Section: .. / 0709-advisories /
| /// File Name: |
FSC20070911-11.txt |
Description:
|
The Microsoft Agent ActiveX control contains a buffer overflow vulnerability that allows remote attackers to inject and execute arbitrary code with the privileges of the currently logged in user. Version 2.0.0.3425 is affected.
| | Homepage: | http://www.assurent.com/ | | File Size: | 2770 | | Related CVE(s): | CVE-2007-3040 | | Last Modified: | Sep 11 19:00:50 2007 |
| MD5 Checksum: | 57f6fb249e756ac2c58f1f34da916834 |
|
| /// File Name: |
linuxkernel-validation.txt |
Description:
|
Insufficient validation of the general-purpose register in IA32 system call emulation code may lead to local system compromise on x86_64 platform for Linux kernels in the 2.4 and 2.6 series.
| | Author: | Wojciech Purczynski | | File Size: | 2766 | | Last Modified: | Sep 24 23:59:47 2007 |
| MD5 Checksum: | e8d9d1cded501fd645ff74c4967aac9f |
|
| /// File Name: |
sa26762.txt |
Description:
|
Secunia Security Advisory - Yollubunlar has discovered some vulnerabilities in phpMyQuote, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/26762/ | | File Size: | 2764 | | Last Modified: | Sep 11 18:19:30 2007 |
| MD5 Checksum: | 43323c3a7087e26f204d3da3f738d970 |
|
| /// File Name: |
sa26738.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for qgit. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/26738/ | | File Size: | 2761 | | Last Modified: | Sep 11 18:19:30 2007 |
| MD5 Checksum: | c3504385aaf9d0bd1b2eb7e76b84a60e |
|
| /// File Name: |
sa26675.txt |
Description:
|
Secunia Security Advisory - Thomas de Grenier de Latour has discovered a vulnerability in the debian-goodies package for Debian Linux, which can be exploited by malicious, local users to perform actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/26675/ | | File Size: | 2758 | | Last Modified: | Sep 7 02:01:27 2007 |
| MD5 Checksum: | 8920c376420d510c23df38ff8868ae14 |
|
| /// File Name: |
sa26835.txt |
Description:
|
Secunia Security Advisory - Adam Baldwin has reported a vulnerability and a security issue in RemoteDocs R-Viewer, which potentially can be exploited by malicious, local users to disclose sensitive information and by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26835/ | | File Size: | 2747 | | Last Modified: | Sep 18 21:26:49 2007 |
| MD5 Checksum: | fa14a0e721422938bca9253ffada9f17 |
|
| /// File Name: |
sa26811.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Qt, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/26811/ | | File Size: | 2746 | | Last Modified: | Sep 18 10:57:18 2007 |
| MD5 Checksum: | 4c5a36658a69222c258f4e48b6d2cc02 |
|
| /// File Name: |
ZDI-07-050.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit this vulnerability. The specific flaw is exposed through the RPC interface bound on TCP port 5168 and defined in SpntSvc.exe.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2745 | | Related CVE(s): | CVE-2007-4218 | | Last Modified: | Sep 9 16:53:55 2007 |
| MD5 Checksum: | c93fd4348a32dc9b40ace488b0d089eb |
|
| /// File Name: |
sa26768.txt |
Description:
|
Secunia Security Advisory - agentsteal has reported some vulnerabilities in LetterGrade, which can be exploited by malicious people to conduct cross-site scripting attacks or by malicious users to conduct script-insertion attacks.
| | Homepage: | http://secunia.com/advisories/26768/ | | File Size: | 2742 | | Last Modified: | Sep 18 10:57:18 2007 |
| MD5 Checksum: | 43475e75f7340a715713e619b3602a5e |
|
| /// File Name: |
glsa-200709-02.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200709-02 - Stefan Cornelius from Secunia Research discovered that the parseIrcUrl() function in file src/kvirc/kernel/kvi_ircurl.cpp does not properly sanitise parts of the URI when building the command for KVIrc's internal script system. Versions less than 3.2.6_pre20070714 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2732 | | Related CVE(s): | CVE-2007-2951 | | Last Modified: | Sep 13 19:57:06 2007 |
| MD5 Checksum: | 74078640356c4b531bf3656f782a6104 |
|
| /// File Name: |
sa26786.txt |
Description:
|
Secunia Security Advisory - Shell has discovered a vulnerability in AOL Instant Messenger, which can be exploited by malicious people to execute arbitrary script code.
| | Homepage: | http://secunia.com/advisories/26786/ | | File Size: | 2726 | | Last Modified: | Sep 20 04:11:10 2007 |
| MD5 Checksum: | f034b83e3019261d0138f2ef398b5f18 |
|
| /// File Name: |
sa26734.txt |
Description:
|
Secunia Security Advisory - Gynvael Coldwind has reported a vulnerability in Total Commander, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26734/ | | File Size: | 2721 | | Last Modified: | Sep 7 19:03:37 2007 |
| MD5 Checksum: | 0fa60f0af8013128460492add262ed73 |
|
| /// File Name: |
sa26988.txt |
Description:
|
Secunia Security Advisory - A weakness has been reported in Cisco Catalyst 6500 and Cisco 7600 series devices, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/26988/ | | File Size: | 2721 | | Last Modified: | Sep 27 19:54:21 2007 |
| MD5 Checksum: | 32467b0c6e34f3704ccd8016df89fc6e |
|
| /// File Name: |
sa26792.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for librpcsecgss. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26792/ | | File Size: | 2713 | | Last Modified: | Sep 13 19:17:05 2007 |
| MD5 Checksum: | 5ba72d591470c366402bb92179496be5 |
|
| /// File Name: |
sa26703.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in Apple AirPort Extreme Base Station, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26703/ | | File Size: | 2711 | | Last Modified: | Sep 5 19:40:40 2007 |
| MD5 Checksum: | 31135e484790756db09231874b2af9f3 |
|
| /// File Name: |
sa26936.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for elinks. This fixes a weakness, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/26936/ | | File Size: | 2711 | | Last Modified: | Sep 25 18:33:28 2007 |
| MD5 Checksum: | 33cadf3c0b549f051bed3b93fa1595bb |
|
| /// File Name: |
sa26640.txt |
Description:
|
Secunia Security Advisory - Joxean Koret has reported a vulnerability in EnterpriseDB Advanced Server, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26640/ | | File Size: | 2710 | | Last Modified: | Sep 4 22:20:04 2007 |
| MD5 Checksum: | 5d381167e65181ff4e81cece5db6b1e9 |
|
| /// File Name: |
sa26848.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Bugzilla, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/26848/ | | File Size: | 2706 | | Last Modified: | Sep 20 04:11:10 2007 |
| MD5 Checksum: | d17c28c48d3c372535bfad7bad0e3149 |
|
| /// File Name: |
sa26760.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some weaknesses, a security issue, and some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges, and by malicious people to bypass certain security restrictions and cause a DoS.
| | Homepage: | http://secunia.com/advisories/26760/ | | File Size: | 2705 | | Last Modified: | Sep 13 19:17:05 2007 |
| MD5 Checksum: | a142c907405d39315f8fd48dc5c2a0ec |
|
| /// File Name: |
sa26974.txt |
Description:
|
Secunia Security Advisory - Jesper Jurcenoks has reported some vulnerabilities in SimpGB, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/26974/ | | File Size: | 2703 | | Last Modified: | Sep 26 13:46:10 2007 |
| MD5 Checksum: | b0c0b000f19c47d67406e23a6a74f2eb |
|
| /// File Name: |
sa26825.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in inotify-tools, which can potentially be exploited by malicious users to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/26825/ | | File Size: | 2699 | | Last Modified: | Sep 20 04:11:10 2007 |
| MD5 Checksum: | a41ca4b8014fa3f9ae547682b6356ec3 |
|
| /// File Name: |
ZDI-07-051.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Server Protect. Authentication is not required to exploit this vulnerability. The specific flaw exists within the routine TMregChange() exported by TMReg.dll which is reachable through the custom protocol subcode "\x15\x00\x00\x00". The TCP socket bound to port 5005 receives user-supplied data which is copied without proper bounds checking to a stack-based buffer. Thereby resulting in an exploitable condition.
| | Author: | Sebastian Apelt | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2690 | | Related CVE(s): | CVE-2007-4731 | | Last Modified: | Sep 9 16:55:13 2007 |
| MD5 Checksum: | 069c90a5da80f13229feadaf50d40ec4 |
|
| /// File Name: |
sophos-xss.txt |
Description:
|
A malformed ZIP archive being analyzed by the Sophos AV client can trigger cross site scripting attacks. Version 6.5.4 R2 is affected.
| | Author: | Michael Jordon | | Homepage: | http://www.contextis.co.uk/ | | File Size: | 2690 | | Related CVE(s): | CVE-2007-4512 | | Last Modified: | Sep 7 02:42:34 2007 |
| MD5 Checksum: | 6bc4e9f923d9b4d798b9c1e9307a7108 |
|
| /// File Name: |
sa26865.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for libvorbis. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/26865/ | | File Size: | 2689 | | Last Modified: | Sep 20 20:45:07 2007 |
| MD5 Checksum: | cfc77d0690c3facc110e38a8e79efa93 |
|
| /// File Name: |
sa26925.txt |
Description:
|
Secunia Security Advisory - HP has acknowledged a vulnerability in HP OpenVMS, which can be exploited by malicious people to poison the DNS cache.
| | Homepage: | http://secunia.com/advisories/26925/ | | File Size: | 2687 | | Last Modified: | Sep 24 20:19:43 2007 |
| MD5 Checksum: | 4c9038d88803d6cd927a2cc4c01cd975 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
