Section: .. / 0703-advisories /
| /// File Name: |
ieee80211-offbyone.txt |
Description:
|
tcpdump versions 3.9.5 and below suffer from an off-by-one heap overflow in the ieee802.11 printer.
| | Author: | Moritz Jodeit | | File Size: | 1603 | | Last Modified: | Mar 6 06:26:51 2007 |
| MD5 Checksum: | 383dc3787ea2a29b074be8053cfaa44f |
|
| /// File Name: |
iframeicash.txt |
Description:
|
The Iframe-Cash/Iframe-Dollars Adware company does not only rootkit your machine, it also keystroke logs your banking details. Lovely.
| | Author: | Thierry Zoller | | Homepage: | http://secdev.zoller.lu/ | | File Size: | 1537 | | Last Modified: | Mar 14 02:02:25 2007 |
| MD5 Checksum: | 6dfce280dd9b5af0cba1822018b42e63 |
|
| /// File Name: |
konq-dos.txt |
Description:
|
Konqueror crashes if Javascript code tries to read the source of a child iframe when it is set to a ftp:// URL.
| | Author: | mark | | Homepage: | http://bindshell.net/ | | File Size: | 1351 | | Last Modified: | Mar 8 23:44:50 2007 |
| MD5 Checksum: | 8c43a72abdcbb2dd021c2e2057df2cab |
|
| /// File Name: |
libftp-bo.txt |
Description:
|
LIBFTP version 5.0 suffers from multiple local buffer overflow vulnerabilities.
| | Author: | starcadi | | File Size: | 1770 | | Last Modified: | Mar 20 06:01:31 2007 |
| MD5 Checksum: | 39f29f28b73702c1b5f3bb03da6528db |
|
| /// File Name: |
liguestbook-sql.txt |
Description:
|
LI-Guestbook version 1.1 is susceptible to SQL injection attacks.
| | Author: | Belsec Team | | Homepage: | http://belsec.com/ | | File Size: | 1029 | | Last Modified: | Mar 9 00:23:12 2007 |
| MD5 Checksum: | 801b410d80306fb2e368aa8b81bdacd2 |
|
| /// File Name: |
MDKSA-2007-050-1.txt |
Description:
|
Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8735 | | Related CVE(s): | CVE-2006-6077, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996, CVE-2007-1092 | | Last Modified: | Mar 8 23:28:15 2007 |
| MD5 Checksum: | 272b47bdd64a3e3aed526ce2a414c45e |
|
| /// File Name: |
MDKSA-2007-053.txt |
Description:
|
Mandriva Linux Security Advisory - Umount allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensitive information, including core file contents.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4349 | | Related CVE(s): | CVE-2007-0822 | | Last Modified: | Mar 9 03:22:11 2007 |
| MD5 Checksum: | 317e67816e96f61c41a485f70e42cf34 |
|
| /// File Name: |
MDKSA-2007-054.txt |
Description:
|
Mandriva Linux Security Advisory - ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4251 | | Related CVE(s): | CVE-2007-1308 | | Last Modified: | Mar 9 04:16:16 2007 |
| MD5 Checksum: | a77962f885d2c63b82cb3cbfea4a21b7 |
|
| /// File Name: |
MDKSA-2007-055.txt |
Description:
|
Mandriva Linux Security Advisory - The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4249 | | Related CVE(s): | CVE-2007-1246 | | Last Modified: | Mar 9 04:16:56 2007 |
| MD5 Checksum: | 06eeabeee1d7b3c4dcad4dc31f13e7c8 |
|
| /// File Name: |
MDKSA-2007-056.txt |
Description:
|
Mandriva Linux Security Advisory - Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3709 | | Related CVE(s): | CVE-2007-1218 | | Last Modified: | Mar 9 04:17:57 2007 |
| MD5 Checksum: | 23e9227a2dcc706ff24062c147a89876 |
|
| /// File Name: |
MDKSA-2007-057.txt |
Description:
|
Mandriva Linux Security Advisory - The DMO_VideoDecoder_Open function in dmo/DMO_VideoDecoder.c in xine-lib does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6201 | | Related CVE(s): | CVE-2007-1246 | | Last Modified: | Mar 9 04:18:35 2007 |
| MD5 Checksum: | 562e47f8063bed302281781b8b55331b |
|
| /// File Name: |
MDKSA-2007-058.txt |
Description:
|
Mandriva Linux Security Advisory - A format string flaw was discovered in how ekiga processes certain messages, which could permit a remote attacker that can connect to ekiga to potentially execute arbitrary code with the privileges of the user running ekiga. This is similar to the previous CVE-2007-1006, but the original evaluation/patches were incomplete.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2473 | | Related CVE(s): | CVE-2007-0999 | | Last Modified: | Mar 13 23:22:08 2007 |
| MD5 Checksum: | 90cea44784355a654905e762f1b62748 |
|
| /// File Name: |
MDKSA-2007-059.txt |
Description:
|
Mandriva Linux Security Advisory - GnuPG prior to 1.4.7 and GPGME prior to 1.1.4, when run from the command line, did not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components. This could allow a remote attacker to forge the contents of an email message without detection.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4516 | | Related CVE(s): | CVE-2007-1263 | | Last Modified: | Mar 13 23:22:54 2007 |
| MD5 Checksum: | 29fac82d9f9fa0eb344ffaba8fac4c09 |
|
| /// File Name: |
MDKSA-2007-060.txt |
Description:
|
Mandriva Linux Security Advisory - Many vulnerabilities were discovered and corrected in the Linux 2.6 kernel. The 2.6.17 kernel and earlier, when running on IA64 and SPARC platforms would allow a local user to cause a DoS (crash) via a malformed ELF file. The mincore function in the Linux kernel did not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock. An unspecified vulnerability in the listxattr system call, when a "bad inode" is present, could allow a local user to cause a DoS (data corruption) and possibly gain privileges via unknown vectors. The zlib_inflate function allows local users to cause a crash via a malformed filesystem that uses zlib compression that triggers memory corruption. The ext3fs_dirhash function could allow local users to cause a DoS (crash) via an ext3 stream with malformed data structures. When SELinux hooks are enabled, the kernel could allow a local user to cause a DoS (crash) via a malformed file stream that triggers a NULL pointer derefernece. The key serial number collision avoidance code in the key_alloc_serial function in kernels 2.6.9 up to 2.6.20 allows local users to cause a crash via vectors thatr trigger a null dereference. The Linux kernel version 2.6.13 to 2.6.20.1 allowed a remote attacker to cause a DoS (oops) via a crafted NFSACL2 ACCESS request that triggered a free of an incorrect pointer. A local user could read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump; a variant of CVE-2004-1073.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8647 | | Related CVE(s): | CVE-2006-4538, CVE-2006-4814, CVE-2006-5753, CVE-2006-5823, CVE-2006-6053, CVE-2006-6056, CVE-2007-0006, CVE-2007-0772, CVE-2007-0958 | | Last Modified: | Mar 13 23:56:17 2007 |
| MD5 Checksum: | 186a8d105b5a3c8a35936f0a69d24e0a |
|
| /// File Name: |
MDKSA-2007-061.txt |
Description:
|
Mandriva Linux Security Advisory - The DS_VideoDecoder_Open function in loader/dshow/DS_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4263 | | Related CVE(s): | CVE-2007-1387 | | Last Modified: | Mar 14 03:36:02 2007 |
| MD5 Checksum: | 7e80324ab7031cdc524cedfc2ddcfa30 |
|
| /// File Name: |
MDKSA-2007-062.txt |
Description:
|
Mandriva Linux Security Advisory - The DS_VideoDecoder_Open function in DirectShow/DS_VideoDecoder.c in xine-lib does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6207 | | Related CVE(s): | CVE-2007-1387 | | Last Modified: | Mar 14 03:36:50 2007 |
| MD5 Checksum: | 06e46c8ad429f82aa08b671166e7a5a8 |
|
| /// File Name: |
MDKSA-2007-063.txt |
Description:
|
Mandriva Linux Security Advisory - iDefense reported several overflow bugs in libwpd. An attacker could create a carefully crafted Word Perfect file that could cause an application linked with libwpd, such as OpenOffice, to crash or possibly execute arbitrary code if the file was opened by a victim.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2808 | | Related CVE(s): | CVE-2007-0002 | | Last Modified: | Mar 20 16:04:43 2007 |
| MD5 Checksum: | 118377932b3adeecf595c8c7180a9143 |
|
| /// File Name: |
MDKSA-2007-064.txt |
Description:
|
Mandriva Linux Security Advisory - iDefense reported several overflow bugs in libwpd. An attacker could create a carefully crafted Word Perfect file that could cause an application linked with libwpd, such as OpenOffice, to crash or possibly execute arbitrary code if the file was opened by a victim. OpenOffice.org-2.X contains an embedded copy of libpwd, and as such is susceptible to the same issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 11908 | | Related CVE(s): | CVE-2007-0002 | | Last Modified: | Mar 20 16:05:17 2007 |
| MD5 Checksum: | 2eb47e64cc41ab1ac026562e2c94fbf0 |
|
| /// File Name: |
MDKSA-2007-065.txt |
Description:
|
Mandriva Linux Security Advisory - Luigi Auriemma discovered a number of problems with the nas (Network Audio System) daemon that could be used to crash nasd.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2845 | | Last Modified: | Mar 21 04:13:49 2007 |
| MD5 Checksum: | 3a8ecaeef3793beacd806a95494e67c6 |
|
| /// File Name: |
MDKSA-2007-066.txt |
Description:
|
Mandriva Linux Security Advisory - By default, OpenAFS prior to 1.44 and 1.5.17 supports setuid programs within the local cell, which could allow attackers to obtain privileges.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3597 | | Related CVE(s): | CVE-2007-1507 | | Last Modified: | Mar 21 04:15:03 2007 |
| MD5 Checksum: | 8c1f188cb343cd182e3b9e6c07e0d627 |
|
| /// File Name: |
MDKSA-2007-067.txt |
Description:
|
Mandriva Linux Security Advisory - Jean-Sebastien Guay-Leroux discovered an integer underflow in the file_printf() function in file prior to 4.20 that allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6563 | | Related CVE(s): | CVE-2007-1536 | | Last Modified: | Mar 24 02:25:27 2007 |
| MD5 Checksum: | 6ccdb78a84adf2a14a3e1a6067d53d8a |
|
| /// File Name: |
MDKSA-2007-068.txt |
Description:
|
Mandriva Linux Security Advisory - Due to an internal error Squid-2.6 is vulnerable to a denial of service attack when processing the TRACE request method. This problem allows any client trusted to use the service to perform a denial of service attack on the Squid service.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4567 | | Related CVE(s): | CVE-2007-1560 | | Last Modified: | Mar 24 02:26:05 2007 |
| MD5 Checksum: | 2c0f39f2da4abe6a9be9a9c530b026b8 |
|
| /// File Name: |
MDKSA-2007-069.txt |
Description:
|
Mandriva Linux Security Advisory - Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2367 | | Related CVE(s): | CVE-2007-1463 | | Last Modified: | Mar 24 02:26:43 2007 |
| MD5 Checksum: | 42a2d3de76b3c45d0409841035e93868 |
|
| /// File Name: |
MDKSA-2007-070.txt |
Description:
|
Mandriva Linux Security Advisory - A format string error in the "write_html()" function in calendar/gui/ e-cal-component-memo-preview.c when displaying a memo's categories can potentially be exploited to execute arbitrary code via a specially crafted shared memo containing format specifiers.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2983 | | Related CVE(s): | CVE-2007-1002 | | Last Modified: | Mar 28 17:56:01 2007 |
| MD5 Checksum: | 40e91c58acdbcb54b4d5658d7cfb1868 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
