Section: .. / 0608-advisories /
| /// File Name: |
AD20060808.txt |
Description:
|
A vulnerability Microsoft Powerpoint allows remote attackers to execute arbitrary code in the context of the logged in user. An array boundary condition may be violated by a malicious .PPT file in order to redirect execution into attacker-supplied data. Exploitation requires that the attacker coerce or persuade the victim to open a malicious .PPT file.
| | Author: | Sowhat | | Homepage: | http://www.nevisnetworks.com/ | | File Size: | 3066 | | Related CVE(s): | CVE-2006-3449 | | Last Modified: | Aug 18 02:24:48 2006 |
| MD5 Checksum: | 6b059b804c16dc79c26bb096e7389989 |
|
| /// File Name: |
adv06-chaosgb.txt |
Description:
|
GaesteChaos versions 0.2 and below suffer from SQL injection and cross site scripting vulnerabilities.
| | Author: | Tamriel | | File Size: | 1333 | | Last Modified: | Aug 17 05:09:47 2006 |
| MD5 Checksum: | 212e3fe99d5b78073086556f5b6bb59f |
|
| /// File Name: |
adv07-chaoscount.txt |
Description:
|
CounterChaos versions 0.48c and below suffer from a SQL injection vulnerability.
| | Author: | Tamriel | | File Size: | 1174 | | Last Modified: | Aug 17 05:10:32 2006 |
| MD5 Checksum: | 2533d87d831531572d45c45c6f586087 |
|
| /// File Name: |
adv08-chaosgh.txt |
Description:
|
GeheimChaos versions 0.5 and below suffer from multiple SQL injection vulnerabilities.
| | Author: | Tamriel | | File Size: | 3204 | | Last Modified: | Aug 17 05:08:37 2006 |
| MD5 Checksum: | 41da18e9c1f9e6482333aa3b7e45959d |
|
| /// File Name: |
advisory-407.txt |
Description:
|
Joomla! CMS versions 1.0.10 suffers from a logic weakness that allows voting without restrictions.
| | Author: | trueend5 | | Homepage: | http://www.kapda.ir/ | | File Size: | 1332 | | Last Modified: | Aug 27 15:27:05 2006 |
| MD5 Checksum: | d0679238d8f16456dc4db5516b430bc5 |
|
| /// File Name: |
alsapbof.txt |
Description:
|
AlsaPlayer versions 0.99.76 and below suffer from multiple buffer overflows.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org | | Related Exploit: | alsapbof.zip | | File Size: | 4659 | | Last Modified: | Aug 26 21:00:13 2006 |
| MD5 Checksum: | 3951f0c4008697e8598b567265934fbc |
|
| /// File Name: |
apacheRewrite.txt |
Description:
|
An off-by-one flaw exists in the Rewrite module, mod_rewrite, as shipped with Apache 1.3 since 1.3.28, 2.0 since 2.0.46, and 2.2 since 2.2.0.
| | Homepage: | http://www.apache.org | | File Size: | 4339 | | Related CVE(s): | CVE-2006-3747 | | Last Modified: | Aug 3 00:52:29 2006 |
| MD5 Checksum: | 453afd5a9140b8331824e3923dd5ea53 |
|
| /// File Name: |
arch.txt |
Description:
|
Archangel Weblog versions 0.90.02 and below suffer from html injection flaws.
| | Homepage: | http://www.darkend.org/ | | File Size: | 647 | | Last Modified: | Aug 18 02:00:39 2006 |
| MD5 Checksum: | 99b34f70fdb588a210de89755410c25c |
|
| /// File Name: |
bloghoster.txt |
Description:
|
BlogHoster version 2.2 suffers from a HTML injection flaw.
| | Homepage: | http://www.darkend.org/ | | File Size: | 585 | | Last Modified: | Aug 18 02:32:31 2006 |
| MD5 Checksum: | 8f71c06ff3dd166c415b5e6023e2106e |
|
| /// File Name: |
blur6ex03.txt |
Description:
|
blur6ex version 0.3 suffers from a HTML injection flaw.
| | Homepage: | http://www.darkend.org | | File Size: | 673 | | Last Modified: | Aug 18 00:48:10 2006 |
| MD5 Checksum: | e3117af1dd6a66903c6c92f9a52daf2e |
|
| /// File Name: |
brainzbof.txt |
Description:
|
libmusicbrainz versions 2.1.2 and below and versions SVN 8406 and below suffer from multiple buffer overflows.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org | | Related Exploit: | brainzbof.zip | | File Size: | 4146 | | Last Modified: | Aug 26 23:10:32 2006 |
| MD5 Checksum: | fd048f832137cc0a65069cfa4e7819fc |
|
| /// File Name: |
c051114-001.txt |
Description:
|
Corsaire Security Advisory - The VMware ESX Server product will allow a remote attacker to set arbitrary passwords for users under certain conditions.
| | Author: | Stephen de Vries | | File Size: | 5263 | | Related CVE(s): | CVE-2005-3618 | | Last Modified: | Aug 17 01:33:48 2006 |
| MD5 Checksum: | 0824b767d0e492cb5f8143124d58dfc1 |
|
| /// File Name: |
c051114-003.txt |
Description:
|
Corsaire Security Advisory - The VMware ESX Server product will allow a local attacker to read users' (including root's) passwords under certain conditions.
| | Author: | Stephen de Vries | | File Size: | 3990 | | Related CVE(s): | CVE-2005-3620 | | Last Modified: | Aug 17 01:34:55 2006 |
| MD5 Checksum: | f313bf44df34ab80460c041e8be230d4 |
|
| /// File Name: |
c060512-001.txt |
Description:
|
Corsaire Security Advisory - The VMware ESX Server product will allow a local attacker to gain access to users' (including root's) passwords under certain conditions via a cookie issue.
| | Author: | Stephen de Vries | | File Size: | 3518 | | Related CVE(s): | CVE-2006-2481 | | Last Modified: | Aug 17 01:36:04 2006 |
| MD5 Checksum: | 8ae411a5eeb8a8178427729f1472b53d |
|
| /// File Name: |
CAID-34509.txt |
Description:
|
CAID 34509 - CA eTrust Antivirus WebScan versions 1.1.0.1047 and below are susceptible to arbitrary code execution flaws.
| | Author: | Ken Williams | | Homepage: | http://ca.com/ | | File Size: | 4172 | | Last Modified: | Aug 17 23:40:24 2006 |
| MD5 Checksum: | 567e78dd512f3c4337f7f492afd501da |
|
| /// File Name: |
cgiDisclose.txt |
Description:
|
A CGI script source disclosure flaw exists for Apache version 2.2.2 on Windows.
| | Author: | Susam Pal | | Homepage: | http://susampal.blogspot.com/ | | File Size: | 4583 | | Last Modified: | Aug 26 20:32:52 2006 |
| MD5 Checksum: | 145c95696dbc34d7cfc103b8a21ec363 |
|
| /// File Name: |
cisco-sa-20060823-firewall.txt |
Description:
|
Cisco Security Advisory - Certain versions of the software for the Cisco PIX 500 Series Security Appliances, the Cisco ASA 5500 Series Adaptive Security Appliances (ASA), and the Firewall Services Module (FWSM) are affected by a software bug that may cause the EXEC password, passwords of locally defined usernames, and the enable password in the startup configuration to be changed without user intervention. Unauthorized users can take advantage of this bug to try to gain access to a device that has been reloaded after passwords in its startup configuration have been changed. In addition, authorized users can be locked out and lose the ability to manage the affected device.
| | Homepage: | http://www.cisco.com | | File Size: | 17734 | | Last Modified: | Aug 27 19:57:20 2006 |
| MD5 Checksum: | b63295e8ec69d97fdaa4140ffa0564bc |
|
| /// File Name: |
cisco-sa-20060823-vpn3k.txt |
Description:
|
Cisco Security Advisory - The Cisco VPN 3000 series concentrators are affected by two vulnerabilities when file management via File Transfer Protocol (FTP) is enabled that could allow authenticated or unauthenticated attackers to execute certain FTP commands and delete files on the concentrator.
| | Homepage: | http://www.cisco.com | | File Size: | 20380 | | Last Modified: | Aug 27 19:56:41 2006 |
| MD5 Checksum: | 6c366e24e3668602419ef2d97ed6e62d |
|
| /// File Name: |
cisco-sa-20060920-docsis.txt |
Description:
|
Cisco Security Advisory ID cisco-sa-20060920-docsis: DOCSIS Read-Write Community String Enabled in Non-DOCSIS Platforms
| | Homepage: | http://www.cisco.com | | File Size: | 25600 | | Last Modified: | Oct 2 17:44:53 2006 |
| MD5 Checksum: | 6c7da4015bbee346b3c919cf291b80a0 |
|
| /// File Name: |
cisco-sa-20060920-guardxss.txt |
Description:
|
Cisco Security Advisory ID: cisco-sa-20060920-guardxss: Cisco Guard Enables Cross Site Scripting
| | Homepage: | http://www.cisco.com | | File Size: | 14621 | | Last Modified: | Oct 2 17:43:35 2006 |
| MD5 Checksum: | 8fa84997626e97f91d92bdcaa82deb4b |
|
| /// File Name: |
cisco-sa-20060920-ips.txt |
Description:
|
Cisco Security Advisory ID cisco-sa-20060920-ips: Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities
| | Homepage: | http://www.cisco.com | | File Size: | 14306 | | Last Modified: | Oct 2 17:44:12 2006 |
| MD5 Checksum: | e5a58a6b7fbbf2328e94cb63399b3610 |
|
| /// File Name: |
ciscoNAC.txt |
Description:
|
The Cisco NAC appliance (formerly Cisco Clean Access) versions 3.6.4.1 and below suffer from an agent installation bypass vulnerability.
| | Author: | Andreas Gal, Joachim Feise | | Homepage: | http://www.andreasgal.com/ | | File Size: | 1949 | | Last Modified: | Aug 28 01:19:16 2006 |
| MD5 Checksum: | 8b5a155e79f4f94be717183e6022d671 |
|
| /// File Name: |
clamav_upx_heap.txt |
Description:
|
Remote exploitation of a heap overflow vulnerability in ClamAV versions below 0.88.4 could allow execution of arbitrary code or cause a denial of service.
| | Author: | Damian Put | | Homepage: | http://www.overflow.pl/ | | File Size: | 3067 | | Last Modified: | Aug 26 20:39:13 2006 |
| MD5 Checksum: | 39cdda45a4ece3067080a595993d5936 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
