Secunia
[SA15579] Conectiva update for php4
Critical: Highly critical
Where: From remote
Impact: Unknown, DoS, System access
Released: 2005-06-01
Conectiva has issued an update for php4. This fixes some
vulnerabilities, where some have an unknown impact and others can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15579/
[SA15529] Gentoo update for mailutils
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-05-27
Gentoo has issued an update for mailutils. This fixes some
vulnerabilities, which can be exploited to cause a DoS (Denial of
Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15529/
[SA15528] Ubuntu update for mozilla-firefox
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, System access
Released: 2005-05-27
Ubuntu has issued an update for mozilla-firefox. This fixes two
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/15528/
[SA15574] Red Hat update for gnutls
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-06-01
Red Hat has issued an update for gnutls. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).
Full Advisory:
http://secunia.com/advisories/15574/
[SA15523] NewLife Blogger Unspecified SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-30
Some vulnerabilities have been reported in NewLife Blogger, which can
be exploited to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15523/
[SA15514] SGI IRIX update for telnet
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-05-26
SGI has issued an update for telnet. This fixes two vulnerabilities,
which can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/15514/
[SA15513] Red Hat update for imagemagick
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-05-26
Red Hat has issued an update for imagemagick. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise a user's system.
Full Advisory:
http://secunia.com/advisories/15513/
[SA15576] Red Hat update for postgresql
Critical: Moderately critical
Where: From local network
Impact: Unknown, Privilege escalation, DoS
Released: 2005-06-02
Red Hat has released an update for postgresql. This fixes two
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service) or potentially gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15576/
[SA15570] Mandriva update for postgresql
Critical: Moderately critical
Where: From local network
Impact: Unknown, Privilege escalation, DoS
Released: 2005-06-02
Mandriva has issued an update for postgresql. This fixes two
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service) or potentially gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15570/
[SA15525] HP-UX Unspecified Security Bypass Vulnerability
Critical: Moderately critical
Where: From local network
Impact: Security Bypass
Released: 2005-05-27
A vulnerability has been reported in HP-UX, which potentially can be
exploited by malicious people to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/15525/
[SA15578] Conectiva update for gftp
Critical: Less critical
Where: From remote
Impact: Security Bypass, Manipulation of data
Released: 2005-06-01
Conectiva has issued an update for gftp. This fixes a vulnerability,
which can be exploited by malicious people to conduct directory
traversal attacks.
Full Advisory:
http://secunia.com/advisories/15578/
[SA15533] qmail Memory Corruption Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS, System access
Released: 2005-05-31
Georgi Guninski has reported a vulnerability in qmail, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15533/
[SA15526] HP-UX ICMP Message Handling Denial of Service
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-05-27
HP has acknowledged a vulnerability in HP-UX, which can be exploited by
malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/15526/
[SA15577] Red Hat update for openssl
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information, Privilege escalation
Released: 2005-06-02
Red Hat has issued an update for openssl. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of sensitive information or perform certain actions with
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15577/
[SA15575] Trustix update for binutils
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-06-01
Trustix has issued an update for binutils. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15575/
[SA15554] Mandriva update for gdb
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-31
Mandriva has issued an update for gdb. This fixes two vulnerabilities,
which potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15554/
[SA15544] Fast n Furious DtDNS Updater Command Line Argument Disclosure
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2005-05-30
A security issue has been reported in Fast n Furious DtDNS Updater,
which may disclose sensitive information to malicious, local users.
Full Advisory:
http://secunia.com/advisories/15544/
[SA15527] Ubuntu update for binutils/binutils-multiarch
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-27
Ubuntu has issued updates for binutils and binutils-multiarch. These
fix a vulnerability, which potentially can be exploited by malicious,
local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15527/
[SA15524] Ubuntu update for gdb
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-27
Ubuntu has issued an update for gdb. This fixes two vulnerabilities,
which potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15524/
[SA15512] Red Hat update for kernel
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information, Privilege escalation,
Security Bypass
Released: 2005-05-26
Red Hat has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of potentially sensitive information and gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/15512/
[SA15530] Fedora update for imagemagick
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-05-27
Fedora has issued an update for imagemagick. This fixes a weakness,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/15530/
[SA15542] Clam AntiVirus on Mac OS X Privilege Escalation Vulnerability
Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-30
Tim Morgan and Kevin Amorin have reported a vulnerability in Clam
AntiVirus, which potentially can be exploited by malicious, local users
to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15542/
[SA15537] PowerDownload "incdir" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-31
SoulBlack Security Research has discovered a vulnerability in
PowerDownload, which can be exploited by malicious people to compromise
a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15537/
[SA15536] PeerCast URL Format String Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-30
James Bercegay has reported a vulnerability in PeerCast, which
potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/15536/
[SA15519] C'Nedra "READ_TCP_STRING()" Buffer Overflow Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-27
Luigi Auriemma has reported a vulnerability in C'Nedra, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15519/
[SA15510] PHP Poll Creator "relativer_pfad" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-26
rash ilusion has reported a vulnerability in PHP Poll Creator, which
can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/15510/
[SA15569] Calendarix Advanced SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-06-01
DarkBicho has discovered some vulnerabilities in Calendarix Advanced,
which can be exploited by malicious people to conduct SQL injection
attacks.
Full Advisory:
http://secunia.com/advisories/15569/
[SA15558] I-Man File Attachments Upload Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-06-01
A vulnerability has been reported in I-Man, which can be exploited by
malicious users to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15558/
[SA15555] Qualiteam X-Cart Gold SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-31
Censored has reported some vulnerabilities in Qualiteam X-Cart Gold,
which can be exploited by malicious people to conduct SQL injection
attacks.
Full Advisory:
http://secunia.com/advisories/15555/
[SA15552] MyBulletinBoard Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2005-05-31
Some vulnerabilities have been reported in MyBulletinBoard (MyBB),
which can be exploited by malicious people to conduct cross-site
scripting, script insertion and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15552/
[SA15550] ezUserManager Script Insertion and SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2005-06-01
Some vulnerabilities have been reported in ezUserManager, which can be
exploited by malicious people to conduct script insertion and SQL
injection attacks.
Full Advisory:
http://secunia.com/advisories/15550/
[SA15538] FreeStyle Wiki Attachments Script Insertion Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-31
A vulnerability has been reported in FreeStyle Wiki and FSWikiLite,
which can be exploited by malicious people to conduct script insertion
attacks.
Full Advisory:
http://secunia.com/advisories/15538/
[SA15535] Ettercap "curses_msg()" Format String Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-05-31
A vulnerability has been reported in Ettercap, which can be exploited
by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15535/
[SA15534] phpThumb() "src" Exposure of Sensitive Information
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-06-02
A vulnerability has been reported in phpThumb(), which can be exploited
by malicious people to disclose sensitive information.
Full Advisory:
http://secunia.com/advisories/15534/
[SA15532] NPDS Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2005-05-30
NoSP and Romano has reported some vulnerabilities in NPDS, which can be
exploited by malicious people to conduct cross-site scripting, script
insertion and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15532/
[SA15521] Hosting Controller "UserProfile.asp" Authentication Bypass
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2005-05-31
A vulnerability has been reported in Hosting Controller, which can be
exploited by malicious people to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/15521/
[SA15517] WordPress "cat_ID" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-30
A vulnerability has been reported in WordPress, which can be exploited
by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15517/
[SA15516] PHPstat "check" Authentication Bypass Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2005-05-27
SoulBlack Security Research has discovered a vulnerability in PHPstat,
which can be exploited by malicious people to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/15516/
[SA15562] Symantec Brightmail AntiSpam Static Database Password
Critical: Moderately critical
Where: From local network
Impact: Security Bypass
Released: 2005-06-01
A security issue has been reported in Symantec Brightmail AntiSpam,
which can be exploited by malicious people to bypass security
restrictions.
Full Advisory:
http://secunia.com/advisories/15562/
[SA15547] Jaws "term" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-30
Paulino Calderon has reported a vulnerability in Jaws, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/15547/
[SA15543] PHPMailer "Data()" Denial of Service Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-05-31
Mariano Nuņez Di Croce has reported a vulnerability in PHPMailer, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/15543/
[SA15518] NikoSoft WebMail Unspecified Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-30
A vulnerability has been reported in NikoSoft WebMail, which
potentially can be exploited by malicious people to conduct cross-site
scripting attacks.
Full Advisory:
http://secunia.com/advisories/15518/
[SA15545] Invision Power Board Privilege Escalation Vulnerability
Critical: Not critical
Where: From remote
Impact: Privilege escalation
Released: 2005-05-30
Rapigator has reported a vulnerability in Invision Power Board, which
can be exploited by malicious users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15545/