Section: .. / 0708-advisories /
| /// File Name: |
cisco-sa-20070808-IOS-voice.txt |
Description:
|
Cisco Security Advisory - Multiple voice-related vulnerabilities have been identified in Cisco IOS software, one of which is also shared with Cisco Unified Communications Manager. These vulnerabilities only affect devices running Cisco IOS that have voice services enabled. The only exception is the vulnerability documented as Cisco bug ID CSCsi80102, which also exists on Cisco Unified Communications Manager.
| | Homepage: | http://www.cisco.com/ | | File Size: | 185500 | | Last Modified: | Aug 9 03:06:32 2007 |
| MD5 Checksum: | 96c8d43c208678f5396b6f54691b35a3 |
|
| /// File Name: |
cisco-sa-20070808-IOS-IPv6-leak.txt |
Description:
|
Cisco Security Advisory - Cisco IOS and Cisco IOS XR contain a vulnerability when processing specially crafted IPv6 packets with a Type 0 Routing Header present. Exploitation of this vulnerability can lead to information leakage on affected IOS and IOS XR devices, and may also result in a crash of the affected IOS device. Successful exploitation on an affected device running Cisco IOS XR will not result in a crash of the device itself, but may result in a crash of the IPv6 subsystem.
| | Homepage: | http://www.cisco.com/ | | File Size: | 140548 | | Last Modified: | Aug 9 03:03:58 2007 |
| MD5 Checksum: | cfe453119c8720eb63366e68931530e1 |
|
| /// File Name: |
NS-072307-XSS.pdf |
Description:
|
A cross site scripting vulnerability existed in http://research.microsoft.com/. This has been fixed.
| | Author: | Amish Shah | | Homepage: | http://net-square.com/ | | File Size: | 94432 | | Last Modified: | Aug 31 18:53:10 2007 |
| MD5 Checksum: | 9956c839a73047e0ea608902bdcd1dc1 |
|
| /// File Name: |
dsa-1355-1.txt |
Description:
|
Debian Security Advisory 1355-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. kpdf includes a copy of the xpdf code and required an update as well.
| | Homepage: | http://www.debian.org/security | | File Size: | 79455 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Aug 14 05:57:55 2007 |
| MD5 Checksum: | 91a396238a3cacdc49e9df321b4f2d15 |
|
| /// File Name: |
sa26410.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for kdegraphics. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26410/ | | File Size: | 73763 | | Last Modified: | Aug 14 19:37:33 2007 |
| MD5 Checksum: | 2fe9ea2d0cf1c05f079909fb342f638a |
|
| /// File Name: |
USN-502-1.txt |
Description:
|
Ubuntu Security Notice 502-1 - It was discovered that Konqueror could be tricked into displaying incorrect URLs. Remote attackers could exploit this to increase their chances of tricking a user into visiting a phishing URL, which could lead to credential theft.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 67210 | | Related CVE(s): | CVE-2007-3820, CVE-2007-4224, CVE-2007-4225 | | Last Modified: | Aug 24 23:16:36 2007 |
| MD5 Checksum: | a88d1e8cb714c03879f57c92495e06d4 |
|
| /// File Name: |
sa26612.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for kdebase and kdelibs. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks.
| | Homepage: | http://secunia.com/advisories/26612/ | | File Size: | 63088 | | Last Modified: | Aug 27 22:57:16 2007 |
| MD5 Checksum: | 15410bcfba7332d81d7060776846150c |
|
| /// File Name: |
USN-509-1.txt |
Description:
|
Ubuntu Security Notice 509-1 - The Linux 2.6 kernel series suffers from multiple vulnerabilities. A flaw in the sysfs_readdir function allowed a local user to cause a denial of service by dereferencing a NULL pointer. A buffer overflow was discovered in the random number generator. In environments with granular assignment of root privileges, a local attacker could gain additional privileges. A flaw was discovered in the usblcd driver. A local attacker could cause large amounts of kernel memory consumption, leading to a denial of service. It was discovered that certain setuid-root processes did not correctly reset process death signal handlers. A local user could manipulate this to send signals to processes they would not normally have access to. The Direct Rendering Manager for the i915 driver could be made to write to arbitrary memory locations. An attacker with access to a running X11 session could send a specially crafted buffer and gain root privileges. It was discovered that the aacraid SCSI driver did not correctly check permissions on certain ioctls. A local attacker could cause a denial of service or gain privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 54241 | | Related CVE(s): | CVE-2007-3104, CVE-2007-3105, CVE-2007-3513, CVE-2007-3848, CVE-2007-3851, CVE-2007-4308 | | Last Modified: | Aug 31 19:03:00 2007 |
| MD5 Checksum: | 71d8853d53804ac2aa9e5b6ad74a2932 |
|
| /// File Name: |
MDKSA-2007-152.txt |
Description:
|
Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.6.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 52335 | | Related CVE(s): | CVE-2007-3089, CVE-2007-3285, CVE-2007-3656, CVE-2007-3670, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738, CVE-2007-3844, CVE-2007-3845 | | Last Modified: | Aug 8 07:04:03 2007 |
| MD5 Checksum: | a0fd2b4a65019d2ea2d16383d6d1de2a |
|
| /// File Name: |
USN-495-1.txt |
Description:
|
Ubuntu Security Notice 495-1 - Several format string vulnerabilities have been discovered in Qt warning messages. By causing an application to process specially crafted input data which triggered Qt warnings, this could be exploited to execute arbitrary code with the privilege of the user running the application.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 39325 | | Related CVE(s): | CVE-2007-3388 | | Last Modified: | Aug 8 08:40:19 2007 |
| MD5 Checksum: | b5de8e5ea8c7de131c344ed8dd24fb7a |
|
| /// File Name: |
sa26291.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for qt. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26291/ | | File Size: | 37440 | | Last Modified: | Aug 8 06:01:26 2007 |
| MD5 Checksum: | c558ef5401132491672e35b44dd06ef3 |
|
| /// File Name: |
TISA2007-08-Public.pdf |
Description:
|
Birokrat version 7.4 is susceptible to a heap corruption vulnerability.
| | Author: | Maldin d.o.o | | Homepage: | http://www.teamintell.com/ | | File Size: | 36796 | | Last Modified: | Aug 1 03:02:29 2007 |
| MD5 Checksum: | 4aa0616ed0911ff2609a4ff70a2d4c87 |
|
| /// File Name: |
USN-496-1.txt |
Description:
|
Ubuntu Security Notice 496-1 - Derek Noonburg discovered an integer overflow in the Xpdf function StreamPredictor::StreamPredictor(). By importing a specially crafted PDF file into KWord, this could be exploited to run arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 36100 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Aug 8 08:39:30 2007 |
| MD5 Checksum: | f67af0bc4a182e995415bdad3afa84db |
|
| /// File Name: |
cisco-sa-20070808-scp.txt |
Description:
|
Cisco Security Advisory - The server side of the Secure Copy (SCP) implementation in Cisco Internetwork Operating System (IOS) contains a vulnerability that allows any valid user, regardless of privilege level, to transfer files to and from an IOS device that is configured to be a Secure Copy server. This vulnerability could allow valid users to retrieve or write to any file on the device's filesystem, including the device's saved configuration. This configuration file may include passwords or other sensitive information.
| | Homepage: | http://www.cisco.com/ | | File Size: | 35520 | | Last Modified: | Aug 9 03:02:58 2007 |
| MD5 Checksum: | 11d7b0fb83fe8f96ddeb6941737729d1 |
|
| /// File Name: |
sa26297.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for koffice. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26297/ | | File Size: | 34533 | | Last Modified: | Aug 8 06:01:26 2007 |
| MD5 Checksum: | 1b7540c870725562460a077ecdcacb8c |
|
| /// File Name: |
sa26450.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or gain escalated privileges, and malicious people to cause a DoS.
| | Homepage: | http://secunia.com/advisories/26450/ | | File Size: | 32632 | | Last Modified: | Aug 18 05:22:57 2007 |
| MD5 Checksum: | 55e7dd862c14aa54d4dca083940360f6 |
|
| /// File Name: |
dsa-1345-1.txt |
Description:
|
Debian Security Advisory 1345-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. "moz_bug_r_a4" discovered that a regression in the handling of "about:blank" windows used by addons may lead to an attacker being able to modify the content of web sites. Jesper Johansson discovered that missing sanitizing of double-quotes and spaces in URIs passed to external programs may allow an attacker to pass arbitrary arguments to the helper program if the user is tricked into opening a malformed web page.
| | Homepage: | http://www.debian.org/security | | File Size: | 28062 | | Related CVE(s): | CVE-2007-3844, CVE-2007-3845 | | Last Modified: | Aug 8 09:03:39 2007 |
| MD5 Checksum: | e81402d558540bbe4e4efe53496addb7 |
|
| /// File Name: |
dsa-1351-1.txt |
Description:
|
Debian Security Advisory 1351-1 - Tavis Ormandy discovered that bochs, a highly portable IA-32 PC emulator, is vulnerable to a buffer overflow in the emulated NE2000 network device driver, which may lead to privilege escalation.
| | Homepage: | http://www.debian.org/security | | File Size: | 27508 | | Related CVE(s): | CVE-2007-2893 | | Last Modified: | Aug 8 10:02:47 2007 |
| MD5 Checksum: | b355f33b1d184bfa2fc585b248dcfb59 |
|
| /// File Name: |
MDKSA-2007-162.txt |
Description:
|
Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause kpdf to crash and possibly execute arbitrary code open a user opening the file.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 27449 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Aug 16 10:34:59 2007 |
| MD5 Checksum: | 55cf063d551c12a226c033fbf592a01f |
|
| /// File Name: |
dsa-1357-1.txt |
Description:
|
Debian Security Advisory 1357-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. koffice includes a copy of the xpdf code and required an update as well.
| | Homepage: | http://www.debian.org/security | | File Size: | 27108 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Aug 20 03:50:30 2007 |
| MD5 Checksum: | 205d12d4ce1b7d0eb7e1dca887c5f079 |
|
| /// File Name: |
sa26331.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xulrunner. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26331/ | | File Size: | 25961 | | Last Modified: | Aug 8 06:01:26 2007 |
| MD5 Checksum: | c4d6e4d2bb6cf16a020edd1ceb5bd899 |
|
| /// File Name: |
sa26364.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for bochs. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26364/ | | File Size: | 25555 | | Last Modified: | Aug 9 02:51:33 2007 |
| MD5 Checksum: | 7bd8323774e0fdc127462276c1d01de6 |
|
| /// File Name: |
sa26514.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for koffice. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26514/ | | File Size: | 25205 | | Last Modified: | Aug 21 22:07:00 2007 |
| MD5 Checksum: | 9b41e45cc54ab898de3928b7275f0a58 |
|
| /// File Name: |
USN-493-1.txt |
Description:
|
Ubuntu Security Notice 493-1 - A flaw was discovered in handling of "about:blank" windows used by addons. A malicious web site could exploit this to modify the contents, or steal confidential data (such as passwords), of other web pages. Jesper Johansson discovered that spaces and double-quotes were not correctly handled when launching external programs. In rare configurations, after tricking a user into opening a malicious web page, an attacker could execute helpers with arbitrary arguments with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 23784 | | Related CVE(s): | CVE-2007-3844, CVE-2007-3845 | | Last Modified: | Aug 8 06:27:26 2007 |
| MD5 Checksum: | f9d508262fd7a81703b35191aaacfa3a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
