Section: .. / 0710-advisories /
| /// File Name: |
sa27192.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in CA BrightStor ARCserve Backup, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27192/ | | File Size: | 4485 | | Last Modified: | Oct 12 00:13:39 2007 |
| MD5 Checksum: | 3961f18738529695b37f3466ebf6102c |
|
| /// File Name: |
secunia-ipswitch.txt |
Description:
|
Secunia Research has discovered a vulnerability in the IMail Client, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the IMail Client when processing emails containing multipart MIME data. Affected is the IMail Client 9.22 included with IPSwitch IMail Server 2006.22.
| | Homepage: | http://secunia.com/ | | File Size: | 4440 | | Related CVE(s): | CVE-2007-4345 | | Last Modified: | Oct 30 12:20:14 2007 |
| MD5 Checksum: | 2ecb467ba9ae08a8347f31a5fa740574 |
|
| /// File Name: |
dsa-1384-1.txt |
Description:
|
Debian Security Advisory 1384-1 - Several local vulnerabilities have been discovered in the Xen hypervisor packages which may lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 4426 | | Related CVE(s): | CVE-2007-4993, CVE-2007-1320 | | Last Modified: | Oct 5 22:55:38 2007 |
| MD5 Checksum: | b618188d8cd922f81ab60bf8149a0381 |
|
| /// File Name: |
sa27369.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for libpng and libpng10. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27369/ | | File Size: | 4409 | | Last Modified: | Oct 24 23:40:24 2007 |
| MD5 Checksum: | 55ce9ce69f324236d641c95b99fde9bb |
|
| /// File Name: |
firefoxzaptel-dos.txt |
Description:
|
Firefox version 2.0.0.7 suffers from a remote denial of service vulnerability and Zaptel version 1.4.5.1 suffers from a local buffer overflow vulnerability.
| | Author: | Michal Bucko, Tomasz Polis | | Homepage: | http://www.eleytt.com/ | | File Size: | 4375 | | Last Modified: | Oct 22 23:19:33 2007 |
| MD5 Checksum: | a1b3c76dbcb4a803b71f3f3e10ad3237 |
|
| /// File Name: |
sa27234.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in various Nortel products, which can be exploited by malicious people to cause a DoS (Denial of Service) and to eavesdrop with affected devices.
| | Homepage: | http://secunia.com/advisories/27234/ | | File Size: | 4372 | | Last Modified: | Oct 18 17:54:12 2007 |
| MD5 Checksum: | 2be9f58357257cb97b0b86ba7b1bb42e |
|
| /// File Name: |
dsa-1395-1.txt |
Description:
|
Debian Security Advisory 1395-1 - Steve Kemp from the Debian Security Audit project discovered that xen-utils, a collection of XEN administrative tools, used temporary files insecurely within the xenmon tool allowing local users to truncate arbitrary files.
| | Homepage: | http://www.debian.org/security | | File Size: | 4350 | | Related CVE(s): | CVE-2007-3919 | | Last Modified: | Oct 25 11:13:12 2007 |
| MD5 Checksum: | 8e557897a1c591934305dea2915ee313 |
|
| /// File Name: |
corsaire-citrix.txt |
Description:
|
The Citrix Access Gateway product suffers from a flaw that allows an attacker to gain access to an authenticated user's session ID.
| | Author: | Martin O'Neal | | File Size: | 4301 | | Related CVE(s): | CVE-2007-0011 | | Last Modified: | Oct 22 23:57:48 2007 |
| MD5 Checksum: | 3e891095a8fbf6693cb268510e70f00f |
|
| /// File Name: |
secunia-irfanview.txt |
Description:
|
Secunia Research has discovered a vulnerability in IrfanView, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when importing palette files. Versions 3.99 and 4.00 are affected.
| | Author: | Stefan Cornelius | | Homepage: | http://secunia.com/ | | File Size: | 4293 | | Related CVE(s): | CVE-2007-4343 | | Last Modified: | Oct 16 18:49:59 2007 |
| MD5 Checksum: | 556f24b7270e9a35be04abafd96adea2 |
|
| /// File Name: |
TA07-282A.txt |
Description:
|
Technical Cyber Security Alert TA07-282A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Outlook Express and Windows Mail, Microsoft Office, Microsoft Office for Mac, and Microsoft SharePoint. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4273 | | Last Modified: | Oct 10 02:17:08 2007 |
| MD5 Checksum: | 3aae2b7e9cc3444ce6193b3eefe8457c |
|
| /// File Name: |
10.10.07-1.txt |
Description:
|
iDefense Security Advisory 10.10.07 - Remote exploitation of a format string vulnerability in Kaspersky Lab's Online Scanner virus scanner service could allow an attacker to execute arbitrary code within the security context of the targeted user. iDefense has confirmed the existence of this vulnerability within version 5.0.93.0 of Kaspersky Lab's kavwebscan.dll. Previous versions are suspected to be vulnerable.
| | Author: | Stephen Fewer | | Homepage: | http://www.idefense.com/ | | File Size: | 4265 | | Related CVE(s): | CVE-2007-3675 | | Last Modified: | Oct 11 00:00:07 2007 |
| MD5 Checksum: | 3e0b4dc5a2a3f864e788a00519e4dc3a |
|
| /// File Name: |
10.02.07-1.txt |
Description:
|
iDefense Security Advisory 10.02.07 - Remote exploitation of a multiple vulnerabilities in X.Org Foundation's X Font Server, as included in various vendors' operating system distributions, could allow an attacker to execute arbitrary code. iDefense has confirmed the existence of these vulnerabilities in XFS version X11R7.2-1.0.4. Previous versions may also be affected.
| | Author: | Sean Larsson | | Homepage: | http://www.idefense.com/ | | File Size: | 4248 | | Related CVE(s): | CVE-2007-4568 | | Last Modified: | Oct 2 20:30:33 2007 |
| MD5 Checksum: | 0532b9913a377b17570bf93248afe912 |
|
| /// File Name: |
TA07-297B.txt |
Description:
|
Technical Cyber Security Alert TA07-297B - Adobe has released updates for the Adobe Reader and Adobe Acrobat product families. The update addresses a URI handling vulnerability in Microsoft Windows XP and Server 2003 systems with Internet Explorer 7.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4198 | | Last Modified: | Oct 25 00:18:19 2007 |
| MD5 Checksum: | 4fa2e40faf6c0e78aad5400850ba0c6d |
|
| /// File Name: |
USN-532-1.txt |
Description:
|
Ubuntu Security Notice 532-1 - Nobuhiro Ban discovered that check_http in nagios-plugins did not properly sanitize its input when following redirection requests. A malicious remote web server could cause a denial of service or possibly execute arbitrary code as the user. Aravind Gottipati discovered that sslutils.c in nagios-plugins did not properly reset pointers to NULL. A malicious remote web server could cause a denial of service. Aravind Gottipati discovered that check_http in nagios-plugins did not properly calculate how much memory to reallocate when following redirection requests. A malicious remote web server could cause a denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4191 | | Related CVE(s): | CVE-2007-5198 | | Last Modified: | Oct 22 23:50:36 2007 |
| MD5 Checksum: | e91105e1fb6b720a07b26dddb3a591bf |
|
| /// File Name: |
sa27009.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in Sun Java JRE (Java Runtime Environment), which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27009/ | | File Size: | 4174 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | 16dc3f84d8583d96d4817ec55d5a732c |
|
| /// File Name: |
secunia-tivoli.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in IBM Tivoli Storage Manager Client, which can be exploited by malicious people to conduct script insertion attacks. Certain input passed in HTTP requests to the CAD service is not properly sanitized before being logged. This can be exploited to insert arbitrary HTML and script code into dsmerror.log, which is executed in a user's browser session in context of the affected site when e.g. viewing the log file via the web-based interface using the "FILE" functionality of the CAD service.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4171 | | Related CVE(s): | CVE-2007-4348 | | Last Modified: | Oct 29 15:14:45 2007 |
| MD5 Checksum: | 920304c68e58b9f4ab930134dc9c2e2e |
|
| /// File Name: |
realplayer-memory-corruption-adv.tx..> |
Description:
|
RealNetworks RealPlayer/RealOne Player/Helix Player all suffer from a memory corruption vulnerability in the handling of specially crafted .mov files. Successful exploitation may lead to code execution.
| | Author: | Piotr Bania | | Homepage: | http://piotrbania.com/ | | File Size: | 4159 | | Last Modified: | Oct 26 11:02:22 2007 |
| MD5 Checksum: | d5f7cd811f442f4d147649a824c696fc |
|
| /// File Name: |
CVE-2007-4600.txt |
Description:
|
The Protect Worksheet functionality, used to protect sections Mathcad sheets from alterations, is easily bypassed allowing access to the protected data due to the implementation of the file format used to save the files. Versions 12 through 14 are susceptible.
| | File Size: | 4153 | | Related CVE(s): | CVE-2007-4600 | | Last Modified: | Oct 16 18:47:30 2007 |
| MD5 Checksum: | 83651ae896318aefdeff22b7a7109e05 |
|
| /// File Name: |
SA-20071031-0.txt |
Description:
|
SEC Consult Security Advisory 20071031-0 - The Perdition Mail Retrieval Proxy versions 1.17 and below suffer from a format string vulnerability.
| | Author: | Bernhard Mueller | | Homepage: | http://www.sec-consult.com/ | | File Size: | 4152 | | Last Modified: | Oct 31 11:14:35 2007 |
| MD5 Checksum: | 8b94c6a2ea934c2582c4c95be156a6a6 |
|
| /// File Name: |
10.09.07-1.txt |
Description:
|
iDefense Security Advisory 10.09.07 - Remote exploitation of a heap overflow in Microsoft Corp.'s Windows Mail and Outlook Express NNTP clients may allow an attacker to execute code with the privileges of the logged on user.
| | Author: | Greg MacManus | | Homepage: | http://www.idefense.com/ | | File Size: | 4133 | | Related CVE(s): | CVE-2007-3897 | | Last Modified: | Oct 10 02:15:53 2007 |
| MD5 Checksum: | bf343d74732b59920caee4de64fd295c |
|
| /// File Name: |
sa27085.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xen-utils. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/27085/ | | File Size: | 4101 | | Last Modified: | Oct 8 20:24:54 2007 |
| MD5 Checksum: | 99592ac3762a1fa46cee379625ea3b97 |
|
| /// File Name: |
sa27408.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xen-utils. This fixes a security issue, which can be exploited by malicious, local users to truncate arbitrary files.
| | Homepage: | http://secunia.com/advisories/27408/ | | File Size: | 4065 | | Last Modified: | Oct 29 11:03:58 2007 |
| MD5 Checksum: | 2cdb74c23c2a93f17c117955c1a5d5d3 |
|
| /// File Name: |
sa27320.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Sun JRE, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27320/ | | File Size: | 4057 | | Last Modified: | Oct 23 22:14:49 2007 |
| MD5 Checksum: | 7e61fb6d016fbccad7a0943472d5ef1d |
|
| /// File Name: |
sa27460.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for python. This fixes a security issue, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27460/ | | File Size: | 4035 | | Last Modified: | Oct 30 19:58:14 2007 |
| MD5 Checksum: | ef937a5a794929c95a2f37e41e4bd560 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
