Section: .. / 0712-advisories /
| /// File Name: |
sa27979.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27979/ | | File Size: | 3824 | | Last Modified: | Dec 10 19:57:22 2007 |
| MD5 Checksum: | 564fafc1349c9172d829a10f1ae2bbc2 |
|
| /// File Name: |
sa27964.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27964/ | | File Size: | 3785 | | Last Modified: | Dec 7 19:28:25 2007 |
| MD5 Checksum: | 6a2ecb680d9514f058ce80a45cd2c2ad |
|
| /// File Name: |
sa28163.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities and a weakness have been reported in Gallery, where some have unspecified impacts and others can be exploited by malicious users or malicious people to disclose sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28163/ | | File Size: | 3757 | | Last Modified: | Dec 28 16:35:50 2007 |
| MD5 Checksum: | cb7d2ea54cf8546833593f5bca9237c2 |
|
| /// File Name: |
sa28091.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28091/ | | File Size: | 3747 | | Last Modified: | Dec 17 19:58:11 2007 |
| MD5 Checksum: | 7f8adb0ab8ae52ad79c5de840fa191f0 |
|
| /// File Name: |
sa28115.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported and acknowledged in Mac OS X, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, to cause a DoS (Denial of Service), or to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28115/ | | File Size: | 3733 | | Last Modified: | Dec 17 19:56:59 2007 |
| MD5 Checksum: | fde63354be0c1a70d14d34d5dfe9cf97 |
|
| /// File Name: |
sa27989.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for eggdrop. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27989/ | | File Size: | 3709 | | Last Modified: | Dec 11 21:35:59 2007 |
| MD5 Checksum: | 1af0d60bb489115f77d6716df3c54fc6 |
|
| /// File Name: |
SA-20071204-0.txt |
Description:
|
SEC Consult Security Advisory 20071204-0 - SonicWALL Global VPN Client suffers from a format string vulnerability that can be triggered by supplying a specially crafted configuration file. Versions below 4.0.0.830 are vulnerable.
| | Author: | Bernhard Mueller | | Homepage: | http://www.sec-consult.com/ | | File Size: | 3706 | | Last Modified: | Dec 5 22:55:46 2007 |
| MD5 Checksum: | c4bf2e45ab9a3c6e640061f665f3024d |
|
| /// File Name: |
TA07-355A.txt |
Description:
|
Technical Cyber Security Alert TA07-355A - Adobe has released Security bulletin APSB07-20 to address multiple vulnerabilities affecting Adobe Flash Player. Attackers could exploit these vulnerabilities to execute arbitrary code, perform DNS rebinding and cross-site scripting attacks, conduct port scans, or cause a denial of service.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3662 | | Related CVE(s): | CVE-2007-4324 | | Last Modified: | Dec 24 14:48:38 2007 |
| MD5 Checksum: | 61df0f87d13a920e2aabb547a985ad50 |
|
| /// File Name: |
glsa-200712-25.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-25 - The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to SQL statements. Versions less than 2.3.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3650 | | Related CVE(s): | CVE-2007-4575 | | Last Modified: | Dec 31 16:41:49 2007 |
| MD5 Checksum: | 7bd6825d3d9c7fa826462f9720d3acd3 |
|
| /// File Name: |
sa27891.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for cacti. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/27891/ | | File Size: | 3646 | | Last Modified: | Dec 3 23:44:29 2007 |
| MD5 Checksum: | 72eed6bb729aba3b84a3c0298a48770a |
|
| /// File Name: |
glsa-200712-03.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-03 - Drake Wilson reported that the hack-local-variables() function in GNU Emacs 22 does not properly match assignments of local variables in a file against a list of unsafe or risky variables, allowing to override them (CVE-2007-5795). Andreas Schwab (SUSE) discovered a stack-based buffer overflow in the format function when handling values with high precision (CVE-2007-6109). Versions less than 22.1-r3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3645 | | Related CVE(s): | CVE-2007-5795, CVE-2007-6109 | | Last Modified: | Dec 10 17:40:23 2007 |
| MD5 Checksum: | 77884420c272c521ca644fed9b674755 |
|
| /// File Name: |
sa28213.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes some vulnerabilities, where one vulnerability has an unknown impact and others can be exploited by malicious, local users to gain escalated privileges and by malicious people to bypass certain security restrictions, conduct cross-site scripting and HTTP request splitting attacks, disclose sensitive information, cause a Denial of Service (DoS), or to potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28213/ | | File Size: | 3616 | | Last Modified: | Dec 24 18:08:44 2007 |
| MD5 Checksum: | 8794475d80a2a6486a7a52cd280afa51 |
|
| /// File Name: |
sa27896.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for rsync. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27896/ | | File Size: | 3602 | | Last Modified: | Dec 3 23:44:29 2007 |
| MD5 Checksum: | 2f258e2c061a3e7357c91bfe13cd1d84 |
|
| /// File Name: |
sa28097.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for autofs. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28097/ | | File Size: | 3601 | | Last Modified: | Dec 17 21:24:21 2007 |
| MD5 Checksum: | 6726cda417a7e51d1f0bf8918ad88534 |
|
| /// File Name: |
glsa-200712-17.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-17 - Meder Kydyraliev (Google Security) discovered that Exif metadata is not properly sanitized before being processed, resulting in illegal memory access in the postprop() and other functions (CVE-2007-6354). He also discovered integer overflow vulnerabilities in the parsetag() and other functions (CVE-2007-6355) and an infinite recursion in the readifds() function caused by recursive IFD references (CVE-2007-6356). Versions less than 1.01 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3580 | | Related CVE(s): | CVE-2007-6354, CVE-2007-6355, CVE-2007-6356 | | Last Modified: | Dec 29 15:41:24 2007 |
| MD5 Checksum: | a584664894341f424cd8e43143f62ef8 |
|
| /// File Name: |
sa27965.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes a security issue and some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27965/ | | File Size: | 3578 | | Last Modified: | Dec 7 11:22:07 2007 |
| MD5 Checksum: | 27302fe8d30e1a9c11605fadeff64e62 |
|
| /// File Name: |
ZDI-07-077.txt |
Description:
|
Vulnerabilities allow attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit these vulnerabilities. ServerProtect version 5.58 is affected.
| | Author: | Eric DETOISIEN | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3571 | | Last Modified: | Dec 17 21:21:46 2007 |
| MD5 Checksum: | a2dc2f74641791ae4540449193656821 |
|
| /// File Name: |
sa27901.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in Microsoft's Web Proxy Auto-Discovery (WPAD) feature, which can be exploited by malicious people to conduct man-in-the-middle (MITM) attacks.
| | Homepage: | http://secunia.com/advisories/27901/ | | File Size: | 3565 | | Last Modified: | Dec 5 15:05:44 2007 |
| MD5 Checksum: | c5b7f3fb8609eb6b8927bb50a59790d1 |
|
| /// File Name: |
12.18.07-2.txt |
Description:
|
iDefense Security Advisory 12.17.07 - Remote exploitation of an integer overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. iDefense has confirmed the existence of this vulnerability in ClamAV 0.91.2. Previous versions may also be affected.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3556 | | Related CVE(s): | CVE-2007-5759 | | Last Modified: | Dec 18 19:51:47 2007 |
| MD5 Checksum: | c21e76e417fa3b6863d298a4255134cf |
|
| /// File Name: |
TA07-352A.txt |
Description:
|
Technical Cyber Security Alert TA07-352A - Apple has released Security Update 2007-009 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, surreptitiously initiate a video conference, or cause a denial of service.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3529 | | Last Modified: | Dec 19 19:43:04 2007 |
| MD5 Checksum: | 52f701e59f72437dd4248cc3806d126b |
|
| /// File Name: |
TA07-345A.txt |
Description:
|
Technical Cyber Security Alert TA07-345A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary commands.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3511 | | Last Modified: | Dec 11 23:21:47 2007 |
| MD5 Checksum: | 0f1d3965bbb2e88d1b17e41da33d7deb |
|
| /// File Name: |
sa28032.txt |
Description:
|
Secunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in BarracudaDrive Web Server, which can be exploited by malicious users to manipulate certain data and cause a DoS (Denial of Service), and by malicious people to conduct script insertion attacks and disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/28032/ | | File Size: | 3509 | | Last Modified: | Dec 11 21:35:59 2007 |
| MD5 Checksum: | b6547a569ae225a6edae307ec0ca2bd6 |
|
| /// File Name: |
SQUID-2007-2.txt |
Description:
|
Squid Proxy Cache security advisory SQUID-2007:2 - Due to incorrect bounds checking Squid is vulnerable to a denial of service check during some cache update reply processing. Versions below Squid 2.6.STABLE17 are vulnerable.
| | Author: | Adrian Chadd | | Homepage: | http://www.squid-cache.org | | File Size: | 3470 | | Last Modified: | Dec 7 19:22:52 2007 |
| MD5 Checksum: | b6dbcd3c65894b36ff216e0aae596e09 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
