Section: .. / 0801-advisories /
| /// File Name: |
sa28539.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xorg-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information or to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28539/ | | File Size: | 165218 | | Last Modified: | Jan 18 19:33:48 2008 |
| MD5 Checksum: | cd80a1c1bef79e55b38d4220bb1ea9f5 |
|
| /// File Name: |
dsa-1466-3.txt |
Description:
|
Debian Security Advisory 1466-3 - The X.org fix for CVE-2007-6429 introduced a regression in the MIT-SHM extension, which prevented the start of a few applications. This update provides updated packages for the xfree86 version included in Debian old stable (Sarge) in addition to the fixed packages for Debian stable (Etch), which were provided in DSA 1466-2.
| | Homepage: | http://www.debian.org/security | | File Size: | 155974 | | Related CVE(s): | CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006 | | Last Modified: | Jan 21 21:51:45 2008 |
| MD5 Checksum: | 4faf3d5bad176683b1d3e066158db73d |
|
| /// File Name: |
sa28626.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for linux-2.6. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, bypass certain security restrictions, and corrupt a file system, or by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28626/ | | File Size: | 106891 | | Last Modified: | Jan 30 19:21:58 2008 |
| MD5 Checksum: | 4e7ead657a8ab02008d8924acc57837a |
|
| /// File Name: |
dsa-1444-1.txt |
Description:
|
Debian Security Advisory 1444-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language.
| | Homepage: | http://www.debian.org/security | | File Size: | 80692 | | Related CVE(s): | CVE-2007-3799, CVE-2007-3998, CVE-2007-4657, CVE-2007-4658, CVE-2007-4659, CVE-2007-4660, CVE-2007-4662, CVE-2007-5898, CVE-2007-5899 | | Last Modified: | Jan 3 18:20:29 2008 |
| MD5 Checksum: | 4019a53a8d939e22537ba8bbfc2ac5fd |
|
| /// File Name: |
sa28249.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for php5. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/28249/ | | File Size: | 74406 | | Last Modified: | Jan 4 19:11:23 2008 |
| MD5 Checksum: | 622f89b55f61ba4ca894c26eddb23290 |
|
| /// File Name: |
USN-570-1.txt |
Description:
|
Ubuntu Security Notice 570-1 - Will Drewry and Tavis Ormandy discovered that the boost library did not properly perform input validation on regular expressions. An attacker could send a specially crafted regular expression to an application linked against boost and cause a denial of service via application crash.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 73225 | | Related CVE(s): | CVE-2008-0171, CVE-2008-0172 | | Last Modified: | Jan 17 00:51:25 2008 |
| MD5 Checksum: | 8ee5840ddbe4e81b639e1bb9e6e31727 |
|
| /// File Name: |
sa28527.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for boost. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28527/ | | File Size: | 68667 | | Last Modified: | Jan 18 03:50:24 2008 |
| MD5 Checksum: | 1669d97f870362f0578172ff5f6826cc |
|
| /// File Name: |
sa28658.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for php4 and php5. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious, local users to gain escalated privileges, malicious users to bypass certain security restrictions, and by malicious people to cause a DoS (Denial of Service) and potentially execute arbitrary code.
| | Homepage: | http://secunia.com/advisories/28658/ | | File Size: | 61667 | | Last Modified: | Jan 29 13:01:03 2008 |
| MD5 Checksum: | c89f5d6ce00fc5d46c4527e1dac06d11 |
|
| /// File Name: |
dsa-1444-2.txt |
Description:
|
Debian Security Advisory 1444-2 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language. It was discovered that the patch for CVE-2007-4659 could lead to regressions in some scenarios. The fix has been reverted for now, a revised update will be provided in a future PHP DSA.
| | Homepage: | http://www.debian.org/security | | File Size: | 45049 | | Related CVE(s): | CVE-2007-3799, CVE-2007-3998, CVE-2007-4657, CVE-2007-4658, CVE-2007-4660, CVE-2007-4662, CVE-2007-5898, CVE-2007-5899 | | Last Modified: | Jan 24 00:18:43 2008 |
| MD5 Checksum: | 823471db4321b65f0f2a84ab52ac56a9 |
|
| /// File Name: |
USN-568-1.txt |
Description:
|
Ubuntu Security Notice 568-1 - Nico Leidecker discovered that PostgreSQL did not properly restrict dblink functions. An authenticated user could exploit this flaw to access arbitrary accounts and execute arbitrary SQL queries. It was discovered that the TCL regular expression parser used by PostgreSQL did not properly check its input. An attacker could send crafted regular expressions to PostgreSQL and cause a denial of service via resource exhaustion or database crash. It was discovered that PostgreSQL executed VACUUM and ANALYZE operations within index functions with superuser privileges and also allowed SET ROLE and SET SESSION AUTHORIZATION within index functions. A remote authenticated user could exploit these flaws to gain privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 42455 | | Related CVE(s): | CVE-2007-6600, CVE-2007-3278, CVE-2007-6601, CVE-2007-4769, CVE-2007-4772, CVE-2007-6067 | | Last Modified: | Jan 14 17:39:53 2008 |
| MD5 Checksum: | 6ec3155b2d021d108bf1736b8660cdac |
|
| /// File Name: |
sa28477.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges or to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28477/ | | File Size: | 39754 | | Last Modified: | Jan 16 00:28:37 2008 |
| MD5 Checksum: | 7d16c5446a2c3f800804217205dad3b9 |
|
| /// File Name: |
dsa-1469-1.txt |
Description:
|
Debian Security Advisory 1469-1 - Sean de Regge and Greg Linares discovered multiple heap and stack based buffer overflows in FLAC, the Free Lossless Audio Codec, which could lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 37730 | | Related CVE(s): | CVE-2007-4619, CVE-2007-6277 | | Last Modified: | Jan 21 20:32:35 2008 |
| MD5 Checksum: | 3bc08633ce6fa121390c3072edcff0c3 |
|
| /// File Name: |
sa28548.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for flac. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28548/ | | File Size: | 35361 | | Last Modified: | Jan 21 20:53:54 2008 |
| MD5 Checksum: | d6ac05bf2e2b87215ad8306ebdcfa77b |
|
| /// File Name: |
USN-571-1.txt |
Description:
|
Ubuntu Security Notice 571-1 - Multiple overflows were discovered in the XFree86-Misc, XInput-Misc, TOG-CUP, EVI, and MIT-SHM extensions which did not correctly validate function arguments. An authenticated attacker could send specially crafted requests and gain root privileges. It was discovered that the X.org server did not use user privileges when attempting to open security policy files. Local attackers could exploit this to probe for files in directories they would not normally be able to access. It was discovered that the PCF font handling code did not correctly validate the size of fonts. An authenticated attacker could load a specially crafted font and gain additional privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 33458 | | Related CVE(s): | CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006 | | Last Modified: | Jan 18 05:40:18 2008 |
| MD5 Checksum: | 51a73d44d004d14fcffd34cae74ca8b5 |
|
| /// File Name: |
sa28535.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for libxfont and xorg-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information or to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28535/ | | File Size: | 31344 | | Last Modified: | Jan 21 19:58:06 2008 |
| MD5 Checksum: | 7436f522fc4eba42fea77f71806e9c0f |
|
| /// File Name: |
sa28479.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for postgresql-7.4. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges or to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28479/ | | File Size: | 29487 | | Last Modified: | Jan 16 00:28:37 2008 |
| MD5 Checksum: | 0ff713ea5376c2bebc29a38206fa2b67 |
|
| /// File Name: |
USN-561-1.txt |
Description:
|
Ubuntu Security Notice 561-1 - Jose Miguel Esparza discovered that pwlib did not correctly handle large string lengths. A remote attacker could send specially crafted packets to applications linked against pwlib (e.g. Ekiga) causing them to crash, leading to a denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 27855 | | Related CVE(s): | CVE-2007-4897 | | Last Modified: | Jan 9 01:50:23 2008 |
| MD5 Checksum: | ea97ee14e533a3fb0951e2a60fe14ba3 |
|
| /// File Name: |
dsa-1476-1.txt |
Description:
|
Debian Security Advisory 1476-1 - Marcus Meissner discovered that the PulseAudio sound server performed insufficient checks when dropping privileges, which could lead to local privilege escalation.
| | Homepage: | http://www.debian.org/security | | File Size: | 27058 | | Related CVE(s): | CVE-2008-0008 | | Last Modified: | Jan 27 22:03:54 2008 |
| MD5 Checksum: | 92d9e8da1f07a2d33fe9d8868861260e |
|
| /// File Name: |
sa28385.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for pwlib. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28385/ | | File Size: | 26796 | | Last Modified: | Jan 10 03:17:01 2008 |
| MD5 Checksum: | bd6ab820efc8bf8e8d2e6c7607efad1b |
|
| /// File Name: |
dsa-1446-1.txt |
Description:
|
Debian Security Advisory 1446-1 - Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 26531 | | Related CVE(s): | CVE-2007-6450, CVE-2007-6451 | | Last Modified: | Jan 3 18:22:04 2008 |
| MD5 Checksum: | 12b9c7171db1b9468244834d09ebb9f2 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
