Section: .. / 0801-advisories /
| /// File Name: |
sa28523.txt |
Description:
|
Secunia Security Advisory - Digital Security Research Group has reported some vulnerabilities in BLOG:CMS, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting and SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/28523/ | | File Size: | 3124 | | Last Modified: | Jan 18 03:50:24 2008 |
| MD5 Checksum: | c151ad050a7aa1b1ef0d034a418ab1f3 |
|
| /// File Name: |
sa28525.txt |
Description:
|
Secunia Security Advisory - Fujitsu has acknowledged a vulnerability in Interstage HTTP Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/28525/ | | File Size: | 2882 | | Last Modified: | Jan 18 03:50:24 2008 |
| MD5 Checksum: | a386914c98b51e55d3c178c1c077c2f2 |
|
| /// File Name: |
sa28526.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for apache. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28526/ | | File Size: | 6046 | | Last Modified: | Jan 18 03:50:24 2008 |
| MD5 Checksum: | faa619e29b0d3dba5776431c26610b23 |
|
| /// File Name: |
sa28527.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for boost. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28527/ | | File Size: | 68667 | | Last Modified: | Jan 18 03:50:24 2008 |
| MD5 Checksum: | 1669d97f870362f0578172ff5f6826cc |
|
| /// File Name: |
sa28530.txt |
Description:
|
Secunia Security Advisory - Cody Pierce has reported a vulnerability in Cisco Unified Communications Manager (CUCM), which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28530/ | | File Size: | 3237 | | Last Modified: | Jan 18 03:50:24 2008 |
| MD5 Checksum: | 6952188f3fc915fe30ffd20b128cef1f |
|
| /// File Name: |
sa28531.txt |
Description:
|
Secunia Security Advisory - Aria-Security.Net has reported some vulnerabilities in Site2Nite Real Estate Web, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/28531/ | | File Size: | 2348 | | Last Modified: | Jan 18 03:50:24 2008 |
| MD5 Checksum: | d0164f7b6eebb74875b972e3e2541209 |
|
| /// File Name: |
sa28534.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities with unknown impact have been reported in Informix Dynamic Server.
| | Homepage: | http://secunia.com/advisories/28534/ | | File Size: | 2123 | | Last Modified: | Jan 18 03:50:24 2008 |
| MD5 Checksum: | a74c6a8e05c77249558d8869ca16e8fe |
|
| /// File Name: |
MDVSA-2008-016.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw found in the mod_imagemap module could lead to a cross-site scripting attack on sites where mod_imagemap was enabled and an imagemap file was publicly available. A flaw found in the mod_status module could lead to a cross-site scripting attack on sites where mod_status was enabled and the status pages were publicly available. A flaw found in the mod_proxy_balancer module could lead to a cross-site scripting attack against an authorized user on sites where mod_proxy_balancer was enabled. Another flaw in the mod_proxy_balancer module was found where, on sites with the module enabled, an authorized user could send a carefully crafted request that would cause the apache child process handling the request to crash, which could lead to a denial of service if using a threaded MPM. A flaw found in the mod_proxy_ftp module could lead to a cross-site scripting attack against web browsers which do not correctly derive the response character set following the rules in RFC 2616, on sites where the mod_proxy_ftp module was enabled.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 20603 | | Related CVE(s): | CVE-2007-5000, CVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005 | | Last Modified: | Jan 17 00:59:17 2008 |
| MD5 Checksum: | 72b735ddefb8eeff66a3a956e6a7dfa2 |
|
| /// File Name: |
MDVSA-2008-015.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw found in the mod_imagemap module could lead to a cross-site scripting attack on sites where mod_imagemap was enabled and an imagemap file was publicly available. A flaw found in the mod_status module could lead to a cross-site scripting attack on sites where mod_status was enabled and the status pages were publicly available. A flaw found in the mod_proxy_ftp module could lead to a cross-site scripting attack against web browsers which do not correctly derive the response character set following the rules in RFC 2616, on sites where the mod_proxy_ftp module was enabled.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7692 | | Related CVE(s): | CVE-2007-5000, CVE-2007-6388, CVE-2008-0005 | | Last Modified: | Jan 17 00:57:19 2008 |
| MD5 Checksum: | 0ed94da5fcca6e6eb55a8fe34371b8b5 |
|
| /// File Name: |
MDVSA-2008-014.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw found in the mod_autoindex module could lead to a cross-site scripting attack on sites where mod_autoindex was enabled and the AddDefaultCharset directive was removed from the configuration, against web browsers that did not correctly derive the response character set following the rules in RFC 2616. A flaw found in the mod_imagemap module could lead to a cross-site scripting attack on sites where mod_imagemap was enabled and an imagemap file was publicly available. A flaw found in the mod_status module could lead to a cross-site scripting attack on sites where mod_status was enabled and the status pages were publicly available. A flaw found in the mod_proxy_ftp module could lead to a cross-site scripting attack against web browsers which do not correctly derive the response character set following the rules in RFC 2616, on sites where the mod_proxy_ftp module was enabled.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4002 | | Related CVE(s): | CVE-2007-4465, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005 | | Last Modified: | Jan 17 00:56:17 2008 |
| MD5 Checksum: | 73ce39335778435b022b8ca44386cf69 |
|
| /// File Name: |
USN-570-1.txt |
Description:
|
Ubuntu Security Notice 570-1 - Will Drewry and Tavis Ormandy discovered that the boost library did not properly perform input validation on regular expressions. An attacker could send a specially crafted regular expression to an application linked against boost and cause a denial of service via application crash.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 73225 | | Related CVE(s): | CVE-2008-0171, CVE-2008-0172 | | Last Modified: | Jan 17 00:51:25 2008 |
| MD5 Checksum: | 8ee5840ddbe4e81b639e1bb9e6e31727 |
|
| /// File Name: |
TA08-016A.txt |
Description:
|
Technical Cyber Security Alert TA08-016A - Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3599 | | Last Modified: | Jan 17 00:49:01 2008 |
| MD5 Checksum: | 49a2544f2399b90c0735b5d79c90586b |
|
| /// File Name: |
TPTI-08-02.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco CallManager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CTL Provider Service, CTLProvider.exe, which binds to TCP port 2444. The service operates over a SSL encrypted transport. Due to a logic flaw in the way data is received in a loop a heap allocation can be arbitrarily overflown resulting in the control of subsequent heap chunks. This can lead to arbitrary code execution. Version 4.1(3) is affected.
| | Author: | Cody Pierce | | Homepage: | http://www.tippingpoint.com/ | | File Size: | 3168 | | Related CVE(s): | CVE-2008-0027 | | Last Modified: | Jan 17 00:42:37 2008 |
| MD5 Checksum: | 16bae68afdced69de791e3694c1655d4 |
|
| /// File Name: |
ruttorrent.txt |
Description:
|
BitTorrent versions 6.0 and below and uTorrent versions 1.7.5 and below suffer from a buffer overflow vulnerability.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | ruttorrent.zip | | File Size: | 3161 | | Last Modified: | Jan 17 00:40:42 2008 |
| MD5 Checksum: | 42380d6e8b7b18ae43d77db76b42ea6c |
|
| /// File Name: |
cisco-sa-20080116-cucmctl.txt |
Description:
|
Cisco Security Advisory - Cisco Unified Communications Manager (CUCM), formerly CallManager, contains a heap overflow vulnerability in the Certificate Trust List (CTL) Provider service that could allow a remote, unauthenticated user to cause a denial of service (DoS) condition or execute arbitrary code. There is a workaround for this vulnerability.
| | Homepage: | http://www.cisco.com/ | | File Size: | 14944 | | Related CVE(s): | CVE-2008-0027 | | Last Modified: | Jan 17 00:24:16 2008 |
| MD5 Checksum: | 97e3026e42de1ae8e311442a0ececf89 |
|
| /// File Name: |
sa27942.txt |
Description:
|
Secunia Security Advisory - Vikas Singhal has reported a vulnerability in IBM Lotus Sametime, which can be exploited by malicious users to execute arbitrary script code.
| | Homepage: | http://secunia.com/advisories/27942/ | | File Size: | 2445 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 43ddb402725a827916224d2b1391d826 |
|
| /// File Name: |
sa28085.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in the X2300 series, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28085/ | | File Size: | 2323 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 8461c2c19a1d6ab5c23d1d1fe13ebf62 |
|
| /// File Name: |
sa28425.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in ngIRCd, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28425/ | | File Size: | 2159 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | f1afcd03726523249b4bef6be5c3625b |
|
| /// File Name: |
sa28432.txt |
Description:
|
Secunia Security Advisory - ka0x has discovered some vulnerabilities in LulieBlog, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/28432/ | | File Size: | 2413 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | ab228087885c37ac2f787c2f21dda969 |
|
| /// File Name: |
sa28435.txt |
Description:
|
Secunia Security Advisory - rgod has discovered a vulnerability in the RTS Sentry PTZCamPanelCtrl ActiveX control, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28435/ | | File Size: | 2457 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 8d119dccd07c27ed5c0880d09b4885e7 |
|
| /// File Name: |
sa28450.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28450/ | | File Size: | 2027 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 8d0ff16c54a051bee399edcb08e799d0 |
|
| /// File Name: |
sa28455.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for postgresql and postgresql-server. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges or to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28455/ | | File Size: | 2195 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 91653a057d543acb4b3a3fc96ea33f2f |
|
| /// File Name: |
sa28463.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Radiator, which can potentially be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28463/ | | File Size: | 2239 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 3bf6da25c053803220f067f6c55072a2 |
|
| /// File Name: |
sa28476.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for cairo. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/28476/ | | File Size: | 2017 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | b3419806471cf523b02fcec4ac906fb4 |
|
| /// File Name: |
sa28483.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for syslog-ng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28483/ | | File Size: | 4665 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 1ab02b63dd1a1d04c3efa60dfa855cbc |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
