|
|
Colapse all |
Post message
[USN-127-1] bzip2 vulnerabilities 2005-05-17 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-127-1 May 17, 2005 bzip2 vulnerabilities CAN-2005-0953, CAN-2005-1260 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty [ more ] [ reply ] Help Center Live Vulnerabilities 2005-05-17 GulfTech Security Research (security gulftech org) ########################################################## # GulfTech Security Research May 17th, 2005 ########################################################## # Vendor : Michael Bird # URL : http://www.helpcenterlive.com/ # Version : Help Center Live [ All Versions ] # Risk : Multiple Vulnerabili [ more ] [ reply ] Yahoo! Messenger may be storing all session data 'Unencoded' on the local machine 2005-05-18 Torseq Tech. (bindshell gmail com) Title: Yahoo! Messenger May Be Storing All Session Data 'Unencoded' On The Local Machine Discovered By: Torseq Tech. <bindshell (at) gmail (dot) com [email concealed]> Date: Wednesday, May 18, 2005 Application affected: Yahoo! Messenger ver. 5.x - 6.0 (all builds) Windows, *Nix/Mac ? (not tested) Vendor: Yahoo! Inc. Proof-of- [ more ] [ reply ] Linux kernel pktcdvd ioctl break user space limit vulnerability [corrected] 2005-05-18 bugs (bugs whitecell org) hi,all: sorry for insufficient coordination with vendor. :( I had corrected it and deleted rawdevice issue ------------------------------------------------------------------ Synopsis: Linux kernel pktcdvd ioctl break user space limit vulnerability Product: Linux kernel Version: 2.6 up [ more ] [ reply ] Re: Windows image size crash 2005-05-17 cmthemc yahoo com In-Reply-To: <428604DC.6010207 (at) bmitt (dot) com [email concealed]> win xp embedded crashed. >Received: (qmail 26180 invoked from network); 14 May 2005 18:24:28 -0000 >Received: from outgoing.securityfocus.com (HELO outgoing2.securityfocus.com) (205.206.231.26) > by mail.securityfocus.com with SMTP; 14 May 2005 18:24:28 - [ more ] [ reply ] [SECURITY] [DSA 724-1] New phpsysinfo packages fix cross site scripting 2005-05-18 joey infodrom org (Martin Schulze) MDKSA-2005:088-1 - Updated mozilla-firefox packages re-enable extensions 2005-05-17 Mandriva Security Team (security mandriva com) OpenServer 5.0.6 OpenServer 5.0.7 : telnet client multiple issues 2005-05-17 please_reply_to_security sco com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ ______ SCO Security Advisory Subject: OpenServer 5.0.6 OpenServer 5.0.7 : telnet client multiple issues Advisory number: SCOSA-2005.23 Issue date: 2005 May 17 Cross refer [ more ] [ reply ] [CLA-2005:953] Conectiva Security Announcement - kde 2005-05-17 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : kde SUMMARY : Fixes for multiple KDE security [ more ] [ reply ] [ GLSA 200505-13 ] FreeRADIUS: Buffer overflow and SQL injection vulnerability 2005-05-17 Sune Kloppenborg Jeppesen (jaervosz gentoo org) Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability 2005-05-17 alert7 (alert7 xfocus org) cdrdao exploit for mandrake 10.2 ( Mandriva 2005) 2005-05-16 newbug Tseng (newbug chroot org) Hi. Seems cdrdao vulnerability still exist in Mandrake 10.2 (Mandriva 2005). I've no idea why Mandrake always forgot to fix this vulnerability ... Anyway, hope Mandrike will fix this vulnerability as soon as possible. --- screenshot --- [newbug@t43 ~]$ cat /etc/mandrake-release Mandrakelinux rele [ more ] [ reply ] [SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05) 2005-05-16 deluxe security-project org [SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05) Vendor: JGS-XA URL: http://www.jgs-xa.de/ Version: <= 3.0.2 Type: SQL-Injections, XSS and Full Path Disclosures Discovered by deluxe89 and the Security-Project Team Description: ------------------------- Th [ more ] [ reply ] Mac OS X - Adobe Version Cue local root exploit [c version exploit] 2005-05-16 ali reza AcTiOnSpIdEr (actionspider gmail com) Pico Server (pServ) Remote Command Injection 2005-05-16 Claus R. F. Overbeck (bugtraq clausrfoverbeck de) Advisory: Pico Server (pServ) Remote Command Injection RedTeam found a remote command injection in Pico Server (pServ) which results in a remote attacker being able to issue arbitrary commands on the server. Details ======= Product: Pico Server (pServ) Affected Version: 3.2(verified), [ more ] [ reply ] Pico Server (pServ) Local Information Disclosure 2005-05-16 Claus R. F. Overbeck (bugtraq clausrfoverbeck de) Advisory: Pico Server (pServ) Local Information Disclosure RedTeam found a local information disclosure vulnerability in Pico Server (pServ) which results in a local user reading all files on the server with pServ's permissions. Details ======= Product: Pico Server (pServ) Affected Vers [ more ] [ reply ] Woltlab Burning Board SQL Injection Vulnerability 2005-05-16 GulfTech Security Research (security gulftech org) Postnuke 0.750 - 0.760rc4 local file inclusion 2005-05-16 pokley (pokleyzz scan-associates net) Product : Postnuke 0.750 (http://www.postnuke.com) Description: Postnuke 0.750 - 0.760rc4 local file inclusion Severity: High Description =========== Postnuke is Web Content Management System written in PHP and using mysql as database backend. Detail ====== Directory traversal in function pnModFu [ more ] [ reply ] [ GLSA 200505-12 ] PostgreSQL: Multiple vulnerabilities 2005-05-15 Sune Kloppenborg Jeppesen (jaervosz gentoo org) Pico Server (pServ) Information Disclosure Of CGI Sources 2005-05-16 Claus R. F. Overbeck (bugtraq clausrfoverbeck de) Advisory: Pico Server (pServ) Information Disclosure Of CGI Sources RedTeam found a Information Disclosure vulnerability in Pico Server (pServ) which gives an attacker the ability to read all files from cgi-bin. Details ======= Product: Pico Server (pServ) Affected Version: 3.2(verified), <= [ more ] [ reply ] [ GLSA 200505-11 ] Mozilla Suite, Mozilla Firefox: Remote compromise 2005-05-15 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [FLSA-2005:152871] Updated nfs-utils package fixes security issue 2005-05-13 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2005:152856] Updated sudo packages fix security issue 2005-05-13 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2005:152912] Updated imap packages fix security issues 2005-05-13 Marc Deslauriers (marcdeslauriers videotron ca) MDKSA-2005:088 - Updated mozilla packages fix multiple vulnerabilities 2005-05-13 Mandriva Security Team (security mandriva com) [FLSA-2005:152804] Updated openmotif packages fix image vulnerability 2005-05-13 Marc Deslauriers (marcdeslauriers videotron ca) Skull-Splitter's Guestbook Multiple XXS/HTML injection 2005-05-14 Morinex Eneco (m0r1n3x gmail com) # Skull-Splitter's Guestbook Multiple XXS/HTML injection # e-mail : morinex[at]marocmafia com # date : 14-05-2k5 # shoutz : w00pie.nl -Tested Localhost , skull-splitter.net. >Target : Skull-Splitter's Guestbook >Vulnerable Versions: Guestbook 1.0, 2.0 & 2.2 >URL : hhttp://www.skull-splitter [ more ] [ reply ] |
|
Privacy Statement |
Ubuntu Security Notice USN-128-1 May 17, 2005
nasm vulnerability
CAN-2005-1194
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5
[ more ] [ reply ]