Section: .. / 0702-advisories /
| /// File Name: |
sa24032.txt |
Description:
|
Secunia Security Advisory - ajann has reported a vulnerability in dB Masters' Curium CMS, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/24032/ | | File Size: | 2373 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | d2d22a1376e0b41e77d3b67d3f587664 |
|
| /// File Name: |
sa24035.txt |
Description:
|
Secunia Security Advisory - ThE dE@Th has reported a vulnerability in SMA-DB, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24035/ | | File Size: | 2425 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | 60c8d24d3d36022686d458bba65789b4 |
|
| /// File Name: |
sa24038.txt |
Description:
|
Secunia Security Advisory - Eight10 has discovered a vulnerability in EQdkp, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information and manipulate data.
| | Homepage: | http://secunia.com/advisories/24038/ | | File Size: | 2626 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | e5de18e9494966d90431cf3ebc7b7d3e |
|
| /// File Name: |
sa24041.txt |
Description:
|
Secunia Security Advisory - Andrea bunker Purificato has reported a security issue in HP Tru64, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/24041/ | | File Size: | 2633 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | 2c0acf68a186b7b492b4d162a7f4ec77 |
|
| /// File Name: |
sa24042.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for postgresql and postgresql-server. This fixes some vulnerabilities, which can be exploited by malicious users to gain knowledge of potentially sensitive information and to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24042/ | | File Size: | 2384 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | 021c199338ddc292d41eb51a48f7cff1 |
|
| /// File Name: |
sa24043.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in Samba, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24043/ | | File Size: | 2615 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | 4072a8776c10435933103ac5eec7447e |
|
| /// File Name: |
sa24045.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in X-Kryptor Secure Client, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/24045/ | | File Size: | 2627 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | e251555c6f16cb98476bb664415bd83f |
|
| /// File Name: |
sa24046.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Samba, which can be exploited by malicious users to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24046/ | | File Size: | 2849 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | fb6c7fefb21315fcdee91db615e413b5 |
|
| /// File Name: |
sa24047.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in various Avaya products, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24047/ | | File Size: | 3024 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | c496131c315d5d78c2cf8981c8bc662b |
|
| /// File Name: |
sa24048.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for bind. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24048/ | | File Size: | 22962 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | 0d4f8adfb97dd086c29e0242966995e8 |
|
| /// File Name: |
sa24049.txt |
Description:
|
Secunia Security Advisory - Manuel Santamarina Suarez has reported a vulnerability in Blue Coat WinProxy, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24049/ | | File Size: | 2623 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | beb702973d9fdcad757a4a99d57da6de |
|
| /// File Name: |
sa24057.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of potentially sensitive information or cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24057/ | | File Size: | 5390 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | dda5dc7ad9f00e47e7850da74af57376 |
|
| /// File Name: |
sa24058.txt |
Description:
|
Secunia Security Advisory - Omid has reported some vulnerabilities in VirtueMart, which can be exploited by malicious people to conduct SQL injection attacks and cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/24058/ | | File Size: | 2632 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | e682d824bc7be6d56226071dda374045 |
|
| /// File Name: |
sa24060.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for samba. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24060/ | | File Size: | 22974 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | ee2c06ce46949d6a94cb52b1a54766fa |
|
| /// File Name: |
sa24062.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in HLstats, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/24062/ | | File Size: | 2388 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | 42b47f1aaed12e31060bd5e3ab6873ab |
|
| /// File Name: |
sa24068.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in avast! Server Edition, which can be exploited by malicious, local users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/24068/ | | File Size: | 2263 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | 24a369137c6269271c01faa56b2802bb |
|
| /// File Name: |
sa24070.txt |
Description:
|
Secunia Security Advisory - Chris Anley has reported a security issue in Jetty, which can be exploited by malicious people to hijack user sessions.
| | Homepage: | http://secunia.com/advisories/24070/ | | File Size: | 2477 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | 6892ea95e1fbc467ae13e1b168de427a |
|
| /// File Name: |
sa24071.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in FlashChat, which can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/24071/ | | File Size: | 2521 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | 040bf3c0c3a9f388e7256e9adcd7ac27 |
|
| /// File Name: |
sa24072.txt |
Description:
|
Secunia Security Advisory - ajann has discovered a vulnerability in ACGVannu, which can be exploited by malicious people to bypass certain security restrictions and manipulate data.
| | Homepage: | http://secunia.com/advisories/24072/ | | File Size: | 2391 | | Last Modified: | Feb 6 22:53:09 2007 |
| MD5 Checksum: | 9aff97cfeecab8cd0d4636599acfcf09 |
|
| /// File Name: |
USN-418-1.txt |
Description:
|
Ubuntu Security Notice 418-1 - A flaw was discovered in Bind's DNSSEC validation code. Remote attackers could send a specially crafted DNS query which would cause the Bind server to crash, resulting in a denial of service. Only servers configured to use DNSSEC extensions were vulnerable.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 23677 | | Related CVE(s): | CVE-2007-0493, CVE-2007-0494 | | Last Modified: | Feb 6 00:55:06 2007 |
| MD5 Checksum: | 41abac30121fdc265f3ded01646f1ed8 |
|
| /// File Name: |
MDKSA-2007-034.txt |
Description:
|
Mandriva Linux Security Advisory - A logic error in the deferred open code for smbd may allow an authenticated user to exhaust resources such as memory and CPU on the server by opening multiple CIFS sessions, each of which will normally spawn a new smbd process, and sending each connection into an infinite loop. The name of a file on the server's share is used as the format string when setting an NT security descriptor through the afsacl.so VFS plugin.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 15327 | | Related CVE(s): | CVE-2007-0452, CVE-2007-0454 | | Last Modified: | Feb 6 00:54:18 2007 |
| MD5 Checksum: | 49db2b01127faff68ad720c66cf9ff4e |
|
| /// File Name: |
dsa-1257-1.txt |
Description:
|
Debian Security Advisory 1257-1 - Several remote vulnerabilities have been discovered in samba, a free implementation of the SMB/CIFS protocol, which may lead to the execution of arbitrary code or denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 24874 | | Related CVE(s): | CVE-2007-0452, CVE-2007-0454 | | Last Modified: | Feb 6 00:44:32 2007 |
| MD5 Checksum: | 716b84149699e209c03b2728d1f47a6b |
|
| /// File Name: |
USN-417-1.txt |
Description:
|
Ubuntu Security Notice 417-1 - Jeff Trout discovered that the PostgreSQL server did not sufficiently check data types of SQL function arguments in some cases. An authenticated attacker could exploit this to crash the database server or read out arbitrary locations in the server's memory, which could allow retrieving database content the attacker should not be able to see. Jeff Trout reported that the query planner did not verify that a table was still compatible with a previously made query plan. By using ALTER COLUMN TYPE during query execution, an attacker could exploit this to read out arbitrary locations in the server's memory, which could allow retrieving database content the attacker should not be able to see.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 36221 | | Related CVE(s): | CVE-2007-0555, CVE-2007-0556 | | Last Modified: | Feb 6 00:42:54 2007 |
| MD5 Checksum: | 94784312b719d3d0d5857d0ebe86a78f |
|
| /// File Name: |
02.02.07.txt |
Description:
|
iDefense Security Advisory - Remote exploitation of a design error in Blue Coat Systems Inc.'s WinProxy allows attackers to trigger a heap corruption vulnerability. The vulnerability can be triggered by sending an overly long HTTP CONNECT request to WinProxy's HTTP proxy service. iDefense has confirmed this vulnerability in WinProxy 6.1a and 6.0 r1c. All previous versions are suspected vulnerable.
| | Author: | FistFuXXer | | Homepage: | http://www.idefense.com/ | | File Size: | 2663 | | Last Modified: | Feb 6 00:41:51 2007 |
| MD5 Checksum: | 952bc9a9e5539510beb9c556c2a4e22b |
|
| /// File Name: |
NGS00471.txt |
Description:
|
Versions of Jetty, the popular java web server, are vulnerable to a session id prediction attack. Jetty uses java.util.Random to generate session ids. The internal state of this generator can be easily discovered, leading to an attacker being able to hijack existing and future sessions. Jetty versions below 4.2.27, 5.1.12, 6.0.2 and 6.1.0pre3 are affected.
| | Author: | Chris Anley | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 4889 | | Last Modified: | Feb 6 00:40:04 2007 |
| MD5 Checksum: | 4bdbaba8ee24eb86cc078feb1cda8988 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
