Section: .. / 0712-advisories /
| /// File Name: |
glsa-200712-16.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-16 - Meder Kydyraliev (Google Security) discovered an integer overflow vulnerability in the JpegThumbnail::setDataArea() method leading to a heap-based buffer overflow. Versions less than 0.13-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3099 | | Related CVE(s): | CVE-2007-6353 | | Last Modified: | Dec 29 15:40:56 2007 |
| MD5 Checksum: | fc872ddcea86f6cda5645bb69903878b |
|
| /// File Name: |
glsa-200712-17.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-17 - Meder Kydyraliev (Google Security) discovered that Exif metadata is not properly sanitized before being processed, resulting in illegal memory access in the postprop() and other functions (CVE-2007-6354). He also discovered integer overflow vulnerabilities in the parsetag() and other functions (CVE-2007-6355) and an infinite recursion in the readifds() function caused by recursive IFD references (CVE-2007-6356). Versions less than 1.01 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3580 | | Related CVE(s): | CVE-2007-6354, CVE-2007-6355, CVE-2007-6356 | | Last Modified: | Dec 29 15:41:24 2007 |
| MD5 Checksum: | a584664894341f424cd8e43143f62ef8 |
|
| /// File Name: |
glsa-200712-18.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-18 - nnp discovered multiple vulnerabilities in the XML-RPC handler in the file webserver.c. The ws_addarg() function contains a format string vulnerability, as it does not properly sanitize username and password data from the Authorization: Basic HTTP header line (CVE-2007-5825). The ws_decodepassword() and ws_getheaders() functions do not correctly handle empty Authorization header lines, or header lines without a ':' character, leading to NULL pointer dereferences (CVE-2007-5824). Versions less than 0.2.4.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3200 | | Related CVE(s): | CVE-2007-5824, CVE-2007-5825 | | Last Modified: | Dec 29 15:42:01 2007 |
| MD5 Checksum: | 42ba0e2495aa71dc5c890aaff6b91084 |
|
| /// File Name: |
glsa-200712-19.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-19 - Oriol Carreras reported a NULL pointer dereference in the log_msg_parse() function when processing timestamps without a terminating whitespace character. Versions less than 2.0.6 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2433 | | Related CVE(s): | CVE-2007-6437 | | Last Modified: | Dec 29 15:42:37 2007 |
| MD5 Checksum: | 5e698d3b561576cc13d4422b5922d9f2 |
|
| /// File Name: |
glsa-200712-20.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-20 - iDefense reported an integer overflow vulnerability in the cli_scanpe() function when parsing Portable Executable (PE) files packed in the MEW format, that could be exploited to cause a heap-based buffer overflow (CVE-2007-6335). Toeroek Edwin reported an off-by-one error when decompressing MS-ZIP compressed CAB files (CVE-2007-6336). An unspecified vulnerability related to the bzip2 decompression algorithm has also been discovered (CVE-2007-6337). Versions less than 0.91.2-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3181 | | Related CVE(s): | CVE-2007-6335, CVE-2007-6336, CVE-2007-6337 | | Last Modified: | Dec 29 15:43:01 2007 |
| MD5 Checksum: | d24f2caf1e6066ee693b8371b745cbde |
|
| /// File Name: |
glsa-200712-21.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-21 - Jesse Ruderman and Petko D. Petkov reported that the jar protocol handler in Mozilla Firefox and Seamonkey does not properly check MIME types (CVE-2007-5947). Gregory Fleischer reported that the window.location property can be used to generate a fake HTTP Referer (CVE-2007-5960). Multiple memory errors have also been reported (CVE-2007-5959). Versions less than 2.0.0.11 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3897 | | Related CVE(s): | CVE-2007-5947, CVE-2007-5959, CVE-2007-5960 | | Last Modified: | Dec 29 15:43:18 2007 |
| MD5 Checksum: | 62d7fd5d1e0e1068e081617596992ee8 |
|
| /// File Name: |
glsa-200712-22.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-22 - David Bloom reported two vulnerabilities where plug-ins (CVE-2007-6520) and Rich text editing (CVE-2007-6522) could be used to allow cross domain scripting. Alexander Klink (Cynops GmbH) discovered an issue with TLS certificates (CVE-2007-6521). Gynvael Coldwind reported that bitmaps might reveal random data from memory (CVE-2007-6524). Versions less than 9.25 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3279 | | Related CVE(s): | CVE-2007-6520, CVE-2007-6521, CVE-2007-6522, CVE-2007-6524 | | Last Modified: | Dec 31 16:40:36 2007 |
| MD5 Checksum: | f8410efea15b673e7cf2c21266cc5b0c |
|
| /// File Name: |
glsa-200712-23.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-23 - Multiple buffer overflows and infinite loops were discovered in multiple dissector and parser components, including those for MP3 and NCP (CVE-2007-6111), PPP (CVE-2007-6112), DNP (CVE-2007-6113), SSL and iSeries (OS/400) Communication traces (CVE-2007-6114), ANSI MAP (CVE-2007-6115), Firebird/Interbase (CVE-2007-6116), HTTP (CVE-2007-6117), MEGACO (CVE-2007-6118), DCP ETSI (CVE-2007-6119), Bluetooth SDP (CVE-2007-6120), RPC Portmap (CVE-2007-6121), SMB (CVE-2007-6438), IPv6 amd USB (CVE-2007-6439), WiMAX (CVE-2007-6441), RPL (CVE-2007-6450), CIP (CVE-2007-6451). The vulnerabilities were discovered by Stefan Esser, Beyond Security, Fabiodds, Peter Leeming, Steve and ainsley. Versions less than 0.99.7 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4621 | | Related CVE(s): | CVE-2007-6111, CVE-2007-6112, CVE-2007-6113, CVE-2007-6114, CVE-2007-6115, CVE-2007-6116, CVE-2007-6117, CVE-2007-6118, CVE-2007-6119, CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441, CVE-2007-6450, CVE-2007-6451 | | Last Modified: | Dec 31 16:40:52 2007 |
| MD5 Checksum: | 902ebf0362f82d466adf79ab3f46d7d0 |
|
| /// File Name: |
glsa-200712-24.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-24 - The Cairo versions used by the AMD64 x86 emulation GTK+ libraries were vulnerable to integer overflow vulnerabilities (GLSA 200712-04). Versions less than 20071214 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2954 | | Last Modified: | Dec 31 16:41:32 2007 |
| MD5 Checksum: | 9952142e0dc83abd85329c25fefb11b4 |
|
| /// File Name: |
glsa-200712-25.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-25 - The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to SQL statements. Versions less than 2.3.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3650 | | Related CVE(s): | CVE-2007-4575 | | Last Modified: | Dec 31 16:41:49 2007 |
| MD5 Checksum: | 7bd6825d3d9c7fa826462f9720d3acd3 |
|
| /// File Name: |
google-spoof.txt |
Description:
|
Google Toolbar allows spoofing the information presented in the dialog which is being displayed when adding a new Google Toolbar button.
| | Author: | avivra | | Homepage: | http://aviv.raffon.net/ | | File Size: | 613 | | Last Modified: | Dec 18 19:58:00 2007 |
| MD5 Checksum: | 7350aa8cd043785d4959d429b5f741f1 |
|
| /// File Name: |
heimdal-uninit.txt |
Description:
|
Heimdal ftpd versions 0.7.2 and below suffer from an uninitialized vulnerability.
| | Author: | Venustech AD-LAB | | Homepage: | http://www.venustech.com.cn/ | | File Size: | 2187 | | Related CVE(s): | CVE-2007-5939 | | Last Modified: | Dec 7 20:04:35 2007 |
| MD5 Checksum: | a02236fe3029b7ee9a2e10824fdc7764 |
|
| /// File Name: |
hp-snmp.txt |
Description:
|
The HP Photosmart C6280 network printer ships with unchangeable insecure default settings.
| | Author: | uncleron | | File Size: | 668 | | Last Modified: | Dec 28 20:17:27 2007 |
| MD5 Checksum: | 526cb2ee10c1bd7f0a8519a5b5fabf46 |
|
| /// File Name: |
httpfileserver-traverse.txt |
Description:
|
HTTP File Server versions 2.2a and below and 2.3 beta and below suffer form a directory traversal vulnerability in file uploading.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | File Size: | 2003 | | Last Modified: | Dec 7 20:24:38 2007 |
| MD5 Checksum: | 146742abe7e8a4a97e9b3b8e0575afa2 |
|
| /// File Name: |
incidents-summary.txt |
Description:
|
A quick summary of recent web hacking incidents in December 2007.
| | Author: | Ofer Shezaf | | File Size: | 9000 | | Last Modified: | Dec 28 19:36:19 2007 |
| MD5 Checksum: | f2632d64721a936dcca32425bc9cd383 |
|
| /// File Name: |
joomla-csrf.txt |
Description:
|
Multiple cross site request forgery vulnerabilities may exist in all versions of Joomla!.
| | Author: | Zinho | | Homepage: | http://www.hackerscenter.com/ | | File Size: | 1888 | | Last Modified: | Dec 28 20:08:24 2007 |
| MD5 Checksum: | e5543c23ddaa171f1203ab0dd31397dd |
|
| /// File Name: |
mcafeeps-exec.txt |
Description:
|
McAfee SecurityCenter Privacy Service version 8.1.0.136 suffers from a script insertion vulnerability.
| | Author: | Doz | | Homepage: | http://www.hackerscenter.com/ | | File Size: | 1828 | | Last Modified: | Dec 4 00:11:00 2007 |
| MD5 Checksum: | f781b19c2470e9ef5f79632345c377cf |
|
| /// File Name: |
MDKSA-2007-234.txt |
Description:
|
Mandriva Linux Security Advisory - Raphael Marichez discovered a denial of service bug in how vixie-cron verifies crontab file integrity. A local user with the ability to create a hardlink to /etc/crontab could prevent vixie-cron from executing certain system cron jobs.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3424 | | Related CVE(s): | CVE-2007-1856 | | Last Modified: | Dec 4 00:29:12 2007 |
| MD5 Checksum: | ce3c43d6d7de27803535bb1c72e63753 |
|
| /// File Name: |
MDKSA-2007-235.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in the Apache mod_proxy module was found that could potentially lead to a denial of service is using a threaded Multi-Processing Module. On sites where a reverse proxy is configured, a remote attacker could send a special reequest that would cause the Apache child process handling the request to crash. Likewise, a similar crash could occur on sites with a forward proxy configured if a user could be persuaded to visit a malicious site using the proxy. A flaw in the Apache mod_autoindex module was found. On sites where directory listings are used and the AddDefaultCharset directive was removed from the configuration, a cross-site-scripting attack could be possible against browsers that to not correctly derive the response character set according to the rules in RGC 2616.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 20725 | | Related CVE(s): | CVE-2007-3847, CVE-2007-4465 | | Last Modified: | Dec 4 00:30:30 2007 |
| MD5 Checksum: | d345f9bab49fe8ef1ff30fbc712665a5 |
|
| /// File Name: |
MDKSA-2007-236.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in OpenSSH prior to 4.7 prevented ssh from properly handling when an untrusted cookie could not be created and used a trusted X11 cookie instead, which could allow attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7816 | | Related CVE(s): | CVE-2007-4752 | | Last Modified: | Dec 5 23:35:24 2007 |
| MD5 Checksum: | fbd6eaf14eebbb0b688a45ef45ee6de1 |
|
| /// File Name: |
MDKSA-2007-237.txt |
Description:
|
Mandriva Linux Security Advisory - A buffer overflow in the DTLS implementation of OpenSSL 0.9.8 could be exploited by attackers to potentially execute arbitrary code. It is questionable as to whether the DTLS support even worked or is used in any applications; as a result this flaw most likely does not affect most Mandriva users.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5106 | | Related CVE(s): | CVE-2007-4995 | | Last Modified: | Dec 5 23:36:45 2007 |
| MD5 Checksum: | 3da9e6824cdc78f35bcc7df2c9865f62 |
|
| /// File Name: |
MDKSA-2007-238.txt |
Description:
|
Mandriva Linux Security Advisory - Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3173 | | Related CVE(s): | CVE-2007-2741 | | Last Modified: | Dec 7 19:40:27 2007 |
| MD5 Checksum: | d8fe6af6c4d1519417166db8fb6b8b88 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
