Section: .. / Last 100 Advisory Files /
| /// File Name: | glsa-200808-09.txt | Description:
| Gentoo Linux Security Advisory GLSA 200808-09 - Cameron Hotchkies discovered an error within the parsing of ASN.1 BER encoded packets in the ber_get_next() function in libraries/liblber/io.c. Versions less than 2.3.43 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2559 | | Related CVE(s): | CVE-2008-2952 | | Last Modified: | Aug 8 14:52:10 2008 | | MD5 Checksum: | 2618c0be4c9350e464e15c907b0cbc26 |
|
| /// File Name: | glsa-200808-08.txt | Description:
| Gentoo Linux Security Advisory GLSA 200808-08 - An unspecified bug in the OCSP search functionality of stunnel has been discovered. Versions less than 4.24 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2705 | | Related CVE(s): | CVE-2008-2420 | | Last Modified: | Aug 8 14:51:41 2008 | | MD5 Checksum: | dcfde79aad7fdb18dd5d63cbc78a3428 |
|
| /// File Name: | glsa-200808-07.txt | Description:
| Gentoo Linux Security Advisory GLSA 200808-07 - Damian Put has discovered an out-of-bounds memory access while processing Petite files (CVE-2008-2713, CVE-2008-3215). Also, please note that the 0.93 ClamAV branch fixes the first of the two attack vectors of CVE-2007-6595 concerning an insecure creation of temporary files vulnerability. The sigtool attack vector seems still unfixed. Versions less than 0.93.3 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 3037 | | Related CVE(s): | CVE-2007-6595, CVE-2008-2713, CVE-2008-3215 | | Last Modified: | Aug 8 14:51:21 2008 | | MD5 Checksum: | f49c89cc70a72ef2c4200eb49c28dc0e |
|
| /// File Name: | MDVSA-2008-164.txt | Description:
| Mandriva Linux Security Advisory - Multiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. to an incomplete fix for CVE-2007-4965. David Remahl of Apple Product Security reported several integer overflows in a number of core modules. Justin Ferguson reported multiple buffer overflows in unicode string processing that affected 32bit systems. Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2. Justin Ferguson reported a number of integer overflows and underflows in the PyOS_vsnprintf() function, as well as an off-by-one error when passing zero-length strings, that led to memory corruption. The updated packages have been patched to correct these issues. As well, Python packages on Corporate Server 4 have been updated to the latest version 2.4.5. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4425 | | Related CVE(s): | CVE-2008-1679, CVE-2008-2315, CVE-2008-3142, CVE-2008-3143, CVE-2008-3144 | | Last Modified: | Aug 8 14:47:30 2008 | | MD5 Checksum: | 0b29999d94491af074711977113ac9c1 |
|
| /// File Name: | MDVSA-2008-163.txt | Description:
| Mandriva Linux Security Advisory - Multiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. to an incomplete fix for CVE-2007-4965. David Remahl of Apple Product Security reported several integer overflows in a number of core modules. reported an integer overflow in the hashlib module on Python 2.5 that lead to unreliable cryptographic digest results. Justin Ferguson reported multiple buffer overflows in unicode string processing that affected 32bit systems. Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2. Justin Ferguson reported a number of integer overflows and underflows in the PyOS_vsnprintf() function, as well as an off-by-one error when passing zero-length strings, that led to memory corruption. The updated packages have been patched to correct these issues. As well, Python packages on Mandriva Linux 2007.1 and 2008.0 have been updated to version 2.5.2. Due to slight packaging changes on Mandriva Linux 2007.1, a new package is available (tkinter-apps) that contains binary files (such as /usr/bin/idle) that were previously in the tkinter package. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7860 | | Related CVE(s): | CVE-2008-1679, CVE-2008-2315, CVE-2008-2316, CVE-2008-3142, CVE-2008-3143, CVE-2008-3144 | | Last Modified: | Aug 8 14:46:58 2008 | | MD5 Checksum: | 0227f61a292c6d913774ef7961d5e6b2 |
|
| /// File Name: | MDVSA-2008-162.txt | Description:
| Mandriva Linux Security Advisory - Multiple vulnerabilities have been found in Qemu. Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to attempting to mark non-existent regions as dirty, aka the bitblt heap overflow. Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 receive integer signedness error. QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction. QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by aam 0x0, which triggers a divide-by-zero error. The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 mtu heap overflow. Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the net socket listen option, aka QEMU net socket heap overflow. QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an overflow, via certain Windows executable programs, as demonstrated by qemu-dos.com. Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine. Changing removable media in QEMU could trigger a bug similar to CVE-2008-2004, which would allow local guest users to read arbitrary files on the host by modifying the header of the image to identify a different format. the -usbdevice option. The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted. The updated packages have been patched to fix these issues. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6479 | | Related CVE(s): | CVE-2007-1320, CVE-2007-1321, CVE-2007-1322, CVE-2007-1366, CVE-2007-5729, CVE-2007-5730, CVE-2007-6227, CVE-2008-0928, CVE-2008-1945, CVE-2008-2004 | | Last Modified: | Aug 8 14:46:24 2008 | | MD5 Checksum: | ba2676a4e1bd86995d3d231aa78a7286 |
|
| /// File Name: | MDVSA-2008-161.txt | Description:
| Mandriva Linux Security Advisory - A vulnerability in rxvt allowed it to open a terminal on :0 if the environment variable was not set, which could be used by a local user to hijack X11 connections. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4863 | | Related CVE(s): | CVE-2008-1142 | | Last Modified: | Aug 8 14:45:52 2008 | | MD5 Checksum: | 232e4330e59066175cd2f6918bea3fe7 |
|
| /// File Name: | SSRT080023.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified in HP-UX using libc. This vulnerability could be exploited remotely to create a Denial of Service (DoS). | | Homepage: | http://www.hp.com/ | | File Size: | 6853 | | Related CVE(s): | CVE-2008-1664 | | Last Modified: | Aug 6 17:52:49 2008 | | MD5 Checksum: | e880134f9f767719a57001f421cad505 |
|
| /// File Name: | SSRT080058-3.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning. | | Homepage: | http://www.hp.com/ | | File Size: | 8425 | | Related CVE(s): | CVE-2008-1447 | | Last Modified: | Aug 6 17:52:19 2008 | | MD5 Checksum: | 79606329d0ec4f18b2ee224e4dbf5aad |
|
| /// File Name: | R7-0033.txt | Description:
| Rapid7 Security Advisory - mod_proxy_ftp as included with Apache versions 2.2.9 and below and 2.0.63 and below suffers from a cross site scripting vulnerability. | | Author: | Marc Bevand | | Homepage: | http://www.rapid7.com/ | | File Size: | 3243 | | Related CVE(s): | CVE-2008-2939 | | Last Modified: | Aug 6 17:46:19 2008 | | MD5 Checksum: | 73778b192812cc7c34ee3de05400e251 |
|
| /// File Name: | webex-overflow.txt | Description:
| The Webex Meeting Manager utilizes several ActiveX controls, one of which is vulnerable to a stack based buffer overflow. The atucfobj Module contains a single method called NewObject() who's only parameter is vulnerable to this issue. | | Author: | Elazar Broad | | File Size: | 2039 | | Last Modified: | Aug 6 17:43:05 2008 | | MD5 Checksum: | ffcef6e99156b9761932f07647471908 |
|
| /// File Name: | glsa-200808-06.txt | Description:
| Gentoo Linux Security Advisory GLSA 200808-06 - Chris Evans (Google Security) reported that the libexslt library that is part of libxslt is affected by a heap-based buffer overflow in the RC4 encryption/decryption functions. Versions less than 1.1.24-r1 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2784 | | Related CVE(s): | CVE-2008-2935 | | Last Modified: | Aug 6 17:38:05 2008 | | MD5 Checksum: | e9b59f5c0ec4c99d2dbdb1a11e9149a8 |
|
| /// File Name: | glsa-200808-05.txt | Description:
| Gentoo Linux Security Advisory GLSA 200808-05 - A buffer overflow error was found in ISC DHCP server, that can only be exploited under unusual server configurations where the DHCP server is configured to provide clients with a large set of DHCP options. Versions less than 3.1.1 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2490 | | Related CVE(s): | CVE-2007-0062 | | Last Modified: | Aug 6 17:37:50 2008 | | MD5 Checksum: | ebbacde4d8f36f0bb820cc149e11d6de |
|
| /// File Name: | glsa-200808-04.txt | Description:
| Gentoo Linux Security Advisory GLSA 200808-04 - Multiple vulnerabilities related to memory management were discovered in the GSM SMS dissector (CVE-2008-3137), the PANA and KISMET dissectors (CVE-2008-3138), the RTMPT dissector (CVE-2008-3139), the syslog dissector (CVE-2008-3140) and the RMI dissector (CVE-2008-3141) and when reassembling fragmented packets (CVE-2008-3145). Versions less than 1.0.2 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 3206 | | Related CVE(s): | CVE-2008-3137, CVE-2008-3138, CVE-2008-3139, CVE-2008-3140, CVE-2008-3141, CVE-2008-3145 | | Last Modified: | Aug 6 17:37:16 2008 | | MD5 Checksum: | 2852ba52cfaebadb42606bc1ad10308b |
|
| /// File Name: | glsa-200808-03.txt | Description:
| Gentoo Linux Security Advisory GLSA 200808-03 - Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted execution of arbitrary code. Versions less than 2.0.0.16 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 8999 | | Related CVE(s): | CVE-2008-1380, CVE-2008-2785, CVE-2008-2798, CVE-2008-2799, CVE-2008-2800, CVE-2008-2801, CVE-2008-2802, CVE-2008-2803, CVE-2008-2805, CVE-2008-2807, CVE-2008-2808, CVE-2008-2809, CVE-2008-2810, CVE-2008-2811, CVE-2008-2933 | | Last Modified: | Aug 6 17:36:56 2008 | | MD5 Checksum: | 3e9e86e69a0a6a15cd07a7aee45c952c |
|
| /// File Name: | glsa-200808-02.txt | Description:
| Gentoo Linux Security Advisory GLSA 200808-02 - Wes Hardaker reported that the SNMPv3 HMAC verification relies on the client to specify the HMAC length (CVE-2008-0960). John Kortink reported a buffer overflow in the Perl bindings of Net-SNMP when processing the OCTETSTRING in an attribute value pair (AVP) received by an SNMP agent (CVE-2008-2292). Versions less than 5.4.1.1 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 3179 | | Related CVE(s): | CVE-2008-0960, CVE-2008-2292 | | Last Modified: | Aug 6 17:36:36 2008 | | MD5 Checksum: | 44e4c6fc6bddaa075347ab6e5add0b9f |
|
| /// File Name: | googlenote-xss.txt | Description:
| Google Notebook and Google Bookmarks suffered from cross site scripting vulnerabilities. | | Author: | Alfredo Melloni | | File Size: | 1464 | | Last Modified: | Aug 6 17:32:09 2008 | | MD5 Checksum: | bb05fc1b4fbad623f5a988398715228f |
|
| /// File Name: | shatter-oemxss2.txt | Description:
| Team SHATTER Security Advisory - The Oracle Enterprise Manager Database Control 10gR1, 10gR2, and 11g (11.1.0.6) all suffer from a cross site scripting vulnerability in the REFRESHHOME parameter. | | Author: | Esteban Martinez Fayo | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2354 | | Related CVE(s): | CVE-2008-2603 | | Last Modified: | Aug 4 19:14:19 2008 | | MD5 Checksum: | 021423e3d6a2e61df40f2188dc97f0ae |
|
| /// File Name: | shatter-oemxss.txt | Description:
| Team SHATTER Security Advisory - The Oracle Enterprise Manager Database Control 10gR1 and Oracle Enterprise Manager Grid Control 10gR1 suffer from a cross site scripting vulnerability in the REFRESHHOME parameter. | | Author: | Esteban Martinez Fayo | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2371 | | Related CVE(s): | CVE-2008-2590 | | Last Modified: | Aug 4 19:13:05 2008 | | MD5 Checksum: | 1c71a063a0e7e0e294df98350a7df4f6 |
|
| /// File Name: | shatter-dbmsdefer.txt | Description:
| Team SHATTER Security Advisory - The Oracle Database Server versions 9iR1, 9kiR2, 10gR1, 10gR2, and 11gR1 all suffer fro a SQL injection vulnerability in DBMS_DEFER_SYS.DELETE_TRAN. | | Author: | Esteban Martinez Fayo | | Homepage: | http://www.appsecinc.com/ | | File Size: | 1897 | | Last Modified: | Aug 4 19:11:42 2008 | | MD5 Checksum: | a858d413a5cecada3f0b6489ac526174 |
|
| /// File Name: | shatter-oaswwexp.txt | Description:
| Team SHATTER Security Advisory - The Oracle Application Server versions 9.0.4.3, 10.1.2.2, and 10.1.4.1 all suffer from a SQL injection vulnerability in WWEXP_API_ENGINE. | | Author: | Esteban Martinez Fayo | | Homepage: | http://www.appsecinc.com/ | | File Size: | 1689 | | Last Modified: | Aug 4 19:10:38 2008 | | MD5 Checksum: | f38d041b3c47eb6e969a78b4da2b25be |
|
| /// File Name: | USN-626-2.txt | Description:
| Ubuntu Security Notice 626-2 - USN-626-1 fixed vulnerabilities in xulrunner-1.9. The changes required that Devhelp, Epiphany, Midbrowser and Yelp also be updated to use the new xulrunner-1.9. Original advisory details: A flaw was discovered in the browser engine. A variable could be made to overflow causing the browser to crash. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Billy Rios discovered that Firefox and xulrunner, as used by browsers such as Epiphany, did not properly perform URI splitting with pipe symbols when passed a command-line URI. If Firefox or xulrunner were passed a malicious URL, an attacker may be able to execute local content with chrome privileges. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 8866 | | Related CVE(s): | CVE-2008-2785, CVE-2008-2933 | | Last Modified: | Aug 4 17:57:58 2008 | | MD5 Checksum: | 78b80dacd0018da31d715ffdd0641891 |
|
| /// File Name: | dsa-1627-1.txt | Description:
| Debian Security Advisory 1627-1 - Chaskiel M Grundman discovered that opensc, a library and utilities to handle smart cards, would initialise smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN. | | Homepage: | http://www.debian.org/security | | File Size: | 12860 | | Related CVE(s): | CVE-2008-2235 | | Last Modified: | Aug 4 17:25:05 2008 | | MD5 Checksum: | 5eed1f3a57041bd6dce9385e39451cc7 |
|
| /// File Name: | armynchia.txt | Description:
| America's Army versions 2.8.3.1 and below suffer from a remote server termination vulnerability that results in a denial of service. | | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | armynchia.zip | | File Size: | 1811 | | Last Modified: | Aug 4 15:14:59 2008 | | MD5 Checksum: | 7b23783a9d462aaaaf5e0b25c404c12f |
|
| /// File Name: | 08.01.08-3.txt | Description:
| iDefense Security Advisory 08.01.08 - Local exploitation of an untrusted library path vulnerability in the "ingvalidpw" utility, as included in Ingres Database 2006 Release 2 for Linux, allows attackers to execute arbitrary code with root privileges. iDefense has confirmed the existence of this vulnerability in Ingres 2006 Enterprise Edition Release 2 for Linux x86 (32-bit). Other versions may also be affected. | | Homepage: | http://www.idefense.com/ | | File Size: | 3364 | | Related CVE(s): | CVE-2008-3357 | | Last Modified: | Aug 4 15:11:26 2008 | | MD5 Checksum: | 72c889cff9b25fd669fe4cf7f94845d5 |
|
| /// File Name: | 08.01.08-2.txt | Description:
| iDefense Security Advisory 08.01.08 - Local exploitation of a stack-based buffer overflow vulnerability in the "libbecompat" library, as included in Ingres Database 2006 Release 2 for Linux, allows attackers to execute arbitrary code with the privileges of the Ingres user. iDefense has confirmed the existence of this vulnerability in Ingres 2006 Enterprise Edition Release 2 for Linux x86 (32-bit). Other versions may also be affected. | | Homepage: | http://www.idefense.com/ | | File Size: | 3363 | | Related CVE(s): | CVE-2008-3389 | | Last Modified: | Aug 4 15:10:47 2008 | | MD5 Checksum: | 3e245dbeb69b94fb8690ee5b24eb7233 |
|
| /// File Name: | 08.01.08-1.txt | Description:
| iDefense Security Advisory 08.01.08 - Local exploitation of a file permissions modification vulnerability in the "verifydb" utility, as included with Ingres Database 2006 Release 2 for Linux, allows attackers to modify the permissions of files owned by the Ingres database user. iDefense has confirmed the existence of this vulnerability in Ingres 2006 Enterprise Edition Release 2 for Linux x86 (32-bit). Other versions may also be affected. | | Homepage: | http://www.idefense.com/ | | File Size: | 3546 | | Related CVE(s): | CVE-2008-3356 | | Last Modified: | Aug 4 15:09:54 2008 | | MD5 Checksum: | b4842abb9856dd9ae17a232dc2e55588 |
|
| /// File Name: | MDVSA-2008-160.txt | Description:
| Mandriva Linux Security Advisory - Chris Evans of the Google Security Team found a vulnerability in the RC4 processing code in libxslt that did not properly handle corrupted key information. A remote attacker able to make an application linked against libxslt process malicious XML input could cause the application to crash or possibly execute arbitrary code with the privileges of the application in question. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6295 | | Related CVE(s): | CVE-2008-2935 | | Last Modified: | Aug 1 17:53:32 2008 | | MD5 Checksum: | 67580353b9a9d91c19f5d9e9b6a09747 |
|
| /// File Name: | 07.31.08-1.txt | Description:
| iDefense Security Advisory 07.31.08 - Remote exploitation of an integer overflow vulnerability in Apple Inc.'s Mac OS X could allow an attacker to execute arbitrary code with the privileges of the currently logged in user. This vulnerability exists due to the way PDF files containing Type 1 fonts are handled. When processing a font with an overly large length, integer overflow could occur. This issue leads to heap corruption which can allow for arbitrary code execution. iDefense has confirmed the existence of this vulnerability in Mac OS X version 10.5.2. Previous versions may also be affected. | | Author: | Pariente Kobi | | Homepage: | http://www.idefense.com/ | | File Size: | 3325 | | Related CVE(s): | CVE-2008-2322 | | Last Modified: | Aug 1 17:52:41 2008 | | MD5 Checksum: | 772937f408af6494ec81f8661b04c5fb |
|
| /// File Name: | n.runs-SA-2008.005.txt | Description:
| A stack buffer overflow vulnerability exists in the CarbonCore framework from Apple, Inc. | | Author: | Sergio Alvarez | | Homepage: | http://www.nruns.com/ | | File Size: | 10180 | | Last Modified: | Aug 1 17:48:29 2008 | | MD5 Checksum: | 6aa8a2ebacfdc2d5dfd444fa7bad3fa3 |
|
| /// File Name: | USN-634-1.txt | Description:
| Ubuntu Security Notice 634-1 - Cameron Hotchkies discovered that OpenLDAP did not correctly handle certain ASN.1 BER data. A remote attacker could send a specially crafted packet and crash slapd, leading to a denial of service. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 15025 | | Related CVE(s): | CVE-2008-2952 | | Last Modified: | Aug 1 16:35:42 2008 | | MD5 Checksum: | aa94fbbd1d0b00eb7e90517afeb9ba5b |
|
| /// File Name: | USN-633-1.txt | Description:
| Ubuntu Security Notice 633-1 - It was discovered that long transformation matches in libxslt could overflow. If an attacker were able to make an application linked against libxslt process malicious XSL style sheet input, they could execute arbitrary code with user privileges or cause the application to crash, leading to a denial of service. Chris Evans discovered that the RC4 processing code in libxslt did not correctly handle corrupted key information. If a remote attacker were able to make an application linked against libxslt process malicious XML input, they could crash the application, leading to a denial of service. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 20529 | | Related CVE(s): | CVE-2008-1767, CVE-2008-2935 | | Last Modified: | Aug 1 16:35:05 2008 | | MD5 Checksum: | a26158bfc3c374efd7747546270e8b34 |
|
| /// File Name: | CVE-2008-2370.txt | Description:
| Tomcat versions 4.1.0 to 4.1.37, 5.5.0 to 5.5.26, and 6.0.0 to 6.0.16 all suffer from an information disclosure vulnerability. | | Author: | Stefano Di Paola | | Homepage: | http://tomcat.apache.org/security.html | | File Size: | 1626 | | Related CVE(s): | CVE-2008-2370 | | Last Modified: | Aug 1 16:26:42 2008 | | MD5 Checksum: | 02852ef14495eaadbd4c7409e8b05a39 |
|
| /// File Name: | CVE-2008-1232.txt | Description:
| Tomcat versions 4.1.0 to 4.1.37, 5.5.0 to 5.5.26, and 6.0.0 to 6.0.16 all suffer from a cross site scripting vulnerability in HttpServletResponse.sendError(). | | Author: | Konstantin Kolinko | | Homepage: | http://tomcat.apache.org/security.html | | File Size: | 1984 | | Related CVE(s): | CVE-2008-1232 | | Last Modified: | Aug 1 16:25:15 2008 | | MD5 Checksum: | d45c4ccb6b96a7561ee45c3175b4f0a8 |
|
| /// File Name: | SUSE-SA-2008-039.txt | Description:
| SUSE Security Announcement - The net-snmp daemon implements the "simple network management protocol". The version 3 of SNMP as implemented in net-snmp uses the length of the HMAC in a packet to verify against a local HMAC for authentication. An attacker can therefore send a SNMPv3 packet with a one byte HMAC and guess the correct first byte of the local HMAC with 256 packets (max). | | Homepage: | http://www.suse.com | | File Size: | 15156 | | Related CVE(s): | CVE-2008-0960, CVE-2008-2292 | | Last Modified: | Aug 1 16:22:12 2008 | | MD5 Checksum: | 0609e869fe773ed7deaca9d774483e4c |
|
| /// File Name: | caarcserve-backup.txt | Description:
| CA ARCserve Backup for Laptops and Desktops server contains a vulnerability that can allow a remote attacker to execute arbitrary code or cause a denial of service condition. CA has issued updates to address the vulnerability. The vulnerability occurs due to insufficient bounds checking by the LGServer service. An attacker can make a request that can result in arbitrary code execution or crash the service. | | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 5768 | | Related CVE(s): | CVE-2008-3175 | | Last Modified: | Aug 1 16:15:31 2008 | | MD5 Checksum: | 4984818c410e517d95fdd9b3ce5eb496 |
|
| /// File Name: | dsa-1626-1.txt | Description:
| Debian Security Advisory 1626-1 - Joan Calvet discovered that httrack, a utility to create local copies of websites, is vulnerable to a buffer overflow potentially allowing to execute arbitrary code when passed excessively long URLs. | | Homepage: | http://www.debian.org/security | | File Size: | 11491 | | Last Modified: | Aug 1 15:52:33 2008 | | MD5 Checksum: | 0e2e89e32e0f404bfa685c074c75c3d5 |
|
| /// File Name: | glsa-200807-15.txt | Description:
| Gentoo Linux Security Advisory GLSA 200807-15 - Pavel Polischouk reported a boundary error in the PartsBatch class when processing .nzb files. Versions less than 0.132-r3 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2656 | | Related CVE(s): | CVE-2008-2363 | | Last Modified: | Jul 31 18:54:33 2008 | | MD5 Checksum: | 873315349fd5e7b65178514757c0bc7e |
|
| /// File Name: | glsa-200807-14.txt | Description:
| Gentoo Linux Security Advisory GLSA 200807-14 - A stack-based buffer overflow has been reported in the audit_log_user_command() function in the file lib/audit_logging.c when processing overly long arguments. Versions less than 1.7.3 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2939 | | Related CVE(s): | CVE-2008-1628 | | Last Modified: | Jul 31 18:54:04 2008 | | MD5 Checksum: | 6b691efd9f16eef42bb7a1ab17aaefac |
|
| /// File Name: | glsa-200807-13.txt | Description:
| Gentoo Linux Security Advisory GLSA 200807-13 - Remi Denis-Courmont reported that VLC loads plugins from the current working directory in an unsafe manner. Versions less than 0.8.6i are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2885 | | Related CVE(s): | CVE-2008-2147, CVE-2008-2430 | | Last Modified: | Jul 31 18:53:55 2008 | | MD5 Checksum: | 3fbe056b952279bdbc3ed4fda2bf850a |
|
| /// File Name: | 07.30.08-1.txt | Description:
| iDefense Security Advisory 07.30.08 - Local exploitation of an untrusted path vulnerability in the "dbmsrv" program, as distributed with SAP AG's MaxDB, allow attackers to elevate privileges to that of the "sdb" user. When a local user runs the "dbmcli" program, the MaxDB executes a "dbmsrv" process on the user's behalf. The "dbmsrv" process, which is responsible for executing user commands, runs as the user "sdb" with group "sdba". This vulnerability exists due to improper sanitization of the "PATH" environment variable. By prefixing the "PATH" environment variable with a path under the attacker control, one is able to execute arbitrary code iDefense has confirmed the existence of this vulnerability in SAP MaxDB version 7.6.03.15 on Linux. Other versions may also be vulnerable. with "sdb:sdba" privileges. | | Homepage: | http://www.idefense.com/ | | File Size: | 3377 | | Related CVE(s): | CVE-2008-1810 | | Last Modified: | Jul 31 18:25:13 2008 | | MD5 Checksum: | d187db4d824398f4405de6519303b02f |
|
| /// File Name: | dsa-1624-1.txt | Description:
| Debian Security Advisory 1624-1 - Chris Evans discovered that a buffer overflow in the RC4 functions of libexslt may lead to the execution of arbitrary code. | | Homepage: | http://www.debian.org/security | | File Size: | 11623 | | Related CVE(s): | CVE-2008-2935 | | Last Modified: | Jul 31 18:23:26 2008 | | MD5 Checksum: | f7e4269ba78b527d3e435c79ffc498bb |
|
| /// File Name: | dsa-1623-1.txt | Description:
| Debian Security Advisory 1623-1 - Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. | | Homepage: | http://www.debian.org/security | | File Size: | 5056 | | Related CVE(s): | CVE-2008-1447 | | Last Modified: | Jul 31 18:22:45 2008 | | MD5 Checksum: | 6c21c0b2905b253f6123daa1f6688d8d |
|
| /// File Name: | assurent-caarcserve.txt | Description:
| There exists a buffer overflow vulnerability in the way CA ARCserve Backup for Laptops and Desktops handles incoming messages. The vulnerability is due to an integer underflow in the LGServer service. Affected includes CA ARCserve Backup for Laptops and Desktops version r11.0 through r11.5, CA Desktop Management Suite version 11.1 through 11.2, and CA Protection Suites versions r2, 3.0, and 3.1. | | Homepage: | http://www.assurent.com/ | | File Size: | 2977 | | Related CVE(s): | CVE-2008-3175 | | Last Modified: | Jul 31 18:22:36 2008 | | MD5 Checksum: | f4eb71f630c2db5a88849787cf146e08 |
|
| /// File Name: | SSRT071466.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified in HP-UX running System Administration Manager (SAM). This vulnerability may allow unintended remote access. | | Homepage: | http://www.hp.com/ | | File Size: | 7214 | | Related CVE(s): | CVE-2008-1662 | | Last Modified: | Jul 31 11:31:30 2008 | | MD5 Checksum: | f8f39053a48f84ae814f3dd9a7433f6e |
|
| /// File Name: | libexslt-overflow.txt | Description:
| The libexslt library bundled with libxslt is affected by a heap-based buffer overflow which can lead to arbitrary code execution. The vulnerability is present in the rc4 encryption/decryption functions. Versions 1.1.8 and above and 1.1.24 and below are affected. | | Author: | Chris Evans | | File Size: | 1814 | | Related CVE(s): | CVE-2008-2935 | | Last Modified: | Jul 31 11:30:53 2008 | | MD5 Checksum: | ea8f4cce63201c78ac95cd6868a0d632 |
|
| /// File Name: | secunia-bluecoathan.txt | Description:
| Secunia Research has discovered two vulnerabilities in K9 Web Protection, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused by boundary errors in the filter service (k9filter.exe) when handling HTTP version information in responses from a centralized server (sp.cwfservice.net). These can be exploited to cause stack-based buffer overflows via a specially crafted response containing overly long HTTP version information. Successful exploitation allows execution of arbitrary code, but requires that requests to the centralized server can be redirected to a malicious service or otherwise intercepted. Affected is Blue Coat K9 Web Protection 3.2.44 with Filter version 3.2.32. | | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 5901 | | Related CVE(s): | CVE-2007-2952 | | Last Modified: | Jul 31 11:29:06 2008 | | MD5 Checksum: | 46c811ed43792298725e10b1adfc39e9 |
|
| /// File Name: | secunia-bluecoatref.txt | Description:
| Secunia Research has discovered a vulnerability in K9 Web Protection, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the filter service (k9filter.exe) during processing of "Referer" headers when the web-based K9 Web Protection Administration interface is accessed. This can be exploited to cause a stack-based buffer overflow via an overly long "Referer:" header. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious web site. Affected is Blue Coat K9 Web Protection 3.2.44 with Filter version 3.2.32. | | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 5680 | | Related CVE(s): | CVE-2007-2952 | | Last Modified: | Jul 31 11:27:32 2008 | | MD5 Checksum: | 1c488d0a1b9e5cec52d5d2d53283b420 |
|
| /// File Name: | dsa-1622-1.txt | Description:
| Debian Security Advisory 1622-1 - It was discovered that newsx, an NNTP news exchange utility, was affected by a buffer overflow allowing remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period. | | Homepage: | http://www.debian.org/security | | File Size: | 5164 | | Related CVE(s): | CVE-2008-3252 | | Last Modified: | Jul 31 11:25:37 2008 | | MD5 Checksum: | 7e6b4117b4a1322d1a46f601df9eabba |
|
| /// File Name: | MDVSA-2008-159.txt | Description:
| Mandriva Linux Security Advisory - A flaw was discovered in licq versions prior to 1.3.6 that allowed a remote attacker to cause a denial of service (crash) via a large number of connections. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3264 | | Related CVE(s): | CVE-2008-1996 | | Last Modified: | Jul 30 23:56:23 2008 | | MD5 Checksum: | acabef4806d17f7e7ffaaaf99f2a35b9 |
|
| /// File Name: | MDVSA-2008-158.txt | Description:
| Mandriva Linux Security Advisory - A vulnerability was found in the SILC toolkit before version 1.1.5 that allowed a remote attacker to cause a denial of service (crash), or possibly execute arbitrary code via long input data. A vulnerability was found in the SILC toolkit before version 1.1.7 that allowed a remote attacker to execute arbitrary code via a crafted PKCS#2 message. The updated packages have been patched to correct these issues. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3196 | | Related CVE(s): | CVE-2008-1227, CVE-2008-1552 | | Last Modified: | Jul 30 23:56:04 2008 | | MD5 Checksum: | f9177e51b3805067cb1425c203b43251 |
|
| /// File Name: | aftemplatesxss-08_003.txt | Description:
| Affinium Campaign version 7.2.1.0.55 suffers from a javascript injection vulnerability in the templates web page. | | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 2980 | | Last Modified: | Jul 30 23:45:53 2008 | | MD5 Checksum: | cfdee28ecdff8ffe90e63ceef77086a7 |
|
| /// File Name: | afstatuslogxss-08_004.txt | Description:
| Affinium Campaign version 7.2.1.0.55 suffers from a log related cross site scripting vulnerability. | | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 4612 | | Last Modified: | Jul 30 23:44:53 2008 | | MD5 Checksum: | a6846d1eedb931298117ea2e910ddef3 |
|
| /// File Name: | citrix-escalate.txt | Description:
| The icabar.exe file which is designed to startup the Citrix MetaFrame administration toolbar allows an attacker to escalate privileges in Windows 2000 and below in the default configuration and in Windows 2003 in some special circumstances. | | Author: | Wendel Guglielmetti Henrique | | Homepage: | http://www.intruders.com.br/ | | File Size: | 6420 | | Last Modified: | Jul 30 23:05:52 2008 | | MD5 Checksum: | ef81b53ce66ce55562cabce992bfbde2 |
|
| /// File Name: | realnetworks-activex.txt | Description:
| An illegal resource reference vulnerability exists in the ActiveX Control of RealNetworks RealPlayer versions 10.6 and below. | | Author: | cocoruder | | Homepage: | http://ruder.cdut.net/ | | File Size: | 1222 | | Related CVE(s): | CVE-2008-3064 | | Last Modified: | Jul 30 22:20:13 2008 | | MD5 Checksum: | 5e0580a4fb9317a3b4025c4fad6c48b4 |
|
| /// File Name: | ut3mendo.txt | Description:
| Unreal Tournament III versions 1.2 and below and 1.3beta4 suffer from NULL pointer and memory corruption vulnerabilities. | | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | ut3mendo.zip | | File Size: | 2238 | | Last Modified: | Jul 29 22:25:36 2008 | | MD5 Checksum: | 7e8b35e90bf4a369c213ae962fab3278 |
|
| /// File Name: | ut2004null.txt | Description:
| Unreal Tournament 2004 versions 3369 and below suffer from a NULL pointer vulnerability that allows for a denial of service of the UT2004 server. | | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | ut2004null.zip | | File Size: | 1494 | | Last Modified: | Jul 29 22:22:16 2008 | | MD5 Checksum: | 93b49fa10aad45275207024747125fdc |
|
| /// File Name: | MDVSA-2008-157.txt | Description:
| Mandriva Linux Security Advisory - A vulnerability was found in how ffmpeg handled STR file demuxing. If a user were tricked into processing a malicious STR file, a remote attacker could execute arbitrary code with user privileges via applications linked against ffmpeg. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5923 | | Related CVE(s): | CVE-2008-3162 | | Last Modified: | Jul 29 22:15:09 2008 | | MD5 Checksum: | 772f1739fb3464d51de82e71fe199e5a |
|
| /// File Name: | trendmicro-activex.txt | Description:
| OfficeScan versions 7.3 build 1343 Patch 4 and below from Trend Micro suffer from an ActiveX related buffer overflow vulnerability. | | Author: | Elazar Broad | | File Size: | 2778 | | Last Modified: | Jul 29 11:48:17 2008 | | MD5 Checksum: | ab8f9d007a31acfffc8b3a3cb901bd90 |
|
| /// File Name: | n.runs-SA-2008.004.txt | Description:
| A remotely exploitable vulnerability has been found in the files parsing engine of AVG Anti-Virus that allows for a denial of service condition. | | Author: | Sergio Alvarez | | Homepage: | http://www.nruns.com/ | | File Size: | 3551 | | Last Modified: | Jul 29 11:47:03 2008 | | MD5 Checksum: | 14a4381a4f525e9d0c3a8d567a16d1c7 |
|
| /// File Name: | MDVSA-2008-156.txt | Description:
| Mandriva Linux Security Advisory - Tavis Ormandy of the Google Security Team discovered a flaw in how libpng handles zero-length unknown chunks in PNG files, which could lead to memory corruption in applications that make use of certain functions. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6844 | | Related CVE(s): | CVE-2008-1382 | | Last Modified: | Jul 28 21:01:52 2008 | | MD5 Checksum: | c762fa86f5124a5d2f6fe8cbbfb224ec |
|
| /// File Name: | 07.28.08-1.txt | Description:
| iDefense Security Advisory 07.28.08 - Remote exploitation of a denial of service vulnerability in Hewlett-Packard's Internet Services Probe Builder product allows an unauthenticated attacker the ability to terminate any process. The Probe Builder Service, PBOVISServer.exe, listens by default on TCP port 32968. This process has a specific opcode that allows a remote unauthenticated user to terminate any process on the system by supplying a process ID number. iDefense has confirmed this vulnerability in HP's Internet Services Probe Builder 2.2 for Windows with all updates applied. | | Homepage: | http://www.idefense.com/ | | File Size: | 3399 | | Related CVE(s): | CVE-2008-1667 | | Last Modified: | Jul 28 21:01:45 2008 | | MD5 Checksum: | e1f231d11f934f575cca5ec80537f348 |
|
| /// File Name: | USN-631-1.txt | Description:
| Ubuntu Security Notice 631-1 - Felipe Andres Manzano discovered that poppler did not correctly initialize certain page widgets. If a user were tricked into viewing a malicious PDF file, a remote attacker could exploit this to crash applications linked against poppler, leading to a denial of service. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 16387 | | Related CVE(s): | CVE-2008-2950 | | Last Modified: | Jul 28 20:59:17 2008 | | MD5 Checksum: | 1137287d3bf71cd573fcd828e06eacd2 |
|
| /// File Name: | USN-630-1.txt | Description:
| Ubuntu Security Notice 630-1 - It was discovered that ffmpeg did not correctly handle STR file demuxing. If a user were tricked into processing a malicious STR file, a remote attacker could execute arbitrary code with user privileges via applications linked against ffmpeg. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 20122 | | Related CVE(s): | CVE-2008-3162 | | Last Modified: | Jul 28 20:58:46 2008 | | MD5 Checksum: | 951bbd456d9e3522a6e9f04d9ca30153 |
|
| /// File Name: | SSRT080066.txt | Description:
| HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Internet Services running Probe Builder. The vulnerability could be exploited remotely to create a Denial of Service (DoS). A successful exploit could cause the system running HP OpenView Internet Services to crash. | | Homepage: | http://www.hp.com/ | | File Size: | 5947 | | Related CVE(s): | CVE-2008-1667 | | Last Modified: | Jul 28 20:58:11 2008 | | MD5 Checksum: | a2931892a77d72cf04a9ebc80a7c38c1 |
|
| /// File Name: | MDVSA-2008-155-1.txt | Description:
| Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.16. This update provides the latest Thunderbird to correct these issues. It also provides Thunderbird 2.x for Corporate 3.0 systems. The previous update provided the incorrect version of the enigmail locale files. This version correctly builds them for Thunderbird 2.0.0.16. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 15962 | | Related CVE(s): | CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-2785, CVE-2008-2798, CVE-2008-2799, CVE-2008-2802, CVE-2008-2803, CVE-2008-2807, CVE-2008-2809, CVE-2008-2811 | | Last Modified: | Jul 28 11:46:36 2008 | | MD5 Checksum: | 66f5f6377fd559f737b581f46c2053bf |
|
| /// File Name: | dsa-1619-1.txt | Description:
| Debian Security Advisory 1619-1 - Multiple weaknesses have been identified in PyDNS, a DNS client implementation for the Python language. Dan Kaminsky identified a practical vector of DNS response spoofing and cache poisoning, exploiting the limited entropy in a DNS transaction ID and lack of UDP source port randomization in many DNS implementations. Scott Kitterman noted that python-dns is vulnera |
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
