Section: .. / 0711-advisories /
| /// File Name: |
MDKSA-2007-228.txt |
Description:
|
Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in cups. An attacker could create a malicious PDF file that would cause cups to crash or potentially execute arbitrary code when opened.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8508 | | Related CVE(s): | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 | | Last Modified: | Nov 26 17:27:13 2007 |
| MD5 Checksum: | 3b63964426b583b7859d5d456d6c969d |
|
| /// File Name: |
MDKSA-2007-227.txt |
Description:
|
Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in poppler. An attacker could create a malicious PDF file that would cause poppler to crash or potentially execute arbitrary code when opened.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6604 | | Related CVE(s): | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 | | Last Modified: | Nov 26 17:26:44 2007 |
| MD5 Checksum: | 89d580be4bc84ec7277dde50a2f6dd89 |
|
| /// File Name: |
MDKSA-2007-226.txt |
Description:
|
Mandriva Linux Security Advisory - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. The minix filesystem code allows local users to cause a denial of service (hang) via a malformed minix file stream. An integer underflow in the Linux kernel prior to 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6197 | | Related CVE(s): | CVE-2006-6058, CVE-2007-4997 | | Last Modified: | Nov 26 17:26:07 2007 |
| MD5 Checksum: | 78821709b8c62321dd92c246f966efc7 |
|
| /// File Name: |
glsa-200711-28.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-28 - Tavis Ormandy and Will Drewry (Google Security Team) discovered a heap-based buffer overflow in the Regular Expression engine (regcomp.c) that occurs when switching from byte to Unicode (UTF-8) characters in a regular expression. Versions less than 5.8.8-r4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3039 | | Related CVE(s): | CVE-2007-5116 | | Last Modified: | Nov 26 17:21:19 2007 |
| MD5 Checksum: | c119debc5cff12e519f8b6d94077184f |
|
| /// File Name: |
MDKSA-2007-225.txt |
Description:
|
Mandriva Linux Security Advisory - The SNMP agent in net-snmp 5.4.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 9096 | | Related CVE(s): | CVE-2007-5846 | | Last Modified: | Nov 26 17:18:10 2007 |
| MD5 Checksum: | aff94627279169e507cae4278624e45b |
|
| /// File Name: |
omnipcx-reroute.txt |
Description:
|
The Alcatel OmniPCX Enterprise VoIP system versions 7.1 and below are susceptible to a audio stream reroute vulnerability.
| | Author: | Daniel Stirnimann | | Homepage: | http://www.csnc.ch/ | | File Size: | 1877 | | Last Modified: | Nov 26 17:16:10 2007 |
| MD5 Checksum: | 0f6acf675c5992b90648fd91a41fb30c |
|
| /// File Name: |
glsa-200711-27.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-27 - Alin Rad Pop from Secunia Research discovered a boundary error in the function separate_sentence() in file tokenize.c when processing an overly long word which might lead to a stack-based buffer overflow. Versions less than 4.2.4-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3083 | | Related CVE(s): | CVE-2007-5395 | | Last Modified: | Nov 26 17:12:15 2007 |
| MD5 Checksum: | 1eeae44c2f9d21dea0bc4f6fc98c980a |
|
| /// File Name: |
glsa-200711-26.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-26 - Joachim Schrod discovered several buffer overflow vulnerabilities and an insecure temporary file creation in the dvilj application that is used by dvips to convert DVI files to printer formats. Bastien Roucaries reported that the dvips application is vulnerable to two stack-based buffer overflows when processing DVI documents with long \href{} URIs. teTeX also includes code from Xpdf that is vulnerable to a memory corruption and two heap-based buffer overflows (GLSA 200711-22); and it contains code from T1Lib that is vulnerable to a buffer overflow when processing an overly long font filename (GLSA 200710-12). Versions less than 3.0_p1-r6 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 3879 | | Related CVE(s): | CVE-2007-5935, CVE-2007-5936, CVE-2007-5937 | | Last Modified: | Nov 26 17:12:03 2007 |
| MD5 Checksum: | 939fb5b05b883ecc852b7f833900b729 |
|
| /// File Name: |
glsa-200711-25.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-25 - Joe Gallo and Artem Russakovskii reported an error in the convert_search_mode_to_innobase() function in ha_innodb.cc in the InnoDB engine that is leading to a failed assertion when handling CONTAINS operations. Versions less than 5.0.44-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2833 | | Related CVE(s): | CVE-2007-5925 | | Last Modified: | Nov 26 17:11:02 2007 |
| MD5 Checksum: | 036505c0ef830c9c876bffba789560eb |
|
| /// File Name: |
glsa-200711-24.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-24 - Multiple vulnerabilities have been reported in Mozilla Thunderbird's HTML browser engine and JavaScript engine that can be exploited to cause a memory corruption. Versions less than 2.0.0.9 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 3703 | | Related CVE(s): | CVE-2007-5339, CVE-2007-5340 | | Last Modified: | Nov 26 17:10:55 2007 |
| MD5 Checksum: | 4a12b5bd1ff975567e015e39baddc728 |
|
| /// File Name: |
glsa-200711-23.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-23 - Multiple vulnerabilities have been discovered in several VMware products. Neel Mehta and Ryan Smith (IBM ISS X-Force) discovered that the DHCP server contains an integer overflow vulnerability, an integer underflow vulnerability and another error when handling malformed packets, leading to stack-based buffer overflows or stack corruption. Rafal Wojtczvk (McAfee) discovered two unspecified errors that allow authenticated users with administrative or login privileges on a guest operating system to corrupt memory or cause a Denial of Service. Another unspecified vulnerability related to untrusted virtual machine images was discovered. Versions less than 6.0.1.55017 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 6028 | | Related CVE(s): | CVE-2004-0813, CVE-2006-3619, CVE-2006-4146, CVE-2006-4600, CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-1716, CVE-2007-4496, CVE-2007-4497, CVE-2007-5617 | | Last Modified: | Nov 26 16:44:54 2007 |
| MD5 Checksum: | a15a426e0b804db611464609d58fe90d |
|
| /// File Name: |
glsa-200711-22.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-22 - Alin Rad Pop (Secunia Research) discovered several vulnerabilities in the Stream.cc file of Xpdf: An integer overflow in the DCTStream::reset() method and a boundary error in the CCITTFaxStream::lookChar() method, both leading to heap-based buffer overflows. He also discovered a boundary checking error in the DCTStream::readProgressiveDataUnit() method causing memory corruption. Note: Gentoo's version of Xpdf is patched to use the Poppler library, so the update to Poppler will also fix Xpdf. Versions less than 0.6.1-r1 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 5073 | | Related CVE(s): | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 | | Last Modified: | Nov 26 16:42:57 2007 |
| MD5 Checksum: | cf524b80ddac93d7e85c3902d5b2422a |
|
| /// File Name: |
certspoof.txt |
Description:
|
Mozilla based browsers (Firefox, Netscape, etc), Konqueror and Safari 2 do not bind a user-approved webserver certificate to the originating domain name. This makes the user vulnerable to certificate spoofing by "subjectAltName:dNSName" extensions.
| | Author: | Nils Toedtmann | | File Size: | 2060 | | Last Modified: | Nov 26 16:41:42 2007 |
| MD5 Checksum: | b875aafb6dd3bf1718f4e57709f83c5e |
|
| /// File Name: |
live555x.txt |
Description:
|
LIVE555 Media Server versions 2007.11.01 and below suffer from a denial of service vulnerability due to a memory access violation.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | live555x.zip | | File Size: | 2251 | | Last Modified: | Nov 26 16:38:12 2007 |
| MD5 Checksum: | 3d16fc37149b52055a09781bc02e564a |
|
| /// File Name: |
dsa-1407-1.txt |
Description:
|
Debian Security Advisory 1407-1 - Alin Rad Pop discovered that the Common UNIX Printing System is vulnerable to an off-by-one buffer overflow in the code to process IPP packets, which may lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 16033 | | Related CVE(s): | CVE-2007-4351 | | Last Modified: | Nov 26 16:36:09 2007 |
| MD5 Checksum: | b0d8e1d4860d5ee1f39cbf7446d0a39f |
|
| /// File Name: |
glsa-200711-21.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-21 - Tavis Ormandy of the Google Security Team discovered a heap-based overflow vulnerability in the NE2000 driver. He also discovered a divide-by-zero error in the emulated floppy disk controller. Versions less than 2.3 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 2997 | | Related CVE(s): | CVE-2007-2893, CVE-2007-2894 | | Last Modified: | Nov 26 16:10:43 2007 |
| MD5 Checksum: | 701b06a54668212a4a8bfe55c424261c |
|
| /// File Name: |
MDKSA-2007-224.txt |
Description:
|
Mandriva Linux Security Advisory - The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service. As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 17826 | | Related CVE(s): | CVE-2007-5398, CVE-2007-4572 | | Last Modified: | Nov 26 16:08:19 2007 |
| MD5 Checksum: | c32c1a151a0949b55ac1568072ffec25 |
|
| /// File Name: |
MDKSA-2007-223.txt |
Description:
|
Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in pdftohtml. An attacker could create a malicious PDF file that would cause pdftohtml to crash or potentially execute arbitrary code when opened.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2910 | | Related CVE(s): | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 | | Last Modified: | Nov 26 16:06:58 2007 |
| MD5 Checksum: | 3a6082d40c24a99449767333148956af |
|
| /// File Name: |
MDKSA-2007-222.txt |
Description:
|
Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in koffice. An attacker could create a malicious PDF file that would cause koffice to crash or potentially execute arbitrary code when opened.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 16096 | | Related CVE(s): | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 | | Last Modified: | Nov 26 16:06:26 2007 |
| MD5 Checksum: | b1b3fdc38e368c4d50af7677b8475a7f |
|
| /// File Name: |
USN-544-2.txt |
Description:
|
Ubuntu Security Notice 544-2 - USN-544-1 fixed two vulnerabilities in Samba. Fixes for CVE-2007-5398 are unchanged, but the upstream changes for CVE-2007-4572 introduced a regression in all releases which caused Linux smbfs mounts to fail. Additionally, Dapper and Edgy included an incomplete patch which caused configurations using NetBIOS to fail. A proper fix for these regressions does not exist at this time, and so the patch addressing CVE-2007-4572 has been removed. This vulnerability is believed to be an unexploitable denial of service, but a future update will address this issue. We apologize for the inconvenience.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 32338 | | Related CVE(s): | CVE-2007-5398, CVE-2007-4572 | | Last Modified: | Nov 26 15:57:07 2007 |
| MD5 Checksum: | 72259e6752df012d7870529f5775034a |
|
| /// File Name: |
AD20071116.txt |
Description:
|
AhnLab AntiVirus V3 Internet Security 2008 suffers from a denial of service condition that may lead to arbitrary code execution.
| | Author: | Sowhat | | Homepage: | http://www.nevisnetworks.com/ | | File Size: | 2745 | | Last Modified: | Nov 26 15:48:06 2007 |
| MD5 Checksum: | 7725e779e01714f6a14a54ea4885a2f5 |
|
| /// File Name: |
msjet-overflow.txt |
Description:
|
A remote code execute vulnerability exists in Microsoft Jet Engine. A remote attacker who successfully exploit this vulnerability can execute arbitrary code on the affected system.
| | Author: | cocoruder | | Homepage: | http://ruder.cdut.net/ | | File Size: | 6986 | | Last Modified: | Nov 26 15:46:41 2007 |
| MD5 Checksum: | 8c40aee731e7e2aff5e039121162cbcf |
|
| /// File Name: |
sa27690.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in nss-mdns, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27690/ | | File Size: | 2496 | | Last Modified: | Nov 26 11:56:43 2007 |
| MD5 Checksum: | b9004e5234bf348eaabf802ae5811aef |
|
| /// File Name: |
sa27703.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27703/ | | File Size: | 2388 | | Last Modified: | Nov 26 11:56:43 2007 |
| MD5 Checksum: | e244030b504b3fcb7143f6d84808b0d6 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
