Section: .. / 0703-advisories /
| /// File Name: |
glsa-200703-03.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200703-03 - An anonymous researcher discovered a file descriptor leak error in the processing of CAB archives and a lack of validation of the id parameter string used to create local files when parsing MIME headers. Versions less than 0.90 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2969 | | Related CVE(s): | CVE-2007-0897, CVE-2007-0898 | | Last Modified: | Mar 6 07:26:01 2007 |
| MD5 Checksum: | 33bc6d40f57da6256fc52a70e23f27ee |
|
| /// File Name: |
sa24668.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for evolution. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24668/ | | File Size: | 2958 | | Last Modified: | Mar 28 17:52:50 2007 |
| MD5 Checksum: | 87c12ae5295bf6f483bf956de8414e62 |
|
| /// File Name: |
sa24438.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for gnupg. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions when applications use GnuPG in an insecure manner.
| | Homepage: | http://secunia.com/advisories/24438/ | | File Size: | 2930 | | Last Modified: | Mar 8 19:52:08 2007 |
| MD5 Checksum: | 964ff48b84aa3862d886e68a37d7acbe |
|
| /// File Name: |
sa24601.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for nas. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24601/ | | File Size: | 2913 | | Last Modified: | Mar 22 02:31:03 2007 |
| MD5 Checksum: | b069c19338bf512a7c577b2359e6abbe |
|
| /// File Name: |
sa24553.txt |
Description:
|
Secunia Security Advisory - rgod has reported some vulnerabilities in Php-Stats, which can be exploited by malicious people to conduct SQL injection attacks or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24553/ | | File Size: | 2913 | | Last Modified: | Mar 20 03:46:32 2007 |
| MD5 Checksum: | 19ef048028ce586df53ef17622af5d9d |
|
| /// File Name: |
dsa-1267-1.txt |
Description:
|
Debian Security Advisory 1267-1 - It was discovered that WebCalendar, a PHP-based calendar application, insufficiently protects an internal variable, which allows remote file inclusion.
| | Homepage: | http://www.debian.org/security | | File Size: | 2913 | | Related CVE(s): | CVE-2007-1343 | | Last Modified: | Mar 20 06:12:20 2007 |
| MD5 Checksum: | bb55eb5cfc33fa297c1418b6d5dd3764 |
|
| /// File Name: |
sa24633.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in IBM Lotus Domino and Lotus Domino Web Access, which can be exploited by malicious people to conduct cross-site scripting attacks or cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24633/ | | File Size: | 2911 | | Last Modified: | Mar 28 17:52:50 2007 |
| MD5 Checksum: | ea21a35b7ca81e7e54d3e8157099be6c |
|
| /// File Name: |
sa24391.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Kaspersky's Anti-Virus engine, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24391/ | | File Size: | 2862 | | Last Modified: | Mar 6 00:12:53 2007 |
| MD5 Checksum: | 7caca7bfd000a4ca65d512a22047d8e5 |
|
| /// File Name: |
glsa-200703-06.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200703-06 - An integer overflow flaw has been found in the pixmap handling of Qt, making the AMD64 x86 emulation Qt library vulnerable as well. Versions less than 10.0 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2858 | | Related CVE(s): | CVE-2006-4811 | | Last Modified: | Mar 6 07:27:28 2007 |
| MD5 Checksum: | 670ba1eabf17812b84ec4d806b1544e5 |
|
| /// File Name: |
glsa-200703-15.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200703-15 - PostgreSQL does not correctly check the data types of the SQL function arguments under unspecified circumstances nor the format of the provided tables in the query planner. Versions less than 8.0.11 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2855 | | Related CVE(s): | CVE-2007-0555, CVE-2007-0556 | | Last Modified: | Mar 20 06:52:12 2007 |
| MD5 Checksum: | fba6b87dae5a1f3b10d3a349749c858d |
|
| /// File Name: |
sa24636.txt |
Description:
|
Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to overwrite arbitrary files, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24636/ | | File Size: | 2854 | | Last Modified: | Apr 2 04:42:23 2007 |
| MD5 Checksum: | 85ac16428b8e8749a28b80765ee0a9c1 |
|
| /// File Name: |
sa24446.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for mplayer. This fixes a vulnerability, which can potentially be exploited by malicious people compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24446/ | | File Size: | 2854 | | Last Modified: | Mar 13 23:06:08 2007 |
| MD5 Checksum: | e09a6547d47395c26a9182b9be7b9150 |
|
| /// File Name: |
sa24602.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been discovered in realGuestbook, which can be exploited by malicious people to conduct SQL injection or cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/24602/ | | File Size: | 2847 | | Last Modified: | Mar 22 02:31:03 2007 |
| MD5 Checksum: | 95a28e1d0629bd461290a8bd208ffc4d |
|
| /// File Name: |
MDKSA-2007-065.txt |
Description:
|
Mandriva Linux Security Advisory - Luigi Auriemma discovered a number of problems with the nas (Network Audio System) daemon that could be used to crash nasd.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2845 | | Last Modified: | Mar 21 04:13:49 2007 |
| MD5 Checksum: | 3a8ecaeef3793beacd806a95494e67c6 |
|
| /// File Name: |
sa24519.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for webcalendar. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24519/ | | File Size: | 2838 | | Last Modified: | Mar 17 03:22:27 2007 |
| MD5 Checksum: | ac25137ef5163d71f8643d309d708f1c |
|
| /// File Name: |
sa24366.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in SQL-Ledger, which can potentially be exploited by malicious people to bypass certain security restrictions and to manipulate data, and by malicious users to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24366/ | | File Size: | 2835 | | Last Modified: | Mar 8 19:52:08 2007 |
| MD5 Checksum: | b5b8d57ea38e044f7d2182cefcbc0a99 |
|
| /// File Name: |
glsa-200703-10.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200703-10 - The KHTML code allows for the execution of JavaScript code located inside the Title HTML element, a related issue to the Safari error found by Jose Avila. Versions less than 3.5.5-r8 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2833 | | Related CVE(s): | CVE-2007-0478, CVE-2007-0537 | | Last Modified: | Mar 14 01:54:51 2007 |
| MD5 Checksum: | 188b291cd0a26f639de6d0a9a19de5b0 |
|
| /// File Name: |
sa24501.txt |
Description:
|
Secunia Security Advisory - Stefan Esser has reported a vulnerability and a security issue in Zend Platform, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/24501/ | | File Size: | 2831 | | Last Modified: | Mar 17 03:22:27 2007 |
| MD5 Checksum: | 27ae282f759e3f2f17e0a64357cddcda |
|
| /// File Name: |
sa24684.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Hitachi JP1/HiCommand products, which can be exploited by malicious, local users to disclose certain sensitive information.
| | Homepage: | http://secunia.com/advisories/24684/ | | File Size: | 2811 | | Last Modified: | Apr 2 04:42:23 2007 |
| MD5 Checksum: | 8002a5b2e558b5dba061b6af00aeae1d |
|
| /// File Name: |
MDKSA-2007-063.txt |
Description:
|
Mandriva Linux Security Advisory - iDefense reported several overflow bugs in libwpd. An attacker could create a carefully crafted Word Perfect file that could cause an application linked with libwpd, such as OpenOffice, to crash or possibly execute arbitrary code if the file was opened by a victim.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2808 | | Related CVE(s): | CVE-2007-0002 | | Last Modified: | Mar 20 16:04:43 2007 |
| MD5 Checksum: | 118377932b3adeecf595c8c7180a9143 |
|
| /// File Name: |
sa24515.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24515/ | | File Size: | 2806 | | Last Modified: | Mar 17 03:22:27 2007 |
| MD5 Checksum: | 886d0941d13246f54b800951efbca293 |
|
| /// File Name: |
glsa-200703-16.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200703-16 - ZDI reported an unsafe memory copy in mod_jk that was discovered by an anonymous researcher in the map_uri_to_worker function of native/common/jk_uri_worker_map.c . Versions less than 1.2.21-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2798 | | Related CVE(s): | CVE-2007-0774 | | Last Modified: | Mar 20 06:52:28 2007 |
| MD5 Checksum: | bcfa40f532618c5cfbff78b966840f57 |
|
| /// File Name: |
ZDI-07-011.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the CRAM-MD5 authentication mechanism of nimap.exe which binds by default to TCP port 143. No check is done on the length on the supplied username prior to processing it through a custom copy loop. If the username is longer than 256 bytes, a pointer overwrite may occur in the function nnotes.dll.CStream::ToBase64() which is later called and can therefore result in execution of arbitrary code.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2791 | | Related CVE(s): | CVE-2007-1675 | | Last Modified: | Mar 29 08:57:59 2007 |
| MD5 Checksum: | 5c2e6493ad6fd7fd47212cfb14190a41 |
|
| /// File Name: |
sa24580.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for libwpd. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/24580/ | | File Size: | 2786 | | Last Modified: | Mar 20 03:46:32 2007 |
| MD5 Checksum: | a5f3740eb592ba57d315cafa057f42fa |
|
| /// File Name: |
sa24605.txt |
Description:
|
Secunia Security Advisory - laurent gaffié has discovered some vulnerabilities in W-Agora, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24605/ | | File Size: | 2784 | | Last Modified: | Mar 22 02:31:03 2007 |
| MD5 Checksum: | ae80790980e0f7324d0c4d401e3a9447 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
