Section: .. / 0710-advisories /
| /// File Name: |
dsa-1362-2.txt |
Description:
|
Debian Security Advisory 1362-2 - A problem was discovered in lighttpd, a fast webserver with minimal memory footprint, which could allow the execution of arbitary code via the overflow of CGI variables when mod_fcgi was enabled. This updated advisory correctly patches the security issue, which was not handled in DSA-1362-1.
| | Homepage: | http://www.debian.org/security | | File Size: | 11974 | | Related CVE(s): | CVE-2007-4727 | | Last Modified: | Oct 8 20:26:33 2007 |
| MD5 Checksum: | 826063a55c14e8a2be9717c3362feb6e |
|
| /// File Name: |
dsa-1365-3.txt |
Description:
|
Debian Security Advisory 1365-3 - Nikolaus Schulz discovered that a programming error in id3lib, an ID3 Tag Library, may lead to denial of service through symlink attacks.
| | Homepage: | http://www.debian.org/security | | File Size: | 11932 | | Related CVE(s): | CVE-2007-4460 | | Last Modified: | Oct 2 20:20:29 2007 |
| MD5 Checksum: | 33560aae79d1bc515125ac61d6f593f2 |
|
| /// File Name: |
SSRT071298.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM) running httpd.tkd. The vulnerability could be exploited to allow remote unauthorized access to data.
| | Homepage: | http://www.hp.com/ | | File Size: | 11036 | | Related CVE(s): | CVE-2007-5413 | | Last Modified: | Oct 25 00:12:23 2007 |
| MD5 Checksum: | 2286f5205044f674877b5bb887703e00 |
|
| /// File Name: |
dsa-1388-3.txt |
Description:
|
Debian Security Advisory 1388-3 - The patch used to correct the DHCP server buffer overflow in DSA-1388-1 was incomplete and did not adequately resolve the problem. This update to the previous advisory makes available updated packages based on a newer version of the patch.
| | Homepage: | http://www.debian.org/security | | File Size: | 10015 | | Related CVE(s): | CVE-2007-5365 | | Last Modified: | Oct 29 16:49:26 2007 |
| MD5 Checksum: | 209da10a5803dcf3037c51bb709fbda1 |
|
| /// File Name: |
sa27425.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for iceweasel. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27425/ | | File Size: | 9963 | | Last Modified: | Oct 29 20:32:43 2007 |
| MD5 Checksum: | 51965f1294cc761244713f61b0d0fea5 |
|
| /// File Name: |
SSRT071480.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
| | Homepage: | http://www.hp.com/ | | File Size: | 9829 | | Last Modified: | Oct 16 18:55:41 2007 |
| MD5 Checksum: | d521c42c71203f3644b28cf8c28f63b5 |
|
| /// File Name: |
sa27071.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for libsndfile. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/27071/ | | File Size: | 9770 | | Last Modified: | Oct 5 21:33:17 2007 |
| MD5 Checksum: | e7cdd041ed2814759afbdc8f70bffd33 |
|
| /// File Name: |
dsa-1379-2.txt |
Description:
|
Debian Security Advisory 1379-2 - An off-by-one error has been identified in the SSL_get_shared_ciphers() routine in OpenSSL, an implementation of Secure Socket Layer cryptographic libraries and utilities. This error could allow an attacker to crash an application making use of OpenSSL's libssl library, or potentially execute arbitrary code in the security context of the user running such an application. This update to DSA 1379 announces the availability of the libssl0.9.6 and libssl0.9.7 compatibility libraries for sarge (oldstable) and etch (stable), respectively.
| | Homepage: | http://www.debian.org/security | | File Size: | 9731 | | Related CVE(s): | CVE-2007-5135 | | Last Modified: | Oct 10 23:55:15 2007 |
| MD5 Checksum: | 628f0f87d55a87adecd6ac70dc98e253 |
|
| /// File Name: |
sa27319.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for ghostscript and gs-gpl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27319/ | | File Size: | 9478 | | Last Modified: | Oct 23 22:14:49 2007 |
| MD5 Checksum: | 0fad3d866a7ca85c05e20d6dad3050f6 |
|
| /// File Name: |
USN-525-1.txt |
Description:
|
Ubuntu Security Notice 525-1 - Robert Buchholz discovered that libsndfile did not correctly validate the size of its memory buffers. If a user were tricked into playing a specially crafted FLAC file, a remote attacker could execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 9366 | | Related CVE(s): | CVE-2007-4974 | | Last Modified: | Oct 5 02:17:59 2007 |
| MD5 Checksum: | 68343c94c33daf1fad0469e20ae988af |
|
| /// File Name: |
USN-501-2.txt |
Description:
|
Ubuntu Security Notice 501-2 - USN-501-1 fixed vulnerabilities in Jasper. This update provides the corresponding update for the Jasper internal to Ghostscript. It was discovered that Jasper did not correctly handle corrupted JPEG2000 images. By tricking a user into opening a specially crafted JPG, a remote attacker could cause the application using libjasper to crash, resulting in a denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 9150 | | Related CVE(s): | CVE-2007-2721 | | Last Modified: | Oct 22 23:54:11 2007 |
| MD5 Checksum: | bef4672949983b7fb996479d908d2631 |
|
| /// File Name: |
sa27110.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for php. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/27110/ | | File Size: | 9059 | | Last Modified: | Oct 10 00:59:53 2007 |
| MD5 Checksum: | c116ba278e5ee833f46c16eecba55cbb |
|
| /// File Name: |
MDKSA-2007-201.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in the hpssd tool was discovered where it did not correctly handle shell meta-characters. A local attacker could use this flaw to execute arbitrary commands as the hplip user. As well, this update fixes a problem with some HP scanners on Mandriva Linux 2007.1, particularly HP PSC 1315, which wouldn't be detected and also fixes a problem with HP 1220 and possibly other models when scanning via the OpenOffice.org suite.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8958 | | Related CVE(s): | CVE-2007-5208 | | Last Modified: | Oct 22 23:59:08 2007 |
| MD5 Checksum: | e3484f14d0e3a26c14c39da2fdf8ae28 |
|
| /// File Name: |
sa27392.txt |
Description:
|
Secunia Security Advisory - Fedora has issued updates for xscreensaver, tempest, and rss-glx. These fix a security issue, which can be exploited by malicious people with physical access to a system to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/27392/ | | File Size: | 8868 | | Last Modified: | Oct 24 23:40:24 2007 |
| MD5 Checksum: | 128f9a88b37698f0a4048c91902bfc39 |
|
| /// File Name: |
MDKSA-2007-195.txt |
Description:
|
Mandriva Linux Security Advisory - A stack-based buffer overflow in the random number generator could allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size. The lcd_write function did not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption). The decode_choice function allowed remote attackers to cause a denial of service (crash) via an encoded out-of-range index value for a choice field which triggered a NULL pointer dereference. The Linux kernel allowed local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die which delivered an attacker-controlled parent process death signal (PR_SET_PDEATHSIG). The aac_cfg_openm and aac_compat_ioctl functions in the SCSI layer ioctl patch in aacraid did not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges. The IA32 system call emulation functionality, when running on the x86_64 architecture, did not zero extend the eax register after the 32bit entry path to ptrace is used, which could allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8642 | | Related CVE(s): | CVE-2007-3105, CVE-2007-3513, CVE-2007-3642, CVE-2007-3848, CVE-2007-4308, CVE-2007-4573 | | Last Modified: | Oct 16 00:17:23 2007 |
| MD5 Checksum: | 5a12cf6638c61249c10bb2a042c483b3 |
|
| /// File Name: |
AST-2007-023.txt |
Description:
|
Asterisk Project Security Advisory - Source and destination numbers for a given call are not correctly escaped by the cdr_addon_mysql module in Asterisk, allowing for SQL injection attacks.
| | Author: | Humberto Abdelnur | | Homepage: | http://www.asterisk.org/security | | File Size: | 8293 | | Related CVE(s): | CVE-2007-5488 | | Last Modified: | Oct 18 18:03:31 2007 |
| MD5 Checksum: | 8b04c6ff4d935ae655d57a54df812550 |
|
| /// File Name: |
MDKSA-2007-196.txt |
Description:
|
Mandriva Linux Security Advisory - The compat_sys_mount function in fs/compat.c allowed local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode. The nf_conntrack function in netfilter did not set nfctinfo during reassembly of fragmented packets, which left the default value as IP_CT_ESTABLISHED and could allow remote attackers to bypass certain rulesets using IPv6 fragments. A typo in the Linux kernel caused RTA_MAX to be used as an array size instead of RTN_MAX, which lead to an out of bounds access by certain functions. The IPv6 protocol allowed remote attackers to cause a denial of service via crafted IPv6 type 0 route headers that create network amplification between two routers. The random number feature did not properly seed pools when there was no entropy, or used an incorrect cast when extracting entropy, which could cause the random number generator to provide the same values after reboots on systems without an entropy source. A memory leak in the PPPoE socket implementation allowed local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized. An integer underflow in the cpuset_tasks_read function, when the cpuset filesystem is mounted, allowed local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file. The sctp_new function in netfilter allowed remote attackers to cause a denial of service by causing certain invalid states that triggered a NULL pointer dereference. A stack-based buffer overflow in the random number generator could allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size. The lcd_write function did not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption). The Linux kernel allowed local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die which delivered an attacker-controlled parent process death signal (PR_SET_PDEATHSIG). The aac_cfg_openm and aac_compat_ioctl functions in the SCSI layer ioctl patch in aacraid did not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges. The IA32 system call emulation functionality, when running on the x86_64 architecture, did not zero extend the eax register after the 32bit entry path to ptrace is used, which could allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8221 | | Related CVE(s): | CVE-2006-7203, CVE-2007-1497, CVE-2007-2172, CVE-2007-2242, CVE-2007-2453, CVE-2007-2525, CVE-2007-2875, CVE-2007-2876, CVE-2007-3105, CVE-2007-3513, CVE-2007-3848, CVE-2007-4308, CVE-2007-4573 | | Last Modified: | Oct 16 00:22:46 2007 |
| MD5 Checksum: | c9c788c8ab303f6c67b69c3510264278 |
|
| /// File Name: |
dsa-1383-1.txt |
Description:
|
Debian Security Advisory 1383-1 - It was discovered that a cross site scripting vulnerability in GForge, a collaborative development tool, allows remote attackers to inject arbitrary web script or HTML in the context of a logged in user's session.
| | Homepage: | http://www.debian.org/security | | File Size: | 8154 | | Related CVE(s): | CVE-2007-3918 | | Last Modified: | Oct 5 22:56:24 2007 |
| MD5 Checksum: | d863c796e7dd0f8e5f08eaee655af33d |
|
| /// File Name: |
glsa-200710-02.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200710-02 - Several vulnerabilities were found in PHP. Mattias Bengtsson and Philip Olausson reported integer overflows in the gdImageCreate() and gdImageCreateTrueColor() functions of the GD library which can cause heap-based buffer overflows. Gerhard Wagner discovered an integer overflow in the chunk_split() function that can lead to a heap-based buffer overflow. Its incomplete fix caused incorrect buffer size calculation due to precision loss, also resulting in a possible heap-based buffer overflow. A buffer overflow in the sqlite_decode_binary() of the SQLite extension found by Stefan Esser that was addressed in PHP 5.2.1 was not fixed correctly. Versions less than 5.2.4_p20070914-r2 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 8110 | | Related CVE(s): | CVE-2007-1883, CVE-2007-1887, CVE-2007-1900, CVE-2007-2756, CVE-2007-2872, CVE-2007-3007, CVE-2007-3378, CVE-2007-3806, CVE-2007-3996, CVE-2007-3997, CVE-2007-3998, CVE-2007-4652, CVE-2007-4657, CVE-2007-4658, CVE-2007-4659, CVE-2007-4660, CVE-2007-4661, CVE-2007-4662, CVE-2007-4663, CVE-2007-4670, CVE-2007-4727, CVE-2007-4782, CVE-2007-4783, CVE-2007-4784, CVE-2007-4825, CVE-2007-4840, CVE-2007-4887 | | Last Modified: | Oct 8 20:36:46 2007 |
| MD5 Checksum: | 8c8d5b159992cb0df17a3a4a8b8f0e4d |
|
| /// File Name: |
sa27042.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gforge. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/27042/ | | File Size: | 7681 | | Last Modified: | Oct 5 21:33:17 2007 |
| MD5 Checksum: | af99af82a185a6d8609316b17b29e51a |
|
| /// File Name: |
sa27049.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for quagga. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27049/ | | File Size: | 7646 | | Last Modified: | Oct 3 16:39:01 2007 |
| MD5 Checksum: | 7d766d8ba24dec69ded3d7c1e5926669 |
|
| /// File Name: |
SSRT071476.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX Apache version 2.0.59. The vulnerability could be exploited remotely to create a Denial of Service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 7395 | | Related CVE(s): | CVE-2007-3847, CVE-2007-3304 | | Last Modified: | Oct 12 00:41:53 2007 |
| MD5 Checksum: | ea06427b8f2fb4e3289e82c5f6ba3e3d |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
