Section: .. / 0704-advisories /
| /// File Name: |
sa24949.txt |
Description:
|
Secunia Security Advisory - Aleksandar has discovered some vulnerabilities in PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks and to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/24949/ | | File Size: | 3346 | | Last Modified: | Apr 20 23:50:15 2007 |
| MD5 Checksum: | ab646a3b4b15a4ccbbc98b1f99b541c2 |
|
| /// File Name: |
sa24788.txt |
Description:
|
Secunia Security Advisory - VMware has acknowledged some vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges, and malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24788/ | | File Size: | 3318 | | Last Modified: | Apr 7 21:35:58 2007 |
| MD5 Checksum: | 7ec0582e36dc61de176067a2ab50a9f0 |
|
| /// File Name: |
sa24921.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/24921/ | | File Size: | 3306 | | Last Modified: | Apr 20 23:50:15 2007 |
| MD5 Checksum: | 78d3ffec1ee7cb02b44d712cfcec49b7 |
|
| /// File Name: |
ZDI-07-014.txt |
Description:
|
A vulnerability allows remote attackers to download and remove any file on vulnerable installations of Kaspersky Anti-Virus. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3285 | | Related CVE(s): | CVE-2007-1112 | | Last Modified: | Apr 8 01:34:49 2007 |
| MD5 Checksum: | 5fb57dc785145ad453c8aab5f3152ad1 |
|
| /// File Name: |
sa24930.txt |
Description:
|
Secunia Security Advisory - HP has acknowledged some vulnerabilities in HP Tru64 Unix.
| | Homepage: | http://secunia.com/advisories/24930/ | | File Size: | 3244 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | 06c2cd76edae4729bf7043fd93145e8e |
|
| /// File Name: |
major_rls38.txt |
Description:
|
eXV2 CMS versions 2.0.4.3 and below suffer from cross site scripting and session fixation vulnerabilities.
| | Author: | David "Aesthetico" Vieira-Kurz | | Homepage: | http://www.majorsecurity.de | | File Size: | 3214 | | Last Modified: | Apr 5 08:11:40 2007 |
| MD5 Checksum: | d21f2b2c8336489c95b528c7129a1d48 |
|
| /// File Name: |
sa24839.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for apache-mod_perl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24839/ | | File Size: | 3193 | | Last Modified: | Apr 12 20:33:34 2007 |
| MD5 Checksum: | 8821ad3ef58d983259e3ebb9bd0d53c0 |
|
| /// File Name: |
glsa-200704-20.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-20 - Luigi Auriemma has discovered multiple vulnerabilities in NAS, some of which include a buffer overflow in the function accept_att_local(), an integer overflow in the function ProcAuWriteElement(), and a null pointer error in the function ReadRequestFromClient(). Versions less than 1.8b are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3177 | | Related CVE(s): | CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546, CVE-2007-1547 | | Last Modified: | Apr 24 09:44:15 2007 |
| MD5 Checksum: | 6c8d940373b646fc47f6b47472c346af |
|
| /// File Name: |
glsa-200704-15.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-15 - The driver does not properly process Channel Switch Announcement Information Elements, allowing for an abnormal channel change. The ieee80211_input() function does not properly handle AUTH frames and the driver sends unencrypted packets before WPA authentication succeeds. Versions less than 0.9.3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3160 | | Related CVE(s): | CVE-2007-7178, CVE-2007-7179, CVE-2007-7180 | | Last Modified: | Apr 19 02:55:18 2007 |
| MD5 Checksum: | 127ed596013007509cc3053231c1f37e |
|
| /// File Name: |
glsa-200704-02.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-02 - The Kerberos telnet daemon fails to properly handle usernames allowing unauthorized access to any account (CVE-2007-0956). The Kerberos administration daemon, the KDC and possibly other applications using the MIT Kerberos libraries are vulnerable to the following issues. The krb5_klog_syslog function from the kadm5 library fails to properly validate input leading to a stack overflow (CVE-2007-0957). The GSS-API library is vulnerable to a double-free attack (CVE-2007-1216). Versions less than 1.5.2-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3148 | | Related CVE(s): | CVE-2007-0956, CVE-2007-0957, CVE-2007-1216 | | Last Modified: | Apr 5 02:44:48 2007 |
| MD5 Checksum: | 87659c312d1d721a42e37c9af2adeb79 |
|
| /// File Name: |
sa24865.txt |
Description:
|
Secunia Security Advisory - A vulnerability and two security issues have been reported in Cisco Wireless Control System (WCS), which can be exploited by malicious users to gain escalated privileges, and by malicious people to disclose sensitive information, bypass certain security restrictions, or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24865/ | | File Size: | 3126 | | Last Modified: | Apr 16 18:29:53 2007 |
| MD5 Checksum: | f5ac53e03e59404e836f4e45919bd243 |
|
| /// File Name: |
CAID-35277.txt |
Description:
|
CA CleverPath Portal contains a vulnerability that can allow a local attacker to access confidential data. The vulnerability is due to insufficient filtering of SQL search queries. CA has issued a patch to address the vulnerability.
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 3125 | | Related OSVDB(s): | 34128 | | Related CVE(s): | CVE-2007-2230 | | Last Modified: | May 3 01:57:44 2007 |
| MD5 Checksum: | b3399cd503f4b6d1f198fd59ee6855d9 |
|
| /// File Name: |
sa24895.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24895/ | | File Size: | 3109 | | Last Modified: | Apr 17 18:18:04 2007 |
| MD5 Checksum: | 194ade703371900b9c44c05da6b4f8e8 |
|
| /// File Name: |
sa24887.txt |
Description:
|
Secunia Security Advisory - Janek Vind has discovered some vulnerabilities in the vWar module for PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks and cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/24887/ | | File Size: | 3079 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | 5b0f841e632590910b69622773f854c0 |
|
| /// File Name: |
sa24935.txt |
Description:
|
Secunia Security Advisory - XenoMuta has reported some vulnerabilities in freePBX, which can be exploited by malicious people to conduct script insertion attacks and by malicious users to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24935/ | | File Size: | 3064 | | Last Modified: | Apr 25 05:31:31 2007 |
| MD5 Checksum: | 529ab77d69cd14181eb8efc77b01c263 |
|
| /// File Name: |
sa24889.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for various packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks, cause a DoS (Denial of Service), and compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24889/ | | File Size: | 3064 | | Last Modified: | Apr 16 18:29:53 2007 |
| MD5 Checksum: | b913a3676a5ab7d281c06c8ab3ec6be6 |
|
| /// File Name: |
04.26.07-2.txt |
Description:
|
iDefense Security Advisory 04.26.07 - Local exploitation of a buffer overflow vulnerability in Norton Ghost could allow local attackers to run code as the SYSTEM level user. Norton Ghost Service Manager is a Local Server COM object that allows privileged Ghost Backup Operators the ability to take and restore Ghost images of the system. A function within the Service Manager can be used to trigger a buffer overflow by supplying an overly long string. iDefense verified the existence of this vulnerability on Norton Ghost 10.0. Other versions may be vulnerable as well.
| | Author: | Pravus | | Homepage: | http://www.idefense.com/ | | File Size: | 3063 | | Last Modified: | May 3 02:44:41 2007 |
| MD5 Checksum: | 8e1831adea9ac92f11f0c6b4c607ea0b |
|
| /// File Name: |
sa24754.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for file. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24754/ | | File Size: | 3062 | | Last Modified: | Apr 5 04:08:29 2007 |
| MD5 Checksum: | cb9842d6fbba59226804bf6cda45a400 |
|
| /// File Name: |
sa24841.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for madwifi-source. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of potentially sensitive information or cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24841/ | | File Size: | 3032 | | Last Modified: | Apr 12 20:33:34 2007 |
| MD5 Checksum: | 242c5e7e570addcbb4af85bd04d90b38 |
|
| /// File Name: |
MU-200704-01.txt |
Description:
|
An integer overflow vulnerability exists in the RPC runtime library (libinfo) that handles AUTH_UNIX authentication. By sending maliciously-crafted requests to the any RPC service (portmap, mount, nfs, etc), a remote attacker can trigger the overflow which may lead to arbitrary code execution as the 'daemon' user. Mac OS X versions 10.3.9 and 10.4.9 are affected.
| | Author: | Mu Security research team | | Homepage: | http://labs.musecurity.com/ | | File Size: | 3011 | | Last Modified: | Apr 24 09:02:58 2007 |
| MD5 Checksum: | 4deb7fb36d9bbaac2d410a439b859db1 |
|
| /// File Name: |
sa24871.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24871/ | | File Size: | 2985 | | Last Modified: | Apr 16 18:29:53 2007 |
| MD5 Checksum: | 328c2fdee7a6746876186c383423b6ed |
|
| /// File Name: |
glsa-200704-04.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-04 - SUSE reported vulnerabilities due to unspecified errors in OpenPBS. Versions less than or equal to 2.3.16-r4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2962 | | Related CVE(s): | CVE-2006-5616 | | Last Modified: | Apr 5 02:46:26 2007 |
| MD5 Checksum: | 010a38a2bcccb902bb0206e24c55b81d |
|
| /// File Name: |
sa24683.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in Hitachi products, which potentially can be exploited by malicious people to disclose certain sensitive information or bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/24683/ | | File Size: | 2961 | | Last Modified: | Apr 3 01:13:40 2007 |
| MD5 Checksum: | be9d96f1f1cee6c2e4d5de212f1f8223 |
|
| /// File Name: |
sa24705.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for kdelibs. This fixes a vulnerability, which potentially can be exploited by malicious people to conduct cross-site scripting attacks in applications using the library.
| | Homepage: | http://secunia.com/advisories/24705/ | | File Size: | 2958 | | Last Modified: | Apr 7 21:35:58 2007 |
| MD5 Checksum: | b0cba483129956691e153538802071c0 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
