Section: .. / 0711-advisories /
| /// File Name: |
glsa-200711-01.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-01 - Kalle Olavi Niemitalo discovered two boundary errors in fsplib code included in gFTP when processing overly long directory or file names. Versions less than 2.0.18-r6 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3173 | | Related CVE(s): | CVE-2007-3961, CVE-2007-3962 | | Last Modified: | Nov 1 19:29:21 2007 |
| MD5 Checksum: | d1a24e7c8aaf28b4a5e6ef96ba68dbde |
|
| /// File Name: |
sa27489.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for netpbm. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27489/ | | File Size: | 3172 | | Last Modified: | Nov 6 23:25:47 2007 |
| MD5 Checksum: | 2d954bd0fe6ccd46e9f9b24ac2516ebc |
|
| /// File Name: |
MDKSA-2007-205.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in opal, the Open Phone Abstraction Library, was found in how it handles certain Session Initiation Protocol (SIP) packets. An attacker could use this vulnerability to crash an application linked to opal, such as Ekiga.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3157 | | Related CVE(s): | CVE-2007-4924 | | Last Modified: | Nov 2 19:27:28 2007 |
| MD5 Checksum: | 4639f4fdabf3a80a50297f7f85650727 |
|
| /// File Name: |
glsa-200711-04.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-04 - The imap_rescan() function of the file camel-imap-folder.c does not properly sanitize the SEQUENCE response sent by an IMAP server before being used to index arrays. Versions less than 1.10.3.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3155 | | Related CVE(s): | CVE-2007-3257 | | Last Modified: | Nov 6 23:20:25 2007 |
| MD5 Checksum: | 73bfd4c7173bb1b3a317305f9d233fdf |
|
| /// File Name: |
sa27790.txt |
Description:
|
Secunia Security Advisory - trueend5 has discovered some vulnerabilities in RunCms, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27790/ | | File Size: | 3148 | | Last Modified: | Nov 27 21:51:05 2007 |
| MD5 Checksum: | 2df76c41ae21c7be754e5824ad320301 |
|
| /// File Name: |
sa27747.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged some vulnerabilities, security issues, and a weakness in various Avaya products, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and disclose potentially sensitive information, and by malicious users and malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/27747/ | | File Size: | 3135 | | Last Modified: | Nov 28 20:22:08 2007 |
| MD5 Checksum: | 73945ee3bd2b0f737cd374b1b5988dd8 |
|
| /// File Name: |
sa27695.txt |
Description:
|
Secunia Security Advisory - Some weaknesses and a security issue have been reported in Apple Mac OS X, which can lead to exposure of certain services.
| | Homepage: | http://secunia.com/advisories/27695/ | | File Size: | 3125 | | Last Modified: | Nov 20 11:17:55 2007 |
| MD5 Checksum: | 2d601949f95e21ee32de08aa54c1d45f |
|
| /// File Name: |
glsa-200711-32.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-32 - Kevin B. McCarty discovered that the feynmf.pl script creates a temporary properly list file at the location $TMPDIR/feynmf$PID.pl, where $PID is the process ID. Versions less than 1.08-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3104 | | Related CVE(s): | CVE-2007-5940 | | Last Modified: | Nov 26 17:40:41 2007 |
| MD5 Checksum: | bc3c2237199688d83b19f00a7ff8e45b |
|
| /// File Name: |
sa27866.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been discovered in TuMusika Evolution, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/27866/ | | File Size: | 3103 | | Last Modified: | Nov 30 00:36:59 2007 |
| MD5 Checksum: | 40a269e2b69912b68b6e21996f64d22a |
|
| /// File Name: |
sa27507.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for flac. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27507/ | | File Size: | 3102 | | Last Modified: | Nov 2 19:11:36 2007 |
| MD5 Checksum: | b51d88bb6ec8ca07326ddaf92f64a0c9 |
|
| /// File Name: |
sa27738.txt |
Description:
|
Secunia Security Advisory - Adrian Pastor has reported some vulnerabilities in Linksys WAG54GS, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
| | Homepage: | http://secunia.com/advisories/27738/ | | File Size: | 3095 | | Last Modified: | Nov 26 21:10:48 2007 |
| MD5 Checksum: | e56a4b5999b6d60da209274381149c14 |
|
| /// File Name: |
glsa-200711-19.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-19 - Stefan Esser reported that a previous vulnerability was not properly fixed in TikiWiki 1.9.8.1. The TikiWiki development team also added several checks to avoid file inclusion. Versions less than 1.9.8.3 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 3088 | | Related CVE(s): | CVE-2007-5423, CVE-2007-5682 | | Last Modified: | Nov 14 21:13:11 2007 |
| MD5 Checksum: | 756e25fd4face3714ba508cfca928d4a |
|
| /// File Name: |
sa27777.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27777/ | | File Size: | 3085 | | Last Modified: | Nov 26 11:56:43 2007 |
| MD5 Checksum: | 76e1e8ea8ffbe5415104abd18ade81f6 |
|
| /// File Name: |
glsa-200711-27.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-27 - Alin Rad Pop from Secunia Research discovered a boundary error in the function separate_sentence() in file tokenize.c when processing an overly long word which might lead to a stack-based buffer overflow. Versions less than 4.2.4-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3083 | | Related CVE(s): | CVE-2007-5395 | | Last Modified: | Nov 26 17:12:15 2007 |
| MD5 Checksum: | 1eeae44c2f9d21dea0bc4f6fc98c980a |
|
| /// File Name: |
sa27492.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for libpng. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27492/ | | File Size: | 3080 | | Last Modified: | Nov 6 22:14:24 2007 |
| MD5 Checksum: | b1de27c58dd43b644c16f7959f032423 |
|
| /// File Name: |
sa27672.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in teTeX, which can be exploited by malicious, local users to disclose and manipulate sensitive information and by malicious people to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27672/ | | File Size: | 3077 | | Last Modified: | Nov 20 11:17:55 2007 |
| MD5 Checksum: | f04abfce70f1ab5e8b0ae11b457dd8aa |
|
| /// File Name: |
glsa-200711-09.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-09 - Clemens Kolbitsch and Sylvester Keil reported an error when processing beacon frames with an overly large length value in the xrates element. Versions less than 0.9.3.3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3076 | | Related CVE(s): | CVE-2007-5448 | | Last Modified: | Nov 7 15:46:11 2007 |
| MD5 Checksum: | 961d46ee34c3b0f35bcc3ccf242cf88e |
|
| /// File Name: |
sa27710.txt |
Description:
|
Secunia Security Advisory - A weakness has been reported in OmniPCX Enterprise Communications Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27710/ | | File Size: | 3070 | | Last Modified: | Nov 23 18:42:38 2007 |
| MD5 Checksum: | a11953a66b7aba6673cc3080d4e6a059 |
|
| /// File Name: |
glsa-200711-33.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-33 - Josh Burley reported that nss_ldap does not properly handle the LDAP connections due to a race condition that can be triggered by multi-threaded applications using nss_ldap, which might lead to requested data being returned to a wrong process. Versions less than 258 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3064 | | Related CVE(s): | CVE-2007-5794 | | Last Modified: | Nov 26 22:07:53 2007 |
| MD5 Checksum: | 91fbe75e5024d67237681c85d6b56e08 |
|
| /// File Name: |
ZDI-07-065.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the parsing of the CTAB atom. While reading the CTAB RGB values, an invalid color table size can cause QuickTime to write past the end of the heap chunk. This memory corruption can lead to the execution of arbitrary code. QuickTime version 7.2 is affected.
| | Author: | Ruben Santamarta, Mario Ballano | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3057 | | Related CVE(s): | CVE-2007-4677 | | Last Modified: | Nov 6 01:54:30 2007 |
| MD5 Checksum: | fb69d59ed04b0aff6839be910543792e |
|
| /// File Name: |
sa26975.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Symantec Backup Exec for Windows Servers, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26975/ | | File Size: | 3046 | | Last Modified: | Nov 28 19:37:31 2007 |
| MD5 Checksum: | de86c821d363c465edddac7a4478d8e9 |
|
| /// File Name: |
glsa-200711-12.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-12 - Jan Oravec reported that the /usr/bin/tomboy script sets the LD_LIBRARY_PATH environment variable incorrectly, which might result in the current working directory (.) to be included when searching for dynamically linked libraries of the Mono Runtime application. Versions less than 0.8.1-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3045 | | Related CVE(s): | CVE-2005-4790 | | Last Modified: | Nov 8 18:33:42 2007 |
| MD5 Checksum: | 5960f033e452769b32ce449af3d5d7d3 |
|
| /// File Name: |
glsa-200711-28.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-28 - Tavis Ormandy and Will Drewry (Google Security Team) discovered a heap-based buffer overflow in the Regular Expression engine (regcomp.c) that occurs when switching from byte to Unicode (UTF-8) characters in a regular expression. Versions less than 5.8.8-r4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3039 | | Related CVE(s): | CVE-2007-5116 | | Last Modified: | Nov 26 17:21:19 2007 |
| MD5 Checksum: | c119debc5cff12e519f8b6d94077184f |
|
| /// File Name: |
sa27510.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27510/ | | File Size: | 3037 | | Last Modified: | Nov 6 22:14:24 2007 |
| MD5 Checksum: | e642cc5f09c0427bd54053511da07d86 |
|
| /// File Name: |
sa27662.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27662/ | | File Size: | 3037 | | Last Modified: | Nov 14 21:10:34 2007 |
| MD5 Checksum: | faaa4832bb8c59cf81d15d6c7a74ab54 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
