|
|
Colapse all |
Post message
iDefense Security Advisory 12.05.05: Multiple Vendor xpdf DCTStream Progressive Heap Overflow 2005-12-06 iDEFENSE Labs (labs-no-reply idefense com) iDefense Security Advisory 12.05.05: Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability 2005-12-06 iDEFENSE Labs (labs-no-reply idefense com) Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability iDefense Security Advisory 12.05.05 www.idefense.com/application/poi/display?id=342&type=vulnerabilities December 5, 2005 I. BACKGROUND Xpdf is an open-source viewer for Portable Document Format (PDF) files. II. DESCRIPTION Loc [ more ] [ reply ] SUSE Security Announcement: kernel various security and bugfixes (SUSE-SA:2005:067) 2005-12-06 Marcus Meissner (meissner suse de) Buffer Overflow in MultiTech VoIP Implementations 2005-12-05 SecurityLab Research (SLAB_research securitylab net) have you ever been BluePIMped? 2005-12-04 KF (lists) (kf_lists digitalmunition com) Chapter 9 style ala Stealing the network. enjoy... have you ever been BluePIMped? Exploiting The Widcomm BTStackServer by KF (kf_lists[at]digitalmunition[dot]com) On August 12, 2004 Ryan Naraine of internetnews.com described a serious vulnerability in Widcomm's widely deployed Bluetooth Conne [ more ] [ reply ] Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers 2005-01-06 David Litchfield (davidl ngssoftware com) Dear security community and Oracle users, Many of my customers run Oracle. Much of the U.K. Critical National Infrastructure relies on Oracle; indeed this is true for many other countries as well. I know that there's a lot of private information about me stored in Oracle databases out there. I have [ more ] [ reply ] [USN-180-2] MySQL 4.1 vulnerability 2005-12-05 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-180-2 December 05, 2005 mysql-dfsg-4.1 vulnerability CVE-2005-2558 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 (Breezy Badger [ more ] [ reply ] [USN-223-1] Inkscape vulnerability 2005-12-05 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-223-1 December 05, 2005 inkscape vulnerability CVE-2005-3885 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 (Hoary Hedgehog) Th [ more ] [ reply ] [scip_Advisory] e107 v0.6 rate.php manipulation 2005-12-05 Marc Ruef (maru scip ch) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 e107 v0.6 rate.php voting manipulation and forwarding vulnerability scip AG Vulnerability Advisory (11/10/2005) http://www.scip.ch I. INTRODUCTION e107 is the name of an open-source content management system (cms) that relies on php and sql. More [ more ] [ reply ] [security bulletin] HPSBUX01059 SSRT4704 Revised - HP-UX Running wu-ftpd Local Unauthorized Access 2005-12-05 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00572225 Version: 3 HPSBUX01059 SSRT4704 Revised - HP-UX Running wu-ftpd Local Unauthorized Access NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Re [ more ] [ reply ] eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities 2005-12-03 tommie1 adelphia net eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities ==================================================== http://www.phpbbstyles.com/ Description =========== These vulnerabilities could allow an attacker that has gained administrative access view file content on the system. 1. Remote File Content [ more ] [ reply ] Zen-Cart <= 1.2.6d blind SQL injection / remote commands execution: 2005-12-02 retrogod aliceposta it more MD5 colliding examples 2005-12-02 Gerardo Richarte (gera corest com) hello everybody, last month we presented in a lightning talk at PacSec a few interesting and somehow new things related to MD5 collisions: 2 different Win32 .EXE files with the same MD5 hash, and 4 different files (inputs) with the same MD5 hash. These are direct results of reimplementing the alr [ more ] [ reply ] DMA[2005-1202a] - 'sobexsrv - Scripting/Secure OBEX Server format string vulnerability' 2005-12-03 KF (lists) (kf_lists digitalmunition com) [Updated] [FLSA-2005:166943] Updated php packages fix security issues 2005-12-03 Marc Deslauriers (marcdeslauriers videotron ca) QNX 4.25 suided dhcp.client binary 2005-12-03 lms fe up pt Hello all, I recently got a QNX 4.25 vmware image and i found that the dhcp.client shipped with it is suided. This obviously enables a normal user to control the NIC's configuration and produce some other attacks (eg: if the system has some services which depend on 'host/ip based' authentication [ [ more ] [ reply ] PHP-Fusion v6.00.109 SQL Injection and Info. Disclosure 2005-12-03 xer0x west gmail com In the latest version of PHP-Fusion, the content management system by Digitanium (php-fusion.co.uk), there is an SQL Error in messages.php that reveals path names and a table name, and someone could possibly manipulate the SQL database. The error is as follows, it is with the Search and Sort option: [ more ] [ reply ] MDKSA-2005:222 - Updated mailman packages fix various vulnerabilities 2005-12-02 Mandriva Security Team (security mandriva com) Alisveristr E-Commerce Admin Login SQL İnjection 2005-12-03 B3g0k hackermail com ###Hi all ###B3g0k[at]hackermail.com ###Kurdish Hacker ###Special Thanx All Kurdish Hackers ###Freedom For Ocalan!!! ###----------------------------------- ###Alisveristr E-commerce User Login Sql İnjection ###Alisveristr E-commerce Admin Login Sql ###İnjection ###------------------------- [ more ] [ reply ] Re: WebCalendar 2005-12-03 Louis Wang (bill louis gmail com) Hi, Dan: For some vulnerability has fixed by the vendor, I have update this vulnerability advisory, sorry for any trouble I have caused to you. The following is the updated advisory.: =================================================== WebCalendar CRLF Injection Vulnerability I. BACKGROUND WebC [ more ] [ reply ] MDKSA-2005:221 - Updated spamassassin packages fixes vulnerability 2005-12-02 Mandriva Security Team (security mandriva com) [OpenPKG-SA-2005.026] OpenPKG Security Advisory (lynx) 2005-12-03 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] [OpenPKG-SA-2005.027] OpenPKG Security Advisory (php) 2005-12-03 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] MDKSA-2005:223 - Updated webmin package fixes format string vulnerability 2005-12-02 Mandriva Security Team (security mandriva com) [OpenPKG-SA-2005.025] OpenPKG Security Advisory (perl) 2005-12-03 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] |
|
Privacy Statement |
iDefense Security Advisory 12.05.05
www.idefense.com/application/poi/display?id=343&type=vulnerabilities
December 5, 2005
I. BACKGROUND
Xpdf is an open-source viewer for Portable Document Format (PDF) files.
II. DESCRIPTION
Local exploita
[ more ] [ reply ]