Section: .. / 0804-advisories /
| /// File Name: |
04.09.08-5.txt |
Description:
|
iDefense Security Advisory 04.09.08 - Local exploitation of a buffer overflow vulnerability in the db2dasrrm program, as included with IBM Corp.'s DB2 Universal Database, allows attackers to elevate privileges to root. This vulnerability exists due to insufficient validation of the length of the attacker-supplied "DASPROF" environment variable contents. By setting the variable to a specially crafted string, an attacker can cause a buffer overflow when the string is copied into a static-sized buffer stored on the stack. By overflowing the buffer, the attacker can overwrite execution control structures stored on the stack and execute arbitrary code. iDefense has confirmed the existence of this vulnerability in IBM Corp.'s DB2 Universal Database 9.1 with Fix Pack 4 installed on a Linux system. Versions for other supported UNIX-like systems should also be considered vulnerable. All previously released versions are suspected vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 4062 | | Related CVE(s): | CVE-2007-5758 | | Last Modified: | Apr 15 22:16:23 2008 |
| MD5 Checksum: | 707b582fccd117b5532fac441a0b1f86 |
|
| /// File Name: |
secunia-lotusnotes.txt |
Description:
|
Secunia Research has discovered a vulnerability in Lotus Notes, which can be exploited by malicious people to compromise a user's system. A boundary error within kvdocve.dll when processing overly long paths can be exploited to cause a buffer overflow via e.g. an overly long link inside the "src" attribute of an ![]() tag in an HTML document. Lotus Notes versions 7.0.2 and 7.0.3 are affected.
| | Author: | Secunia Research | | Homepage: | http://secunia.com/ | | File Size: | 4052 | | Related CVE(s): | CVE-2008-1101 | | Last Modified: | Apr 14 16:50:35 2008 |
| MD5 Checksum: | c73dd6de3a917119766b3fc6935c9997 |
|
| /// File Name: |
INFIGO-2008-04-08.txt |
Description:
|
INFIGO IS's security team has identified a critical remote buffer overflow vulnerability in the latest ICQ version (ICQ 6.0).
| | Author: | Leon Juranic | | Homepage: | http://www.infigo.hr/ | | File Size: | 4045 | | Last Modified: | Apr 16 17:52:46 2008 |
| MD5 Checksum: | c38cbe7ca06aa48e9bbb69dd2592ca5c |
|
| /// File Name: |
04.14.08-2.txt |
Description:
|
iDefense Security Advisory 04.14.08 - Remote exploitation of a heap overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. The vulnerability exists within the code responsible for reading in sections within a PE binary packed with the WWPack executable compressor. iDefense has confirmed the existence of this vulnerability in ClamAV 0.92.1. Previous versions may also be affected.
| | Author: | Damian Put, Thomas Pollet | | Homepage: | http://www.idefense.com/ | | File Size: | 4038 | | Last Modified: | Apr 15 22:20:03 2008 |
| MD5 Checksum: | 1c921dba4cf8fb44e3d81f7dfc3c50eb |
|
| /// File Name: |
sa29696.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to poison the DNS cache.
| | Homepage: | http://secunia.com/advisories/29696/ | | File Size: | 4017 | | Last Modified: | Apr 8 22:22:39 2008 |
| MD5 Checksum: | f7c72395f365c55a31708c5a008efefb |
|
| /// File Name: |
04.09.08-4.txt |
Description:
|
iDefense Security Advisory 04.09.08 - Local exploitation of a file creation vulnerability in the Administration Server of IBM Corp.'s DB2 Universal Database allows attackers to elevate privileges to root. This vulnerability exists due to unsafe file access from within the db2dasrrm program. When a user starts the DAS, the "db2dasrrm" process is started with root privileges. As part of the initialization, the "dasRecoveryIndex", "dasRecoveryIndex.tmp", ".dasRecoveryIndex.lock", and "dasRecoveryIndex.cor" files are created with root privileges. By removing and re-creating these files as symbolic links, an attacker can create arbitrary files as root. iDefense has confirmed the existence of this vulnerability in IBM Corp.'s DB2 Universal Database 9.1 release with Fix Pack 3 installed on Linux. Other versions are also suspected to be vulnerable.
| | Author: | Joshua J. Drake | | Homepage: | http://www.idefense.com/ | | File Size: | 4008 | | Related CVE(s): | CVE-2007-5664 | | Last Modified: | Apr 15 22:15:20 2008 |
| MD5 Checksum: | 12426a5c9832c9d2997923db61030702 |
|
| /// File Name: |
TA08-100A.txt |
Description:
|
Technical Cyber Security Alert TA08-100A - Adobe has released Security advisory APSB08-11 to address multiple vulnerabilities affecting Adobe Flash. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3968 | | Last Modified: | Apr 10 10:11:41 2008 |
| MD5 Checksum: | aaecb686c739ae7287dc60f8b5b2039f |
|
| /// File Name: |
04.17.08-4.txt |
Description:
|
iDefense Security Advisory 04.17.08 - Remote exploitation of an integer underflow vulnerability in OpenOffice, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged in user. The vulnerability exists within the code responsible for converting the QPRO file into an internal representation used by OpenOffice. A 16-bit integer is read in from the file, and later used as a loop counter that controls how many values are stored into local stack buffers. When verifying the value of this counter, the code decrements the counter without checking to see if this operation will underflow. This results in the loop running for many iterations, which leads to a stack based buffer overflow. This allows for the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in OpenOffice version 2.3. Other versions may also be affected.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3946 | | Related CVE(s): | CVE-2007-5747 | | Last Modified: | Apr 17 18:36:05 2008 |
| MD5 Checksum: | bb8c108060a98986dc60dc8fba35eb6a |
|
| /// File Name: |
dsa-1559-1.txt |
Description:
|
Debian Security Advisory 1559-1 - It was discovered that phpGedView, an application to provide online access to genealogical data, performed insufficient input sanitising on some parameters, making it vulnerable to cross site scripting.
| | Homepage: | http://www.debian.org/security | | File Size: | 3872 | | Related CVE(s): | CVE-2007-5051 | | Last Modified: | Apr 28 11:05:57 2008 |
| MD5 Checksum: | fb2de4d559a520307a827d13e3789d95 |
|
| /// File Name: |
04.17.08-3.txt |
Description:
|
iDefense Security Advisory 04.17.08 - Remote exploitation of multiple buffer overflow vulnerabilities in OpenOffice, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged in user. The first vulnerability occurs when parsing "Attribute" records from the file. Due to a lack of bounds checking during a loop that reads these records, an attacker can trigger a heap overflow by inserting more than 256 records. The second vulnerability is nearly identical to the first one, but involves the "Font Description" record instead of the "Attribute" record.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3803 | | Related CVE(s): | CVE-2007-5745 | | Last Modified: | Apr 17 18:59:21 2008 |
| MD5 Checksum: | a66e4b3978c2bc5122466afa7333419f |
|
| /// File Name: |
sa29764.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for pdns-recursor. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
| | Homepage: | http://secunia.com/advisories/29764/ | | File Size: | 3802 | | Last Modified: | Apr 10 18:15:45 2008 |
| MD5 Checksum: | 2a92b1c0a82dddd4b48222edb5a6d1e9 |
|
| /// File Name: |
sa29897.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for IBM Java. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), bypass certain security restrictions, manipulate data, disclose sensitive information, or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29897/ | | File Size: | 3779 | | Last Modified: | Apr 28 18:26:27 2008 |
| MD5 Checksum: | a036fee3c4b64449ac98628793340003 |
|
| /// File Name: |
wordpress-cookie-integrity.txt |
Description:
|
An attacker, who is able to register a specially crafted username on a Wordpress 2.5 installation, is able to generate authentication cookies for other chosen accounts. This is not good.
| | Author: | Steven J. Murdoch | | Homepage: | http://www.cl.cam.ac.uk/users/sjm217/ | | File Size: | 3767 | | Related CVE(s): | CVE-2008-1930 | | Last Modified: | Apr 25 11:57:22 2008 |
| MD5 Checksum: | 4dc92444f474cfd6cca874b7f41b46bd |
|
| /// File Name: |
04.08.08-1.txt |
Description:
|
iDefense Security Advisory 04.08.08 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Microsoft Help 2.5 ActiveX control allows an attacker to execute arbitrary code with the privileges of the logged-on user. iDefense has confirmed this vulnerability in version 2.05.50727.42 of hxvz.dll, which is installed with Visual Studio 2005.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3697 | | Related CVE(s): | CVE-2008-1086 | | Last Modified: | Apr 8 23:44:24 2008 |
| MD5 Checksum: | 252bf709b78f3aa9cd4974404430f954 |
|
| /// File Name: |
sa29744.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Avaya SIP Enablement Services, which can be exploited by malicious users and malicious people to conduct SQL injection attacks, bypass certain security restrictions, and potentially to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29744/ | | File Size: | 3683 | | Last Modified: | Apr 10 10:08:38 2008 |
| MD5 Checksum: | 4e75ea6c90c460036f3cc523130ecc6a |
|
| /// File Name: |
sa30009.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/30009/ | | File Size: | 3679 | | Last Modified: | Apr 29 19:20:27 2008 |
| MD5 Checksum: | b3702b1b7cb4cccab69d456049938618 |
|
| /// File Name: |
dsa-1557-1.txt |
Description:
|
Debian Security Advisory 1557-1 - Several remote vulnerabilities have been discovered in phpMyAdmin, an application to administrate MySQL over the WWW. Attackers with CREATE table permissions were allowed to read arbitrary files readable by the webserver via a crafted HTTP POST request. The PHP session data file stored the username and password of a logged in user, which in some setups can be read by a local user. Cross site scripting and SQL injection were possible by attackers that had permission to create cookies in the same cookie domain as phpMyAdmin runs in.
| | Homepage: | http://www.debian.org/security | | File Size: | 3673 | | Related CVE(s): | CVE-2008-1149, CVE-2008-1567, CVE-2008-1924 | | Last Modified: | Apr 24 16:46:15 2008 |
| MD5 Checksum: | 048c9857c58552e12caabe6fe8388596 |
|
| /// File Name: |
04.02.08-3.txt |
Description:
|
iDefense Security Advisory 04.02.08 - Remote exploitation of a design error in an ActiveX control installed with Symantec Norton Internet Security 2008 could allow for the execution of arbitrary code. iDefense confirmed that this vulnerability exists in version 2.7.0.1 of the control that is installed with the 2008 version of Norton Internet Security. Other versions may also be available.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3655 | | Related CVE(s): | CVE-2008-0313 | | Last Modified: | Apr 4 18:56:33 2008 |
| MD5 Checksum: | c63a4b10122d61c0886a3797d862f1e5 |
|
| /// File Name: |
TA08-094A.txt |
Description:
|
Technical Cyber Security Alert TA08-094A - Apple QuickTime contains multiple vulnerabilities as described in the Apple Knowledgebase article HT1241. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3628 | | Last Modified: | Apr 4 17:57:46 2008 |
| MD5 Checksum: | 60f2970d4d83177489a7d4ebb3c8d958 |
|
| /// File Name: |
04.15.08-1.txt |
Description:
|
iDefense Security Advisory 04.15.08 - Local exploitation of a design error vulnerability in Oracle Corp.'s Application Express web application development tool allows attackers to gain elevated privileges. The vulnerability exists in "run_ddl" function within the "wwv_execute_immediate" package. This package is included in the "flows_030000" schema. This function allows attackers to execute SQL commands as any database user, such as SYS. iDefense confirmed the existence of this vulnerability in Oracle Application Express version 3.0.1.00.08, which is installed by default with Oracle Database 11g R1 (version 11.1.0.6.0). Previous versions may also be affected. However, Oracle Database 10g R2 does not install Oracle Application Express by default.
| | Author: | Joxean Koret | | Homepage: | http://www.idefense.com/ | | File Size: | 3626 | | Related CVE(s): | CVE-2008-1811 | | Last Modified: | Apr 16 17:56:48 2008 |
| MD5 Checksum: | 1e409ad2d78ffd4cf194be4d198943f6 |
|
| /// File Name: |
sa29784.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in IBM DB2, which can be exploited by malicious, local users to perform certain actions with escalated privileges or gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/29784/ | | File Size: | 3602 | | Last Modified: | Apr 16 17:41:11 2008 |
| MD5 Checksum: | 9512ba9a95045197b5dd424c6c094f00 |
|
| /// File Name: |
NDSA20080215.txt |
Description:
|
Nth Dimension Security Advisory (NDSA20080215) - The Festival server is vulnerable to unauthenticated remote code execution. Further research indicates that this vulnerability has already been reported as a local privilege escalation against both the Gentoo and SuSE GNU/Linux distributions. The remote form of this vulnerability was identified in 1.96~beta-5 as distributed in Debian unstable but it is also believed that Ubuntu Hardy Heron was affected.
| | Author: | Tim Brown | | Homepage: | http://www.nth-dimension.org.uk/ | | File Size: | 3589 | | Last Modified: | Apr 4 20:02:03 2008 |
| MD5 Checksum: | 8491b07e54d530655b227b344f7bff1a |
|
| /// File Name: |
04.02.08-2.txt |
Description:
|
iDefense Security Advisory 04.02.08 - Remote exploitation of a buffer overflow vulnerability in an ActiveX control installed by Symantec Norton Internet Security 2008 could allow for the execution of arbitrary code. iDefense confirmed that this vulnerability exists in version 2.7.0.1 of the control that is installed with the 2008 version of Norton Internet Security. Other versions may also be available.
| | Author: | Peter Vreugdenhil | | Homepage: | http://www.idefense.com/ | | File Size: | 3584 | | Related CVE(s): | CVE-2008-0312 | | Last Modified: | Apr 4 18:55:41 2008 |
| MD5 Checksum: | a0998a74f1cfaf08d9aee600fca2915b |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
