Section: .. / 0803-advisories /
| /// File Name: |
MDVSA-2008-075.txt |
Description:
|
Mandriva Linux Security Advisory - Bzip2 versions before 1.0.5 are vulnerable to a denial of service attack via malicious compressed data.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6185 | | Related CVE(s): | CVE-2008-1372 | | Last Modified: | Mar 24 17:29:34 2008 |
| MD5 Checksum: | 8b04c1783e09b4625b6b82ad11e007d5 |
|
| /// File Name: |
R7-0032.txt |
Description:
|
Internet Explorer 5 and 6 are vulnerable to a File Transfer Protocol (FTP) CSRF-like command injection attack, whereby an attacker could execute arbitrary commands on an unsuspecting user's authenticated or unauthenticated FTP session.
| | Author: | Derek Abdine | | Homepage: | http://www.rapid7.com/ | | File Size: | 6131 | | Last Modified: | Mar 13 00:11:33 2008 |
| MD5 Checksum: | aeaa9d97f40245e844c59f5f515ba642 |
|
| /// File Name: |
MDVSA-2008-077.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in perl-Tk was found where specially crafted GIF images could crash perl-Tk (an identical issue to that found in php-gd, gd, and SDL_image).
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6106 | | Related CVE(s): | CVE-2006-4484 | | Last Modified: | Mar 27 02:26:57 2008 |
| MD5 Checksum: | fc87f943e85f299aa943b01edd0efed6 |
|
| /// File Name: |
SSRT071479.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with the SSH server in HP OpenVMS TCP/IP Services running on HP Integrity and HP Alpha. The vulnerability could be exploited to allow remote unauthorized access.
| | Homepage: | http://www.hp.com/ | | File Size: | 6015 | | Related CVE(s): | CVE-2008-0704 | | Last Modified: | Mar 28 17:31:44 2008 |
| MD5 Checksum: | e8987aa585b9f93d71d1d5725421a50a |
|
| /// File Name: |
sa29194.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for libicu. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/29194/ | | File Size: | 5980 | | Last Modified: | Mar 4 21:01:47 2008 |
| MD5 Checksum: | 185289f9b6319974c290790b6aec6faa |
|
| /// File Name: |
TKADV2008-002.txt |
Description:
|
The kernel driver aavmker4.sys as shipped with avast! version 4.7 contains a vulnerability in the code that handles IOCTL requests. Exploitation of this vulnerability can result in denial of service or arbitrary code execution.
| | Author: | Tobias Klein | | Homepage: | http://www.trapkit.de/ | | File Size: | 5856 | | Last Modified: | Mar 31 22:11:49 2008 |
| MD5 Checksum: | a91baa4ca841a4c009e53f89ba7f6afb |
|
| /// File Name: |
TA08-066A.txt |
Description:
|
Technical Cyber Security Alert TA08-066A - Sun has released alerts to address multiple vulnerabilities affecting the Sun Java Runtime Environment. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 5718 | | Last Modified: | Mar 12 17:37:54 2008 |
| MD5 Checksum: | 4eb5e661a700d24cb71564a76e4ea9bf |
|
| /// File Name: |
sa29448.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29448/ | | File Size: | 5696 | | Last Modified: | Mar 19 18:04:21 2008 |
| MD5 Checksum: | fb29d0b417f2d57809b12458d918390b |
|
| /// File Name: |
ASPR-2008-03-11-2.txt |
Description:
|
A session fixation vulnerability exists in the WebLogic administration console. Version 10.0 is susceptible.
| | Author: | Mitja Kolsek | | Homepage: | http://www.acrossecurity.com/ | | File Size: | 5672 | | Last Modified: | Mar 12 23:56:39 2008 |
| MD5 Checksum: | dd858b117867e564a338f0a8acb59c59 |
|
| /// File Name: |
glsa-200803-30.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200803-30 - Robin Johnson reported that the docert() function provided by ssl-cert.eclass can be called by source building stages of an ebuild, such as src_compile() or src_install(), which will result in the generated SSL keys being included inside binary packages (binpkgs). Versions less than 8.1.16 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 5640 | | Related CVE(s): | CVE-2008-1383 | | Last Modified: | Mar 20 16:52:00 2008 |
| MD5 Checksum: | 93740d26539dc111ca0a765b76fd3cae |
|
| /// File Name: |
sa29397.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in various F-Secure products, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29397/ | | File Size: | 5199 | | Last Modified: | Mar 17 14:28:30 2008 |
| MD5 Checksum: | 8f2aaecd9dc7d6f0fa91a9559923426e |
|
| /// File Name: |
dsa-1533-1.txt |
Description:
|
Debian Security Advisory 1533-1 - Christian Schmid and Meder Kydyraliev (Google Security) discovered a number of vulnerabilities in exiftags, a utility for extracting EXIF metadata from JPEG images.
| | Homepage: | http://www.debian.org/security | | File Size: | 5025 | | Related CVE(s): | CVE-2007-6354, CVE-2007-6355, CVE-2007-6356 | | Last Modified: | Mar 28 16:35:02 2008 |
| MD5 Checksum: | 9390a6d4b11d76463eadf3ca15dafe78 |
|
| /// File Name: |
MSA01240108.txt |
Description:
|
Internet Explorer 7 allows the setting of header "Transfer Encoding: chunked" in setRequestHeader exposing the browser to HTTP request splitting/smuggling attacks.
| | Author: | Stefano Di Paola | | Homepage: | http://www.mindedsecurity.com/ | | File Size: | 4869 | | Last Modified: | Mar 21 18:23:16 2008 |
| MD5 Checksum: | 79a4a9d6a18fb214f42a3063df7b678f |
|
| /// File Name: |
MDVSA-2008-072.txt |
Description:
|
Mandriva Linux Security Advisory - The Linux kernel prior to 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allowed local users to access kernel memory via an out-of-range offset.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4751 | | Related CVE(s): | CVE-2008-0007 | | Last Modified: | Mar 20 17:12:24 2008 |
| MD5 Checksum: | f5d038ddb5299d73a9753bf6160855aa |
|
| /// File Name: |
dsa-1526-1.txt |
Description:
|
Debian Security Advisory 1526-1 - Steve Kemp from the Debian Security Audit project discovered several local vulnerabilities have been discovered in xwine, a graphical user interface for the WINE emulator.
| | Homepage: | http://www.debian.org/security | | File Size: | 4688 | | Related CVE(s): | CVE-2008-0930, CVE-2008-0931 | | Last Modified: | Mar 20 17:14:07 2008 |
| MD5 Checksum: | f3591740a9a2c662daf958fc7ae20e66 |
|
| /// File Name: |
sa29563.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for firefox. This fixes some vulnerabilities and a weakness, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, bypass certain security restrictions, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29563/ | | File Size: | 4650 | | Last Modified: | Mar 28 16:26:02 2008 |
| MD5 Checksum: | a317dcb9df0096715975cbe62dee7684 |
|
| /// File Name: |
sa29555.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for libnet-dns-perl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/29555/ | | File Size: | 4648 | | Last Modified: | Mar 28 16:26:02 2008 |
| MD5 Checksum: | 832ebde743f3eaded13040fff21db417 |
|
| /// File Name: |
SCOSA-2008.2.txt |
Description:
|
SCO Security Advisory SCOSA-2008.2 - sshd in OpenSSH versions before 4.4, when using the version 1 SSH protocol, could allow a remote attacker to cause a denial of service. It certainly is nice to have SCO bring this to light for their consumers two years after the fact.
| | Author: | SCO | | Homepage: | http://www.sco.com/support/security/index.html | | File Size: | 4620 | | Related CVE(s): | CVE-2006-4924 | | Last Modified: | Mar 13 01:50:02 2008 |
| MD5 Checksum: | 4dc7715fb3a411b0fca873e248936b25 |
|
| /// File Name: |
sa29349.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities are reported in IBM AIX, which can be exploited by malicious, local users to cause a DoS (Denial of Service), bypass certain security restrictions, disclose sensitive information, or to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/29349/ | | File Size: | 4601 | | Last Modified: | Mar 12 20:06:54 2008 |
| MD5 Checksum: | e06b929774548f707f7ab1610f9f9b0d |
|
| /// File Name: |
03.31.08-1.txt |
Description:
|
iDefense Security Advisory 03.31.08 - Remote exploitation of an untrusted library loading vulnerability in Macrovision's InstallShield InstallScript One-Click Install ActiveX control allows remote attackers to execute code with the privileges of the currently logged in user. iDefense confirmed this vulnerability exists in version 12.0 of the Macrovision InstallShield InstallScript One-Click Install ActiveX Control. Previous versions of the control are reported to be vulnerable to variations of this attack. Previous versions are known to use different CLSIDs.
| | Homepage: | http://www.idefense.com/ | | File Size: | 4514 | | Related CVE(s): | CVE-2007-5661 | | Last Modified: | Mar 31 22:43:14 2008 |
| MD5 Checksum: | 486f62abcfc53347e912d6da1790fd4b |
|
| /// File Name: |
glsa-200803-31.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200803-31 - Two vulnerabilities were found in the Kerberos 4 support in KDC: A global variable is not set for some incoming message types, leading to a NULL pointer dereference or a double free() and unused portions of a buffer are not properly cleared when generating an error message, which results in stack content being contained in a reply. Versions less than 1.6.3-r1 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 4514 | | Related CVE(s): | CVE-2007-5901, CVE-2007-5971, CVE-2008-0062, CVE-2008-0063, CVE-2008-0947 | | Last Modified: | Mar 24 18:48:28 2008 |
| MD5 Checksum: | d97e73211f5b32866700162abb9e1ca9 |
|
| /// File Name: |
sa29580.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for exiftags. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29580/ | | File Size: | 4494 | | Last Modified: | Mar 29 15:46:13 2008 |
| MD5 Checksum: | 829a685e4ae7cdb95bb11460d7097125 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
