Section: .. / 0709-advisories /
| /// File Name: |
sa26997.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for lighttpd. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26997/ | | File Size: | 2026 | | Last Modified: | Sep 29 17:23:54 2007 |
| MD5 Checksum: | c41ad6b5fa1523557b20266679f35050 |
|
| /// File Name: |
sa26982.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for tetex. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26982/ | | File Size: | 2021 | | Last Modified: | Sep 29 17:23:54 2007 |
| MD5 Checksum: | c0fb21bb259f9eea49e14c9b72039c12 |
|
| /// File Name: |
imageop-overflow.txt |
Description:
|
The imageop.c module for Python contains a heap overflow.
| | Author: | Slythers Bro | | File Size: | 1916 | | Last Modified: | Sep 18 12:46:57 2007 |
| MD5 Checksum: | 20405fb18b2ae01e14541fbf6be0af7a |
|
| /// File Name: |
s21sec-036-en.txt |
Description:
|
Due to poor memory allocation management, Ekiga versions 2.0.5 and below are susceptible to a denial of service condition.
| | Author: | Jose Miguel Esparza | | Homepage: | http://www.s21sec.com/ | | File Size: | 1780 | | Last Modified: | Sep 13 19:34:10 2007 |
| MD5 Checksum: | 76ab2d98d7be31581e92ab89b44886dd |
|
| /// File Name: |
DDIVRT-2007-04.txt |
Description:
|
The NetSupport Manager client that listens on TCP port 5405 does not properly handle authentication sessions. It is possible to pose as the NetSupport Manager, associate to a client, and then issue commands without performing the authentication sequence. Both the basic and advanced authentication schemes can be bypassed in the same manner. When properly exploited, this flaw will results in a complete compromise of the target system. Version 10.20 is susceptible.
| | Homepage: | http://www.netsupportmanager.com/ | | File Size: | 1681 | | Last Modified: | Sep 24 23:03:04 2007 |
| MD5 Checksum: | 4dee000df98b5afe03e2e7605156220f |
|
| /// File Name: |
2007-005-itunes.txt |
Description:
|
iTunes version 7.3.x suffers from a heap overflow vulnerability in the album cover parsing functionality. This has been fixed in version 7.4.
| | Author: | David Thiel | | Homepage: | http://www.isecpartners.com/ | | File Size: | 1595 | | Last Modified: | Sep 7 03:07:01 2007 |
| MD5 Checksum: | 3a1a0d17230f12ce2f954fecbf886545 |
|
| /// File Name: |
winscp-jack.txt |
Description:
|
WinSCP versions 4.03 and below appear to install url protocol handlers that allow malicious web content the ability to automatically upload files from a local system.
| | Author: | Kender Security | | File Size: | 1326 | | Last Modified: | Sep 13 19:48:01 2007 |
| MD5 Checksum: | ca431a7ee5fd0abf34c0373f8514c0c7 |
|
| /// File Name: |
ssdt-multi.txt |
Description:
|
It appears that a number of vulnerabilities have been discovered in implementations of SSDT hooks in many different products. Vulnerable products range from BlackICE, Norton Internet Security, Process Monitor, and more.
| | Author: | Matousec - Transparent Security Research | | Homepage: | http://www.matousec.com/ | | File Size: | 1302 | | Last Modified: | Sep 18 13:14:29 2007 |
| MD5 Checksum: | c6c31abec3a9a6656c80d4c0297d331c |
|
| /// File Name: |
txxcms-rfi.txt |
Description:
|
Txx CMS appears susceptible to remote file inclusion vulnerabilities.
| | Author: | nne | | Homepage: | http://nnc.unkn0wn.eu/ | | File Size: | 1244 | | Last Modified: | Sep 9 16:57:07 2007 |
| MD5 Checksum: | 669ef7e6dbf80b2a7fa86bac09bfd55b |
|
| /// File Name: |
php524-iconv.txt |
Description:
|
PHP versions 5.2.4 and below are susceptible to a denial of service condition in iconv_substr().
| | Author: | laurent gaffi | | File Size: | 1205 | | Last Modified: | Sep 5 20:15:39 2007 |
| MD5 Checksum: | c3e9835239f4a47aee74a094fec85ecd |
|
| /// File Name: |
marshal-tar.txt |
Description:
|
Marshal MailMarshal suffers from a tar unpacking vulnerability. Versions 6.2.1.3253 and below are affected.
| | Author: | Sebastian Vandersee | | Homepage: | http://www.rt-solutions.de/ | | File Size: | 1189 | | Last Modified: | Sep 5 00:30:00 2007 |
| MD5 Checksum: | 27812e392d232a5bb6d0d85dee82e9f0 |
|
| /// File Name: |
php524-setlocale.txt |
Description:
|
PHP versions below 5.2.4 are susceptible to a denial of service condition in setlocale().
| | Author: | laurent gaffi | | File Size: | 1046 | | Last Modified: | Sep 5 20:13:53 2007 |
| MD5 Checksum: | 29becaf17c02d0903cbd8d3fd96e2717 |
|
| /// File Name: |
php523-fnmatch.txt |
Description:
|
PHP versions below 5.2.3 are susceptible to a denial of service condition in fnmatch().
| | Author: | laurent gaffi | | File Size: | 1030 | | Last Modified: | Sep 5 20:14:35 2007 |
| MD5 Checksum: | 99598bed2541348a2ddee8da552c21ca |
|
| /// File Name: |
php523-glob.txt |
Description:
|
PHP versions below 5.2.3 are susceptible to a denial of service condition in glob().
| | Author: | laurent gaffi | | File Size: | 980 | | Last Modified: | Sep 5 20:12:39 2007 |
| MD5 Checksum: | 502914fec8610470a4c9aeabc41fc301 |
|
| /// File Name: |
rsaenvision-xss.txt |
Description:
|
RSA EnVision version 3.3.6 build 0115 suffers from a cross site scripting vulnerability.
| | Author: | Stelios Tigkas | | File Size: | 870 | | Last Modified: | Sep 13 19:31:18 2007 |
| MD5 Checksum: | 3b99344cd3508448c057e54359e12afd |
|
| /// File Name: |
googleurchin-xss.txt |
Description:
|
There is a trivially exploitable cross site scripting vulnerability on Google Urchin Web Analytics 5's login page. The vulnerability has been tested on versions 5.6.00r2, 5.7.01, 5.7.02 and 5.7.03 (latest). Previous versions are most likely affected as well.
| | Author: | pagvac | | File Size: | 794 | | Last Modified: | Sep 25 00:06:14 2007 |
| MD5 Checksum: | 787e264d6b1e657a3f34181cf856f8d5 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
