Section: .. / 0702-advisories /
| /// File Name: |
sa24015.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for libgtop2. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/24015/ | | File Size: | 8627 | | Last Modified: | Feb 4 23:30:20 2007 |
| MD5 Checksum: | 72422c368a1aea047b0e00b39555ea1f |
|
| /// File Name: |
sa24016.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24016/ | | File Size: | 2397 | | Last Modified: | Feb 4 23:30:20 2007 |
| MD5 Checksum: | d1c716c227b7e9dde3bc3cc8fcd1329f |
|
| /// File Name: |
sa24018.txt |
Description:
|
Secunia Security Advisory - Gentoo has acknowledged a security issue in the www-servers/thttpd package, which can be exploited by malicious people to disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/24018/ | | File Size: | 2393 | | Last Modified: | Feb 4 23:30:20 2007 |
| MD5 Checksum: | 088cc33a8ad549cfc799f559567353c0 |
|
| /// File Name: |
sa24020.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in ZABBIX, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24020/ | | File Size: | 2488 | | Last Modified: | Feb 4 23:30:20 2007 |
| MD5 Checksum: | c60851d6bb16173dac2ce990ceb3cede |
|
| /// File Name: |
sa24026.txt |
Description:
|
Secunia Security Advisory - nicosomb has reported a vulnerability in zenphoto, which can be exploited by malicious people to disclose system information.
| | Homepage: | http://secunia.com/advisories/24026/ | | File Size: | 2395 | | Last Modified: | Feb 4 23:30:20 2007 |
| MD5 Checksum: | e1a0cbb96cc3d2d1b9670a7b51fc4aba |
|
| /// File Name: |
dsa-1256-1.txt |
Description:
|
Debian Security Advisory 1256-1 - It was discovered that the image loading code in the GTK+ graphical user interface library performs insufficient error handling when loading malformed images, which may lead to denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 14177 | | Related CVE(s): | CVE-2007-0010 | | Last Modified: | Feb 1 00:14:22 2007 |
| MD5 Checksum: | 04b34324ef7c745c3c0a166ead134e25 |
|
| /// File Name: |
glsa-200701-27.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-27 - Teemu Salmela discovered an error in the validation code of smb:// URLs used by ELinks, the same issue as reported in GLSA 200612-16 concerning Links. Versions less than 0.11.2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2731 | | Last Modified: | Jan 31 23:57:51 2007 |
| MD5 Checksum: | 6186634a29b53c15df8a6d424df4cfb6 |
|
| /// File Name: |
glsa-200701-26.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-26 - KSirc fails to check the size of an incoming PRIVMSG string sent from an IRC server during the connection process. Versions less than 3.5.5-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2451 | | Last Modified: | Jan 31 23:57:33 2007 |
| MD5 Checksum: | 818a74e3c4f13a6ceddd9c8806082188 |
|
| /// File Name: |
glsa-200701-28.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-28 - thttpd is vulnerable to an underlying change made to the start-stop-daemon command in the current stable Gentoo baselayout package (version 1.12.6). In the new version, the start-stop-daemon command performs a chdir / command just before starting the thttpd process. In the Gentoo default configuration, this causes thttpd to start with the document root set to /, the system root directory. Versions less than 2.25b-r6 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3004 | | Last Modified: | Jan 31 23:56:37 2007 |
| MD5 Checksum: | e992fad7912ab6e6d3587fdf16cc2501 |
|
| /// File Name: |
dsa-1255-1.txt |
Description:
|
Debian Security Advisory 1255-1 - Liu Qishuai discovered that the GNOME gtop library performs insufficient sanitising when parsing the system's /proc table, which may lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 9109 | | Related CVE(s): | CVE-2007-0235 | | Last Modified: | Jan 31 23:56:22 2007 |
| MD5 Checksum: | 6b10603ecfdaa5f6ff1d5dedae59e8dd |
|
| /// File Name: |
cisco-sa-20070131-sip.txt |
Description:
|
Cisco Security Advisory - Cisco devices running IOS which support voice and are not configured for Session Initiated Protocol (SIP) are vulnerable to a crash under yet to be determined conditions, but isolated to traffic destined to Port 5060. SIP is enabled by default on all Advanced images which support voice and do not contain the fix for CSCsb25337. There are no reports of this vulnerability on the devices which are properly configured for SIP processing. Workarounds exist to mitigate the effects of this problem. IOS releases that include voice support after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG and all of 12.4 are affected.
| | Homepage: | http://www.cisco.com/ | | File Size: | 21930 | | Last Modified: | Jan 31 23:52:05 2007 |
| MD5 Checksum: | ef630cb93afce94787df82c139fd9b8b |
|
| /// File Name: |
NGS00401.txt |
Description:
|
BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote resource exhaustion vulnerability. By sending a specially crafted series of packets to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to cause LGSERVER.EXE to write very large files to the system disk. In addition, the LGSERVER.EXE process becomes unresponsive until the file has been written.
| | Author: | Mark Litchfield, John Heasman | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 9614 | | Last Modified: | Jan 31 23:45:51 2007 |
| MD5 Checksum: | f96044c51bcb9897bf083cf6eebbb52b |
|
| /// File Name: |
NGS00402.txt |
Description:
|
BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote denial of service vulnerability. By sending a specially crafted series of packets to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to cause the process to terminate.
| | Author: | Mark Litchfield | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 2338 | | Last Modified: | Jan 31 23:44:38 2007 |
| MD5 Checksum: | 865b0f8edf04493798df6cd6397e3b54 |
|
| /// File Name: |
NGS00403.txt |
Description:
|
BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote c ode execution vulnerability. By sending a specially crafted packet to the LGSERVER.EXE process that listens on TCP port 1900, it is possible to cause a stack overflow that allows arbitrary code execution as Local System.
| | Author: | Mark Litchfield | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 2532 | | Last Modified: | Jan 31 23:43:31 2007 |
| MD5 Checksum: | bb9d6d34d81c344270cf41343b5ab20a |
|
| /// File Name: |
NGS00404.txt |
Description:
|
BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote code execution vulnerability. By sending a specially crafted packet to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to execute arbitrary code as SYSTEM on a Windows Platform.
| | Author: | Mark Litchfield | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 2389 | | Last Modified: | Jan 31 23:42:37 2007 |
| MD5 Checksum: | b7f57a2008ba7f24d464595979b82415 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
