Section: .. / 0704-advisories /
| /// File Name: |
afflib-overflows.txt |
Description:
|
Virtual Security Research, LLC. Security Advisory - Multiple buffer overflows exist in AFFLIB version 2.2.0. Earlier versions may also be affected.
| | Author: | Timothy D. Morgan | | Homepage: | http://www.vsecurity.com/ | | File Size: | 11680 | | Related CVE(s): | CVE-2007-2053 | | Last Modified: | May 3 03:44:07 2007 |
| MD5 Checksum: | 446352877e3aa73c1f54b3318d5ff7be |
|
| /// File Name: |
afflib-toctou.txt |
Description:
|
Virtual Security Research, LLC. Security Advisory - A Time-of-Check-Time-of-Use file race condition exists in AFFLIB versions 2.2.0 through 2.2.8.
| | Author: | Timothy D. Morgan | | Homepage: | http://www.vsecurity.com/ | | File Size: | 6878 | | Related CVE(s): | CVE-2007-2056 | | Last Modified: | May 3 03:42:48 2007 |
| MD5 Checksum: | 0c56679cd5d6f442117bbe96db6ea730 |
|
| /// File Name: |
apop-protocol.txt |
Description:
|
A security vulnerability has been discovered in the APOP protocol that is related to the recent collision attacks by Wang and al. against MD5. Using the man in the middle setting, one can recover the first characters of the password with a few hundred authentications from the client.
| | Author: | Gaetan Leurent | | File Size: | 3943 | | Related CVE(s): | CVE-2007-1558 | | Last Modified: | Apr 3 02:50:55 2007 |
| MD5 Checksum: | 1da7794eae5e8de66bf5e76901e835aa |
|
| /// File Name: |
ASA-2007-010.txt |
Description:
|
Asterisk Project Security Advisory - Two closely related stack based buffer overflows exist in the SIP/SDP handler of Asterisk, the vulnerabilities are very similar but exist as two separate unsafe function calls.
| | Author: | Barrie Dempster | | Homepage: | http://www.asterisk.org/security | | File Size: | 28456 | | Last Modified: | Apr 25 07:30:03 2007 |
| MD5 Checksum: | 252a950355a472b214e00960e093be58 |
|
| /// File Name: |
ASA-2007-011.txt |
Description:
|
Asterisk Project Security Advisory - Multiple problems have been identified in the Asterisk SIP channel driver (chan_sip) when handling response packets from other SIP endpoints.
| | Author: | qwerty1979 | | Homepage: | http://www.asterisk.org/security | | File Size: | 8564 | | Last Modified: | Apr 25 07:31:22 2007 |
| MD5 Checksum: | 15147c6214e06f689cb0273dd6ad4c52 |
|
| /// File Name: |
ASA-2007-012.txt |
Description:
|
Asterisk Project Security Advisory - The Asterisk Manager Interface has a remote crash vulnerability. If a manager user is configured in manager.conf without a password, and then a connection is made that attempts to use that username and MD5 authentication, Asterisk will dereference a NULL pointer and crash.
| | Homepage: | http://www.asterisk.org/security | | File Size: | 12084 | | Last Modified: | Apr 25 07:32:40 2007 |
| MD5 Checksum: | 5b817c74c96c6fedc5164d93d80850d7 |
|
| /// File Name: |
ATSA-2007-001.txt |
Description:
|
Akamai Technologies Security Advisory 2007-0001 - Two security vulnerabilities have been discovered in the ActiveX version of Akamai Download Manager. For successful exploitation, both vulnerabilities require the user to visit a malicious URL, triggering a stack-based buffer overflow that allows the attacker to execute arbitrary code within the context of the victim.
| | Author: | Fortinet, iDefense | | Homepage: | http://www.akamai.com/ | | File Size: | 4477 | | Related CVE(s): | CVE-2007-1891, CVE-2007-1892 | | Last Modified: | Apr 17 19:07:48 2007 |
| MD5 Checksum: | c35d99f51e62cd01b32e771ab6142984 |
|
| /// File Name: |
BTP00000P002NF.txt |
Description:
|
Symantec Norton Personal Firewall hooks many functions in SSDT and in at least two cases it fails to validate arguments that come from the user mode.
| | Homepage: | http://www.matousec.com/ | | Related Exploit: | BTP00000P002NF.zip | | File Size: | 1347 | | Last Modified: | Apr 3 01:11:56 2007 |
| MD5 Checksum: | 651ce3be1613c437460c49ad041b7923 |
|
| /// File Name: |
CAID-35198-35276.txt |
Description:
|
CA BrightStor ARCserve Backup Media Server contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 4768 | | Related OSVDB(s): | 34126,34127 | | Related CVE(s): | CVE-2007-1785, CVE-2007-2139 | | Last Modified: | May 3 01:53:33 2007 |
| MD5 Checksum: | 836fb8b03fb3f4e770291a868d924eb8 |
|
| /// File Name: |
CAID-35277.txt |
Description:
|
CA CleverPath Portal contains a vulnerability that can allow a local attacker to access confidential data. The vulnerability is due to insufficient filtering of SQL search queries. CA has issued a patch to address the vulnerability.
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 3125 | | Related OSVDB(s): | 34128 | | Related CVE(s): | CVE-2007-2230 | | Last Modified: | May 3 01:57:44 2007 |
| MD5 Checksum: | b3399cd503f4b6d1f198fd59ee6855d9 |
|
| /// File Name: |
cisco-sa-20070412-wcs.txt |
Description:
|
Cisco Security Advisory - The Cisco Wireless Control System (WCS) works in conjunction with Cisco Aironet Lightweight Access Points, Cisco Wireless LAN Controllers, and the Cisco Wireless Location Appliance by providing tools for wireless LAN planning and design, system configuration, location tracking, security monitoring, and wireless LAN management. Cisco WCS contains multiple vulnerabilities that can result in information disclosure, privilege escalation, and unauthorized access through fixed authentication credentials.
| | Homepage: | http://www.cisco.com/ | | File Size: | 17380 | | Last Modified: | Apr 13 00:56:22 2007 |
| MD5 Checksum: | fdc7095a687300e82da9ab6dc7ded61d |
|
| /// File Name: |
cisco-sa-20070412-wlc.txt |
Description:
|
Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) manages Cisco Aironet access points using the Lightweight Access Point Protocol (LWAPP). The WLC contains multiple vulnerabilities that could result in a denial of service (DoS) condition, information disclosure, or access control list changes, or allow an attacker to gain full administrative access.
| | Homepage: | http://www.cisco.com/ | | File Size: | 20655 | | Last Modified: | Apr 13 00:55:38 2007 |
| MD5 Checksum: | 03ab9874194bb1b04caf052982f403e5 |
|
| /// File Name: |
cisco-sa-20070425-nfc.txt |
Description:
|
Cisco Security Advisory - Versions of Cisco Network Services (CNS) NetFlow Collection Engine (NFC) prior to 6.0 create and use default accounts with identical usernames and passwords. An attacker with knowledge of these accounts can modify the application configuration and, in certain instances, gain user access to the host operating system.
| | Homepage: | http://www.cisco.com | | File Size: | 15701 | | Last Modified: | May 3 01:42:29 2007 |
| MD5 Checksum: | cf553a8d2b4152c2e86675fa2dae6d8c |
|
| /// File Name: |
cosign-vuln-2007-001.txt |
Description:
|
A remotely exploitable vulnerability has been discovered that allows attackers to bypass cosign weblogin server authentication and assume the identity of an arbitrary user on a cosign-protected service. Organizations that run their own central cosign weblogin server should upgrade their weblogin server to cosign 2.0.2a, cosign 1.9.4b, or back-port the patch available at http://weblogin.org/download.html to the version of cosign they are running.
| | Author: | Jon Oberheide | | File Size: | 9058 | | Last Modified: | Apr 12 21:05:03 2007 |
| MD5 Checksum: | f76901f72b381318ad82600bee10a67d |
|
| /// File Name: |
cosign-vuln-2007-002.txt |
Description:
|
A remotely exploitable vulnerability has been discovered that allows attackers who are already authenticated via cosign to assume the identity of an arbitrary user on a cosign-protected service. Organizations that run their own central cosign weblogin server should upgrade their weblogin server to cosign 2.0.2a, cosign 1.9.4b, or back-port the patch available at http://weblogin.org/download.html to the version of cosign they are running.
| | Author: | Jon Oberheide | | File Size: | 10551 | | Last Modified: | Apr 12 21:05:54 2007 |
| MD5 Checksum: | 57cbaedc206501891415eefa6f3dbc58 |
|
| /// File Name: |
cpzl-lpe.txt |
Description:
|
ZoneAlarm's srescan.sys versions 5.0.155 and below suffer from a local privilege escalation vulnerability.
| | Author: | Ruben Santamarta | | File Size: | 4119 | | Last Modified: | Apr 24 09:40:27 2007 |
| MD5 Checksum: | 7f845a9089ba5a194901574a6286d244 |
|
| /// File Name: |
CYBSEC-stssrfc.txt |
Description:
|
CYBSEC Security Advisory - The SAP TRUSTED_SYSTEM_SECURITY RFC function suffers from an information disclosure.
| | Author: | Mariano Nunez Di Croce | | Homepage: | http://www.cybsec.com/ | | File Size: | 4206 | | Last Modified: | Apr 5 07:12:22 2007 |
| MD5 Checksum: | 4f7bd86ae441401da4957ba7da673a8d |
|
| /// File Name: |
dsa-1274-1.txt |
Description:
|
Debian Security Advisory 1274-1 - An integer underflow bug has been found in the file_printf function in file, a tool to determine file types based analysis of file content. The bug could allow an attacker to execute arbitrary code by inducing a local user to examine a specially crafted file that triggers a buffer overflow.
| | Homepage: | http://www.debian.org/security | | File Size: | 16380 | | Related CVE(s): | CVE-2007-1536 | | Last Modified: | Apr 3 02:47:46 2007 |
| MD5 Checksum: | 46d59b1c361fb254128ece808b24bfe2 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
