Section: .. / 0610-advisories /
| /// File Name: |
CS-Forum0.82.txt |
Description:
|
CS-Forum 0.82 suffers from a remote file inclusion vulnerability in ajouter.php.
| | Author: | Mahmood_ali | | File Size: | 833 | | Last Modified: | Oct 20 20:16:53 2006 |
| MD5 Checksum: | c5d4d30e5be90d4edc49a88bc8058797 |
|
| /// File Name: |
DanPHPSupport-0.5.txt |
Description:
|
DanPHPSupport version 0.5 and prior suffer from several cross site scripting vulnerabilities.
| | Author: | You_You | | File Size: | 347 | | Last Modified: | Oct 3 19:20:31 2006 |
| MD5 Checksum: | 37feeed04811951e2fc7895cd99690d8 |
|
| /// File Name: |
DD-WRT-firmware.txt |
Description:
|
Any router running DD-WRT only checks the first 8 characters of a users password. The DD-WRT firmware is used in many Linksys routers.
| | Author: | jfcastilho | | File Size: | 1650 | | Last Modified: | Oct 30 17:04:56 2006 |
| MD5 Checksum: | b7f0574d4ad47d04430187677d1d2edd |
|
| /// File Name: |
digishopv4.0.0.txt |
Description:
|
digishop v 4.0.0 suffers from a cross site scripting vulnerability
| | Author: | meto5757 | | File Size: | 338 | | Last Modified: | Oct 4 17:01:26 2006 |
| MD5 Checksum: | dc902eb77f085ce951349e1c80af12e8 |
|
| /// File Name: |
Dr.Web4.33.txt |
Description:
|
Dr.Web 4.33 antivirus LHA long directory name heap overflow: When building a special LHA archive with a long directory name in an extended directory header, a fixed size buffer on the heap is overflowed. When processing this malicious archive, it is then possible to make Dr.Web run arbitrary code by overwriting some internal malloc management informations.
| | Author: | Jean-Sebastien Guay-Leroux | | File Size: | 9023 | | Last Modified: | Oct 4 18:18:41 2006 |
| MD5 Checksum: | b25747f8e08fa99b7c064bca93e4d788 |
|
| /// File Name: |
DRUPAL-SA-2006-024.txt |
Description:
|
Drupal security advisory - DRUPAL-SA-2006-024: Multiple XSS (cross site scripting) vulnerabilities have been discovered.
| | Author: | Uwe Hermann | | Homepage: | http://drupal.org/security | | File Size: | 2587 | | Last Modified: | Oct 20 21:00:36 2006 |
| MD5 Checksum: | de0edab9e8d4561d53f094f8bb06a43b |
|
| /// File Name: |
DRUPAL-SA-2006-025.txt |
Description:
|
Drupal security advisory DRUPAL-SA-2006-025: Visiting a specially crafted page, anywhere on the web, may allow that page to post forms to a Drupal site in the context of the visitor's session. To illustrate; suppose one has an active user 1 session, the most powerful administrator account for a site, to a Drupal site while visiting a website created by an attacker. This website will now be able to submit any form to the Drupal site with the privileges of user 1, either by enticing the user to submit a form or by automated means. An attacker can exploit this vulnerability by changing passwords, posting PHP code or creating new users, for example. The attack is only limited by the privileges of the session it executes in.
| | Author: | Uwe Hermann | | Homepage: | http://drupal.org/security | | File Size: | 3255 | | Last Modified: | Oct 20 21:00:07 2006 |
| MD5 Checksum: | 539e9d2f863163f22bcfc61d2c1865d5 |
|
| /// File Name: |
DRUPAL-SA-2006-026.txt |
Description:
|
Drupal security advisory DRUPAL-SA-2006-026: A malicious user may entice users to visit a specially crafted URL that may result in the redirection of Drupal form submission to a third-party site. A user visiting the user registration page via such a url, for example, will submit all data, such as his/her e-mail address, but also possible private profile data, to a third-party site.
| | Author: | Uwe Hermann | | Homepage: | http://drupal.org/security | | File Size: | 1950 | | Last Modified: | Oct 20 20:59:22 2006 |
| MD5 Checksum: | 9a6aef62ad38a0e2a25cb7cfd9d39d92 |
|
| /// File Name: |
dsa-1166-2.txt |
Description:
|
Debian Security Advisory 1166-2: This update to DSA-1166 adds the architectures which were missing from the previous advisory.
| | Homepage: | http://www.debian.org/security | | File Size: | 2776 | | Last Modified: | Oct 17 17:56:36 2006 |
| MD5 Checksum: | e4b65091f2f66dbfbb243bcda6421619 |
|
| /// File Name: |
dsa-1185-1.txt |
Description:
|
Debian Security Advisory 1185-1: Multiple vulnerabilities have been discovered in the OpenSSL cryptographic software package that could allow an attacker to launch a denial of service attack by exhausting system resources or crashing processes on a victim's computer.
| | Homepage: | http://www.debian.org/security | | File Size: | 10674 | | Last Modified: | Oct 3 21:17:46 2006 |
| MD5 Checksum: | f0978f2b0f4fab912e0be5326a2a92ce |
|
| /// File Name: |
dsa-1185-2.txt |
Description:
|
Debian Security Advisory 1185-2: The fix used to correct CVE-2006-2940 introduced code that could lead to the use of uninitialized memory. Such use is likely to cause the application using the openssl library to crash, and has the potential to allow an attacker to cause the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 9184 | | Last Modified: | Oct 3 21:18:06 2006 |
| MD5 Checksum: | 5a95e10f43762da9ca309bc9519403a7 |
|
| /// File Name: |
dsa-1186-1.txt |
Description:
|
Debian Security Advisory 1186-1: Will Drewry of the Google Security Team discovered several buffer overflows in cscope, a source browsing tool, which might lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 5080 | | Last Modified: | Oct 3 21:17:52 2006 |
| MD5 Checksum: | 5f7c91d5119f028c9e5007004afb28ca |
|
| /// File Name: |
dsa-1187-1.txt |
Description:
|
Debian Security Advisory 1187-1: Jason Hoover discovered that migrationtools, a collection of scripts to migrate user data to LDAP creates several temporary files insecurely, which might lead to denial of service through a symlink attack.
| | Homepage: | http://www.debian.org/security | | File Size: | 3133 | | Last Modified: | Oct 3 21:17:59 2006 |
| MD5 Checksum: | fa1391880f06fc4c5a1d270fdb18f6f5 |
|
| /// File Name: |
dsa-1188-1.txt |
Description:
|
Debian Security Advisory 1188-1: Several security related problems have been discovered in mailman, the web-based GNU mailing list manager. The Common Vulnerabilities and Exposures project identifies the following problems:
| | Homepage: | http://www.debian.org/security | | File Size: | 5217 | | Last Modified: | Oct 4 18:41:32 2006 |
| MD5 Checksum: | 42681144b4686814b6fb8809a7efab92 |
|
| /// File Name: |
dsa-1189-1.txt |
Description:
|
Debian Security Advisory 1189-1: Several remote vulnerabilities have been discovered in OpenSSH, a free implementation of the Secure Shell protocol, which may lead to denial of service and potentially the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 5954 | | Last Modified: | Oct 4 18:41:02 2006 |
| MD5 Checksum: | bb7b670f7e0f389a4aaa19832a017e45 |
|
| /// File Name: |
dsa-1190-1.txt |
Description:
|
Debian Security Advisory 1190-1: Oliver Karow discovered that the WebDBM frontend of the MaxDB database performs insufficient sanitising of requests passed to it, which might lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 12418 | | Last Modified: | Oct 4 18:41:06 2006 |
| MD5 Checksum: | 0f46b891b22dc1909d2e65d0d2093836 |
|
| /// File Name: |
dsa-1193-1.txt |
Description:
|
Debian Security Advisory 1193-1: Several vulnerabilities have been discovered in the X Window System, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems:
| | Homepage: | http://www.debian.org/security | | File Size: | 172246 | | Last Modified: | Oct 13 19:14:45 2006 |
| MD5 Checksum: | 4798de6fd508f850d0c136e8c4542072 |
|
| /// File Name: |
dsa-1194-1.txt |
Description:
|
Debian Security Advisory 1194-1: It was discovered that an integer overflow in libwmf, the library to read Windows Metafile Format files, can be exploited to execute arbitrary code if a crafted WMF file is parsed.
| | Homepage: | http://www.debian.org/security | | File Size: | 9156 | | Last Modified: | Oct 13 19:14:51 2006 |
| MD5 Checksum: | 00448fcd141c6ca919df0dded2b13540 |
|
| /// File Name: |
dsa-1195-1.txt |
Description:
|
Debian Security Advisory 1195-1: Multiple vulnerabilities have been discovered in the OpenSSL cryptographic software package that could allow an attacker to launch a denial of service attack by exhausting system resources or crashing processes on a victim's computer.
| | Homepage: | http://www.debian.org/security | | File Size: | 6387 | | Last Modified: | Oct 13 19:14:33 2006 |
| MD5 Checksum: | 9d97f867d66470016fdc3fe9fc0a39f1 |
|
| /// File Name: |
dsa-1196-1.txt |
Description:
|
Debian Security Advisory 1196-1: Several remote vulnerabilities have been discovered in the ClamAV malware scan engine, which may lead to the execution of arbitrary code
| | Homepage: | http://www.debian.org/security | | File Size: | 14723 | | Last Modified: | Oct 24 14:57:41 2006 |
| MD5 Checksum: | ed9b1613efa072125727f58e534978b0 |
|
| /// File Name: |
dsa-1197-1.txt |
Description:
|
Debian Security Advisory 1197-1: Benjamin C. Wiley Sittler discovered that the repr() of the Python interpreter allocates insufficient memory when parsing UCS-4 Unicode strings, which might lead to execution of arbitrary code through a buffer overflow.
| | Homepage: | http://www.debian.org/security | | File Size: | 12977 | | Last Modified: | Oct 25 17:38:40 2006 |
| MD5 Checksum: | 435754dcb8ea4344d74bc051e4820ff7 |
|
| /// File Name: |
dsa-1198-1.txt |
Description:
|
Debian Security Advisory 1198-1: Benjamin C. Wiley Sittler discovered that the repr() of the Python interpreter allocates insufficient memory when parsing UCS-4 Unicode strings, which might lead to execution of arbitrary code through a buffer overflow.
| | Homepage: | http://www.debian.org/security | | File Size: | 12137 | | Last Modified: | Oct 25 17:38:50 2006 |
| MD5 Checksum: | 571cdf6804fe50476ac4a65e6286e5b6 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
