Section: .. / 0708-advisories /
| /// File Name: |
dsa-1352-1.txt |
Description:
|
Debian Security Advisory 1352-1 - It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. pdfkit.framework includes a copy of the xpdf code and required an update as well.
| | Homepage: | http://www.debian.org/security | | File Size: | 5172 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Aug 8 10:03:21 2007 |
| MD5 Checksum: | 3cabb4059d5c1c5a9dee2614e03a023a |
|
| /// File Name: |
FreeBSD-SA-07-07.bind.txt |
Description:
|
FreeBSD Security Advisory - An attacker who can see the query id for some request(s) sent by named(8) is likely to be able to perform DNS cache poisoning by predicting the query id for other request(s).
| | Homepage: | http://security.freebsd.org/ | | File Size: | 5024 | | Related CVE(s): | CVE-2007-2926 | | Last Modified: | Aug 8 07:01:53 2007 |
| MD5 Checksum: | 1899f894331dbbaf028a86edf33311ce |
|
| /// File Name: |
sa26419.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26419/ | | File Size: | 5023 | | Last Modified: | Aug 15 04:09:30 2007 |
| MD5 Checksum: | b7a6587c870ccef8d217944034743a09 |
|
| /// File Name: |
mplayer11.txt |
Description:
|
Microsoft Media Player 11 on Win XP SP2 suffers from a denial of service condition when handling a specially crafted .au file.
| | Author: | Abed Adonis | | Homepage: | http://www.safehack.com/ | | File Size: | 5016 | | Last Modified: | Aug 9 02:55:29 2007 |
| MD5 Checksum: | b6ab386592e7a8e53ffb3adc1ca29185 |
|
| /// File Name: |
MDKSA-2007-168.txt |
Description:
|
Mandriva Linux Security Advisory - A format string vulnerability in the helptags support in vim allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4980 | | Related CVE(s): | CVE-2007-2953 | | Last Modified: | Aug 22 05:31:06 2007 |
| MD5 Checksum: | c3ef468b317e1dd205b98f09d03ae37f |
|
| /// File Name: |
USN-500-1.txt |
Description:
|
Ubuntu Security Notice 500-1 - Sebastian Krahmer discovered that rsync contained an off-by-one miscalculation when handling certain file paths. By creating a specially crafted tree of files and tricking an rsync server into processing them, a remote attacker could write a single NULL to stack memory, possibly leading to arbitrary code execution.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4963 | | Related CVE(s): | CVE-2007-4091 | | Last Modified: | Aug 21 22:52:31 2007 |
| MD5 Checksum: | dfa497d0dfc47f8fa6a7754ca178a16d |
|
| /// File Name: |
sa26567.txt |
Description:
|
Secunia Security Advisory - Ubuntu has acknowledged a vulnerability in tcp-wrappers, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/26567/ | | File Size: | 4914 | | Last Modified: | Aug 31 05:45:27 2007 |
| MD5 Checksum: | 8e9c8028448cc5316157bb18442c66e6 |
|
| /// File Name: |
EEYE-VGX.txt |
Description:
|
eEye Digital Security has discovered a heap overflow vulnerability in VGX.DLL's processing of compressed content referenced from VML. VGX.DLL is the Microsoft component responsible for rendering VML (Vector Markup Language) within Internet Explorer.
| | Author: | Ben Nagy, Derek Soeder | | Homepage: | http://www.eeye.com/ | | File Size: | 4904 | | Last Modified: | Aug 15 05:51:30 2007 |
| MD5 Checksum: | fea740cde6f8973d252aea667a630098 |
|
| /// File Name: |
08.14.07-1.txt |
Description:
|
iDefense Security Advisory 08.14.07 - Remote exploitation of a Cross Site Scripting (XSS) vulnerability in the Windows Vista Sidebar RSS Gadget allows an attacker to execute arbitrary code with the privileges of the logged in user. The vulnerability exists within the parsing of the certain elements of the items in an RSS feed. A properly crafted HTML tag within these elements will not be removed, and will be rendered by the RSS gadget. Since the RSS gadget runs in the local zone, the injected JavaScript has full access to the system. iDefense has confirmed the existence of this vulnerability in Microsoft Windows Vista Business. Other versions are suspected to be vulnerable.
| | Author: | Aviv Raff | | Homepage: | http://www.idefense.com/ | | File Size: | 4897 | | Related CVE(s): | CVE-2007-3033 | | Last Modified: | Aug 15 06:35:18 2007 |
| MD5 Checksum: | 1aa166600fa7109e872458bec4156bc6 |
|
| /// File Name: |
dsa-1354-1.txt |
Description:
|
Debian Security Advisory 1354-1 - It was discovered that an integer overflow in xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. gpdf includes a copy of the xpdf code and requires an update as well.
| | Homepage: | http://www.debian.org/security | | File Size: | 4892 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Aug 14 05:56:53 2007 |
| MD5 Checksum: | 384f933d79e8b6c3baa52f221484a866 |
|
| /// File Name: |
USN-492-1.txt |
Description:
|
Ubuntu Security Notice 492-1 - A flaw was discovered in the BGP dissector of tcpdump. Remote attackers could send specially crafted packets and execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4876 | | Related CVE(s): | CVE-2007-3798 | | Last Modified: | Aug 1 02:38:17 2007 |
| MD5 Checksum: | 0f7327b30579b7789e7ca71f3da2dc92 |
|
| /// File Name: |
sa26365.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for pdfkit.framework. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26365/ | | File Size: | 4871 | | Last Modified: | Aug 9 02:51:33 2007 |
| MD5 Checksum: | 60715578bea2b473b495a3f8045e74bc |
|
| /// File Name: |
USN-506-1.txt |
Description:
|
Ubuntu Security Notice 506-1 - Dmitry V. Levin discovered that tar did not correctly detect the ".." file path element when unpacking archives. If a user or an automated system were tricked into unpacking a specially crafted tar file, arbitrary files could be overwritten with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4824 | | Related CVE(s): | CVE-2007-4131 | | Last Modified: | Aug 29 06:40:39 2007 |
| MD5 Checksum: | 32687fc87da2b79105619cb2047b7328 |
|
| /// File Name: |
sa26467.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for tetex. This fixes some vulnerabilities, where some have unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26467/ | | File Size: | 4822 | | Last Modified: | Aug 15 21:37:35 2007 |
| MD5 Checksum: | 911ccd46e48840991c4d861bc36a6fc9 |
|
| /// File Name: |
dsa-1361-1.txt |
Description:
|
Debian Security Advisory 1361-1 - It was discovered that postfix-policyd, an anti-spam plugin for postfix, didn't correctly bounds-test incoming SMTP commands potentially allowing the remote exploitation of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 4818 | | Related CVE(s): | CVE-2007-3791 | | Last Modified: | Aug 30 10:01:42 2007 |
| MD5 Checksum: | 67f04b1d8cd694776f64781a246197ba |
|
| /// File Name: |
sa26284.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for qt3. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26284/ | | File Size: | 4805 | | Last Modified: | Aug 8 06:01:26 2007 |
| MD5 Checksum: | 76713f3efd1c64f82bcb963bbced9319 |
|
| /// File Name: |
soldatdos.txt |
Description:
|
The Soldat game versions 1.4.2 and below and dedicated server versions 2.6.2 and below suffer from remote denial of service vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | soldatdos.zip | | File Size: | 4769 | | Last Modified: | Aug 24 03:41:30 2007 |
| MD5 Checksum: | 0db9a44c769eee7ba9011ea32d395f0d |
|
| /// File Name: |
mcafee-advisory-08-2007.txt |
Description:
|
A buffer overflow exists in McAfee Virus Scan for Linux and Unix version 5.10.0 that may allow for code execution in the context of the uid running it.
| | Author: | Sebastian Wolfgarten | | Homepage: | http://www.devtarget.org/ | | File Size: | 4762 | | Last Modified: | Aug 16 10:42:17 2007 |
| MD5 Checksum: | bfdf3833ccef43127c2e0bed56d2de14 |
|
| /// File Name: |
sa26649.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for postfix-policyd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26649/ | | File Size: | 4735 | | Last Modified: | Aug 31 05:45:27 2007 |
| MD5 Checksum: | 6828a44e39a60d361c34e7337d15db03 |
|
| /// File Name: |
TA07-226A.txt |
Description:
|
Technical Cyber Security Alert TA07-226A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Internet Explorer, Windows Media Player, Office, Office for Mac, XML Core Services, Visual Basic, Virtual PC, and Virtual Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4667 | | Last Modified: | Aug 15 05:53:51 2007 |
| MD5 Checksum: | 5b3f94b1afad87da35c15909715d82cc |
|
| /// File Name: |
eyeOS-checksum.txt |
Description:
|
eyeOS suffers from a checksum predictability vulnerability.
| | Author: | Andrej Komarov | | File Size: | 4648 | | Last Modified: | Aug 28 04:21:07 2007 |
| MD5 Checksum: | b679667bb4a822fc8e2a149c7b83dba9 |
|
| /// File Name: |
sa26282.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xfs. This fixes a vulnerability, which can be exploited by malicious, local users to perform actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/26282/ | | File Size: | 4619 | | Last Modified: | Aug 1 02:35:42 2007 |
| MD5 Checksum: | 55c667dca2078c3b786c95267a5a9ce6 |
|
| /// File Name: |
08.09.07-1.txt |
Description:
|
iDefense Security Advisory 08.09.07 - Remote exploitation of multiple stack-based buffer overflow vulnerabilities in Hewlett-Packard Development Co.'s OpenView Operations for Windows OVTrace service may allow an attacker to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of these vulnerabilities in HP OpenView version A.07.50 for Windows, with all patches applied as of Jun 27, 2007. Previous versions may also be affected.
| | Homepage: | http://www.idefense.com/ | | File Size: | 4604 | | Related CVE(s): | CVE-2007-3872 | | Last Modified: | Aug 10 05:13:10 2007 |
| MD5 Checksum: | 8336a4888237e606896af41e7dcf8ce7 |
|
| /// File Name: |
dsa-1360-1.txt |
Description:
|
Debian Security Advisory 1360-1 - Sebastian Krahmer discovered that rsync, a fast remote file copy program, contains an off-by-one error which might allow remote attackers to execute arbitrary code via long directory names.
| | Homepage: | http://www.debian.org/security | | File Size: | 4596 | | Related CVE(s): | CVE-2007-4091 | | Last Modified: | Aug 29 06:33:45 2007 |
| MD5 Checksum: | 16831192015d1de8b4117eff0870d5ef |
|
| /// File Name: |
sa26432.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gpdf. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26432/ | | File Size: | 4594 | | Last Modified: | Aug 14 19:37:33 2007 |
| MD5 Checksum: | d7dcfa29a1df43221c1452757ca6a1a6 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
