Section: .. / 0704-advisories /
| /// File Name: |
CYBSEC-stssrfc.txt |
Description:
|
CYBSEC Security Advisory - The SAP TRUSTED_SYSTEM_SECURITY RFC function suffers from an information disclosure.
| | Author: | Mariano Nunez Di Croce | | Homepage: | http://www.cybsec.com/ | | File Size: | 4206 | | Last Modified: | Apr 5 07:12:22 2007 |
| MD5 Checksum: | 4f7bd86ae441401da4957ba7da673a8d |
|
| /// File Name: |
n.runs-SA-2007.007.txt |
Description:
|
A remote exploitable format string vulnerability has been identified in the in the Sun Java Web Console. According to the Sun Security Coordination Team, Solaris 10 Operating System, Sun Java Web Console 2.2.2, Sun Java Web Console 2.2.3, Sun Java Web Console 2.2.4 and Sun Java Web Console 2.2.5 are affected.
| | Author: | Frank Dick | | Homepage: | http://www.nruns.com/ | | File Size: | 4191 | | Related CVE(s): | CVE-2007-1681 | | Last Modified: | Apr 19 04:17:19 2007 |
| MD5 Checksum: | f683ae2fcf22380124bf98ce1d61b2a3 |
|
| /// File Name: |
04.16.07-2.txt |
Description:
|
iDefense Security Advisory 04.16.07 - Remote exploitation of a buffer overflow vulnerability in Akamai Technologies, Inc's Download Manager ActiveX Control could allow an attacker to execute arbitrary code within the security context of the targeted user. iDefense has confirmed the existence of this vulnerability within version 2.2.0.5 of Akamai Technologies Inc's DownloadManagerV2.ocx. All older versions are suspected to be vulnerable.
| | Author: | McSlibin | | Homepage: | http://www.idefense.com/ | | File Size: | 4175 | | Related CVE(s): | CVE-2007-1891 | | Last Modified: | Apr 17 19:11:08 2007 |
| MD5 Checksum: | c84a7094094da11cbde394fb5d68e9d3 |
|
| /// File Name: |
MDKSA-2007-080-1.txt |
Description:
|
Mandriva Linux Security Advisory - Local exploitation of a memory corruption vulnerability in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. iDefense reported two integer overflows in the way X.org handled various font files. A malicious local user could exploit these issues to potentially execute arbitrary code with the privileges of the X.org server.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4174 | | Related CVE(s): | CVE-2007-1003, CVE-2007-1351, CVE-2007-1352 | | Last Modified: | Apr 11 06:58:06 2007 |
| MD5 Checksum: | 3857c812f92656bf7d1e2fc62b46d023 |
|
| /// File Name: |
MDKSA-2007-092.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple buffer overflows were found in the FreeRADIUS package version 1.0.4 and prior that could allow a remote attacker to cause a crash via the rlm_sqlcounter module. As well, an SQL injection vulnerability was also found in the rlm_sqlcounter that could allow a remote attacker to execute arbitrary SQL commands via unknown attack vectors.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4154 | | Related CVE(s): | CVE-2005-4746, CVE-2005-4745 | | Last Modified: | Apr 24 09:43:02 2007 |
| MD5 Checksum: | 18fb07741dd139aef29a89fcdc0788d9 |
|
| /// File Name: |
04.03.07-5.txt |
Description:
|
iDefense Security Advisory 04.03.07 - Local exploitation of a memory corruption vulnerability in the multiple vendor's X server implementations could allow an attacker to execute arbitrary code with elevated privileges. The XC-MISC extension is used by the X Server to manage resource IDs. It is built in to the X server by default. The vulnerability exists in the ProcXCMiscGetXIDList() function in the XC-MISC extension. This request is used to determine what resource IDs are available for use. Inside this function, the ALLOCATE_LOCAL() macro is used. This macro allocates memory on the stack or heap depending on the availability of the alloca() function. If alloca() is available, the stack is used, other wise the heap is used. Due to insufficient input validation, it is possible to cause memory corruption by passing specially crafted values to the ProcXCMiscGetXIDList() handler function. iDefense has confirmed the existence of this vulnerability in the X.org server version 7.1-1.1.0. Previous versions may also be affected.
| | Author: | Sean Larsson | | Homepage: | http://www.idefense.com/ | | File Size: | 4138 | | Related CVE(s): | CVE-2007-1003 | | Last Modified: | Apr 5 02:53:34 2007 |
| MD5 Checksum: | 8a1ce6c14dc43b109074fba25227ac61 |
|
| /// File Name: |
cpzl-lpe.txt |
Description:
|
ZoneAlarm's srescan.sys versions 5.0.155 and below suffer from a local privilege escalation vulnerability.
| | Author: | Ruben Santamarta | | File Size: | 4119 | | Last Modified: | Apr 24 09:40:27 2007 |
| MD5 Checksum: | 7f845a9089ba5a194901574a6286d244 |
|
| /// File Name: |
sa24909.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24909/ | | File Size: | 4086 | | Last Modified: | Apr 20 08:48:40 2007 |
| MD5 Checksum: | c06b8040ba25eeac42a5021ed169b97f |
|
| /// File Name: |
TA07-100A.txt |
Description:
|
Technical Cyber Security Alert TA07-100A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Microsoft Content Management Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4085 | | Last Modified: | Apr 11 06:52:16 2007 |
| MD5 Checksum: | 1d5870a076e87dd1d9757cff7f4ec740 |
|
| /// File Name: |
04.03.07-3.txt |
Description:
|
iDefense Security Advisory 04.03.07 - Local exploitation of an integer overflow vulnerability in multiple vendors' implementations of the X Window System server BDF font parsing component could allow execution of arbitrary commands with elevated privileges. The vulnerability specifically exists in the parsing of BDF fonts. When the X server encounters a specially crafted BDF font, an integer overflow occurs leading to a potentially exploitable heap overflow condition. iDefense has confirmed the existence of this vulnerability in X.Org X11R7.1. Older versions are suspected to be vulnerable. Additionally, it is reported that the freetype library is also vulnerable.
| | Author: | Greg MacManus | | Homepage: | http://www.idefense.com/ | | File Size: | 4069 | | Related CVE(s): | CVE-2007-1351 | | Last Modified: | Apr 5 02:58:56 2007 |
| MD5 Checksum: | 30359c8c7fc83b725aecaa519a4a0e4c |
|
| /// File Name: |
03.31.07-1.txt |
Description:
|
iDefense Security Advisory 03.31.07 - Remote exploitation of several buffer overflow vulnerabilities in ImageMagick, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the credentials used for image processing. An integer overflow exists ImageMagick's handling of DCM (Digital Imaging and Communications in Medicine) format files which allows an attacker to cause a heap-based buffer overflow. This vulnerability specifically exists in the ReadDCMImage() function. Two integer overflows exists ImageMagick's handling of XWD (X Windows Dump) format files that allows an attacker to cause a heap-based buffer overflow. The vulnerabilities specifically exist in the ReadXWDImage() function. An integer overflow could occur when calculating the amount of memory to allocate for the 'colors' or 'comment' field. iDefense has confirmed the existence of these vulnerabilities in ImageMagick version 6.3.x. Additionally, the source code for versions 6.3.1, 6.3.2, 6.3.3-3 and 6.2.9 contain the affected code. It is suspected that earlier versions of ImageMagick are also vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 4032 | | Last Modified: | Apr 3 02:52:07 2007 |
| MD5 Checksum: | e3db8efadfc4cefbd2fd80dafc869eba |
|
| /// File Name: |
sa24995.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to manipulate data, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to manipulate data, conduct cross-site scripting attacks, cause a DoS, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24995/ | | File Size: | 4029 | | Last Modified: | Apr 23 16:27:41 2007 |
| MD5 Checksum: | 22298b06d91f2d75ba3a5e4d8b22755f |
|
| /// File Name: |
04.09.07-1.txt |
Description:
|
iDefense Security Advisory 04.09.07 - Remote exploitation of a path-traversal vulnerability in AOL's AIM and ICQ could allow a remote attacker to place arbitrary files on the victim's machine during a file transfer operation. AIM and ICQ allow users to share and transfer files via a custom protocol. During file transfers, the sender is allowed to specify the display name of the file, and the filename used for the transfer. The recipient can only specify the folder in which to save the file. Due to an input validation flaw, the clients do not properly strip "../" traversal characters from the filename the attacker supplies. By specially encoding the path attackers can force the file to be saved to a directory of their choosing when the victim accepts the file transfer. iDefense has confirmed this vulnerability in ICQ version 5.1. Previous versions are suspected vulnerable. Additionally, AOL reported that AIM version 5.9 and prior are vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 4011 | | Last Modified: | Apr 10 08:22:44 2007 |
| MD5 Checksum: | 38118024af561f9ae30f4fab3499164f |
|
| /// File Name: |
secunia-maurl.txt |
Description:
|
Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in Microsoft Agent (agentsvr.exe) when processing specially crafted URLs passed as arguments to certain methods. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website with Internet Explorer.
| | Author: | JJ Reyes, Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 3968 | | Related CVE(s): | CVE-2007-1205 | | Last Modified: | Apr 11 06:46:46 2007 |
| MD5 Checksum: | ec7b10e3a00800dbdc1894e53024a6bd |
|
| /// File Name: |
04.03.07-4.txt |
Description:
|
iDefense Security Advisory 04.03.07 - Local exploitation of an integer overflow vulnerability in multiple vendors' implementations of the X Window System font information file parsing component could allow execution of arbitrary commands with elevated privileges. The vulnerability specifically exists in the parsing of the "fonts.dir" font information file. When the element count on the first line of the file specifies it contains more than 1,073,741,824 (2 to the power of 30) elements, a potentially exploitable heap overflow condition occurs. iDefense has confirmed the existence of this vulnerability in X.Org X11R7.1. Older versions are suspected to be vulnerable.
| | Author: | Greg MacManus | | Homepage: | http://www.idefense.com/ | | File Size: | 3951 | | Related CVE(s): | CVE-2007-1352 | | Last Modified: | Apr 5 02:59:16 2007 |
| MD5 Checksum: | 2d2d4358753d392f60c621adb8c53210 |
|
| /// File Name: |
apop-protocol.txt |
Description:
|
A security vulnerability has been discovered in the APOP protocol that is related to the recent collision attacks by Wang and al. against MD5. Using the man in the middle setting, one can recover the first characters of the password with a few hundred authentications from the client.
| | Author: | Gaetan Leurent | | File Size: | 3943 | | Related CVE(s): | CVE-2007-1558 | | Last Modified: | Apr 3 02:50:55 2007 |
| MD5 Checksum: | 1da7794eae5e8de66bf5e76901e835aa |
|
| /// File Name: |
webmethods-glue.txt |
Description:
|
webMethods Security Advisory - The Glue console versions 4.x, 5.x, and 6.x are susceptible to a directory traversal vulnerability.
| | Author: | Jeremy Epstein | | Homepage: | http://www.webmethods.com/ | | File Size: | 3878 | | Last Modified: | Apr 19 02:49:58 2007 |
| MD5 Checksum: | 844b3c0d6236147f7e3b7477783b3f21 |
|
| /// File Name: |
sa24777.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges, and by malicious people to cause a DoS.
| | Homepage: | http://secunia.com/advisories/24777/ | | File Size: | 3858 | | Last Modified: | Apr 7 21:35:58 2007 |
| MD5 Checksum: | dca536f0a6cf516b3e11a2fad256b0d8 |
|
| /// File Name: |
sa24740.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Kerberos, which can be exploited by malicious users to cause a DoS or compromise a vulnerable system and by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/24740/ | | File Size: | 3838 | | Last Modified: | Apr 5 00:36:24 2007 |
| MD5 Checksum: | e5eaee55fc6a06faa5ecc2f660ee435e |
|
| /// File Name: |
04.26.07-1.txt |
Description:
|
iDefense Security Advisory 04.26.07 - Remote exploitation of a denial of service (DoS) vulnerability in Novell Inc.'s eDirectory product could allow an attacker to force the running daemon to cease servicing requests. The problem specifically exists within the NCP functionality of eDirectory. Sending a sequence of specially crafted fragmented requests will cause a DoS condition. iDefense has confirmed the existence of this vulnerability in version 8.8.1 of Novell Inc.'s eDirectory server with FTF1 applied. The earliest version tested was 8.8. Earlier versions are suspected to be vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3838 | | Related CVE(s): | CVE-2006-4520 | | Last Modified: | May 3 02:11:38 2007 |
| MD5 Checksum: | 48a75120cc625ccfb07acaa52aedc405 |
|
| /// File Name: |
sa24778.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in various Kaspersky products, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to gain knowledge of sensitive information, cause a DoS (Denial of Service), and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24778/ | | File Size: | 3804 | | Last Modified: | Apr 7 21:35:58 2007 |
| MD5 Checksum: | e3a4e5ea4464b62df4b9e1a190a4fbfa |
|
| /// File Name: |
TA07-109A.txt |
Description:
|
Technical Cyber Security Alert TA07-109A - Apple has released Security Update 2007-004 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Attackers may take advantage of the less serious vulnerabilities to bypass security restrictions or cause a denial of service.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3803 | | Last Modified: | Apr 23 05:37:19 2007 |
| MD5 Checksum: | a1faec9291f00d2264a25b5145652dda |
|
| /// File Name: |
sa22896.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/22896/ | | File Size: | 3773 | | Last Modified: | Apr 11 04:12:21 2007 |
| MD5 Checksum: | c8fb26241ae460fa30d13c20754dcab9 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
