Section: .. / 0709-advisories /
| /// File Name: |
MDKSA-2007-189.txt |
Description:
|
Mandriva Linux Security Advisory - A buffer overflow vulnerability was discovered in t1lib due to improper bounds checking. An attacker could send specially crafted input to an application linked against t1lib which could lead to a denial of service or the execution of arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6570 | | Related CVE(s): | CVE-2007-4033 | | Last Modified: | Sep 27 21:30:57 2007 |
| MD5 Checksum: | d75f1fdc0c361fc7740e1dcd2cf00fde |
|
| /// File Name: |
dsa-1288-2.txt |
Description:
|
Debian Security Advisory 1288-2 - A regression in the handling of out-of-order sequence numbers of some MPPE implementations was fixed.
| | Homepage: | http://www.debian.org/security | | File Size: | 6543 | | Related CVE(s): | CVE-2007-0244 | | Last Modified: | Sep 5 01:18:35 2007 |
| MD5 Checksum: | 67587c0adc1bd4a06d9cb972f6bf9417 |
|
| /// File Name: |
sa26697.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for librpcsecgss. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26697/ | | File Size: | 6527 | | Last Modified: | Sep 5 19:40:40 2007 |
| MD5 Checksum: | 37bd912531f6837bf761a167f1cc6407 |
|
| /// File Name: |
sa26909.txt |
Description:
|
Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, perform certain actions with escalated privileges, or to cause a DoS (Denial of Service), by malicious users to bypass certain security restrictions, and by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26909/ | | File Size: | 6467 | | Last Modified: | Sep 20 20:45:07 2007 |
| MD5 Checksum: | 77909854e02722661812255bc534aee3 |
|
| /// File Name: |
sa26791.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for avahi. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26791/ | | File Size: | 6337 | | Last Modified: | Sep 18 21:26:49 2007 |
| MD5 Checksum: | 1847c62397cb8527e9ac12a5a349c9a8 |
|
| /// File Name: |
09.25.07-1.txt |
Description:
|
iDefense Security Advisory 09.25.07 - Local exploitation of an information disclosure vulnerability within the ALSA driver included in the Linux Kernel allows attackers to obtain sensitive information from kernel memory. iDefense has confirmed the existence of this vulnerability in version 2.6.22.1 of the Linux Kernel as installed with Fedora CORE 7. It is suspected that other versions are also vulnerable.
| | Author: | Neil Kettle | | Homepage: | http://www.idefense.com/ | | File Size: | 6326 | | Related CVE(s): | CVE-2007-4571 | | Last Modified: | Sep 25 21:49:31 2007 |
| MD5 Checksum: | b54ceb0a50118fd13539c52516f922cf |
|
| /// File Name: |
SSRT071439.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified in HP-UX running the logins(1M) command. This command incorrectly reports password status. As a result password issues may not be detected, allowing remote unauthorized access.
| | Homepage: | http://www.hp.com/ | | File Size: | 6287 | | Last Modified: | Sep 20 04:38:05 2007 |
| MD5 Checksum: | 49084d4aa243b4dd35a9878e3d7681e6 |
|
| /// File Name: |
sa26859.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for xorg-server. This fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/26859/ | | File Size: | 6247 | | Last Modified: | Sep 20 04:11:10 2007 |
| MD5 Checksum: | a112d57824d8b0f2a8946451029c2ef6 |
|
| /// File Name: |
sa26829.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for quagga. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26829/ | | File Size: | 6231 | | Last Modified: | Sep 18 10:57:19 2007 |
| MD5 Checksum: | f7ff8f5f188e44db5b63dc7f1f43efe6 |
|
| /// File Name: |
dsa-1365-2.txt |
Description:
|
Debian Security Advisory 1365-2 - Nikolaus Schulz discovered that a programming error in id3lib, an ID3 Tag Library, may lead to denial of service through symlink attacks.
| | Homepage: | http://www.debian.org/security | | File Size: | 6202 | | Related CVE(s): | CVE-2007-4460 | | Last Modified: | Sep 10 17:23:31 2007 |
| MD5 Checksum: | 5453a4dda94a0136c9790e97a6f9ca29 |
|
| /// File Name: |
sa26763.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for x11-server. This fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/26763/ | | File Size: | 6127 | | Last Modified: | Sep 12 19:38:23 2007 |
| MD5 Checksum: | 8ae66b6feebdfd5f82040185e9ef7553 |
|
| /// File Name: |
sa26720.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for konqueror. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks.
| | Homepage: | http://secunia.com/advisories/26720/ | | File Size: | 6038 | | Last Modified: | Sep 7 19:03:37 2007 |
| MD5 Checksum: | 5de9f18b80f63af8c20eb2ea2c40d9a0 |
|
| /// File Name: |
sa26751.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for clamav. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26751/ | | File Size: | 5960 | | Last Modified: | Sep 10 17:30:03 2007 |
| MD5 Checksum: | d5c7e3a5392638ce9b972d4f6ad2de4f |
|
| /// File Name: |
USN-520-1.txt |
Description:
|
Ubuntu Security Notice 520-1 - Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions. As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user's authentication credentials. Earl Chew discovered that fetchmail can be made to de-reference a NULL pointer when contacting SMTP servers. This vulnerability can be used by attackers who control the SMTP server to crash fetchmail and cause a denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5925 | | Related CVE(s): | CVE-2007-1558, CVE-2007-4565 | | Last Modified: | Sep 26 13:55:06 2007 |
| MD5 Checksum: | 621ad48ba21f2b4e89798b6e8580294e |
|
| /// File Name: |
SSRT071449-1.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been reported with HP OpenVMS when running BIND version 9.2.1 or BIND version 9.3.1. The vulnerability could be exploited remotely to cause DNS cache poisoning.
| | Homepage: | http://www.hp.com/ | | File Size: | 5772 | | Related CVE(s): | CVE-2007-2926 | | Last Modified: | Sep 25 00:04:31 2007 |
| MD5 Checksum: | 901bf77484794fee766fc5d12df252d4 |
|
| /// File Name: |
SYMSA-2007-008.txt |
Description:
|
Symantec Vulnerability Research SYMSA-2007-008 - The Autodesk Backburner software remote job queueing tool allows users to submit jobs consisting of operating system commands that will be executed by the Backburner Manager service on the render server(s) without authentication.
| | Author: | Dave Hartley, Stephen Kapp | | Homepage: | http://www.symantec.com/research | | File Size: | 5707 | | Related CVE(s): | CVE-2007-4749 | | Last Modified: | Sep 12 19:58:27 2007 |
| MD5 Checksum: | 919e39e02e428d638c9c369dc819d0ef |
|
| /// File Name: |
SSRT071470.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP System Management Homepage (SMH) for Windows on systems which are also running HP Version Control Agent (VCA) or Version Control Repository Manager (VCRM). The vulnerability may result in the incomplete installation of OpenSSL updates, including security updates.
| | Homepage: | http://www.hp.com/ | | File Size: | 5695 | | Last Modified: | Sep 18 11:03:58 2007 |
| MD5 Checksum: | bc74213c1054d9be403617ea5e1a2903 |
|
| /// File Name: |
sa26917.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/26917/ | | File Size: | 5662 | | Last Modified: | Sep 26 22:37:08 2007 |
| MD5 Checksum: | 0b3b8fe21cc67ebaee24838d9f428992 |
|
| /// File Name: |
sa26919.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/26919/ | | File Size: | 5554 | | Last Modified: | Sep 25 18:33:28 2007 |
| MD5 Checksum: | 15218cef359fee40c9289cdca9bffdff |
|
| /// File Name: |
09.20.07-2.txt |
Description:
|
iDefense Security Advisory 09.20.07 - Remote exploitation of multiple buffer overflow vulnerabilities in Computer Associates Inc.'s ARCServe Backup for Laptops and Desktops allows attackers to execute arbitrary code with SYSTEM privileges. The LGServer contains multiple vulnerable functions that handle network requests, several of which contain more than one vulnerability. All together there are nearly 60 buffer overflows in the LGServer. The majority of these are the result of copying remotely supplied strings into fixed-size buffers without validating that enough space is available. iDefense has confirmed the existence of these vulnerabilities in ARCServe Backup for Laptops and Desktops version 11.1 (Build 900) for Windows. Other versions may also be affected.
| | Author: | Sean Larsson | | Homepage: | http://www.idefense.com/ | | File Size: | 5535 | | Related CVE(s): | CVE-2007-5003, CVE-2007-3216 | | Last Modified: | Sep 24 23:27:56 2007 |
| MD5 Checksum: | 10ef3a0a739a3463bf5bd9865ed1fb50 |
|
| /// File Name: |
USN-512-1.txt |
Description:
|
Ubuntu Security Notice 512-1 - It was discovered that Quagga did not correctly verify OPEN messages or COMMUNITY attributes sent from configured peers. Malicious authenticated remote peers could send a specially crafted message which would cause bgpd to abort, leading to a denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5532 | | Related CVE(s): | CVE-2007-4826 | | Last Modified: | Sep 18 12:48:01 2007 |
| MD5 Checksum: | bb78b35e012b55a3547156fbf63b2a4a |
|
| /// File Name: |
USN-514-1.txt |
Description:
|
Ubuntu Security Notice 514-1 - Aaron Plattner discovered that the Composite extension did not correctly calculate the size of buffers when copying between different bit depths. An authenticated user could exploit this to execute arbitrary code with root privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5470 | | Related CVE(s): | CVE-2007-4730 | | Last Modified: | Sep 19 12:02:48 2007 |
| MD5 Checksum: | f84d51fe5ebe137454c39b3057bbb210 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
