Section: .. / 0802-advisories /
| /// File Name: |
sa28906.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Office Publisher, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28906/ | | File Size: | 3409 | | Last Modified: | Feb 12 17:33:42 2008 |
| MD5 Checksum: | 44c11ca8ad61956c033f3684886808d1 |
|
| /// File Name: |
ZDI-08-004.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious web address or open a malicious file.. The specific flaw exists in the parsing of embedded JavaScript code within PDF documents. When the function printSepsWithParams() is called with certain malicious parameter values an integer overflow can occur resulting in a memory corruption. This may be subsequently leveraged to execute arbitrary code under the privileges of the current user. Adobe Reader and Acrobat versions 8.1.1 and below are affected.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3391 | | Last Modified: | Feb 11 18:02:18 2008 |
| MD5 Checksum: | 73dc5babd19c9a4d5a7b01ab630f35af |
|
| /// File Name: |
ZDI-08-007.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Symantec VERITAS Storage Foundation. Authentication is not required to exploit this vulnerability. Veritas Storage Foundation version 5.0 is affected.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3373 | | Related CVE(s): | CVE-2008-0638 | | Last Modified: | Feb 20 23:55:04 2008 |
| MD5 Checksum: | 19f8ca1ea86080cbc7c2fd4cbbb58a9a |
|
| /// File Name: |
sa29039.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in various Tor World CGI Scripts, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/29039/ | | File Size: | 3368 | | Last Modified: | Feb 21 18:52:32 2008 |
| MD5 Checksum: | 7868081db7b1ad3b231e4733438c9369 |
|
| /// File Name: |
ZDI-08-006.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Versions 6 and 7 are affected.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3359 | | Related CVE(s): | CVE-2008-0077 | | Last Modified: | Feb 12 22:05:39 2008 |
| MD5 Checksum: | da7140d01af19b3603eb9f159f3ea5d6 |
|
| /// File Name: |
ZDI-08-005.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the Novell Netware Client. Authentication is not required to exploit this vulnerability. The specific flaw exists in nwspool.dll which is responsible for handling RPC requests through the spoolss named pipe. The EnumPrinters function exposed by this DLL contains a logical flaw allowing an attacker to bypass a patch introduced to prevent the vulnerability described in ZDI-07-045. Exploitation of this vulnerability leads to arbitrary code execution in the context of the SYSTEM user.
| | Author: | Avosani Gabriele | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3352 | | Related CVE(s): | CVE-2008-0639 | | Last Modified: | Feb 11 18:01:16 2008 |
| MD5 Checksum: | ea09c47183c7cdc55b42a0c3c8a949cd |
|
| /// File Name: |
sa29117.txt |
Description:
|
Secunia Security Advisory - Gerardo Richarte has reported a vulnerability in VMware products, which can be exploited by malicious, local users or malicious applications to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/29117/ | | File Size: | 3344 | | Last Modified: | Feb 26 17:58:00 2008 |
| MD5 Checksum: | 9ce13a385e866c9a64f09eb89afe541a |
|
| /// File Name: |
sa29132.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/29132/ | | File Size: | 3343 | | Last Modified: | Feb 28 19:22:01 2008 |
| MD5 Checksum: | 7c647d5c6e02bcb4597d46673d95cb3d |
|
| /// File Name: |
sa28791.txt |
Description:
|
Secunia Security Advisory - An update has been released for Skype, which implements security enhancements to prevent compromise of users' systems.
| | Homepage: | http://secunia.com/advisories/28791/ | | File Size: | 3328 | | Last Modified: | Feb 6 16:48:39 2008 |
| MD5 Checksum: | 5c5b0afc5d0ccbe60a47ce24d32d993f |
|
| /// File Name: |
02.04.08-1.txt |
Description:
|
iDefense Security Advisory 02.04.08 - Remote exploitation of a denial of service vulnerability in Hewlett-Packard's Network Node Manager product allows attackers to crash the ovtopmd process. The ovtopmd process contains an implementation error, in which it attempts to access an invalid memory address based on data within the TCP stream. By sending a specially crafted request, an attacker can cause the service to crash. iDefense has confirmed this vulnerability in HP's OpenView Network Node Manager 7.5 with all updates applied as of May 14th, 2007.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3311 | | Related CVE(s): | CVE-2008-0212 | | Last Modified: | Feb 6 14:49:22 2008 |
| MD5 Checksum: | 194a9bd39f153deec3701786f281e4bf |
|
| /// File Name: |
glsa-200802-09.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200802-09 - An integer overflow has been reported in the cli_scanpe() function in file libclamav/pe.c (CVE-2008-0318). Another unspecified vulnerability has been reported in file libclamav/mew.c (CVE-2008-0728). Versions less than 0.92.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3311 | | Related CVE(s): | CVE-2008-0318, CVE-2008-0728 | | Last Modified: | Feb 22 02:51:15 2008 |
| MD5 Checksum: | 72d9da41738b7ff29dac19646e48e95f |
|
| /// File Name: |
sa28759.txt |
Description:
|
Secunia Security Advisory - NBBN has discovered some vulnerabilities in the DMSGuestbook plugin for WordPress, which can be exploited by malicious users to disclose sensitive information or to manipulate data, and by malicious people to conduct cross-site scripting and script insertion attacks.
| | Homepage: | http://secunia.com/advisories/28759/ | | File Size: | 3294 | | Last Modified: | Feb 5 19:59:36 2008 |
| MD5 Checksum: | 270684209484fea9c2ef42a4acd06c1a |
|
| /// File Name: |
sa28901.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28901/ | | File Size: | 3289 | | Last Modified: | Feb 12 21:39:47 2008 |
| MD5 Checksum: | 649ade6b7c106b4241ffa9a4aaa54287 |
|
| /// File Name: |
sa29100.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/29100/ | | File Size: | 3286 | | Last Modified: | Feb 25 20:14:50 2008 |
| MD5 Checksum: | f125a0ee7eccb76e472fd7b29d20ccef |
|
| /// File Name: |
sa28721.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for ImageMagick. This fixes some vulnerabilities, which can be exploited by malicious people to conduct DoS (Denial of Service) attacks or compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28721/ | | File Size: | 3250 | | Last Modified: | Feb 7 15:01:13 2008 |
| MD5 Checksum: | 09e9ff1e1d3a70c953e3b550d34d9872 |
|
| /// File Name: |
sa28777.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for IBMJava5-JRE and IBMJava5-SDK. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28777/ | | File Size: | 3245 | | Last Modified: | Feb 5 18:02:25 2008 |
| MD5 Checksum: | 7d7284eb74770354885853e725ec999b |
|
| /// File Name: |
01.31.08-1.txt |
Description:
|
iDefense Security Advisory 01.31.08 - Local exploitation of a file creation vulnerability in IBM Corp.'s Informix Dynamic Server allows attackers to elevate privileges to root. When the SQLIDEBUG environment variable is set, several set-uid binaries will log debugging information to the specified file. iDefense confirmed the existence of this vulnerability in IBM Corp.'s Informix Dynamic Server version 10.00 UC6TL installed on a Linux system. Other versions are also suspected as vulnerable. Versions for other supported Unix systems should also be considered vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3241 | | Related CVE(s): | CVE-2008-0369 | | Last Modified: | Feb 4 14:47:12 2008 |
| MD5 Checksum: | fdfce2c86d8edbe276b7745ff0819a4a |
|
| /// File Name: |
sa28798.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28798/ | | File Size: | 3241 | | Last Modified: | Feb 7 15:01:13 2008 |
| MD5 Checksum: | 7bbcc0c372fdd6eaae80a8d4e51e6dfd |
|
| /// File Name: |
sa28928.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in FreeBSD, which potentially can be exploited by malicious, local users to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/28928/ | | File Size: | 3207 | | Last Modified: | Feb 14 13:01:15 2008 |
| MD5 Checksum: | 6a49699664d1262661bacbb52c8f99d5 |
|
| /// File Name: |
cybsec-dmcltrace.txt |
Description:
|
CYBSEC Security Advisory - An arbitrary file overwrite vulnerability exists in Documentum Administrator version 5.3.0.313 and Documentum Webtop version 5.3.0.317.
| | Author: | Pablo Gaston Milano | | Homepage: | http://www.cybsec.com/ | | File Size: | 3194 | | Last Modified: | Feb 5 21:59:41 2008 |
| MD5 Checksum: | 9a2676d44745cb034f65cd5ee372c2c7 |
|
| /// File Name: |
glsa-200802-06.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200802-06 - Florian Weimer from Debian discovered that scponly does not filter the - -o and -F options to the scp executable (CVE-2007-6415). Joachim Breitner reported that Subversion and rsync support invokes subcommands in an insecure manner (CVE-2007-6350). Versions less than 4.8 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3181 | | Related CVE(s): | CVE-2007-6350, CVE-2007-6415 | | Last Modified: | Feb 12 17:57:07 2008 |
| MD5 Checksum: | 9352c9e62a9f94f0576abfbbc80ef8af |
|
| /// File Name: |
surgemailz.txt |
Description:
|
SurgeMail Mail Server version 38k4 and below and beta 39a along with Netwin's Webmail versions 3.1s and below are all susceptible to format string and buffer overflow vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | surgemailz.zip | | File Size: | 3180 | | Last Modified: | Feb 25 16:14:57 2008 |
| MD5 Checksum: | 9ea0da1e064b31e03535439af47761af |
|
| /// File Name: |
sa28909.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28909/ | | File Size: | 3175 | | Last Modified: | Feb 12 21:39:47 2008 |
| MD5 Checksum: | 9e177d3f8d8fec20170d9e27a7526314 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
