 |
|
24.03.2006 Detailed |
| 9! | Sendmail mail server race conditions updated since 22.03.2006
|  | | Race conditions on signals processing with setjmp/longjmp allow remote code execution. |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
|  | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| NetHack, Slash'EM, Falcon's Eye games privilege escalation
|  | | User from games group can modify game data to cause code execution if game is executed by another user. |
|
| Gnome Screensaver protection bypass
|  | | It's possible to kill screensaver with hotkey combination if server is running with AllowDeactivateGrabs and AllowClosedownGrabs option set. |
|
15.03.2006 Detailed |
| 8! | Microsoft Office multiple vulnerabilities
|  | | Multiple Microsoft Excel memory corruptions, all office products, including Outlook buffer overflows. |
6! | Adobe Document Server / Adobe Graphics Server directory traversal
|  | | AlterCast (TCP/8019) service allows to upload, download and execute any suste, file. |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
|  | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| |
|
13.03.2006 Detailed |
| 6! | Ubuntu Linux information leak
|  | | Installation log contains username/password of first system user. |
| Multiple Dwarf HTTP Server vulnerabilities
|  | | Crossite scripting, scripts source code disclosure. |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
|  | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
|
| Cisco PIX TCP connection DoS updated since 22.11.2005
|  | | Packets from the same hosts are blocked for few minutes if packet with invalid checksum, or with 1 byte data or of predefined TTL is received. |
| | |
05.03.2006 Detailed |
| 7! | L-Soft Listserv list management system web interface code execution | | | |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
|  | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| AVG antivirus weak file permissions
|  | | Everyone:Full Control permission is set for files, including drivers, after update. |
|
02.03.2006 Detailed |
| | Multipl NCP Secure Communications VPN / PKI client security vulnerabilities
|  | | Local buffer overflows and privilege escalations, remote DoS. |
| Evolution mail agent DoS
|  | | Large plain text message with large number of URL causes application to hang. |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
|  | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| |
|
| FreeBSD bfsd DoS updated since 28.02.2006
|  | | Malcrafted NFS bind request to TCP/2049 causes kernel panic. |
|
|
|
|
|
|
|
|