.:[ packet storm ]:.
                             
never stop questioning
never stop questioning

 Section:  .. / 0801-advisories  /

Page 4 of 27
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 >> Files 75 - 100 of 655
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: glsa-200801-02-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-02:02 - R includes a copy of PCRE which is vulnerable to multiple buffer overflows and memory corruptions vulnerabilities (GLSA 200711-30). Versions less than 2.2.1-r1 are affected.
Homepage:http://security.gentoo.org
File Size:2983
Last Modified:Jan 10 03:58:53 2008
MD5 Checksum:c2e2105d9bf21493d35cac31ab4bc05c

 ///  File Name: glsa-200801-03.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-03 - Nico Golde from Debian reported that the sylprint.pl script that is part of the Claws Mail tools creates temporary files in an insecure manner. Versions less than 3.0.2-r1 are affected.
Homepage:http://security.gentoo.org
File Size:2796
Related CVE(s):CVE-2007-6208
Last Modified:Jan 10 03:59:59 2008
MD5 Checksum:799386edc6a54a3e975997ed6014fdd0

 ///  File Name: glsa-200801-04.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-04 - Russ Allbery, Jeffrey Altman, Dan Hyde and Thomas Mueller discovered a race condition due to an improper handling of the clients callbacks lists. Versions less than 1.4.6 are affected.
Homepage:http://security.gentoo.org
File Size:2705
Related CVE(s):CVE-2007-6599
Last Modified:Jan 10 04:00:26 2008
MD5 Checksum:6b5aad31b93012e51d36460c8bd5f2fd

 ///  File Name: glsa-200801-05.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-05 - The Wikimedia Foundation reported a memory leak vulnerability when performing cache updates. Versions less than 2.6.17 are affected.
Homepage:http://security.gentoo.org
File Size:2666
Related CVE(s):CVE-2007-6239
Last Modified:Jan 10 04:00:41 2008
MD5 Checksum:7719e041147ed282424f799f890a0196

 ///  File Name: glsa-200801-06-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-06:02 - Gregory Andersen reported that the Xfce4 panel does not correctly calculate memory boundaries, leading to a stack-based buffer overflow in the launcher_update_panel_entry() function. Daichi Kawahata reported libxfcegui4 did not copy provided values when creating SessionClient structs, possibly leading to access of freed memory areas. Versions less than 4.4.2 are affected.
Homepage:http://security.gentoo.org/
File Size:3613
Related CVE(s):CVE-2007-6531, CVE-2007-6532
Last Modified:Jan 10 04:01:48 2008
MD5 Checksum:7e43cdfab9de04bfef1814baf88c1668

 ///  File Name: glsa-200801-07-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-07:02 - Multiple vulnerabilities have been identified, the worst of which allow arbitrary code execution on a user's system via a malicious Flash file. Versions less than 9.0.115.0 are affected.
Homepage:http://security.gentoo.org/
File Size:4904
Related CVE(s):CVE-2007-4324, CVE-2007-4768, CVE-2007-5275, CVE-2007-6242, CVE-2007-6243, CVE-2007-6244, CVE-2007-6245, CVE-2007-6246
Last Modified:Jan 21 20:27:03 2008
MD5 Checksum:360bf169aaa581ac0e1627f7ffea032c

 ///  File Name: glsa-200801-08.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-08 - Devon Miller reported a boundary error in the print_iso9660_recurse() function in files cd-info.c and iso-info.c when processing long filenames within Joliet images. Versions less than 0.78.2-r4 are affected.
Homepage:http://security.gentoo.org
File Size:2652
Related CVE(s):CVE-2007-6613
Last Modified:Jan 21 20:23:31 2008
MD5 Checksum:7717b9ae6e5440312af976f78e6752d2

 ///  File Name: glsa-200801-09.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-09 - Multiple vulnerabilities have been discovered in the X.Org X server and Xfont library, allowing for a local privilege escalation and arbitrary code execution. Versions less than 1.3.0.0-r4 are affected.
Homepage:http://security.gentoo.org
File Size:4966
Related CVE(s):CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006
Last Modified:Jan 21 20:38:38 2008
MD5 Checksum:469bf13fc59eb490ddbae0d177ac6388

 ///  File Name: glsa-200801-10.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-10 - Jesus Olmos Gonzalez from isecauditors reported insufficient sanitization of the movies parameter in file tiki-listmovies.php. Mesut Timur from H-Labs discovered that the input passed to the "area_name" parameter in file tiki-special_chars.php is not properly sanitised before being returned to the user. redflo reported multiple unspecified vulnerabilities in files tiki-edit_css.php, tiki-list_games.php, and tiki-g-admin_shared_source.php. Versions less than 1.9.9 are affected.
Homepage:http://security.gentoo.org/
File Size:3415
Related CVE(s):CVE-2007-6526, CVE-2007-6528, CVE-2007-6529
Last Modified:Jan 24 00:21:37 2008
MD5 Checksum:25103debfa92866d5cbd7645429937f0

 ///  File Name: glsa-200801-11.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-11 - CherryPy does not sanitize the session id, provided as a cookie value, in the FileSession._get_file_path() function before using it as part of the file name. Versions less than 3.0.2-r1 are affected.
Homepage:http://security.gentoo.org
File Size:2969
Related CVE(s):CVE-2008-0252
Last Modified:Jan 27 21:59:39 2008
MD5 Checksum:bab49fc0b73c1600d9469fc44cecd4da

 ///  File Name: glsa-200801-12.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-12 - Luigi Auriemma reported that xine-lib does not properly check boundaries when processing SDP attributes of RTSP streams, leading to heap-based buffer overflows. Versions less than 1.1.9.1 are affected.
Homepage:http://security.gentoo.org
File Size:2695
Related CVE(s):CVE-2008-0225, CVE-2008-0238
Last Modified:Jan 27 21:59:58 2008
MD5 Checksum:ddae71eec629db2527290e569fec514a

 ///  File Name: glsa-200801-13-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-13:02 - The IRC_PART() function in the file irc-channel.c does not properly check the number of parameters, referencing an invalid pointer if no channel is supplied. Versions less than 0.10.4 are affected.
Homepage:http://security.gentoo.org
File Size:2463
Related CVE(s):CVE-2008-0285
Last Modified:Jan 27 22:00:21 2008
MD5 Checksum:758ec244e172e362d03c4518ac61d8fb

 ///  File Name: glsa-200801-14.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-14 - The /usr/bin/blam script sets the LD_LIBRARY_PATH environment variable incorrectly, which might result in the current working directory (.) being included when searching for dynamically linked libraries of the Mono Runtime application. Versions less than 1.8.4 are affected.
Homepage:http://security.gentoo.org
File Size:2691
Related CVE(s):CVE-2005-4790
Last Modified:Jan 27 22:00:45 2008
MD5 Checksum:cb1fe56737775e672c4939c2171655c0

 ///  File Name: glsa-200801-15.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-15 - If using the expression indexes feature, PostgreSQL executes index functions as the superuser during VACUUM and ANALYZE instead of the table owner, and allows SET ROLE and SET SESSION AUTHORIZATION in the index functions (CVE-2007-6600). Additionally, several errors involving regular expressions were found (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067). Eventually, a privilege escalation vulnerability via unspecified vectors in the DBLink module was reported (CVE-2007-6601). This vulnerability is exploitable when local trust or ident authentication is used, and is due to an incomplete fix of CVE-2007-3278. Versions less than 8.0.15 are affected.
Homepage:http://security.gentoo.org
File Size:3807
Related CVE(s):CVE-2007-3278, CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601
Last Modified:Jan 29 22:20:26 2008
MD5 Checksum:44b563ffc58ea1fd0ae9838a98c3a2d7

 ///  File Name: glsa-200801-16.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-16 - Michael Krieger reported that a specially crafted DNS could prevent an authoritative canonical name (CNAME) record from being resolved because of an improper rotation of resource records. Versions less than 1.2.12.08 are affected.
Homepage:http://security.gentoo.org
File Size:2564
Related CVE(s):CVE-2008-0061
Last Modified:Jan 29 22:20:52 2008
MD5 Checksum:66833b7c3524630883bd1e69dd326fcf

 ///  File Name: glsa-200801-17.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-17 - Venustech AD-LAB discovered that an FTP client connected to a vulnerable server with passive mode and SSL support can trigger an fclose() function call on an uninitialized stream in ftpd.c. Versions less than 0.17-r7 are affected.
Homepage:http://security.gentoo.org
File Size:2516
Related CVE(s):CVE-2007-6263
Last Modified:Jan 29 22:21:20 2008
MD5 Checksum:b66bbc1ba20c42940904ede07e0ab1a7

 ///  File Name: glsa-200801-18.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-18 - Kazehakase includes a copy of PCRE which is vulnerable to multiple buffer overflows and memory corruptions vulnerabilities (GLSA 200711-30). Versions less than 0.5.0 are affected.
Homepage:http://security.gentoo.org
File Size:2877
Last Modified:Jan 30 19:34:42 2008
MD5 Checksum:02d72e2e36ca3363000d6e1079f5e01c

 ///  File Name: glsa-200801-19.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-19 - GOffice includes a copy of PCRE which is vulnerable to multiple buffer overflows and memory corruptions vulnerabilities (GLSA 200711-30). Versions less than 0.6.1 are affected.
Homepage:http://security.gentoo.org
File Size:3088
Last Modified:Jan 30 19:34:58 2008
MD5 Checksum:9fb00d5ec5d3d89d2fb7e95cb3dd5ead

 ///  File Name: glsa-200801-20.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-20 - Brad Fitzpatrick reported that the xmlCurrentChar() function does not properly handle some UTF-8 multibyte encodings. Versions less than 2.6.30-r1 are affected.
Homepage:http://security.gentoo.org
File Size:2928
Related CVE(s):CVE-2007-6284
Last Modified:Jan 30 19:35:20 2008
MD5 Checksum:babc5646802512595cd30bd3764acf17

 ///  File Name: glsa-200801-21.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-21 - Miroslav Lichvar discovered that the xdg-open and xdg-email shell scripts do not properly sanitize their input before processing it. Versions less than 1.0.2-r1 are affected.
Homepage:http://security.gentoo.org
File Size:2964
Related CVE(s):CVE-2008-0386
Last Modified:Jan 31 23:23:26 2008
MD5 Checksum:ae2e54c93e009d1196f63b44369e372b

 ///  File Name: glsa-200801-22-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200801-22:02 - Luigi Auriemma reported a heap-based buffer overflow within the handshakeHTTP() function when processing HTTP requests. Versions less than 0.1218 are affected.
Homepage:http://security.gentoo.org
File Size:2846
Related CVE(s):CVE-2007-6454
Last Modified:Jan 31 23:23:42 2008
MD5 Checksum:3978ace13523e798b19aa1203f0cd950

 ///  File Name: gswsshit.txt
Description:
 Georgia SoftWorks SSH2 Server versions 7.01.0003 and below are vulnerable to format string and buffer overflow vulnerabilities.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
Related Exploit:gswsshit.zip
File Size:2480
Last Modified:Jan 2 17:52:50 2008
MD5 Checksum:e362ef405f6a011764978039af71e1d2

 ///  File Name: hfs-manipulate.txt
Description:
 HFS versions 2.2 through 2.3 suffer from arbitrary file manipulation and denial of service vulnerabilities.
Author:Felipe Aragon, Alec Storm
Homepage:http://www.syhunt.com/
Related Exploit:hfshack.txt
File Size:3644
Related CVE(s):CVE-2008-0405, CVE-2008-0406
Last Modified:Jan 23 23:53:54 2008
MD5 Checksum:b2cd64c089f0bc9302c3180c8d0250da

 ///  File Name: hfs-spoof.txt
Description:
 HFS versions 1.5g through 2.3 suffer from username spoofing and log injection vulnerabilities.
Author:Felipe Aragon, Alec Storm
Homepage:http://www.syhunt.com/
Related Exploit:hfshack.txt
File Size:3126
Related CVE(s):CVE-2008-0407, CVE-2008-0408
Last Modified:Jan 23 23:59:42 2008
MD5 Checksum:35b5662dbefa78a8a7e842fa5ede202c

 ///  File Name: homehub-upnp.txt
Description:
 Information on pwning the BT Home Hub regarding the exploitation of IGDs remotely via UPnP.
Author:pagvac
Homepage:http://www.gnucitizen.org/
File Size:9940
Last Modified:Jan 10 17:57:43 2008
MD5 Checksum:b881d12f8b72ceedb666cfb0b156a716
 

 ///  Last 10 Files
  1. :· preaspjob-xsscm.txt
  2. :· classifieds-xss.txt
  3. :· phpjobwebsite-cmsqlxss.txt
  4. :· toast-disclose.txt
  5. :· aspshoppingcart-xss.txt
  6. :· aspforum-cmsqlxss.txt
  7. :· vncrush.txt
  8. :· rshatter.txt
  9. :· ewb-overflow.txt
  10. :· debian-symlink.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· dsa-1675-1.txt
  2. :· dsa-1674-1.txt
  3. :· dsa-1673-1.txt
  4. :· dsa-1672-1.txt
  5. :· USN-679-1.txt
  6. :· USN-680-1.txt
  7. :· impresscms-fixation.txt
  8. :· USN-678-1.txt
  9. :· USN-668-1.txt
  10. :· rsaenvision-disclose.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· preaspjob-xsscm.txt
  2. :· classifieds-xss.txt
  3. :· phpjobwebsite-cmsqlxss.txt
  4. :· toast-disclose.txt
  5. :· aspshoppingcart-xss.txt
  6. :· aspforum-cmsqlxss.txt
  7. :· ewb-overflow.txt
  8. :· debian-symlink.txt
  9. :· 0811-exploits.tgz
  10. :· andysphpkb-upload.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· vncrush.txt
  2. :· rshatter.txt
  3. :· Exomind-v0.2.tar.gz
  4. :· clamav-0.94.2.tar.gz
  5. :· cadfile.zip
  6. :· anehta-v0.6.0fixed2.zip
  7. :· tagfuzz.txt
  8. :· BrowserRider.20081124.tar.bz2
  9. :· mp3nema-v0_2.tar.gz
  10. :· squid-nufw-helper-1.1.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· format-string-linux.txt
  2. :· frame-pointer-overwrite-linux.txt
  3. :· iptablesf.txt
  4. :· nufw-2.2.19.tar.gz
  5. :· frhack2009-cfp.txt
  6. :· oracle-forensics-scns.pdf
  7. :· cansecwest-2009.txt
  8. :· A5.1.zip
  9. :· a51-php.txt
  10. :· tcpip_lib51.zip
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice