005

I. BACKGROUND

Macromedia JRun 4 is an application server used for developing and
deploying Java base

[ more ] [ reply ]

Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability 2005-12-21
ovt redcenter ru

Hi!

The following is the description of the vulnerability in the Cisco implementation of downloadable ACLs, which are used by the Cisco PIX firewall authentication proxy (aka cut-through proxy) and VPN 3000 concentrators.

When an administrator creates an ACL on the Cisco Secure Access Control Serv

[ more ] [ reply ]

VMware vulnerability in NAT networking 2005-12-21
vmware-security-alert vmware com

Cisco Security Response: DoS in Cisco Clean Access 2005-12-21
Clayton Kossmeyer (ckossmey cisco com)

WinRAR - Processing Filename Incorrectly Vulnerability 2005-12-21
agoanywhere hotmail com

Date:
Dec. 21 2005
Rating:
low
Affected Version:
WinRAR 3.51 English Version
Other versions may also be affected.
Tested Entironment:
Windows XP Korea Version(full patched without SP.)
WinRAR 3.51 English Version
A file with Chinese Filename

Description:
When we use "Add to archive" command

[ more ] [ reply ]

[SECURITY] [DSA 924-1] New nbd packages fix potential arbitrary code execution 2005-12-21
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 924-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
December 21st, 2005

[ more ] [ reply ]

Vulnerability in Metadot portal server allows users to gain administrative privileges 2005-12-20
Gerry Chng (gerry chng gmail com)

Title
------------------------------------------------------------------------
---------------
Vulnerability in Metadot portal server allows users to gain
administrative privileges

Vendor
------------------------------------------------------------------------
---------------
Metadot Corporation (htt

[ more ] [ reply ]

XSS vulnerabilities in Google.com 2005-12-21
Watchfire Research (security-research watchfire com)

//=====================>> Security Advisory <<=====================//

---------------------------------------------------------------------
XSS vulnerabilities in Google.com
---------------------------------------------------------------------

--[ Author: Yair Amit , Watchfire Corporation http://w

[ more ] [ reply ]

mIRC buffer overflow 2005-12-20
Crowdat Kurobudetsu (crowdat gmail com)

- 1 - Introduction

Written by Khaled Mardam-Bey, mIRC is a friendly IRC client that is
well equipped with options and tools.

- 2 - Vulnerability description

Tested on mIRC 6.16,6.12,6.03 and 5.91, all result vulnerable.
Possibly all mIRC versions are vulnerable.
The code executed are with current

[ more ] [ reply ]

[ECHO_ADV_24$2005] Full path disclosure on WordPress < 1.5.2 2005-12-20
Dedi securityfocus com,Dwianto securityfocus com (the_day echo or id)

ECHO.OR.ID
ECHO_ADV_24$2005

------------------------------------------------------------------------
---
[ECHO_ADV_24$2005] Full path disclosure on WordPress < 1.5.2
------------------------------------------------------------------------
---

Author: Dedi Dwianto
Date: Dec, 20th 2005
Location: Indon

[ more ] [ reply ]

Re: Symantec Antivirus Library Remote Heap Overflows 2005-12-20
ltr isc upenn edu

Looking at this post it seems this is a new advisory but the links from iss.net show this to be Feb 2005. Is this new or not?

[ more ] [ reply ]

[Security-Advisories (at) acs-inc (dot) com [email concealed]: [Full-disclosure] [ACSSEC-2005-11-25-0x1] VMWare Workstation 5.5.0 <= build-18007 G SX Server Variants And Others] 2005-12-21
Andrew Griffiths (andrewg felinemenace org)

Requested by the author.

----- Forwarded message from Security Advisories <Security-Advisories (at) acs-inc (dot) com [email concealed]> -----

From: Security Advisories <Security-Advisories (at) acs-inc (dot) com [email concealed]>
To: bugtraq (at) securityfocus (dot) com [email concealed], vulnwatch (at) vulnwatch (dot) org [email concealed],
full-disclosure (at) lists.grok.org (dot) uk [email concealed]
Subject: [Full-disclosure] [ACSS

[ more ] [ reply ]

security patch for Linux Kernel 2.6 2005-12-21
breno kalangolinux org

Hi,

I've done a patch with many security things :

- EIP addr check at sys_execve and sys_open
- Shellcode signature at argv and env memory area
- fork bom protect
- file dtime
etc

http://200.199.203.196/~breno/linux-2.6.11.patch

Please, waiting for answers

Thanks

Breno

[ more ] [ reply ]

[ECHO_ADV_24$2005] Full path disclosure on WordPress < 1.5.2 2005-12-21
the_day echo or id

Workshop "Dependability Aspects in DWH and Mining applications"Deadline:15-01-06 2005-12-21
Manh Tho (manhthovn gmail com)

Dear colleague,

Due to many requests (to enjoy Chirstmas and New Year Holidays), we
decide to extend the submission deadline of DAWAM 2006 to January
15, 2006

(Apologies for multiple copies due to cross postings. Please send to
interested colleagues and students)

CALL FOR PAPERS

----------------

[ more ] [ reply ]

Tolva PHP website system Remote File Include 2005-12-21
beford (xbefordx gmail com)

Script: Tolva PHP website system
Version: 0.1.0
Language: PHP
Official Website: http://sourceforge.net/projects/twebs
Problem: Remote File Include
Discovered by: beford

Description:
============

A complete collection of php scripts that work tightly together to
create a highly customizable, dynami

[ more ] [ reply ]

Re: XSS bypass in PHPNuke - FIX ? 2005-12-20
Paul Laudanski (zx castlecops com)

On Tue, 20 Dec 2005, SecurityReason - sp3x wrote:

> Hi Paul
> Do you have any idea to do fix or update filter of phpnuke against XSS that discovered my friend.
> We were working with chaserv from nukefixes.com on this fix...
> But as you wrote on bugtraq the Fix is not very good...
>
> Any idea fo

[ more ] [ reply ]

Call for Paper - VI National Computer and Information Security Conference - COLOMBIA 2005-12-21
Jeimy José Cano Martínez (jcano uniandes edu co)

Dear professionals,

I apologize cross posting announcement.

******** CALL FOR PAPERS ******************
VI National Computer and Information Security Conference ACIS 2006 - COLOMBIA

The Sixth National Computer and Information Security Conference ACIS 2006 (NCIS
2006) as a scenario to develop and

[ more ] [ reply ]

[Hat-Squad] Remote Heap Corruption Vulnerability in Interaction SIP Proxy 2005-12-21
service hat-squad com

Hat-Squad Advisory: Remote Heap Corruption Vulnerability in Interaction SIP Proxy

Product: Interaction SIP Proxy
Vendor: Interactive Intelligence Inc. (http://www.inin.com)

Systems Affected:

Vonexus Enterprise Interaction Center
Interaction SipProxy 3.0.010

Release Date: 12/21/2005

Vendor Stat

[ more ] [ reply ]

[KAPDA::#17] - beehiveforum Script Injection 2005-12-21
alireza hassani (trueend5 yahoo com)

KAPDA New advisory

Vendor: http://www.beehiveforum.net
Vulnerable: Version 0.6.2
Bug: HTML Injection , Possible attacks with
register_globals = On
Exploitation: Remote with browser

Description:
--------------------
Beehive Forum is a PHP-based message board system that
uses a MySQL database.

Vul

[ more ] [ reply ]

MDKSA-2005:234 - Updated sudo packages fix vulnerability 2005-12-20
Mandriva Security Team (security mandriva com)

IRM 012: Portfolio Netpublish Server 7 is vulnerable to a Directory Traversal Attack 2005-12-20
Advisories (advisories irmplc com)

----------------------------------------------------------------------
IRM Security Advisory No. 012

Portfolio Netpublish Server 7 is vulnerable to a Directory Traversal
Attack

Vulnerablity Type / Importance: Information Leakage / High

Problem discovered: October 11th 2005
Vendor contacted: Octob

[ more ] [ reply ]

IRM 013: Ultraapps Issue Manager is vulnerable to Privilege Escalation 2005-12-20
Advisories (advisories irmplc com)

----------------------------------------------------------------------
IRM Security Advisory No. 013

Ultraapps Issue Manager is vulnerable to Privilege Escalation

Vulnerablity Type / Importance: Privilege Escalation / High

Problem discovered: November 25th 2005
Vendor contacted: November 25th 200

[ more ] [ reply ]

IRM 014: Sygate Protection Agent 5.0 vulnerability - A low privileged user can disable the security agent 2005-12-20
Advisories (advisories irmplc com)

----------------------------------------------------------------------
IRM Security Advisory No. 014

Sygate Protection Agent 5.0 vulnerability - A low privileged user can
disable the security agent

Vulnerablity Type / Importance: Security Protection Bypass / High

Problem discovered: November 23

[ more ] [ reply ]

Secunia Research: Pegasus Mail Buffer Overflow and Off-by-OneVulnerabilities 2005-12-20
Secunia Research (vuln secunia com)

======================================================================

Secunia Research 20/12/2005

- Pegasus Mail Buffer Overflow and Off-by-One Vulnerabilities -

======================================================================
Table of Contents

Affected Software.

[ more ] [ reply ]

[Overflow.pl] Blender BlenLoader Integer Overflow 2005-12-20
Damian Put (pucik overflow pl)

Overflow.pl Security Advisory #4

Blender BlenLoader Integer Overflow

Vendor: Blender (http://www.blender.org)
Affected version: 2.x up to and including 2.40pre
Vendor status: Notified. No patch available.

Author: Damian Put <pucik (at) overflow (dot) pl [email concealed]>
URL: http://www.overflow.pl/adv/blenderinteger.txt
Da

[ more ] [ reply ]

PHPGedView <= 3.3.7 remote code execution 2005-12-20
retrogod aliceposta it

--- PHPGedView <= 3.3.7 Arbitrary local/remote code execution & php injection ---

software:
site: http://www.phpgedview.net/
description: "PhpGedView is a revolutionary genealogy program which allows you to view
and edit your genealogy on your website."

-

vulnerabilties:
---------

[ more ] [ reply ]

Acidcat ASP CMS Multiple Vulnerabilities 2005-12-20
h e (het_ebadi yahoo com)

http://hamid.ir

Acidcat CMS is a web site and simple content
management system that can be administered via a web
browser.
It is free for non-commercial use.Acidcat CMS is also
an open source product.
The product has been found to contain multiple
security vulnerabilities allowing a remote attacke

[ more ] [ reply ]