Novell GroupWise unauthorized access
Published:		30.06.2006
Source:		BUGTRAQ
SecurityVulns ID:		6321
Type:		remote
Level:		6/10
Description:		Windows Client API allows non-authorized email access within the same authenticated post office.

Affected:		NOVELL : GroupWise 6.0
		NOVELL : GroupWise 6.5
		NOVELL : GroupWise 7

Original document

NOVELL, Novell Security Announcement NOVELL-SA:2006:001 (30.06.2006)

Discuss:

Read or add your comments to this news (0 comments)

MacOS X launchd formatstring vulnerabilitiy
Published:		30.06.2006
Source:		BUGTRAQ
SecurityVulns ID:		6323
Type:		local
Level:		7/10
Description:		Format string vulnerability on syslog() call.

Affected:

APPLE : Mac OS X 10.4

Original document

Kevin Finisterre, DMA[2006-0628a] - 'Apple OSX launchd unformatted syslog() vulnerability' (30.06.2006)

Files:		Apple OSX launchd unformatted syslog() vulnerability exploit
Discuss:		Read or add your comments to this news (0 comments)

mutt mail agent buffer overflow
Published:		30.06.2006
Source:		BUGTRAQ
SecurityVulns ID:		6318
Type:		client
Level:		5/10
Description:		Buffer overflow on parsing IMAP server reply.

Affected:

MUTT : Mutt 1.5

Original document

GENTOO, [ GLSA 200606-27 ] Mutt: Buffer overflow (30.06.2006)

Discuss:

Read or add your comments to this news (0 comments)

PatchLink Update Server / Novell ZenWorks multiple security vulnerabilities
Published:		30.06.2006
Source:		BUGTRAQ
SecurityVulns ID:		6325
Type:		remote
Level:		6/10
Description:		SQL injections, unauthorized access.

Affected:		NOVELL : PatchLink Update Server 6.2
		NOVELL : PatchLink Update Server 6.1
		NOVELL : ZENworks Patch Management 6.2

Original document

Chris Steipp, Multiple Vulnerabilities in PatchLink Update Server 6 (30.06.2006)

Discuss:

Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 30.06.2006
Published:		30.06.2006
Source:
SecurityVulns ID:		6319
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		NUKEDKLAN : Nuked-Klan 1.7
		MYBB : MyBB 1.1
		PHPRAID : phpRaid 3.0
		AZDG : AzDGDatingPlatinum 1.1
		NUKEDKLANSOFTBIZ : Softbiz Banner Exchange Network 1.0

Original document		SECUNIA, Secunia Research: phpRaid SQL Injection and File Inclusion Vulnerabilities (30.06.2006)
		securityconnection_(at)_gmail.com, Softbiz Banner Exchange 1.0 XSS (30.06.2006)
		luny_(at)_youfucktard.com, CSRF in Nuked Klan 1.7 SP4.2 (30.06.2006)
		luny_(at)_youfucktard.com, PHPClassifieds General (30.06.2006)
		imei, [KAPDA]http://myimei.com/security/2006-06-24/mybb104archive-modelight-parameter-extractionvarable-overwriting.html (30.06.2006)
		botan_(at)_linuxmail.org, PHP iCalendar Cross Site Scripting (30.06.2006)
		CrAzY.CrAcKeR_(at)_hotmail.com, AzDGDatingPlatinum<<--v1.1.0 "view.php" SQL Injection (30.06.2006)

Discuss:

Read or add your comments to this news (0 comments)

lipbng buffer overflow
Published:		30.06.2006
Source:		BUGTRAQ
SecurityVulns ID:		6320
Type:		library
Level:		6/10

Affected:

libpng : libpng 1.2

Original document

OPENPKG, [OpenPKG-SA-2006.011] OpenPKG Security Advisory (png) (30.06.2006)

Discuss:

Read or add your comments to this news (0 comments)

Cisco wireless access points unauthorized access
Published:		30.06.2006
Source:		BUGTRAQ
SecurityVulns ID:		6322
Type:		remote
Level:		6/10
Description:		It's possible reset access point security settings to defaults.

Affected:		CISCO : Cisco 1200
		CISCO : Cisco 1240
		CISCO : Cisco 350
		CISCO : Cisco 1100
		CISCO : Cisco 1130
		CISCO : Cisco 1310
		CISCO : Cisco 1410

Original document

CISCO, Cisco Security Advisory: Access Point Web-Browser Interface Vulnerability (30.06.2006)

Discuss:

Read or add your comments to this news (0 comments)

Siemens Speedstream wireless routers unauthorized access
Published:		30.06.2006
Source:		BUGTRAQ
SecurityVulns ID:		6324
Type:		remote
Level:		5/10
Description:		UPnP unauthorized access.

Affected:

SIEMENS : Speedstream 2624

Original document

info_(at)_digitalarmaments.com, Digital Armaments Security Advisory 29.06.2006: Siemens Speedstream Wireless Router Password Protection Bypass Vulnerability (30.06.2006)

Discuss:

Read or add your comments to this news (0 comments)

Multiple OpenOffice security vulnerabilities
Published:		30.06.2006
Source:		FULL-DISCLOSURE
SecurityVulns ID:		6327
Type:		client
Level:		8/10
Description:		BASIC macro auto launch without user intercation, Java applet sandbox protection bypass, XML parsing buffer overflow.

Affected:

OPENOFFICE : OpenOffice 1.1

Original document

DEBIAN, [Full-disclosure] [SECURITY] [DSA 1104-1] New OpenOffice.org packages fix several vulnerabilities (30.06.2006)

Discuss:

Read or add your comments to this news (0 comments)

Asterisk IAX2 VoIP PBX and multiple IAX clients DoS updated since 07.06.2006
Published:		30.06.2006
Source:		BUGTRAQ
SecurityVulns ID:		6225
Type:		remote
Level:		5/10
Description:		DoS on IAX2 channel processing.

Affected:		ASTERISK : Asterisk 1.2
		KIAX : kiax 0.8

Original document		DEBIAN, [Full-disclosure] [ GLSA 200606-30 ] Kiax: Arbitrary code execution (30.06.2006)
		CORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2006-0327: IAXclient truncated frames vulnerabilities (10.06.2006)
		CORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2006-0330: Asterisk PBX truncated video frame vulnerability (10.06.2006)
		Matt Riddell (IT), Asterisk 1.2.9 and Asterisk 1.0.11 Released - Security Fix (07.06.2006)

Discuss:

Read or add your comments to this news (0 comments)

Apple OpenDirectory DoS
Published:		30.06.2006
Source:		FULL-DISCLOSURE
SecurityVulns ID:		6326
Type:		remote
Level:		5/10
Description:		slapd assert() on malformed bind request.

Affected:

APPLE : Mac OS X 10.4

Original document

noreply_(at)_musecurity.com, [Full-disclosure] [MU-200606-02] Apple Open Directory Pre-Authentication Denial of Service (30.06.2006)

Discuss:

Read or add your comments to this news (0 comments)