Section: .. / 0709-advisories /
| /// File Name: |
glsa-200709-16.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200709-16 - Mattias Bengtsson and Philip Olausson have discovered a buffer overflow vulnerability in the function fcgi_env_add() in the file mod_fastcgi.c when processing overly long HTTP headers. Versions less than 1.4.18 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2969 | | Related CVE(s): | CVE-2007-4727 | | Last Modified: | Sep 27 21:35:09 2007 |
| MD5 Checksum: | af386920d4c2d8806df005d9b44aca48 |
|
| /// File Name: |
sa26771.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Wordpress, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/26771/ | | File Size: | 2961 | | Last Modified: | Sep 12 19:38:23 2007 |
| MD5 Checksum: | df6a51ebbda5d047007e08418b4d82c0 |
|
| /// File Name: |
sa26843.txt |
Description:
|
Secunia Security Advisory - L4teral has discovered two vulnerabilities in Coppermine Photo Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/26843/ | | File Size: | 2951 | | Last Modified: | Sep 18 12:50:06 2007 |
| MD5 Checksum: | c7d3c425cf7ec3cd944b2262cd6a3db1 |
|
| /// File Name: |
sa26914.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in CA BrightStor Hierarchical Storage Manager, which can be exploited by malicious people to conduct SQL injection attacks, cause a DoS (Denial of Service), or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26914/ | | File Size: | 2937 | | Last Modified: | Sep 27 19:54:21 2007 |
| MD5 Checksum: | c6e016c87dd4ba262148aeacd4335268 |
|
| /// File Name: |
sa26847.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to poison the DNS cache.
| | Homepage: | http://secunia.com/advisories/26847/ | | File Size: | 2921 | | Last Modified: | Sep 18 10:57:18 2007 |
| MD5 Checksum: | a46b4dd2b010d49b9ea114064b187de1 |
|
| /// File Name: |
zen-overflow.txt |
Description:
|
Creative Zen Vision M MediaExplorer version 5.x suffers from a buffer overflow vulnerability.
| | Author: | TaMBarUS | | File Size: | 2918 | | Last Modified: | Sep 18 13:10:46 2007 |
| MD5 Checksum: | 45779845c98cc3cdddeabaecde676700 |
|
| /// File Name: |
sa26736.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in Husrev Forums, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/26736/ | | File Size: | 2907 | | Last Modified: | Sep 12 19:38:23 2007 |
| MD5 Checksum: | 4aab46238ab0e060a0d4ceea6c8881e6 |
|
| /// File Name: |
sa26685.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Claroline, which can be exploited by malicious people to conduct cross-site scripting or to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/26685/ | | File Size: | 2904 | | Last Modified: | Sep 4 22:20:04 2007 |
| MD5 Checksum: | 3dab21257c6e9490dc97df05f753c107 |
|
| /// File Name: |
sa26939.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for gimp. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26939/ | | File Size: | 2883 | | Last Modified: | Sep 26 22:37:08 2007 |
| MD5 Checksum: | 3bc56839eda4f2ee08f01b1e5da161ef |
|
| /// File Name: |
glsa-200709-12.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200709-12 - Poppler and Xpdf are vulnerable to an integer overflow in the StreamPredictor::StreamPredictor function, and a stack overflow in the StreamPredictor::getNextLine function. The original vulnerability was discovered by Maurycy Prodeus. Note: Gentoo's version of Xpdf is patched to use the Poppler library, so the update to Poppler will also fix Xpdf. Versions less than 0.5.4-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2854 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Sep 20 05:04:00 2007 |
| MD5 Checksum: | 4ba5f6def2b0f95aee10b243b6c4f937 |
|
| /// File Name: |
sa26927.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in NetSupport Manager, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/26927/ | | File Size: | 2851 | | Last Modified: | Sep 24 20:19:43 2007 |
| MD5 Checksum: | a6294d4fc47f3ab2bfedd53440303107 |
|
| /// File Name: |
sa26779.txt |
Description:
|
Secunia Security Advisory - shinnai has reported some vulnerabilities in Microsoft Visual Studio, which can be exploited by malicious people to overwrite arbitrary files or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26779/ | | File Size: | 2836 | | Last Modified: | Sep 18 10:57:18 2007 |
| MD5 Checksum: | 7d3d3dec734e652c1ae2aa7a9ce4bd95 |
|
| /// File Name: |
sa26772.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in MediaWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/26772/ | | File Size: | 2833 | | Last Modified: | Sep 11 18:19:30 2007 |
| MD5 Checksum: | 455232b9e3733a1c60c46861ac98846a |
|
| /// File Name: |
sa26664.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and gain escalated privileges, or by malicious people to cause a DoS.
| | Homepage: | http://secunia.com/advisories/26664/ | | File Size: | 2825 | | Last Modified: | Sep 5 19:40:40 2007 |
| MD5 Checksum: | fe1744c8d8bedb1e60579054af88b8e8 |
|
| /// File Name: |
sa26753.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows 2000, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26753/ | | File Size: | 2816 | | Last Modified: | Sep 11 18:19:30 2007 |
| MD5 Checksum: | 2d94636bf59e03617b176a4687139f25 |
|
| /// File Name: |
sa26840.txt |
Description:
|
Secunia Security Advisory - Raz0r has discovered some vulnerabilities in Shop-Script FREE, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26840/ | | File Size: | 2809 | | Last Modified: | Sep 18 12:50:06 2007 |
| MD5 Checksum: | b77caac432fb9fdb132b234aab5c7db0 |
|
| /// File Name: |
sa26669.txt |
Description:
|
Secunia Security Advisory - IBM has acknowledged some vulnerabilities in Tivoli Compliance Insight Manager (TCIM), some of which have unknown impacts, while others can be exploited to bypass certain security restrictions, gain knowledge of sensitive information, gain escalated privileges, cause a DoS (Denial of Service), conduct cross-site scripting and SQL injection attacks, or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26669/ | | File Size: | 2795 | | Last Modified: | Sep 12 19:38:23 2007 |
| MD5 Checksum: | 018a1f227d763c892f99ee48b92001fb |
|
| /// File Name: |
sa26875.txt |
Description:
|
Secunia Security Advisory - nexen has discovered two vulnerabilities in the Styles Demo module for phpBB, which can be exploited by malicious people to conduct cross-site scripting attacks and SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/26875/ | | File Size: | 2795 | | Last Modified: | Sep 20 04:11:10 2007 |
| MD5 Checksum: | 29ced18faf5cb983bf6cd7298d075484 |
|
| /// File Name: |
sa26701.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for vavoom. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26701/ | | File Size: | 2791 | | Last Modified: | Sep 7 02:01:27 2007 |
| MD5 Checksum: | 24a54e77e76a87eb7f5a34f217493690 |
|
| /// File Name: |
ZDI-07-052.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of MIT Kerberos. Authentication is not required to exploit this vulnerability. The specific flaw exists in the svcauth_gss_validate() function. By sending a large authentication context over RPC, a stack based buffer overflow occurs, resulting in a situation allowing for remote code execution.
| | Author: | Tenable Network Security | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2784 | | Related CVE(s): | CVE-2007-3999 | | Last Modified: | Sep 13 19:43:28 2007 |
| MD5 Checksum: | 7d48e9a8d7cb0943a3f5dc770d93c13f |
|
| /// File Name: |
sa26659.txt |
Description:
|
Secunia Security Advisory - Will Dormann has reported some vulnerabilities in Intuit QuickBooks Online Edition ActiveX control, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26659/ | | File Size: | 2781 | | Last Modified: | Sep 5 19:40:40 2007 |
| MD5 Checksum: | c68a6f76e58fa74dfeb1d7925e999180 |
|
| /// File Name: |
sa26776.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for samba. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/26776/ | | File Size: | 2777 | | Last Modified: | Sep 13 19:17:05 2007 |
| MD5 Checksum: | c48e204cee65e0adf5e8adde328541cd |
|
| /// File Name: |
sa26528.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged a security issue in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26528/ | | File Size: | 2775 | | Last Modified: | Sep 4 22:20:04 2007 |
| MD5 Checksum: | 401b4637ad290f62767db17063d44f4d |
|
| /// File Name: |
sa26674.txt |
Description:
|
Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26674/ | | File Size: | 2774 | | Last Modified: | Sep 4 22:20:04 2007 |
| MD5 Checksum: | 9e9bb83c44bad8e4e7d5af5c3c099b7b |
|
| /// File Name: |
sa26752.txt |
Description:
|
Secunia Security Advisory - k1tk4t has discovered some vulnerabilities in TLM CMS, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/26752/ | | File Size: | 2772 | | Last Modified: | Sep 12 19:38:23 2007 |
| MD5 Checksum: | 99157dcc9e22f72bfed1813768a4958b |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
