Section: .. / 0712-advisories /
| /// File Name: |
SA2007-02.txt |
Description:
|
The NSFOCUS Security Team has discovered a remote buffer overflow vulnerability in the Cisco Security Agent for Windows which allows remote code execution by sending a malicious SMB request. Cisco Security Agent for Windows versions below 4.5.1.672, 5.0.0.225, 5.1.0.106, and 5.2.0.238 are affected.
| | Homepage: | http://www.nsfocus.com/ | | File Size: | 3201 | | Related CVE(s): | CVE-2007-5580 | | Last Modified: | Dec 7 12:55:22 2007 |
| MD5 Checksum: | d2671763fc6dff1909051adc8a6d2a7a |
|
| /// File Name: |
ZDI-07-076.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows with the Message Queuing Service enabled. Authentication is not required to exploit this vulnerability. The specific flaw exists in the RPC interface defined on port 2103 with UUID fdb3a030-065f-11d1-bb9b-00a024ea5525. During the processing of opnum 0x06 the service copies user-supplied information into a fixed length stack buffer. Sending at least 300 bytes will trigger a stack based buffer overflow due to a vulnerable wcscat() call. Exploitation of this issue can result in arbitrary code execution. Affected versions are Windows 2000 SP4 and Windows XP SP2.
| | Author: | Tenable Network Security | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3201 | | Related CVE(s): | CVE-2007-3039 | | Last Modified: | Dec 11 23:41:28 2007 |
| MD5 Checksum: | 1bd474b25aceb117a8378f9633f4f4c3 |
|
| /// File Name: |
glsa-200712-18.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-18 - nnp discovered multiple vulnerabilities in the XML-RPC handler in the file webserver.c. The ws_addarg() function contains a format string vulnerability, as it does not properly sanitize username and password data from the Authorization: Basic HTTP header line (CVE-2007-5825). The ws_decodepassword() and ws_getheaders() functions do not correctly handle empty Authorization header lines, or header lines without a ':' character, leading to NULL pointer dereferences (CVE-2007-5824). Versions less than 0.2.4.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3200 | | Related CVE(s): | CVE-2007-5824, CVE-2007-5825 | | Last Modified: | Dec 29 15:42:01 2007 |
| MD5 Checksum: | 42ba0e2495aa71dc5c890aaff6b91084 |
|
| /// File Name: |
sa28035.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Cybozu Office, which can be exploited by malicious people to conduct cross-site scripting attacks, HTTP header injection attacks, or cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28035/ | | File Size: | 3198 | | Last Modified: | Dec 11 21:35:59 2007 |
| MD5 Checksum: | fc2ad7e36d0f947a6978a7ef5bfbc262 |
|
| /// File Name: |
ZDI-07-072.txt |
Description:
|
Vulnerabilities allow attackers to execute arbitrary code on vulnerable installations of Novell NetMail. User interaction is not required to exploit this vulnerability. The specific flaws exist in the AntiVirus agent which listens on a random high TCP port. The avirus.exe service protocol reads a user-supplied ASCII integer value as an argument to a memory allocation routine. The specified size is added to without any integer overflow checks and can therefore result in an under allocation. A subsequent memory copy operation can then corrupt the heap and eventually result in arbitrary code execution. Novell NetMail version 3.5.2 is affected.
| | Author: | Tenable Network Security | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3196 | | Related CVE(s): | CVE-2007-6302 | | Last Modified: | Dec 10 20:15:11 2007 |
| MD5 Checksum: | df7e4d6dd1b17c15d1b0b235ca44924c |
|
| /// File Name: |
sa28234.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been discovered in Ada Image Server, which can be exploited by malicious people to conduct cross-site scripting attacks or gain knowledge of sensitive information.
| | Homepage: | http://secunia.com/advisories/28234/ | | File Size: | 3196 | | Last Modified: | Dec 28 16:35:50 2007 |
| MD5 Checksum: | 4692f26a4fc6b6641f2829266bb31d72 |
|
| /// File Name: |
sa28082.txt |
Description:
|
Secunia Security Advisory - Hitachi has acknowledged some vulnerabilities in the Hitachi Web Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/28082/ | | File Size: | 3195 | | Last Modified: | Dec 13 18:02:52 2007 |
| MD5 Checksum: | c1fe5cdc74a924ac925c1b60e8df7c1d |
|
| /// File Name: |
ZDI-07-073.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the CRecalcProperty function in mshtml.dll. When rendering HTML after calling the setExpression methods, followed by a modification of the outerHTML property of a programatically created element. The vulnerable code dereferences a previously freed memory location which can be leveraged to execute arbitrary code. Affected versions are 5.01 SP4, 6, and 7.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3185 | | Related CVE(s): | CVE-2007-3902 | | Last Modified: | Dec 11 23:37:45 2007 |
| MD5 Checksum: | e0dac5f14981b09e1dc863847489ab40 |
|
| /// File Name: |
glsa-200712-20.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-20 - iDefense reported an integer overflow vulnerability in the cli_scanpe() function when parsing Portable Executable (PE) files packed in the MEW format, that could be exploited to cause a heap-based buffer overflow (CVE-2007-6335). Toeroek Edwin reported an off-by-one error when decompressing MS-ZIP compressed CAB files (CVE-2007-6336). An unspecified vulnerability related to the bzip2 decompression algorithm has also been discovered (CVE-2007-6337). Versions less than 0.91.2-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3181 | | Related CVE(s): | CVE-2007-6335, CVE-2007-6336, CVE-2007-6337 | | Last Modified: | Dec 29 15:43:01 2007 |
| MD5 Checksum: | d24f2caf1e6066ee693b8371b745cbde |
|
| /// File Name: |
R7-0031.txt |
Description:
|
Rapid7 Security Advisory - JFreeChart version 1.0.8 is susceptible to cross site scripting vulnerabilities.
| | Author: | Chad Loder | | Homepage: | http://www.rapid7.com/ | | File Size: | 3174 | | Last Modified: | Dec 7 19:55:53 2007 |
| MD5 Checksum: | 624ac6261db9a1ca5f6984808e5ba952 |
|
| /// File Name: |
MDKSA-2007-238.txt |
Description:
|
Mandriva Linux Security Advisory - Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3173 | | Related CVE(s): | CVE-2007-2741 | | Last Modified: | Dec 7 19:40:27 2007 |
| MD5 Checksum: | d8fe6af6c4d1519417166db8fb6b8b88 |
|
| /// File Name: |
sa26566.txt |
Description:
|
Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in Vantage Linguistics AnswerWorks, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26566/ | | File Size: | 3163 | | Last Modified: | Dec 11 23:24:38 2007 |
| MD5 Checksum: | a9c328f235ce44653edc3f42ab107b67 |
|
| /// File Name: |
CVE-2007-5342.txt |
Description:
|
The JULI logging component in Tomcat versions 5.5.9 through 5.5.25 and versions 6.0.0 to 6.0.15 allows web applications to provide their own logging configurations. The default security policy does not restrict this configuration and allows an untrusted web application to add files or overwrite existing files where the Tomcat process has the necessary file permissions to do so.
| | Author: | Delian Krustev | | Homepage: | http://tomcat.apache.org/security.html | | File Size: | 3156 | | Related CVE(s): | CVE-2007-5342 | | Last Modified: | Dec 24 18:18:29 2007 |
| MD5 Checksum: | d65c8164c8b1fe46229d21171c404d82 |
|
| /// File Name: |
sa27946.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for xorg-x11-xfs. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/27946/ | | File Size: | 3150 | | Last Modified: | Dec 10 20:32:38 2007 |
| MD5 Checksum: | 9c73bcd26cde2eff0ea253b448d2cab9 |
|
| /// File Name: |
MDKSA-2007-239.txt |
Description:
|
Mandriva Linux Security Advisory - It was found that the gss_userok() function in Heimdal 0.7.2 did not allocate memory for the ticketfile pointer before calling free(), which could possibly allow remote attackers to have an unknown impact via an invalid username. It is uncertain whether or not this is exploitable, however packages are being provided regardless.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3149 | | Related CVE(s): | CVE-2007-5939 | | Last Modified: | Dec 7 19:41:02 2007 |
| MD5 Checksum: | 151803a28f2157a089b6dac2183e73b4 |
|
| /// File Name: |
sa27968.txt |
Description:
|
Secunia Security Advisory - Michael Brooks has discovered some vulnerabilities in phpRPG, which can be exploited by malicious people to conduct SQL injection attacks and to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/27968/ | | File Size: | 3141 | | Last Modified: | Dec 17 19:56:59 2007 |
| MD5 Checksum: | bbe2f46050173512385563091565523b |
|
| /// File Name: |
ZDI-07-079.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard HP-UX operating system. Authentication is not required to exploit this vulnerability. The specific flaw exists within the function sw_rpc_agent_init (opcode 0x04) defined in swagentd. Specific malformed arguments can cause function pointers to be overwritten and thereby result in arbitrary code execution. HP-UX version 11.11 is affected.
| | Author: | Tenable Network Security | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3137 | | Related CVE(s): | CVE-2007-6195 | | Last Modified: | Dec 17 21:24:12 2007 |
| MD5 Checksum: | ad412a33d41e87fe9a61a70ae52818d0 |
|
| /// File Name: |
sa27871.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Symantec Mail Security, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27871/ | | File Size: | 3124 | | Last Modified: | Dec 12 17:55:08 2007 |
| MD5 Checksum: | 8d1f89ed7811e23baa117ff508d27679 |
|
| /// File Name: |
sa27879.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious people to disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/27879/ | | File Size: | 3114 | | Last Modified: | Dec 2 15:29:26 2007 |
| MD5 Checksum: | ab200279c579dfd51c5856551a73da1b |
|
| /// File Name: |
glsa-200712-16.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-16 - Meder Kydyraliev (Google Security) discovered an integer overflow vulnerability in the JpegThumbnail::setDataArea() method leading to a heap-based buffer overflow. Versions less than 0.13-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3099 | | Related CVE(s): | CVE-2007-6353 | | Last Modified: | Dec 29 15:40:56 2007 |
| MD5 Checksum: | fc872ddcea86f6cda5645bb69903878b |
|
| /// File Name: |
sa28092.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28092/ | | File Size: | 3098 | | Last Modified: | Dec 17 19:56:59 2007 |
| MD5 Checksum: | 9028766319777bb7d4fb9423f3b6ee8e |
|
| /// File Name: |
glsa-200712-05.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200712-05 - priyadi discovered that the request to store a URL string as a LOB is treated as a request to retrieve and store the contents of the URL. Versions less than 2.5.0_alpha1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3087 | | Related CVE(s): | CVE-2007-5934 | | Last Modified: | Dec 10 17:40:58 2007 |
| MD5 Checksum: | f9568a45ac52a80998d973e619b4c1bb |
|
| /// File Name: |
sa28169.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28169/ | | File Size: | 3081 | | Last Modified: | Dec 19 19:28:49 2007 |
| MD5 Checksum: | bbd62cc3f727abaf1706c728d1430b9d |
|
| /// File Name: |
sa27850.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for htdig. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/27850/ | | File Size: | 3078 | | Last Modified: | Dec 5 15:05:44 2007 |
| MD5 Checksum: | 6e9488a7c3083d75d7d9cd155b3af1e4 |
|
| /// File Name: |
sa28186.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Sun Java System Web Proxy Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/28186/ | | File Size: | 3071 | | Last Modified: | Dec 24 13:50:38 2007 |
| MD5 Checksum: | 13af0d82b9b7b49850346fbffa3350a9 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
