Ubuntu 5.04 : mozilla-firefox regressions (USN-149-2)

USN-149-1 fixed several vulnerabilities in the Firefox web browser. Unfortunately that update introduced a lot of regressions, especially when using extensions, so another update is necessary. The new packages ship Firefox version 1.0.6 which should now work well with most extensions one known...

Multiple PHP extensions vulnerabilities

mysqli extension format string vulnerability, session extension session id HTTP response splitting...

CVE-2005-2530

Unspecified vulnerability in Java 1.3.1 before 1.3.116 on Apple Mac OS X allows an untrusted applet to gain privileges, related to "Mac OS X specific extensions."...

CVE-2005-3904

Unspecified vulnerability in Java Management Extensions JMX in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors...

CVE-2005-3484

Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions such as ZIP, AVI, JPG, TXT, and HTML via ".." and hex-encoded 1 slash "/" "%2f" or 2 backslash "" "%5c" sequences...

NeroNet1202.txt

Luigi Auriemma Application: NeroNET http://www.nero.com Versions: = 1.2.0.2 Platforms: Windows Bug: limited directory traversal Exploitation: remote Date: 02 Nov 2005 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1 Introduction 2 Bug 3 The Code 4 Fix...

IIS FrontPage DoS

Microsoft IIS, running Frontpage extensions, is vulnerable to a remote DoS attack usually called the 'malformed web submission' vulnerability. An attacker, exploiting this vulnerability, will be able to render the service unusable. If this machine serves a business-critical functionality, there...

[Full-disclosure] Limited directory traversal in NeroNET 1.2.0.2

Luigi Auriemma Application: NeroNET http://www.nero.com Versions: = 1.2.0.2 Platforms: Windows Bug: limited directory traversal Exploitation: remote Date: 02 Nov 2005 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1 Introduction 2 Bug 3 The Code 4 Fix...

CVE-2005-3430

Incomplete blacklist vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions, such as 1 .unk, 2 .asa, and possibly 3 .htr and 4 .aspx, which are not filtered like the .asp extension...

security flaw

smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.34, when UNIX extensions are enabled, ignores certain mount options, which could cause clients to use server-specified uid, gid and mode settings...

CVE-2005-3102

The administrative interface in Movable Type allows attackers to upload files with arbitrary extensions under the web root...

CVE-2005-2955

config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute arbitrary code by uploading files with other executable extensions such as .inc, .php4, or others...

CVE-2005-2955

config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute arbitrary code by uploading files with other executable extensions such as .inc, .php4, or others...

CVE-2005-2733

uploadimgcgi.php in Simple PHP Blog SPHPBlog does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code...

CVE-2005-2733

The CVE-2005-2733 issue affects Simple PHP Blog (SPHPBlog) where upload_img_cgi.php does not properly restrict uploaded file extensions, enabling remote code execution. The vulnerability is documented in NVD with a base score of 7.5 (HIGH) and is evidenced by the SPHPBlog file-upload weakness des...

CVE-2005-2733

uploadimgcgi.php in Simple PHP Blog SPHPBlog does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code...

[SA16598] Simple PHP Blog Image File Upload Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

CVE-2005-2437

Website Baker Project does not properly verify the file extensions of uploaded files, which allows remote attackers to upload and execute arbitrary PHP code...

CVE-2005-2405

Opera 8.01 is affected when Arial Unicode MS (ARIALUNI.TTF) is installed: extended ASCII in the file-download dialog can be spoofed, potentially leading users to execute arbitrary code. The issue is documented in CVE-2005-2405; OpenVAS notes vulnerability in Opera

USN-149-2: Fixed Firefox packages for USN-149-1

USN-149-1 fixed several vulnerabilities in the Firefox web browser. Unfortunately that update introduced a lot of regressions, especially when using extensions, so another update is necessary. The new packages ship Firefox version 1.0.6 which should now work well with most extensions one known...