Section: .. / 0711-advisories /
| /// File Name: |
USN-542-1.txt |
Description:
|
Ubuntu Security Notice 542-1 - Secunia Research discovered several vulnerabilities in poppler. If a user were tricked into loading a specially crafted PDF file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the user's privileges in applications linked against poppler.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 25606 | | Related CVE(s): | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 | | Last Modified: | Nov 14 01:14:02 2007 |
| MD5 Checksum: | 6a3cdb4262a56a28bb1e8531133cb0e7 |
|
| /// File Name: |
sa27628.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for flac. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27628/ | | File Size: | 24939 | | Last Modified: | Nov 14 21:23:15 2007 |
| MD5 Checksum: | eab938ee4a5f521db9999e6ac96b0da5 |
|
| /// File Name: |
sa27632.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for poppler. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/27632/ | | File Size: | 24685 | | Last Modified: | Nov 14 19:18:42 2007 |
| MD5 Checksum: | dc3c0862f77b054e23ff40f96cc006a8 |
|
| /// File Name: |
dsa-1400-1.txt |
Description:
|
Debian Security Advisory 1400-1 - Will Drewry and Tavis Ormandy of the Google Security Team have discovered a UTF-8 related heap overflow in Perl's regular expression compiler, probably allowing attackers to execute arbitrary code by compiling specially crafted regular expressions.
| | Homepage: | http://www.debian.org/security | | File Size: | 24666 | | Related CVE(s): | CVE-2007-5116 | | Last Modified: | Nov 6 23:20:16 2007 |
| MD5 Checksum: | 97da569e023ab9b3a0f3e419ff23c6f3 |
|
| /// File Name: |
USN-543-1.txt |
Description:
|
Ubuntu Security Notice 543-1 - Neel Mehta and Ryan Smith discovered that the VMWare Player DHCP server did not correctly handle certain packet structures. Remote attackers could send specially crafted packets and gain root privileges. Rafal Wojtczvk discovered multiple memory corruption issues in VMWare Player. Attackers with administrative privileges in a guest operating system could cause a denial of service or possibly execute arbitrary code on the host operating system.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 24651 | | Related CVE(s): | CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-4496, CVE-2007-4497 | | Last Modified: | Nov 16 02:50:37 2007 |
| MD5 Checksum: | 24a482be135004abb40a5ba0e1911e58 |
|
| /// File Name: |
sa27694.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for vmware. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27694/ | | File Size: | 23943 | | Last Modified: | Nov 20 11:17:55 2007 |
| MD5 Checksum: | e14a10d2624dcfbbc5a65b3bda5437f1 |
|
| /// File Name: |
dsa-1398-1.txt |
Description:
|
Debian Security Advisory 1398-1 - Bernhard Mueller of SEC Consult has discovered a format string vulnerability in perdition, an IMAP proxy. This vulnerability could allow an unauthenticated remote user to run arbitrary code on the perdition server by providing a specially formatted IMAP tag.
| | Homepage: | http://www.debian.org/security | | File Size: | 23513 | | Related CVE(s): | CVE-2007-5740 | | Last Modified: | Nov 5 11:46:42 2007 |
| MD5 Checksum: | 363e8fa0b444b529bc20aa00f902c094 |
|
| /// File Name: |
sa27479.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27479/ | | File Size: | 22990 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | 7b6d1e7712949218bdbfee41b1f494bc |
|
| /// File Name: |
sa27817.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27817/ | | File Size: | 22311 | | Last Modified: | Nov 27 21:51:05 2007 |
| MD5 Checksum: | 0a83e3d2adcf2e010fdfe850f6d46428 |
|
| /// File Name: |
USN-539-1.txt |
Description:
|
Ubuntu Security Notice 539-1 - Alin Rad Pop discovered that CUPS did not correctly validate buffer lengths when processing IPP tags. Remote attackers successfully exploiting this vulnerability would gain access to the non-root CUPS user in Ubuntu 6.06 LTS, 6.10, and 7.04. In Ubuntu 7.10, attackers would be isolated by the AppArmor CUPS profile.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 22279 | | Related CVE(s): | CVE-2007-4351 | | Last Modified: | Nov 6 02:02:04 2007 |
| MD5 Checksum: | 50b3c37d2081c84fab46045ac6314310 |
|
| /// File Name: |
sa27520.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for perdition. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27520/ | | File Size: | 22109 | | Last Modified: | Nov 6 22:14:24 2007 |
| MD5 Checksum: | 922c4faddd3132705468deab2cab2247 |
|
| /// File Name: |
sa27540.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27540/ | | File Size: | 21648 | | Last Modified: | Nov 7 02:58:11 2007 |
| MD5 Checksum: | 722d9042d5be95311da2aa0ec3841105 |
|
| /// File Name: |
sa27496.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for nagios-plugins. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27496/ | | File Size: | 20492 | | Last Modified: | Nov 2 22:36:00 2007 |
| MD5 Checksum: | eca6f47ac1acb6150a1a00a4fca7efea |
|
| /// File Name: |
CORE-2007-0821.txt |
Description:
|
Core Security Technologies Advisory - Lotus Notes suffers from a buffer overflow vulnerability in the Lotus WorkSheet file processor.
| | Author: | Sebastian Muniz | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 20462 | | Last Modified: | Nov 27 22:58:14 2007 |
| MD5 Checksum: | e0009b217f9e9c384b7525d52f75893f |
|
| /// File Name: |
MDKSA-2007-224-1.txt |
Description:
|
Mandriva Linux Security Advisory - The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service. As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges. The patch that fixed CVE-2007-4572 introduced a regression that would prevent shares from being mounted properly and would cause the remote (patched) smbd to crash. This update contains another fix from upstream to correct the problem.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 18060 | | Related CVE(s): | CVE-2007-5398, CVE-2007-4572 | | Last Modified: | Nov 26 18:05:54 2007 |
| MD5 Checksum: | 1fda8ef98ab122a72043e22e01082e10 |
|
| /// File Name: |
MDKSA-2007-224-3.txt |
Description:
|
Mandriva Linux Security Advisory - The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service. As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges. This update corrects all known regressions with previous Samba updates due to the security fixes to correct CVE-2007-4572.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 17994 | | Related CVE(s): | CVE-2007-5398, CVE-2007-4572 | | Last Modified: | Nov 30 01:59:23 2007 |
| MD5 Checksum: | 35c3dfda88c38965355ccbfee1082a66 |
|
| /// File Name: |
dsa-1412-1.txt |
Description:
|
Debian Security Advisory 1412-1 - Several vulnerabilities have been discovered in Ruby, an object-oriented scripting language. It was discovered that the Ruby HTTP(S) module performs insufficient validation of SSL certificates, which may lead to man-in-the-middle attacks. It was discovered that the Ruby modules for FTP, Telnet, IMAP, POP and SMTP perform insufficient validation of SSL certificates, which may lead to man-in-the-middle attacks.
| | Homepage: | http://www.debian.org/security | | File Size: | 17960 | | Related CVE(s): | CVE-2007-5162, CVE-2007-5770 | | Last Modified: | Nov 26 22:04:41 2007 |
| MD5 Checksum: | 7ed208a8827375254093620d6928cd88 |
|
| /// File Name: |
MDKSA-2007-224.txt |
Description:
|
Mandriva Linux Security Advisory - The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service. As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 17826 | | Related CVE(s): | CVE-2007-5398, CVE-2007-4572 | | Last Modified: | Nov 26 16:08:19 2007 |
| MD5 Checksum: | c32c1a151a0949b55ac1568072ffec25 |
|
| /// File Name: |
dsa-1397-1.txt |
Description:
|
Debian Security Advisory 1397-1 - An integer overflow in the BigInteger data type implementation has been discovered in the free .NET runtime Mono.
| | Homepage: | http://www.debian.org/security | | File Size: | 17703 | | Related CVE(s): | CVE-2007-5197 | | Last Modified: | Nov 5 11:06:53 2007 |
| MD5 Checksum: | 9991fafcf62bba66166e119577ac57c8 |
|
| /// File Name: |
sa27818.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for ruby1.9. This fixes some security issues, which can be exploited by malicious people to conduct spoofing attacks.
| | Homepage: | http://secunia.com/advisories/27818/ | | File Size: | 16742 | | Last Modified: | Nov 26 21:10:48 2007 |
| MD5 Checksum: | 9775a6089d4d47f656021bfcf66e4162 |
|
| /// File Name: |
sa27511.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mono. This fixes a vulnerability, which has unknown impacts.
| | Homepage: | http://secunia.com/advisories/27511/ | | File Size: | 16697 | | Last Modified: | Nov 6 22:14:53 2007 |
| MD5 Checksum: | 080763cfbdc86c1a77616705dd8cc12b |
|
| /// File Name: |
sa27480.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for iceape. This fixes some vulnerabilities and a weakness, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27480/ | | File Size: | 16165 | | Last Modified: | Nov 6 22:14:24 2007 |
| MD5 Checksum: | 3ca3524d960063ef20824cb768ba384e |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
