Section: .. / 0712-advisories /
| /// File Name: |
sa28130.txt |
Description:
|
Secunia Security Advisory - Michael Brooks has discovered a vulnerability in WordPress, which can be exploited by malicious people to bypass certain security restrictions and to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/28130/ | | File Size: | 2543 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | 971da1dad35dc557093e859d69b348d1 |
|
| /// File Name: |
sa28133.txt |
Description:
|
Secunia Security Advisory - Beenu Arora has discovered two vulnerabilities in Mambo, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/28133/ | | File Size: | 2647 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | da743dd650ca3670c35399db170bdd90 |
|
| /// File Name: |
sa28147.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for libgd2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/28147/ | | File Size: | 17361 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | a1c9667da7652c553efcee0793a4c897 |
|
| /// File Name: |
sa28148.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Sun Ray Server Software, which can be exploited by malicious, local users or malicious people to manipulate certain data or cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28148/ | | File Size: | 3428 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | 952978e89302bf937405049ac46dc691 |
|
| /// File Name: |
sa28149.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in Asterisk, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/28149/ | | File Size: | 2996 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | 065c0bfba43b9d6a2dd0a2ef19ea80f3 |
|
| /// File Name: |
sa28151.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in Sun Management Center, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/28151/ | | File Size: | 3274 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | ab3ce39f85094608acc523968198a291 |
|
| /// File Name: |
sa28154.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been discovered in Dokeos, which can be exploited by malicious users to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28154/ | | File Size: | 2751 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | 30ba018f161360f4a83bb7aa9799c600 |
|
| /// File Name: |
sa28155.txt |
Description:
|
Secunia Security Advisory - Koller has reported two vulnerabilities in phpMyRealty (PMR), which can be exploited by malicious people and malicious users to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/28155/ | | File Size: | 2885 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | eaf104bb0bc68fe922b8db1a900d9fea |
|
| /// File Name: |
sa28157.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting and HTTP request splitting attacks, disclose sensitive information, cause a Denial of Service (DoS), or to potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28157/ | | File Size: | 2735 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | 6933a1380071484927e520f3cd1eb010 |
|
| /// File Name: |
sa28160.txt |
Description:
|
Secunia Security Advisory - r4x has reported a vulnerability in WFTPD Explorer, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28160/ | | File Size: | 2538 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | 360ff8d5ea5ad3478ef29d59ec691b8a |
|
| /// File Name: |
sa28164.txt |
Description:
|
Secunia Security Advisory - MhZ91 has discovered a vulnerability and a security issue in GF-3XPLORER, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose system information.
| | Homepage: | http://secunia.com/advisories/28164/ | | File Size: | 2730 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | 7a168e72d1b60fe7d0f278c5f4f69dcb |
|
| /// File Name: |
sa28169.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28169/ | | File Size: | 3081 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | bbd62cc3f727abaf1706c728d1430b9d |
|
| /// File Name: |
sa28131.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in St. Bernard Open File Manager, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28131/ | | File Size: | 2515 | | Last Modified: | Dec 18 19:58:48 2007 |
| MD5 Checksum: | b812e89c68099db34a3b1ff959e951fd |
|
| /// File Name: |
glsa-200712-14.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-14 - Wei Wang (McAfee AVERT Research) discovered an integer underflow in the asn1_get_string() function of the SNMP backend, leading to a stack-based buffer overflow when handling SNMP responses (CVE-2007-5849). Elias Pipping (Gentoo) discovered that the alternate pdftops filter creates temporary files with predictable file names when reading from standard input (CVE-2007-6358). Furthermore, the resolution of a Denial of Service vulnerability covered in GLSA 200703-28 introduced another Denial of Service vulnerability within SSL handling (CVE-2007-4045). Versions less than 1.3.5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4179 | | Related CVE(s): | CVE-2007-4045, CVE-2007-5849, CVE-2007-6358 | | Last Modified: | Dec 18 19:58:29 2007 |
| MD5 Checksum: | 3847712c7850384840dfe137e9d2921a |
|
| /// File Name: |
glsa-200712-13.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-13 - Rafal Wojtczuk (McAfee AVERT Research) discovered multiple integer overflows in libext2fs, that are triggered when processing information from within the file system, resulting in heap-based buffer overflows. Versions less than 1.40.3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2830 | | Related CVE(s): | CVE-2007-5497 | | Last Modified: | Dec 18 19:58:05 2007 |
| MD5 Checksum: | d682a0d624b4a39415cc914588291b1f |
|
| /// File Name: |
google-spoof.txt |
Description:
|
Google Toolbar allows spoofing the information presented in the dialog which is being displayed when adding a new Google Toolbar button.
| | Author: | avivra | | Homepage: | http://aviv.raffon.net/ | | File Size: | 613 | | Last Modified: | Dec 18 19:58:00 2007 |
| MD5 Checksum: | 7350aa8cd043785d4959d429b5f741f1 |
|
| /// File Name: |
AST-2007-027.txt |
Description:
|
Asterisk Project Security Advisory - Due to the way database-based registrations ("realtime") are processed, IP addresses are not checked when the username is correct and there is no password. An attacker may impersonate any user using host-based authentication without a secret, simply by guessing the username of that user. This is limited in scope to administrators who have set up the registration database ("realtime") for authentication and are using only host-based authentication, not passwords. However, both the SIP and IAX protocols are affected.
| | Author: | Tilghman Lesher | | Homepage: | http://www.asterisk.org/security | | File Size: | 8605 | | Related CVE(s): | CVE-2007-6430 | | Last Modified: | Dec 18 19:56:53 2007 |
| MD5 Checksum: | f9dfea6ea0b39fe7b65dcff07dc9ba1f |
|
| /// File Name: |
USN-556-1.txt |
Description:
|
Ubuntu Security Notice 556-1 - Alin Rad Pop discovered that Samba did not correctly check the size of reply packets to mailslot requests. If a server was configured with domain logon enabled, an unauthenticated remote attacker could send a specially crafted domain logon packet and execute arbitrary code or crash the Samba service. By default, domain logon is disabled in Ubuntu.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 31916 | | Related CVE(s): | CVE-2007-6015 | | Last Modified: | Dec 18 19:54:20 2007 |
| MD5 Checksum: | 31b3cae20f8ab666b2f32ac044c89878 |
|
| /// File Name: |
12.18.07-2.txt |
Description:
|
iDefense Security Advisory 12.17.07 - Remote exploitation of an integer overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. iDefense has confirmed the existence of this vulnerability in ClamAV 0.91.2. Previous versions may also be affected.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3556 | | Related CVE(s): | CVE-2007-5759 | | Last Modified: | Dec 18 19:51:47 2007 |
| MD5 Checksum: | c21e76e417fa3b6863d298a4255134cf |
|
| /// File Name: |
12.17.07-1.txt |
Description:
|
iDefense Security Advisory 12.17.07 - Local exploitation of a stack based buffer overflow vulnerability in Apple Inc.'s Mac OS X mount_smbfs utility could allow an attacker to execute arbitrary code with root privileges. iDefense has confirmed the existence of this vulnerability in Mac OS X version 10.4.10, on both the Server and Desktop versions. Previous versions may also be affected.
| | Author: | Sean Larsson | | Homepage: | http://www.idefense.com/ | | File Size: | 3299 | | Related CVE(s): | CVE-2007-3876 | | Last Modified: | Dec 18 19:50:55 2007 |
| MD5 Checksum: | e8889ad8722bdf741a8739a45928309c |
|
| /// File Name: |
SSRT071506.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
| | Homepage: | http://www.hp.com/ | | File Size: | 10217 | | Last Modified: | Dec 18 19:49:42 2007 |
| MD5 Checksum: | ec540f39ed29c2d99cd206fe55621a3c |
|
| /// File Name: |
sa28136.txt |
Description:
|
Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
| | Homepage: | http://secunia.com/advisories/28136/ | | File Size: | 9393 | | Last Modified: | Dec 18 19:48:29 2007 |
| MD5 Checksum: | da5b02678e5368aa3507790bfcf11531 |
|
| /// File Name: |
sa28065.txt |
Description:
|
Secunia Security Advisory - A weakness has been reported in Meridian Prolog Manager, which can be exploited by malicious people to brute force user passwords.
| | Homepage: | http://secunia.com/advisories/28065/ | | File Size: | 2947 | | Last Modified: | Dec 18 19:48:19 2007 |
| MD5 Checksum: | bda2bfe6e8a4ffb7332a50f23f121210 |
|
| /// File Name: |
sa28101.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for link-grammar. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28101/ | | File Size: | 8652 | | Last Modified: | Dec 18 19:48:19 2007 |
| MD5 Checksum: | 81e0226fd5ceafe9823105b760ebb559 |
|
| /// File Name: |
sa28112.txt |
Description:
|
Secunia Security Advisory - Michael Brooks has reported some vulnerabilities in Centreon, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28112/ | | File Size: | 2435 | | Last Modified: | Dec 18 19:48:19 2007 |
| MD5 Checksum: | 83ea62a2513b50fddf6d9e6490b6acf4 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
