Section: .. / 0710-advisories /
| /// File Name: |
sa27318.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for star. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27318/ | | File Size: | 2015 | | Last Modified: | Oct 23 19:22:54 2007 |
| MD5 Checksum: | 9238e41aa0a0b6d2f4e0bf286b53f6c5 |
|
| /// File Name: |
sa27335.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for firefox. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27335/ | | File Size: | 27611 | | Last Modified: | Oct 23 19:22:54 2007 |
| MD5 Checksum: | b1dfa14d1728a0abf5b163eb25b6f392 |
|
| /// File Name: |
sa27350.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for dhcp. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27350/ | | File Size: | 15135 | | Last Modified: | Oct 23 19:22:54 2007 |
| MD5 Checksum: | 2d796fd3ebbe5d23b13b70e14cf60a2a |
|
| /// File Name: |
sa27355.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for flac. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27355/ | | File Size: | 2425 | | Last Modified: | Oct 23 19:22:54 2007 |
| MD5 Checksum: | 5a3da1dcf200fd22ffe00965fdfa310f |
|
| /// File Name: |
sa27357.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in DeleGate, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27357/ | | File Size: | 3374 | | Last Modified: | Oct 23 19:22:54 2007 |
| MD5 Checksum: | 2f2e2fce311e4161cdd96bed6287ae50 |
|
| /// File Name: |
sa27363.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for OpenSSL. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27363/ | | File Size: | 16392 | | Last Modified: | Oct 23 19:22:54 2007 |
| MD5 Checksum: | c52d1deed3fd7cebf60ff5f87530553b |
|
| /// File Name: |
sa27365.txt |
Description:
|
Secunia Security Advisory - SkyOut has reported a vulnerability in WebIf, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/27365/ | | File Size: | 2245 | | Last Modified: | Oct 23 19:22:54 2007 |
| MD5 Checksum: | d2dff745f048061a1401538d609cf091 |
|
| /// File Name: |
dsa-1393-1.txt |
Description:
|
Debian Security Advisory 1393-1 - It was discovered that xfce-terminal, a terminal emulator for the xfce environment, did not correctly escape arguments passed to the processes spawned by "Open Link". This allowed malicious links to execute arbitrary commands upon the local system.
| | Homepage: | http://www.debian.org/security | | File Size: | 5049 | | Related CVE(s): | CVE-2007-3770 | | Last Modified: | Oct 23 19:22:19 2007 |
| MD5 Checksum: | a1d56d58f369edb331ecb44bb9c5dfa1 |
|
| /// File Name: |
dsa-1373-2.txt |
Description:
|
Debian Security Advisory 1373-2 - It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files. This updated advisory correctly increases the version number of the fixed package such that it is installable upon the etch release of Debian.
| | Homepage: | http://www.debian.org/security | | File Size: | 4869 | | Related CVE(s): | CVE-2007-1799 | | Last Modified: | Oct 23 19:21:28 2007 |
| MD5 Checksum: | 3698c02a94c0bc9ae0aa4ebc064144f3 |
|
| /// File Name: |
MDKSA-2007-202.txt |
Description:
|
Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.8.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 55387 | | Related CVE(s): | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-4841, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340 | | Last Modified: | Oct 23 19:20:30 2007 |
| MD5 Checksum: | e332e9bdd340b8956054f070addf1ba0 |
|
| /// File Name: |
AD-LAB-07006.txt |
Description:
|
3proxy suffers from a double free vulnerability that can cause instability and potentially crash a service. Versions 0.5.3i and below are vulnerable.
| | Author: | Venustech AD-LAB | | Homepage: | http://www.venustech.com.cn/ | | File Size: | 2219 | | Related CVE(s): | CVE-2007-5622 | | Last Modified: | Oct 23 17:46:08 2007 |
| MD5 Checksum: | 9df5e1ee0164e3d3e6ab5ce4595ce940 |
|
| /// File Name: |
SYMSA-2007-013.txt |
Description:
|
Symantec Vulnerability Research SYMSA-2007-013 - Lotus Notes and Domino are susceptible to a vulnerability in the IPC functionality between NLNOTEs and NTASKLDR.
| | Author: | Ollie Whitehouse | | Homepage: | http://www.symantec.com/research | | File Size: | 5186 | | Related CVE(s): | CVE-2007-5544 | | Last Modified: | Oct 23 17:43:21 2007 |
| MD5 Checksum: | 3f43cdf788c5557b9efd2190bc5342e3 |
|
| /// File Name: |
lotusnotes702-en.txt |
Description:
|
Multiple exploitable buffer overflow vulnerabilities were found within the file attachment viewer in IBM Lotus Notes. The vulnerabilities can be exploited to execute arbitrary code by tricking the user to view a malicious DOC, SAM, WPD, or MIF file attachment using the file attachment viewer in Lotus Notes.
| | Author: | Tan Chew Keong | | Homepage: | http://vuln.sg/ | | File Size: | 730 | | Last Modified: | Oct 23 17:40:10 2007 |
| MD5 Checksum: | cb64396e5fc37a6dffb9cc2a00047df4 |
|
| /// File Name: |
07101401_mobilespy.txt |
Description:
|
Airscanner Mobile Security Advisory #07101401 - Mobile-spy.com's user administration web application contains a critical bug that allows anyone to inject spoofed incoming/outgoing phone records, SMS messages, and URL's into the backend database for ANY user of the software. In addition, since the incoming records are not filtered, it is trivial to inject malicious JavaScript/HTML into the webpage viewed by the user of the software. Finally, the user/pass is stored locally on the victims phone as plaintext.
| | Homepage: | http://www.airscanner.com/ | | File Size: | 2180 | | Last Modified: | Oct 23 14:19:30 2007 |
| MD5 Checksum: | 25958e1eaf59e5b6e89048bc4d65e2f8 |
|
| /// File Name: |
glsa-200710-24.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200710-24 - iDefense Labs reported that the TIFF parsing code uses untrusted values to calculate buffer sizes, which can lead to an integer overflow resulting in heap-based buffer overflow. Versions less than 2.3.0 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3196 | | Related CVE(s): | CVE-2007-2834 | | Last Modified: | Oct 23 14:18:08 2007 |
| MD5 Checksum: | 73aa4f72707125b1dd6bf01f1f1085c5 |
|
| /// File Name: |
USN-535-1.txt |
Description:
|
Ubuntu Security Notice 535-1 - A large amount of flaws related to Firefox have been fixed under Ubuntu. These include forced upload and javascript insertion vulnerabilities.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 29953 | | Related CVE(s): | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5335, CVE-2007-5336, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340 | | Last Modified: | Oct 23 14:16:38 2007 |
| MD5 Checksum: | 74505701d22543c4da59630624735bbb |
|
| /// File Name: |
sa27286.txt |
Description:
|
Secunia Security Advisory - Ivan Sanchez and Maximiliano Soler have reported some vulnerabilities in SocketKB, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/27286/ | | File Size: | 2310 | | Last Modified: | Oct 23 14:14:24 2007 |
| MD5 Checksum: | 0875c93573a6d07f3ca8f0ee51ab56de |
|
| /// File Name: |
sa27347.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in PHP Project Management, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27347/ | | File Size: | 6603 | | Last Modified: | Oct 23 14:14:24 2007 |
| MD5 Checksum: | 6f160d1aebe87ba1ca94d1ce7dd51365 |
|
| /// File Name: |
sa27349.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Mono, which can be exploited by malicious people to disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/27349/ | | File Size: | 2343 | | Last Modified: | Oct 23 14:14:24 2007 |
| MD5 Checksum: | fc6d7a281f76e70d5025b26903c3370a |
|
| /// File Name: |
sa27354.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for util-linux. This fixes a vulnerability, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/27354/ | | File Size: | 12933 | | Last Modified: | Oct 23 14:14:24 2007 |
| MD5 Checksum: | 66890c5983f4565b48914df0263c209f |
|
| /// File Name: |
sa27248.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been discovered in RealPlayer, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27248/ | | File Size: | 2984 | | Last Modified: | Oct 22 23:59:17 2007 |
| MD5 Checksum: | 3765e02043d3dbaf824a779d059d0f04 |
|
| /// File Name: |
MDKSA-2007-201.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in the hpssd tool was discovered where it did not correctly handle shell meta-characters. A local attacker could use this flaw to execute arbitrary commands as the hplip user. As well, this update fixes a problem with some HP scanners on Mandriva Linux 2007.1, particularly HP PSC 1315, which wouldn't be detected and also fixes a problem with HP 1220 and possibly other models when scanning via the OpenOffice.org suite.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8958 | | Related CVE(s): | CVE-2007-5208 | | Last Modified: | Oct 22 23:59:08 2007 |
| MD5 Checksum: | e3484f14d0e3a26c14c39da2fdf8ae28 |
|
| /// File Name: |
glsa-200710-23.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200710-23 - Robert Buchholz of the Gentoo Security team discovered a directory traversal vulnerability in the has_dotdot() function which does not identify //.. (slash slash dot dot) sequences in file names inside tar files. Versions less than 1.5_alpha84 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2608 | | Related CVE(s): | CVE-2007-4134 | | Last Modified: | Oct 22 23:58:06 2007 |
| MD5 Checksum: | f83c7697c8bb63219b1b4d07bb539676 |
|
| /// File Name: |
corsaire-citrix.txt |
Description:
|
The Citrix Access Gateway product suffers from a flaw that allows an attacker to gain access to an authenticated user's session ID.
| | Author: | Martin O'Neal | | File Size: | 4301 | | Related CVE(s): | CVE-2007-0011 | | Last Modified: | Oct 22 23:57:48 2007 |
| MD5 Checksum: | 3e891095a8fbf6693cb268510e70f00f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
