Section: .. / 0710-advisories /
| /// File Name: |
SSRT071472.txt |
Description:
|
HP Security Bulletin - Potential vulnerabilities have been identified with HP Tru64 UNIX Running Apache Tomcat. The vulnerabilities could be exploited to allow remote unauthorized access or remote Denial of Service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 5518 | | Related CVE(s): | CVE-2007-3382, CVE-2007-3385, CVE-2007-3386 | | Last Modified: | Oct 16 18:54:32 2007 |
| MD5 Checksum: | fc1c776a1a098c3f9ac0ce54ed2e5e74 |
|
| /// File Name: |
realplayer-heap-corruption-adv.txt |
Description:
|
RealNetworks RealPlayer/RealOne Player/Helix Player all suffer from a heap corruption vulnerability in the handling of specially crafted .mov files. Successful exploitation may lead to code execution.
| | Author: | Piotr Bania | | Homepage: | http://piotrbania.com/ | | File Size: | 5213 | | Last Modified: | Oct 26 11:06:03 2007 |
| MD5 Checksum: | e2ef19fcac9143f960d0e4730c0cc729 |
|
| /// File Name: |
eleytt-CAvarious.txt |
Description:
|
Eleytt has discovered various buffer overflow and denial of service vulnerabilities in CA Erwin, G Data Antivirus, CA eTrust, VMware, and CA eTrust ITM.
| | Author: | Michal Bucko | | Homepage: | http://www.eleytt.com/ | | File Size: | 5207 | | Last Modified: | Oct 11 00:04:37 2007 |
| MD5 Checksum: | ef00c71b2c72acfd3df7574903ac6026 |
|
| /// File Name: |
sa27432.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for ruby. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.
| | Homepage: | http://secunia.com/advisories/27432/ | | File Size: | 5193 | | Last Modified: | Oct 30 19:58:14 2007 |
| MD5 Checksum: | ee98c4bdb964cf3c8bc1aa4d5d732518 |
|
| /// File Name: |
SYMSA-2007-013.txt |
Description:
|
Symantec Vulnerability Research SYMSA-2007-013 - Lotus Notes and Domino are susceptible to a vulnerability in the IPC functionality between NLNOTEs and NTASKLDR.
| | Author: | Ollie Whitehouse | | Homepage: | http://www.symantec.com/research | | File Size: | 5186 | | Related CVE(s): | CVE-2007-5544 | | Last Modified: | Oct 23 17:43:21 2007 |
| MD5 Checksum: | 3f43cdf788c5557b9efd2190bc5342e3 |
|
| /// File Name: |
sa27112.txt |
Description:
|
Secunia Security Advisory - VeriSign iDefense Labs has reported a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27112/ | | File Size: | 5173 | | Last Modified: | Oct 10 00:59:53 2007 |
| MD5 Checksum: | 3b399f63c33343188116d8d65bfc545e |
|
| /// File Name: |
sa27088.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for pidgin. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27088/ | | File Size: | 5055 | | Last Modified: | Oct 5 21:33:17 2007 |
| MD5 Checksum: | 1977410c200b92bf474c9e5db8842e7b |
|
| /// File Name: |
dsa-1393-1.txt |
Description:
|
Debian Security Advisory 1393-1 - It was discovered that xfce-terminal, a terminal emulator for the xfce environment, did not correctly escape arguments passed to the processes spawned by "Open Link". This allowed malicious links to execute arbitrary commands upon the local system.
| | Homepage: | http://www.debian.org/security | | File Size: | 5049 | | Related CVE(s): | CVE-2007-3770 | | Last Modified: | Oct 23 19:22:19 2007 |
| MD5 Checksum: | a1d56d58f369edb331ecb44bb9c5dfa1 |
|
| /// File Name: |
sa27378.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Trend Micro's Scan Engine, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/27378/ | | File Size: | 4974 | | Last Modified: | Oct 29 11:03:58 2007 |
| MD5 Checksum: | fdc3a6703e67f149448d08289be6e229 |
|
| /// File Name: |
10.31.07-1.txt |
Description:
|
iDefense Security Advisory 10.31.07 - Remote exploitation of an unsafe method vulnerability in Macrovision InstallShield Update Service allows attackers to execute arbitrary code with the privileges of the currently logged-in user. iDefense has confirmed the existence of this vulnerability in versions 5.01.100.47363, and 6.0.100.60146 of Macrovision InstallShield Update Service. Previous versions are also suspected to be vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 4926 | | Related CVE(s): | CVE-2007-5660 | | Last Modified: | Oct 31 14:49:44 2007 |
| MD5 Checksum: | 3addc6c9d8c0ef03f3685cd0202c1a9b |
|
| /// File Name: |
dsa-1373-2.txt |
Description:
|
Debian Security Advisory 1373-2 - It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files. This updated advisory correctly increases the version number of the fixed package such that it is installable upon the etch release of Debian.
| | Homepage: | http://www.debian.org/security | | File Size: | 4869 | | Related CVE(s): | CVE-2007-1799 | | Last Modified: | Oct 23 19:21:28 2007 |
| MD5 Checksum: | 3698c02a94c0bc9ae0aa4ebc064144f3 |
|
| /// File Name: |
sa27374.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xfce4-terminal. This fixes a security issue, which can be exploited by malicious people to inject shell commands.
| | Homepage: | http://secunia.com/advisories/27374/ | | File Size: | 4861 | | Last Modified: | Oct 24 23:40:24 2007 |
| MD5 Checksum: | edba665b4180fdea28fb17c611c61c54 |
|
| /// File Name: |
dsa-1394-1.txt |
Description:
|
Debian Security Advisory 1394-1 - It was discovered that reprepro, a tool to create a repository of Debian packages, when updating from a remote site only checks for the validity of known signatures, and thus does not reject packages with only unknown signatures. This allows an attacker to bypass this authentication mechanism.
| | Homepage: | http://www.debian.org/security | | File Size: | 4858 | | Related CVE(s): | CVE-2007-4739 | | Last Modified: | Oct 23 20:04:29 2007 |
| MD5 Checksum: | a849ecbfa377753f58a5918249488aed |
|
| /// File Name: |
sa27251.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported for various Oracle products. Some have unknown impacts, other can be exploited to disclose sensitive information, conduct SQL injection attacks, or to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27251/ | | File Size: | 4838 | | Last Modified: | Oct 18 17:54:12 2007 |
| MD5 Checksum: | 2bbb752adb695bac193cff3018bc877a |
|
| /// File Name: |
secunia-mcafee.txt |
Description:
|
Secunia Research has discovered a vulnerability in McAfee E-Business Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow within the e-Business administration utility service when parsing authentication packets. Affected is McAfee E-Business Server for Linux version 8.1.1.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4802 | | Related CVE(s): | CVE-2007-2957 | | Last Modified: | Oct 31 11:11:02 2007 |
| MD5 Checksum: | 6dae62c7ecd1fa070332a3f1e761cc2d |
|
| /// File Name: |
sa23469.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23469/ | | File Size: | 4752 | | Last Modified: | Oct 10 00:59:53 2007 |
| MD5 Checksum: | 48b1f69e50f46e5f23903b8b87a05cc1 |
|
| /// File Name: |
NGS00419.txt |
Description:
|
NGSSoftware Insight Security Research Advisory - It is possible to cause the Java Virtual Machine to overwrite an arbitrary memory location with an arbitrary value (repeatedly and in a stable manner) when parsing a malformed TrueType font. JDK and JRE versions 5.0 Update 9 and below as well as SDK and JRE versions 1.4.2_14 and below are affected.
| | Author: | John Heasman | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 4670 | | Last Modified: | Oct 29 20:39:02 2007 |
| MD5 Checksum: | c0cef6830fd8bb988ca43b15caf178dc |
|
| /// File Name: |
sa27161.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for xen. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/27161/ | | File Size: | 4655 | | Last Modified: | Oct 10 22:52:18 2007 |
| MD5 Checksum: | dffa51c6d91db6727def0ae67c5d461c |
|
| /// File Name: |
secunia-cups.txt |
Description:
|
Secunia Research has discovered a vulnerability in CUPS, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "ippReadIO()" function in cups/ipp.c when processing IPP (Internet Printing Protocol) tags.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4637 | | Related CVE(s): | CVE-2007-4351 | | Last Modified: | Oct 31 11:12:21 2007 |
| MD5 Checksum: | f050529925963e4d354c1ae9af386929 |
|
| /// File Name: |
sa27266.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for IBM Java. This fixes some vulnerabilities and a security issue, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service) or compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27266/ | | File Size: | 4621 | | Last Modified: | Oct 22 14:39:08 2007 |
| MD5 Checksum: | 296b5fe189485c6c43ac3b572d693646 |
|
| /// File Name: |
cabright-overflow.txt |
Description:
|
A remote stack overflow vulnerability exist in the RPC interface of CA BrightStor ARCServe BackUp. An arbitrary anonymous attacker can execute arbitrary code on the affected system by exploiting this vulnerability.
| | Author: | cocoruder | | Homepage: | http://ruder.cdut.net/ | | File Size: | 4614 | | Related CVE(s): | CVE-2007-5327 | | Last Modified: | Oct 12 00:47:55 2007 |
| MD5 Checksum: | 071bd1c98eb8cb949325a319bf630a91 |
|
| /// File Name: |
sa27362.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for nagios-plugins. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27362/ | | File Size: | 4566 | | Last Modified: | Oct 23 22:14:49 2007 |
| MD5 Checksum: | d8593812c9f1ed30ab01be468d0c84e1 |
|
| /// File Name: |
sa27133.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Internet Explorer, which can be exploited by a malicious website to spoof the address bar.
| | Homepage: | http://secunia.com/advisories/27133/ | | File Size: | 4548 | | Last Modified: | Oct 10 00:59:53 2007 |
| MD5 Checksum: | b02841527865d3984524420ce2d49215 |
|
| /// File Name: |
sa27334.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for reprepro. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/27334/ | | File Size: | 4534 | | Last Modified: | Oct 24 23:40:24 2007 |
| MD5 Checksum: | 57d46ce52beb056d9b9a7c0ec310d36c |
|
| /// File Name: |
sa27311.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities and a weakness have been reported in Mozilla Firefox, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27311/ | | File Size: | 4532 | | Last Modified: | Oct 22 14:39:08 2007 |
| MD5 Checksum: | 465c4198249fe4ce8718bed115dc8f13 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
