Section: .. / 0706-advisories /
| /// File Name: |
orkut-mgmt.txt |
Description:
|
Orkut fails to expire or disable the session associated with the 'orkut_state' cookie when the user logs out or fails to authenticate himself during a session.
| | Author: | Susam Pal, Vipul Agarwal | | Homepage: | http://susam.in/ | | File Size: | 3904 | | Last Modified: | Jun 26 17:36:28 2007 |
| MD5 Checksum: | ebca9200ec76ca4d7f8e208ea9705875 |
|
| /// File Name: |
MS07-034.txt |
Description:
|
In Internet Explorer, using the mhtml: protocol handler and using Outlook Express's feature, arbitrary resources (such as HTML, image, application file and so on) can opened as MHTML formatted file and Content-Type: is disregarded.
| | Author: | Yosuke HASEGAWA | | File Size: | 4821 | | Related CVE(s): | CVE-2007-2225, CVE-2007-2227 | | Last Modified: | Jun 26 17:10:40 2007 |
| MD5 Checksum: | 168316744bd608455c87ac2a6ce49c80 |
|
| /// File Name: |
MDKSA-2007-134.txt |
Description:
|
Mandriva Linux Security Advisory - xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3165 | | Related CVE(s): | CVE-2007-2654 | | Last Modified: | Jun 26 16:44:28 2007 |
| MD5 Checksum: | 578426dbad18f764f6cd2fd8dd3f751d |
|
| /// File Name: |
USN-475-1.txt |
Description:
|
Ubuntu Security Notice 475-1 - Philip Van Hoof discovered that the IMAP client in Evolution did not correctly verify the SEQUENCE value. A malicious or spoofed server could exploit this to execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 48613 | | Related CVE(s): | CVE-2007-3257 | | Last Modified: | Jun 26 16:43:45 2007 |
| MD5 Checksum: | 0d535d8beab5c8d5730b82bfe3de4ca2 |
|
| /// File Name: |
MDKSA-2007-133.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in emacs was discovered where it would crash when processing certain types of images.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6319 | | Related CVE(s): | CVE-2007-2833 | | Last Modified: | Jun 26 16:07:36 2007 |
| MD5 Checksum: | 40842a9a1632f2f9968084206cf41db0 |
|
| /// File Name: |
06.21.07-1.txt |
Description:
|
iDefense Security Advisory 06.21.07 - Remote exploitation of multiple heap overflow vulnerabilities in Ingres Database Server as distributed with Computer Associates International Inc.'s (CA) products may allow attackers to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of this vulnerability in Ingres Database 3.0.3 as included with CA eTrust Secure Content Manager r8 on Windows. Previous versions may also be affected. In addition, any application that uses the Ingres Database may be vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3897 | | Related CVE(s): | CVE-2007-3334 | | Last Modified: | Jun 26 16:06:58 2007 |
| MD5 Checksum: | e033fbe06445e035163720fa22acc31b |
|
| /// File Name: |
SSRT071438.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
| | Homepage: | http://www.hp.com | | File Size: | 9887 | | Last Modified: | Jun 26 16:05:22 2007 |
| MD5 Checksum: | 48ba65640898843db17d427d04539d5b |
|
| /// File Name: |
MDKSA-2007-132.txt |
Description:
|
Mandriva Linux Security Advisory - The 802.11 network stack in MadWifi prior to 0.9.3.1 would allow remote attackers to cause a denial of service (system hang) via a crafted length field in nested 802.3 Ethernet frames in Fast Frame packets, which results in a NULL pointer dereference. The ath_beacon_config function in MadWifi prior to 0.9.3.1 would allow a remote attacker to cause a denial of service (system crash) via crafted beacon interval information when scanning for access points, which triggered a divide-by-zero error. An array index error in MadWifi prior to 0.9.3.1 would allow a local user to cause a denial of service (system crash) and possibly obtain kerenl memory contents, as well as possibly allowing for the execution of arbitrary code via a large negative array index value.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4763 | | Related CVE(s): | CVE-2007-2829, CVE-2007-2830, CVE-2007-2831 | | Last Modified: | Jun 26 16:01:21 2007 |
| MD5 Checksum: | b4e3166d8c902f2cb37ff36e742f985d |
|
| /// File Name: |
vlc086b-overflow.txt |
Description:
|
VLC 0.8.6.b is vulnerable to a format string attack in the parsing of Vorbis comments in Ogg Vorbis and Ogg Theora files, CDDA data or SAP/SDP service discovery messages. Additionally, there are two errors in the handling of wav files, one a denial of service due to an uninitialized variable, and one integer overflow in sampling frequency calculations.
| | Homepage: | http://www.isecpartners.com/ | | File Size: | 1831 | | Last Modified: | Jun 26 15:59:15 2007 |
| MD5 Checksum: | fd2898dba3f967890e3be5702c5a427f |
|
| /// File Name: |
dsa-1316.txt |
Description:
|
Debian Security Advisory 1316-1 - It has been discovered that emacs, the GNU Emacs editor, will crash when processing certain types of images.
| | Homepage: | http://www.debian.org/security | | File Size: | 8679 | | Related CVE(s): | CVE-2007-2833 | | Last Modified: | Jun 26 15:58:01 2007 |
| MD5 Checksum: | b779f8ecf103d889e688ab54cc3f0a8d |
|
| /// File Name: |
MDKSA-2007-130.txt |
Description:
|
Mandriva Linux Security Advisory - The Auth API in ProFTPD, when multiple simultaneous authentication modules are configured, did not require that the module that checks authentication is the same module that retrieves authentication data, which could possibly be used to allow remote attackers to bypass authentication. The updated packages have been patched to prevent this issue. As well, this update provides proper PAM configuration files for ProFTPD on Corporate Server 4 that had prevented any mod_auth_pam-based connections from succeeding authentication.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 15611 | | Related CVE(s): | CVE-2007-2165 | | Last Modified: | Jun 21 15:53:42 2007 |
| MD5 Checksum: | 826a791c6e040487d46c183cfbe3ad6c |
|
| /// File Name: |
SSRT061274.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified in HP Help and Support Center running on HP Notebook Computers running with Windows XP. The vulnerability could be remotely exploited to allow unauthorized access to the system.
| | Homepage: | http://www.hp.com | | File Size: | 6282 | | Related CVE(s): | CVE-2007-3180 | | Last Modified: | Jun 21 15:42:35 2007 |
| MD5 Checksum: | aa58f0981590abade668fda77947ee5a |
|
| /// File Name: |
MDKSA-2007-129.txt |
Description:
|
Mandriva Linux Security Advisory - A function in the JasPer JPEG-2000 library before 1.900 could allow a remote user-assisted attack to cause a crash and possibly corrupt the heap via malformed image files.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5087 | | Related CVE(s): | CVE-2007-2721 | | Last Modified: | Jun 21 14:48:31 2007 |
| MD5 Checksum: | 27478e8de46fe19cc20e9a1370670d80 |
|
| /// File Name: |
MDKSA-2007-128.txt |
Description:
|
Mandriva Linux Security Advisory - Another integer overflow was found in the way libexif parses EXIF image tags. An individual who opened a carefully-crafted EXIF image file could cause the application linked against libexif to crash or possibly execute arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4757 | | Related CVE(s): | CVE-2007-4168 | | Last Modified: | Jun 21 14:47:59 2007 |
| MD5 Checksum: | 9f94bb3a1ce4d69a493e5abdb771f595 |
|
| /// File Name: |
prefork.txt |
Description:
|
Apache suffers from some prefork MPM vulnerabilities.
| | Author: | PSNC Security Team | | Homepage: | http://security.psnc.pl/ | | File Size: | 7803 | | Last Modified: | Jun 21 14:47:24 2007 |
| MD5 Checksum: | 01195ad82df99dec01150fe86c8b4e75 |
|
| /// File Name: |
MDKSA-2007-127.txt |
Description:
|
Mandriva Linux Security Advisory - The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously-used data, which could be used to obtain potentially sensitive information by unauthorized users.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6416 | | Related CVE(s): | CVE-2007-1862 | | Last Modified: | Jun 21 14:39:43 2007 |
| MD5 Checksum: | a2d99b7c205baa5dde22550c005bc258 |
|
| /// File Name: |
glsa-200706-07.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200706-07 - Alexios Fakos from n.runs AG has discovered multiple vulnerabilities in PHProjekt, including the execution of arbitrary SQL commands using unknown vectors (CVE-2007-1575), the execution of arbitrary PHP code using an unrestricted file upload (CVE-2007-1639), cross-site request forgeries using different modules (CVE-2007-1638), and a cross-site scripting attack using unknown vectors (CVE-2007-1576). Versions less than 5.2.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3159 | | Related CVE(s): | CVE-2007-1575, CVE-2007-1576, CVE-2007-1638, CVE-2007-1639 | | Last Modified: | Jun 21 14:37:43 2007 |
| MD5 Checksum: | 968e9959aa4eb7d59e528a545d790d4b |
|
| /// File Name: |
glsa-200706-06.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200706-06 - Mozilla developers fixed several bugs involving memory corruption through various vectors (CVE-2007-2867, CVE-2007-2868). Additionally, several errors leading to crash, memory exhaustion or CPU consumption were fixed (CVE-2007-1362, CVE-2007-2869). Finally, errors related to the APOP protocol (CVE-2007-1558), XSS prevention (CVE-2007-2870) and spoofing prevention (CVE-2007-2871) were fixed. Versions less than 2.0.0.4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 5791 | | Related CVE(s): | CVE-2007-1362, CVE-2007-1558, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871 | | Last Modified: | Jun 21 14:33:48 2007 |
| MD5 Checksum: | 5a300a1b7e16245de39560d40541fd2f |
|
| /// File Name: |
dsa-1315-1.txt |
Description:
|
Debian Security Advisory 1315-1 - Thor Larholm discovered that libphp-phpmailer, an email transfer class for PHP, performs insufficient input validation if configured to use Sendmail. This allows the execution of arbitrary shell commands.
| | Homepage: | http://www.debian.org/security | | File Size: | 3016 | | Related CVE(s): | CVE-2007-3215 | | Last Modified: | Jun 21 14:33:39 2007 |
| MD5 Checksum: | 692f0bc4b19f0e5ec187abf3effdab85 |
|
| /// File Name: |
SSRT071334.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP System Management Homepage (SMH) for Linux. This vulnerability could be exploited remotely to gain privileged access.
| | Homepage: | http://www.hp.com | | File Size: | 5809 | | Last Modified: | Jun 20 01:27:47 2007 |
| MD5 Checksum: | 411daf4a727f6fa49a41b959c4a3db4b |
|
| /// File Name: |
dsa-1314-1.txt |
Description:
|
Debian Security Advisory 1314-1 - Several local and remote vulnerabilities have been discovered in open-iscsi, a transport-independent iSCSI implementation. Olaf Kirch discovered that due to a programming error access to the management interface socket was insufficiently protected, which allows denial of service. He also discovered that access to a semaphore used in the logging code was insufficiently protected, allowing denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 5228 | | Related CVE(s): | CVE-2007-3099, CVE-2007-3100 | | Last Modified: | Jun 20 01:10:38 2007 |
| MD5 Checksum: | ecc345e3ad4eeca7fb2d34a3c8c14dba |
|
| /// File Name: |
dsa-1313-1.txt |
Description:
|
Debian Security Advisory 1313-1 - Stefan Cornelius and Reimar Doeffinger discovered that the MPlayer movie player performs insufficient boundary checks when accessing CDDB data, which might lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 4991 | | Related CVE(s): | CVE-2007-2948 | | Last Modified: | Jun 20 01:05:58 2007 |
| MD5 Checksum: | 87c7c2e84d54f3cccbadcc1604519ab1 |
|
| /// File Name: |
maradns-dos.txt |
Description:
|
MaraDNS versions 1.2.12.05-stable and below and 1.3.04-testing and below suffer from a denial of service condition.
| | Author: | Joao Antunes | | File Size: | 1309 | | Last Modified: | Jun 20 00:58:34 2007 |
| MD5 Checksum: | 43b9ef6d73586725777de4d3463a7a3a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
