Section: .. / 0709-advisories /
| /// File Name: |
sa26751.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for clamav. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26751/ | | File Size: | 5960 | | Last Modified: | Sep 10 17:30:03 2007 |
| MD5 Checksum: | d5c7e3a5392638ce9b972d4f6ad2de4f |
|
| /// File Name: |
SYM07-024.txt |
Description:
|
Symantec was notified of a potential denial of service vulnerability in the device driver SYMTDI.SYS. A specially crafted IRP sent to an IOCTL handler function could allow memory to be overwritten because the address space was not properly validated in some versions of the driver. A potential attacker must be logged into the computer to attempt an exploit. A successful exploit of this vulnerability could potentially allow that user to crash their computer.
| | Author: | Matousec-Transparent | | Homepage: | http://www.symantec.com/ | | File Size: | 2976 | | Related CVE(s): | CVE-2007-1476 | | Last Modified: | Sep 10 17:29:54 2007 |
| MD5 Checksum: | 86d3a379bfc033ddebb718d173f0afb9 |
|
| /// File Name: |
dsa-1365-2.txt |
Description:
|
Debian Security Advisory 1365-2 - Nikolaus Schulz discovered that a programming error in id3lib, an ID3 Tag Library, may lead to denial of service through symlink attacks.
| | Homepage: | http://www.debian.org/security | | File Size: | 6202 | | Related CVE(s): | CVE-2007-4460 | | Last Modified: | Sep 10 17:23:31 2007 |
| MD5 Checksum: | 5453a4dda94a0136c9790e97a6f9ca29 |
|
| /// File Name: |
sa26551.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been discovered in TorrentTrader, which can be exploited by malicious users to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/26551/ | | File Size: | 2519 | | Last Modified: | Sep 10 14:58:23 2007 |
| MD5 Checksum: | c8e5282c15eefccf3125b98e3ac2040d |
|
| /// File Name: |
sa26732.txt |
Description:
|
Secunia Security Advisory - Mattias Bengtsson and Philip Olausson have reported a vulnerability in lighttpd, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26732/ | | File Size: | 2520 | | Last Modified: | Sep 10 14:58:23 2007 |
| MD5 Checksum: | 52dbfd38012747d0cd3475d3ff8d32cb |
|
| /// File Name: |
sa26733.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for phpmyadmin. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/26733/ | | File Size: | 3751 | | Last Modified: | Sep 10 14:58:23 2007 |
| MD5 Checksum: | 6d3d71dcc90e57290f7bf63453faabed |
|
| /// File Name: |
sa26745.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in QGit, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/26745/ | | File Size: | 2550 | | Last Modified: | Sep 10 14:58:23 2007 |
| MD5 Checksum: | 891046a76d5a81c4e8b4c1e50109f0c1 |
|
| /// File Name: |
sa26758.txt |
Description:
|
Secunia Security Advisory - k1tk4t has discovered a vulnerability in Webace Linkscript, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/26758/ | | File Size: | 2324 | | Last Modified: | Sep 10 14:58:23 2007 |
| MD5 Checksum: | ac4da7069a2bd13222724dc4a06e59da |
|
| /// File Name: |
sa26759.txt |
Description:
|
Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM HTTP Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26759/ | | File Size: | 2252 | | Last Modified: | Sep 10 14:58:23 2007 |
| MD5 Checksum: | 0fc4222074b5f52e4da3d7e38814d240 |
|
| /// File Name: |
sa26761.txt |
Description:
|
Secunia Security Advisory - A vulnerability with an unknown impact has been reported in IBM WebSphere Application Server.
| | Homepage: | http://secunia.com/advisories/26761/ | | File Size: | 2217 | | Last Modified: | Sep 10 14:58:23 2007 |
| MD5 Checksum: | daf8082185c1cab52f8fe326d8eea36e |
|
| /// File Name: |
sa26765.txt |
Description:
|
Secunia Security Advisory - Luigi Auriemma has reported two vulnerabilities in CellFactor: Revolution, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26765/ | | File Size: | 2541 | | Last Modified: | Sep 10 14:58:23 2007 |
| MD5 Checksum: | 8c1efd3f3d255044a0e95093dd7d8148 |
|
| /// File Name: |
sa26766.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for gd. This fixes some vulnerabilities, where some have unknown impact and others can potentially be exploited to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26766/ | | File Size: | 3325 | | Last Modified: | Sep 10 14:58:23 2007 |
| MD5 Checksum: | 4fd2d87c533694f88008d89e625c3769 |
|
| /// File Name: |
dsa-1372-1.txt |
Description:
|
Debian Security Advisory 1372-1 - Aaron Plattner discovered a buffer overflow in the Composite extension of the X.org X server, which can lead to local privilege escalation.
| | Homepage: | http://www.debian.org/security | | File Size: | 15858 | | Related CVE(s): | CVE-2007-4730 | | Last Modified: | Sep 9 16:59:36 2007 |
| MD5 Checksum: | 02de3edbeb1381faa137fdf06866763f |
|
| /// File Name: |
txxcms-rfi.txt |
Description:
|
Txx CMS appears susceptible to remote file inclusion vulnerabilities.
| | Author: | nne | | Homepage: | http://nnc.unkn0wn.eu/ | | File Size: | 1244 | | Last Modified: | Sep 9 16:57:07 2007 |
| MD5 Checksum: | 669ef7e6dbf80b2a7fa86bac09bfd55b |
|
| /// File Name: |
ZDI-07-051.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Server Protect. Authentication is not required to exploit this vulnerability. The specific flaw exists within the routine TMregChange() exported by TMReg.dll which is reachable through the custom protocol subcode "\x15\x00\x00\x00". The TCP socket bound to port 5005 receives user-supplied data which is copied without proper bounds checking to a stack-based buffer. Thereby resulting in an exploitable condition.
| | Author: | Sebastian Apelt | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2690 | | Related CVE(s): | CVE-2007-4731 | | Last Modified: | Sep 9 16:55:13 2007 |
| MD5 Checksum: | 069c90a5da80f13229feadaf50d40ec4 |
|
| /// File Name: |
ZDI-07-050.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit this vulnerability. The specific flaw is exposed through the RPC interface bound on TCP port 5168 and defined in SpntSvc.exe.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2745 | | Related CVE(s): | CVE-2007-4218 | | Last Modified: | Sep 9 16:53:55 2007 |
| MD5 Checksum: | c93fd4348a32dc9b40ace488b0d089eb |
|
| /// File Name: |
MDKSA-2007-174-1.txt |
Description:
|
Mandriva Linux Security Advisory - A stack buffer overflow vulnerability was discovered in the RPC library used by Kerberos' kadmind program by Tenable Network Security. A remote unauthenticated user who could access kadmind would be able to trigger the flaw and cause it to crash. This issue is only applicable to Kerberos 1.4 and higher. Garrett Wollman found an uninitialized pointer vulnerability in kadmind which a remote unauthenticated attacker able to access kadmind could exploit to cause kadmind to crash. This issue is only applicable to Kerberos 1.5 and higher. The MIT Kerberos Team found a problem with the originally published patch for CVE-2007-3999. A remote unauthenticated attacker able to access kadmind could trigger this flaw and cause kadmind to crash.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7955 | | Related CVE(s): | CVE-2007-3999, CVE-2007-4000, CVE-2007-4743 | | Last Modified: | Sep 7 20:31:01 2007 |
| MD5 Checksum: | 8773009e8da0941e727991ff9a74c6e8 |
|
| /// File Name: |
USN-511-2.txt |
Description:
|
Ubuntu Security Notice 511-2 - USN-511-1 fixed vulnerabilities in krb5 and librpcsecgss. The fixes were incomplete, and only reduced the scope of the vulnerability, without fully solving it. It was discovered that the libraries handling RPCSEC_GSS did not correctly validate the size of certain packet structures. An unauthenticated remote user could send a specially crafted request and execute arbitrary code with root privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 29284 | | Related CVE(s): | CVE-2007-3999 | | Last Modified: | Sep 7 20:28:40 2007 |
| MD5 Checksum: | a7b734c0ce5344db1d137bc8862fec37 |
|
| /// File Name: |
buffalo_070907.txt |
Description:
|
The Buffalo AirStation WHR-G54S web management interface suffers from a cross site request forgery vulnerability.
| | Author: | Henri Lindberg | | Homepage: | http://www.louhi.fi/ | | File Size: | 3374 | | Last Modified: | Sep 7 20:18:32 2007 |
| MD5 Checksum: | cc772aad00a5bdd87b03854d003ed21d |
|
| /// File Name: |
sa26726.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Sophos Anti-Virus, which can be exploited by malware to bypass the scanning functionality.
| | Homepage: | http://secunia.com/advisories/26726/ | | File Size: | 3362 | | Last Modified: | Sep 7 19:05:01 2007 |
| MD5 Checksum: | 20740a1e369af26722d1152030ba6239 |
|
| /// File Name: |
sa26699.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for krb5. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26699/ | | File Size: | 2354 | | Last Modified: | Sep 7 19:03:37 2007 |
| MD5 Checksum: | bfcbcae67a17a6801a6906e3e3f7e349 |
|
| /// File Name: |
sa26710.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for mysql. This fixes a vulnerability and a security issue, which can be exploited by malicious users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26710/ | | File Size: | 4594 | | Last Modified: | Sep 7 19:03:37 2007 |
| MD5 Checksum: | 45d8c04c98ab6ba233740442bab3f0fd |
|
| /// File Name: |
sa26714.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Sophos Anti-Virus, which can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/26714/ | | File Size: | 2600 | | Last Modified: | Sep 7 19:03:37 2007 |
| MD5 Checksum: | d81199f8c15cf15bb6418da4dbbdda3e |
|
| /// File Name: |
sa26720.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for konqueror. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks.
| | Homepage: | http://secunia.com/advisories/26720/ | | File Size: | 6038 | | Last Modified: | Sep 7 19:03:37 2007 |
| MD5 Checksum: | 5de9f18b80f63af8c20eb2ea2c40d9a0 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
