Section: .. / 0507-advisories /
| /// File Name: |
07.14.05.txt |
Description:
|
iDEFENSE Security Advisory 07.14.05 - Remote exploitation of a denial of service vulnerability in Sophos Plc.'s Sophos Anti-Virus engine allows attackers to exhaust CPU resources on the target system and prevent further scans.
| | Homepage: | http://www.idefense.com/ | | File Size: | 5229 | | Related CVE(s): | CAN-2005-1530 | | Last Modified: | Jul 15 07:48:10 2005 |
| MD5 Checksum: | af57f77b93fcea88a7af2bea336ea153 |
|
| /// File Name: |
cactiSQL086e-sql.txt |
Description:
|
Cacti versions 0.8.6e and below suffer from multiple SQL injection vulnerabilities.
| | Author: | Stefan Esser | | File Size: | 5148 | | Last Modified: | Jul 7 09:35:48 2005 |
| MD5 Checksum: | 7e7bef22b99156c9f04e5141435a4aae |
|
| /// File Name: |
FreeBSD-SA-05-17.devfs.txt |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-05:17.devfs - Due to insufficient parameter checking of the node type during device creation, any user can expose hidden device nodes on devfs mounted file systems within their jail. Device nodes will be created in the jail with their normal default access permissions.
| | Homepage: | http://www.freebsd.org | | File Size: | 5112 | | Related CVE(s): | CAN-2005-2218 | | Last Modified: | Jul 21 08:24:50 2005 |
| MD5 Checksum: | 75d6f2a8d69f800e5f0d423ceb4c0e51 |
|
| /// File Name: |
msnKick.txt |
Description:
|
MSN's Messenger protocol will automatically kick users from a conversation if .pif is sent in a text message.
| | Author: | Diabolic Crab | | Homepage: | http://www.digitalparadox.org/ | | File Size: | 5067 | | Last Modified: | Jul 12 16:27:20 2005 |
| MD5 Checksum: | 75b45a62f65f087e62381949a1f5553a |
|
| /// File Name: |
dsa-742-1.txt |
Description:
|
Debian Security Advisory DSA 742-1 - Derek Price, the current maintainer of CVS, discovered a buffer overflow in the CVS server, that serves the popular Concurrent Versions System, which could lead to the execution of arbitrary code.
| | Homepage: | http://security.debian.org/ | | File Size: | 4960 | | Related CVE(s): | CAN-2005-0753 | | Last Modified: | Jul 8 09:13:04 2005 |
| MD5 Checksum: | c224f40db8c0bddcab742160a0d4552e |
|
| /// File Name: |
glsa-200507-14.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200507-14 - Several vulnerabilities in Mozilla Firefox allow attacks ranging from execution of script code with elevated privileges to information leak. Versions less than 1.0.5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4959 | | Last Modified: | Jul 15 18:25:05 2005 |
| MD5 Checksum: | f55bab1ae1d310e80b691f1654e128c4 |
|
| /// File Name: |
dsa-736-1.txt |
Description:
|
Debian Security Advisory DSA 736-1 - A vulnerability was recently found in the way that SpamAssassin parses certain email headers. This vulnerability could cause SpamAssassin to consume a large number of CPU cycles when processing messages containing these headers, leading to a potential denial of service (DOS) attack.
| | Homepage: | http://security.debian.org/ | | File Size: | 4932 | | Related CVE(s): | CAN-2005-1266 | | Last Modified: | Jul 2 01:42:30 2005 |
| MD5 Checksum: | 8d0feb6a44fffa1a898ae7d87d11b2b7 |
|
| /// File Name: |
dsa-750-1.txt |
Description:
|
Debian Security Advisory DSA 750-1 - infamous42md discovered that dhcpcd, a DHCP client for automatically configuring IPv4 networking, can be tricked into reading past the end of the supplied DHCP buffer which could lead to the daemon crashing.
| | Homepage: | http://security.debian.org/ | | File Size: | 4840 | | Related CVE(s): | CAN-2005-1848 | | Last Modified: | Jul 12 16:41:15 2005 |
| MD5 Checksum: | fbb4dff36357723cf9a29cc9795848e1 |
|
| /// File Name: |
sa16043.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.
| | Homepage: | http://secunia.com/advisories/16043/ | | File Size: | 4830 | | Last Modified: | Jul 14 07:31:13 2005 |
| MD5 Checksum: | cc23466dd52dd7b9c37cf74094980b9a |
|
| /// File Name: |
dsa-738-1.txt |
Description:
|
Debian Security Advisory DSA 738-1 - A vulnerability was discovered in the way that Razor parses certain email headers that could potentially be used to crash the Razor program, causing a denial of service (DOS).
| | Homepage: | http://security.debian.org/ | | File Size: | 4792 | | Related CVE(s): | CAN-2005-2024 | | Last Modified: | Jul 7 10:49:02 2005 |
| MD5 Checksum: | 4b19c8e56ce81b9aa9776ed943ceb2d7 |
|
| /// File Name: |
glsa-200507-24.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200507-24 - Several vulnerabilities in the Mozilla Suite allow attacks ranging from the execution of javascript code with elevated privileges to information leakage. Versions less than 1.7.10 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4666 | | Last Modified: | Jul 28 08:27:49 2005 |
| MD5 Checksum: | 16e6b46c85bd8d2cddb3efc3df1322c0 |
|
| /// File Name: |
sa15996.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gedit. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/15996/ | | File Size: | 4633 | | Last Modified: | Jul 12 16:21:09 2005 |
| MD5 Checksum: | 13ed20e80b4b258d884e3f176bba3027 |
|
| /// File Name: |
lantronix.txt |
Description:
|
Lantronix SecureLinx console servers allow for retrieval of ssh-private keys and system logfiles.
| | Author: | Dr. Dirk Wetter | | Homepage: | http://drwetter.org | | File Size: | 4552 | | Last Modified: | Jul 8 09:03:40 2005 |
| MD5 Checksum: | 0561460be56bfec0e04de7bb682c117b |
|
| /// File Name: |
TA05-210A.txt |
Description:
|
Technical Cyber Security Alert TA05-210A - Cisco IOS IPv6 processing functionality contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service.
| | Homepage: | http://www.cert.org | | File Size: | 4497 | | Last Modified: | Aug 5 07:41:02 2005 |
| MD5 Checksum: | c95a2cc5b0c309abb290bf31b8d70b2d |
|
| /// File Name: |
aspRCP.txt |
Description:
|
ASP.NET RCP/Encoded web services suffer from a denial of service vulnerability.
| | Author: | Bryan Sullivan, Sacha Faust | | File Size: | 4482 | | Last Modified: | Jul 12 16:50:27 2005 |
| MD5 Checksum: | dba0ffc66a8e5d63a0926d92a9259bb1 |
|
| /// File Name: |
TA05-193A.txt |
Description:
|
Technical Cyber Security Alert TA05-193A - Microsoft has released updates that address critical vulnerabilities in Windows, Office, and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code on an affected system.
| | Homepage: | http://www.us-cert.gov/cas/techalerts/TA05-193A.html | | File Size: | 4474 | | Related CVE(s): | CAN-2005-1219, CAN-2005-2087, CAN-2005-0564 | | Last Modified: | Jul 13 09:04:42 2005 |
| MD5 Checksum: | e016cabd4cf87cc5f1025978a989331c |
|
| /// File Name: |
GoodTechRCPT.txt |
Description:
|
GoodTech versions 5.15 and below (and 5.16 evaluation) suffer from stack overflow vulnerabilities in the handling of the RCPT TO input.
| | Author: | Raphael Rigo | | File Size: | 4440 | | Last Modified: | Jul 28 07:26:49 2005 |
| MD5 Checksum: | e0392310bbb1cacca9ba5a4300dc364d |
|
| /// File Name: |
ekg.insecure.txt |
Description:
|
ekg versions 2005-06-05 and below suffer from a temporary file creation vulnerability that can lead to arbitrary code execution.
| | Author: | Eric Romang | | File Size: | 4432 | | Related CVE(s): | CAN-2005-1916 | | Last Modified: | Jul 7 10:19:24 2005 |
| MD5 Checksum: | f41ed795beaf615c6450fb97a091ee5a |
|
| /// File Name: |
sa16054.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), to overwrite arbitrary files on a user's system, to gain knowledge of various information, or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/16054/ | | File Size: | 4395 | | Last Modified: | Jul 14 07:31:13 2005 |
| MD5 Checksum: | a92ea9bf34bc1fbbd68b5cd1a2dcc9e3 |
|
| /// File Name: |
07.05.05.txt |
Description:
|
iDEFENSE Security Advisory 07.05.05 - Remote exploitation of a buffer overflow in Adobe Acrobat Reader for Unix could allow an attacker to execute arbitrary code. iDEFENSE has confirmed the existence of this vulnerability in Adobe Acrobat Reader version 5.0.9 for Unix and Adobe Acrobat Reader version 5.0.10 for Unix. Adobe Acrobat for Windows is not affected. Adobe Acrobat 7.0 for Unix is not affected.
| | Homepage: | http://www.idefense.com | | File Size: | 4304 | | Related CVE(s): | CAN-2005-1625 | | Last Modified: | Jul 7 10:43:11 2005 |
| MD5 Checksum: | 161cd1396112c87e0a7be61abd3f7db5 |
|
| /// File Name: |
glsa-200507-17.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200507-17 - Several vulnerabilities in Mozilla Thunderbird allow attacks ranging from execution of script code with elevated privileges to information leak. Versions less than 1.0.5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4291 | | Related CVE(s): | CAN-2005-0989 | | Last Modified: | Jul 19 16:26:36 2005 |
| MD5 Checksum: | 0a63346ec652a62550b6b040f406b571 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
