Section: .. / 0709-advisories /
| /// File Name: |
sa26778.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for qt. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/26778/ | | File Size: | 9737 | | Last Modified: | Sep 18 10:57:18 2007 |
| MD5 Checksum: | 3b5dd2363561221ec96243297fbb827d |
|
| /// File Name: |
sa26901.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for t1lib. This fixes a vulnerability, which can be exploited by malicious users to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26901/ | | File Size: | 9711 | | Last Modified: | Sep 20 20:45:07 2007 |
| MD5 Checksum: | 5ee45506a4befc8a64657eaeb922a322 |
|
| /// File Name: |
MITKRB5-SA-2007-006-2.txt |
Description:
|
MIT krb5 Security Advisory 2007-006 - The MIT krb5 Kerberos administration daemon (kadmind) is vulnerable to a stack buffer overflow in the RPCSEC_GSS authentication flavor of the RPC library. Third-party applications using the RPC library provided with MIT krb5 may also be affected. Updated version of the original advisory with a fixed patch.
| | Homepage: | http://web.mit.edu/ | | File Size: | 9649 | | Related CVE(s): | CVE-2007-3999, CVE-2007-4000 | | Last Modified: | Sep 5 20:45:05 2007 |
| MD5 Checksum: | 61e5eaf8a33e3ef3a5081600ecb969c1 |
|
| /// File Name: |
USN-515-1.txt |
Description:
|
Ubuntu Security Notice 515-1 - It was discovered that t1lib does not properly perform bounds checking which can result in a buffer overflow vulnerability. An attacker could send specially crafted input to applications linked against t1lib which could result in a DoS or arbitrary code execution.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 9402 | | Related CVE(s): | CVE-2007-4033 | | Last Modified: | Sep 20 04:59:48 2007 |
| MD5 Checksum: | b7118d409a112d9371ea0dc2ee682004 |
|
| /// File Name: |
sa26719.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for gallery2. This fixes some vulnerabilities, which can be exploited by malicious users to manipulate certain data.
| | Homepage: | http://secunia.com/advisories/26719/ | | File Size: | 9387 | | Last Modified: | Sep 7 02:01:27 2007 |
| MD5 Checksum: | 0d7164ee5bb22a79b1dbc3ce84bd2376 |
|
| /// File Name: |
sa26802.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for php. This fixes a weakness and some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users and malicious, local users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/26802/ | | File Size: | 9239 | | Last Modified: | Sep 20 04:11:10 2007 |
| MD5 Checksum: | f0d3dc6784fc7afc43530f71dd92d985 |
|
| /// File Name: |
SSRT071471.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
| | Homepage: | http://www.hp.com/ | | File Size: | 9176 | | Last Modified: | Sep 20 04:37:32 2007 |
| MD5 Checksum: | bec42473e5d89d7c4cd6864e9a6ac162 |
|
| /// File Name: |
MDKSA-2007-172.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in ClamAV was discovered that could allow remote attackers to cause a denial of service via a crafted RTF file or a crafted HTML document with a data: URI, both of which trigger a NULL dereference. A vulnerability in clamav-milter, when run in black hole mode, could allow remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8592 | | Related CVE(s): | CVE-2007-4510, CVE-2007-4560 | | Last Modified: | Sep 1 00:12:44 2007 |
| MD5 Checksum: | 5baa7733b5f353200db8197ea2a8057c |
|
| /// File Name: |
CAL-20070912-1.txt |
Description:
|
Code Audit Labs has discovered heap overflows and denial of service vulnerabilities in multiple media players including MPlayer, StormPlayer, etc.
| | Homepage: | http://www.vulnhunt.com/ | | File Size: | 8231 | | Last Modified: | Sep 13 19:38:26 2007 |
| MD5 Checksum: | 81b79036bc65cefc93207a48d45d17cd |
|
| /// File Name: |
MITKRB5-SA-2007-006.txt |
Description:
|
MIT krb5 Security Advisory 2007-006 - The MIT krb5 Kerberos administration daemon (kadmind) is vulnerable to a stack buffer overflow in the RPCSEC_GSS authentication flavor of the RPC library. Third-party applications using the RPC library provided with MIT krb5 may also be affected.
| | Homepage: | http://web.mit.edu/ | | File Size: | 8189 | | Related CVE(s): | CVE-2007-3999, CVE-2007-4000 | | Last Modified: | Sep 5 01:23:09 2007 |
| MD5 Checksum: | bdc679b4808a226efcec0f8b21d9cb2c |
|
| /// File Name: |
dsa-1369-1.txt |
Description:
|
Debian Security Advisory 1369-1 - Sumit I. Siddharth discovered that Gforge, a collaborative development tool performs insufficient input sanitizing, which allows SQL injection.
| | Homepage: | http://www.debian.org/security | | File Size: | 8063 | | Related CVE(s): | CVE-2007-3913 | | Last Modified: | Sep 7 03:09:02 2007 |
| MD5 Checksum: | 45d89ac7a9ed6ac79c3363474491c76e |
|
| /// File Name: |
EEYE-ARCserve.txt |
Description:
|
eEye Digital Security has discovered multiple vulnerabilities within CA ARCserve for Laptops & Desktops (L&D), an enterprise-level backup software suite designed for workstations. The vulnerabilities can be utilized by an attacker to execute arbitrary code on a remote system anonymously over TCP/1900.
| | Author: | Matt Oh, Andre Derek Protas, Yuji Ukai | | Homepage: | http://www.eeye.com/ | | File Size: | 8030 | | Last Modified: | Sep 24 23:39:26 2007 |
| MD5 Checksum: | 1c7505578b435c40f52cd57bf47ea93a |
|
| /// File Name: |
MDKSA-2007-174-1.txt |
Description:
|
Mandriva Linux Security Advisory - A stack buffer overflow vulnerability was discovered in the RPC library used by Kerberos' kadmind program by Tenable Network Security. A remote unauthenticated user who could access kadmind would be able to trigger the flaw and cause it to crash. This issue is only applicable to Kerberos 1.4 and higher. Garrett Wollman found an uninitialized pointer vulnerability in kadmind which a remote unauthenticated attacker able to access kadmind could exploit to cause kadmind to crash. This issue is only applicable to Kerberos 1.5 and higher. The MIT Kerberos Team found a problem with the originally published patch for CVE-2007-3999. A remote unauthenticated attacker able to access kadmind could trigger this flaw and cause kadmind to crash.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7955 | | Related CVE(s): | CVE-2007-3999, CVE-2007-4000, CVE-2007-4743 | | Last Modified: | Sep 7 20:31:01 2007 |
| MD5 Checksum: | 8773009e8da0941e727991ff9a74c6e8 |
|
| /// File Name: |
sa26723.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gforge. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/26723/ | | File Size: | 7807 | | Last Modified: | Sep 11 18:19:30 2007 |
| MD5 Checksum: | 77461f9710912427449f4082d11f0180 |
|
| /// File Name: |
MDKSA-2007-174.txt |
Description:
|
Mandriva Linux Security Advisory - A stack buffer overflow vulnerability was discovered in the RPC library used by Kerberos' kadmind program by Tenable Network Security. A remote unauthenticated user who could access kadmind would be able to trigger the flaw and cause it to crash. This issue is only applicable to Kerberos 1.4 and higher. Garrett Wollman found an uninitialized pointer vulnerability in kadmind which a remote unauthenticated attacker able to access kadmind could exploit to cause kadmind to crash. This issue is only applicable to Kerberos 1.5 and higher.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7677 | | Related CVE(s): | CVE-2007-3999, CVE-2007-4000 | | Last Modified: | Sep 7 03:10:16 2007 |
| MD5 Checksum: | ed25422ca73141a520a9ab37659008d4 |
|
| /// File Name: |
sa26949.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for elinks. This fixes a weakness, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/26949/ | | File Size: | 7432 | | Last Modified: | Sep 26 22:37:08 2007 |
| MD5 Checksum: | a6679c92667c6f7c115c2b5650b28556 |
|
| /// File Name: |
sa26930.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26930/ | | File Size: | 7261 | | Last Modified: | Sep 25 18:33:28 2007 |
| MD5 Checksum: | c453e3b065d32ce03fbd40598e5fd336 |
|
| /// File Name: |
dsa-1365-1.txt |
Description:
|
Debian Security Advisory 1365-1 - Nikolaus Schulz discovered that a programming error in id3lib, an ID3 Tag Library, may lead to denial of service through symlink attacks.
| | Homepage: | http://www.debian.org/security | | File Size: | 7232 | | Related CVE(s): | CVE-2007-4460 | | Last Modified: | Sep 5 01:15:59 2007 |
| MD5 Checksum: | 43adeb02028de7b107a0892d16899421 |
|
| /// File Name: |
sa26646.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for id3lib3.8.3. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/26646/ | | File Size: | 6980 | | Last Modified: | Sep 4 22:20:04 2007 |
| MD5 Checksum: | 991d3805d68f5f47f23d0c67e1d7a58b |
|
| /// File Name: |
USN-519-1.txt |
Description:
|
Ubuntu Security Notice 519-1 - Kalle Olavi Niemitalo discovered that if elinks makes a POST request to an HTTPS URL through a proxy, information may be sent in clear-text between elinks and the proxy. Attackers with access to the network could steal sensitive information (such as passwords).
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6893 | | Related CVE(s): | CVE-2007-5034 | | Last Modified: | Sep 25 22:10:17 2007 |
| MD5 Checksum: | c9962b22257c7973907caa686b5d7f71 |
|
| /// File Name: |
sa26912.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for openoffice.org. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26912/ | | File Size: | 6812 | | Last Modified: | Sep 24 11:00:46 2007 |
| MD5 Checksum: | 65e08d38bf98a24742f26ee263945b35 |
|
| /// File Name: |
sa26890.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in various VMware products, which can be exploited by malicious, local users to gain escalated privileges or cause a DoS (Denial of Service) or by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26890/ | | File Size: | 6777 | | Last Modified: | Sep 20 11:57:54 2007 |
| MD5 Checksum: | 69e4a933876b192e79cd5ee6b804200e |
|
| /// File Name: |
dsa-1368-1.txt |
Description:
|
Debian Security Advisory 1368-1 - It was discovered that a buffer overflow of the library for secure RPC communication over the rpcsec_gss protocol allows the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 6767 | | Related CVE(s): | CVE-2007-3999 | | Last Modified: | Sep 5 01:20:25 2007 |
| MD5 Checksum: | 6559576657cec87ac6382ac682e62bcb |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
