Section: .. / 0712-advisories /
| /// File Name: |
USN-554-1.txt |
Description:
|
Ubuntu Security Notice 554-1 - Bastien Roucaries discovered that dvips as included in tetex-bin and texlive-bin did not properly perform bounds checking. If a user or automated system were tricked into processing a specially crafted dvi file, dvips could be made to crash and execute code as the user invoking the program. Joachim Schrod discovered that the dviljk utilities created temporary files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. Joachim Schrod discovered that the dviljk utilities did not perform bounds checking in many instances. If a user or automated system were tricked into processing a specially crafted dvi file, the dviljk utilities could be made to crash and execute code as the user invoking the program.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 16925 | | Related CVE(s): | CVE-2007-5937, CVE-2007-5935, CVE-2007-5936 | | Last Modified: | Dec 7 19:43:18 2007 |
| MD5 Checksum: | 66e2a0f3a69dd3a6048a891fe1ea00d3 |
|
| /// File Name: |
sa27967.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for tetex-bin and texlive-bin. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose and manipulate sensitive information and by malicious people to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27967/ | | File Size: | 16579 | | Last Modified: | Dec 7 20:13:51 2007 |
| MD5 Checksum: | a8f40851119fdd80a99057aa03701f2c |
|
| /// File Name: |
sa27892.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for asterisk. This fixes a vulnerability, which can be exploited by malicious users to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/27892/ | | File Size: | 16538 | | Last Modified: | Dec 3 23:44:29 2007 |
| MD5 Checksum: | 109e18a49b38825a72a051d30f3e9bf1 |
|
| /// File Name: |
sa28200.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for cupsys. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges, and by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28200/ | | File Size: | 16515 | | Last Modified: | Dec 28 16:35:50 2007 |
| MD5 Checksum: | 02458b98e9a88acefcb3f94f1f52a0cc |
|
| /// File Name: |
USN-550-3.txt |
Description:
|
Ubuntu Security Notice 550-3 - USN-550-1 fixed vulnerabilities in Cairo. A bug in font glyph rendering was uncovered as a result of the new memory allocation routines. In certain situations, fonts containing characters with no width or height would not render any more. This update fixes the problem. Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 16413 | | Related CVE(s): | CVE-2007-5503 | | Last Modified: | Dec 13 17:52:55 2007 |
| MD5 Checksum: | 2370d0c51e796c283bd73261ef0bf925 |
|
| /// File Name: |
USN-549-2.txt |
Description:
|
Ubuntu Security Notice 549-2 - USN-549-1 fixed vulnerabilities in PHP. However, some upstream changes were incomplete, which caused crashes in certain situations with Ubuntu 7.10.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 16308 | | Related CVE(s): | CVE-2007-1285, CVE-2007-2872, CVE-2007-3799, CVE-2007-3998, CVE-2007-4657, CVE-2007-4658, CVE-2007-4660, CVE-2007-4661, CVE-2007-4662, CVE-2007-4670, CVE-2007-5898, CVE-2007-5899 | | Last Modified: | Dec 4 00:32:01 2007 |
| MD5 Checksum: | 883dbe5e47179ed899e41fa2ee7f295e |
|
| /// File Name: |
dsa-1435-1.txt |
Description:
|
Debian Security Advisory 1435-1 - Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. It was discovered that an integer overflow in the decompression code for MEW archives may lead to the execution of arbitrary code. It was discovered that on off-by-one in the MS-ZIP decompression code may lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 16266 | | Related CVE(s): | CVE-2007-6335, CVE-2007-6336 | | Last Modified: | Dec 19 20:33:08 2007 |
| MD5 Checksum: | 87d390e3fa408689e35f1c82920fc3f0 |
|
| /// File Name: |
sa27887.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for cairo. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/27887/ | | File Size: | 16083 | | Last Modified: | Dec 5 15:05:44 2007 |
| MD5 Checksum: | ce1e6c8679a68a25597de02399e40f4c |
|
| /// File Name: |
sa27943.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for wesnoth. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/27943/ | | File Size: | 16063 | | Last Modified: | Dec 7 11:22:07 2007 |
| MD5 Checksum: | ba12067a17dc5025a6d5471d3b64daff |
|
| /// File Name: |
USN-550-1.txt |
Description:
|
Ubuntu Security Notice 550-1 - Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 16053 | | Related CVE(s): | CVE-2007-5503 | | Last Modified: | Dec 4 00:33:23 2007 |
| MD5 Checksum: | 5975ff335956b85fe3c414e8ffa19e1b |
|
| /// File Name: |
sa28246.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for gallery2. This fixes some vulnerabilities and a weakness, where some have unspecified impacts and others can be exploited by malicious users or malicious people to disclose sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28246/ | | File Size: | 15163 | | Last Modified: | Dec 28 16:35:50 2007 |
| MD5 Checksum: | b734c673dc97f0d12e5491c08b9440a9 |
|
| /// File Name: |
sa28176.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28176/ | | File Size: | 15084 | | Last Modified: | Dec 24 13:50:38 2007 |
| MD5 Checksum: | 003b5a0892fd69bbad0453b1b80b734c |
|
| /// File Name: |
cisco-sa-20071219-fwsm.txt |
Description:
|
Cisco Security Advisory - A vulnerability exists in the Cisco Firewall Services Module (FWSM) that may result in a reload of the FWSM. The only affected FWSM System Software Version is 3.2(3).
| | Homepage: | http://www.cisco.com/ | | File Size: | 13946 | | Last Modified: | Dec 19 19:46:07 2007 |
| MD5 Checksum: | 5f83cd27b3e83dcd44bfc50f02b41827 |
|
| /// File Name: |
sa27888.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to cause a DoS and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27888/ | | File Size: | 13512 | | Last Modified: | Dec 5 15:05:44 2007 |
| MD5 Checksum: | 746a6b44d8aa1149c4726a2f1f054bec |
|
| /// File Name: |
MDKSA-2007-243.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in MySQL prior to 5.0.45 did not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, allowing remote authenticated users to obtain sensitive information such as the table structure. A vulnerability in the InnoDB engine in MySQL allowed remote authenticated users to cause a denial of service (database crash) via certain CONTAINS operations on an indexed column, which triggered an assertion error. Using RENAME TABLE against a table with explicit DATA DIRECTORY and INDEX DIRECTORY options could be used to overwrite system table information by replacing the file to which a symlink pointed to.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 12890 | | Related CVE(s): | CVE-2007-5925, CVE-2007-5969, CVE-2007-3781 | | Last Modified: | Dec 10 20:32:21 2007 |
| MD5 Checksum: | 119982336fda1ac9f91108e528720a41 |
|
| /// File Name: |
USN-551-1.txt |
Description:
|
Ubuntu Security Notice 551-1 - Thomas Sesselmann discovered that the OpenLDAP slapd server did not properly handle certain modify requests. A remote attacker could send malicious modify requests to the server and cause a denial of service. Toby Blake discovered that slapd did not properly terminate an array while running as a proxy-caching server. A remote attacker may be able to send crafted search requests to the server and cause a denial of service. This issue only affects Ubuntu 7.04 and 7.10.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 12244 | | Related CVE(s): | CVE-2007-5707, CVE-2007-5708 | | Last Modified: | Dec 4 00:35:17 2007 |
| MD5 Checksum: | 6f4f955592cc3827ccc22c9d96d994ab |
|
| /// File Name: |
sa27868.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for openldap. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27868/ | | File Size: | 12018 | | Last Modified: | Dec 5 15:05:44 2007 |
| MD5 Checksum: | 7c7a468271fbef1cd6d74fba520f7f4e |
|
| /// File Name: |
dsa-1441-1.txt |
Description:
|
Debian Security Advisory 1441-1 - Luigi Auriemma discovered that PeerCast, a P2P audio and video streaming server, is vulnerable to a heap overflow in the HTTP server code, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.
| | Homepage: | http://www.debian.org/security | | File Size: | 11270 | | Related CVE(s): | CVE-2007-6454 | | Last Modified: | Dec 28 20:20:32 2007 |
| MD5 Checksum: | 1cc219462c7386396c86f93e433fbada |
|
| /// File Name: |
SSRT071506.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
| | Homepage: | http://www.hp.com/ | | File Size: | 10217 | | Last Modified: | Dec 18 19:49:42 2007 |
| MD5 Checksum: | ec540f39ed29c2d99cd206fe55621a3c |
|
| /// File Name: |
sa28001.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for iceweasel. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site request forgery and cross-site scripting attacks or potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28001/ | | File Size: | 10039 | | Last Modified: | Dec 11 21:35:59 2007 |
| MD5 Checksum: | 783e91351480c2d5d57b21554c1abd38 |
|
| /// File Name: |
USN-550-2.txt |
Description:
|
Ubuntu Security Notice 550-2 - USN-550-1 fixed vulnerabilities in Cairo. The upstream fixes were incomplete, and under certain situations, applications using Cairo would crash with a floating point error. Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 9760 | | Last Modified: | Dec 10 20:12:21 2007 |
| MD5 Checksum: | a86ef1bed2d880f4522bad4f6a7ec124 |
|
| /// File Name: |
sa27922.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27922/ | | File Size: | 9559 | | Last Modified: | Dec 11 21:35:59 2007 |
| MD5 Checksum: | c120c402b09dbc104354d46c1b55274a |
|
| /// File Name: |
sa28136.txt |
Description:
|
Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
| | Homepage: | http://secunia.com/advisories/28136/ | | File Size: | 9393 | | Last Modified: | Dec 18 19:48:29 2007 |
| MD5 Checksum: | da5b02678e5368aa3507790bfcf11531 |
|
| /// File Name: |
sa27912.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes a weakness, a security issue, and some vulnerabilities, where one has unknown impacts and others can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and gain escalated privileges, or by malicious people to cause a DoS or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27912/ | | File Size: | 9296 | | Last Modified: | Dec 5 15:05:44 2007 |
| MD5 Checksum: | 1cbef865e52502238836f6cdaca53afd |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
