Section: .. / 0804-advisories /
| /// File Name: |
MDVSA-2008-092.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library. The speex plugin in the gstreamer-plugins-good package is similarly affected by this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6372 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | Apr 29 20:24:03 2008 |
| MD5 Checksum: | a7927b2bc291db5b5346c884eaa8ee12 |
|
| /// File Name: |
MDVSA-2008-093.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library. The ogg123 application in vorbis-tools is similarly affected by this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3524 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | Apr 29 20:24:49 2008 |
| MD5 Checksum: | c6dba30f19bdce266467d0eb81876aeb |
|
| /// File Name: |
MDVSA-2008-094.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6360 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | Apr 29 20:25:28 2008 |
| MD5 Checksum: | c3058a0c68a5329507b9199eb2357374 |
|
| /// File Name: |
msswi-blog.txt |
Description:
|
It appears that Microsoft may have incorrectly stated a few things regarding MS08-020 on their blog and are reluctant to fix it.
| | Author: | Amit Klein | | Homepage: | http://www.trusteer.com/ | | File Size: | 10370 | | Last Modified: | Apr 28 18:33:57 2008 |
| MD5 Checksum: | 5e1a39dbeaa19feb74181d88d9a056be |
|
| /// File Name: |
NDSA20080215.txt |
Description:
|
Nth Dimension Security Advisory (NDSA20080215) - The Festival server is vulnerable to unauthenticated remote code execution. Further research indicates that this vulnerability has already been reported as a local privilege escalation against both the Gentoo and SuSE GNU/Linux distributions. The remote form of this vulnerability was identified in 1.96~beta-5 as distributed in Debian unstable but it is also believed that Ubuntu Hardy Heron was affected.
| | Author: | Tim Brown | | Homepage: | http://www.nth-dimension.org.uk/ | | File Size: | 3589 | | Last Modified: | Apr 4 20:02:03 2008 |
| MD5 Checksum: | 8491b07e54d530655b227b344f7bff1a |
|
| /// File Name: |
NGS-SNMPc.txt |
Description:
|
Wade Alcorn and John Heasman of NGSSoftware have discovered a stack overflow vulnerability in Castle Rock Computing SNMPc Network Manager. Versions 7.1 and below are affected.
| | Author: | Wade Alcorn, John Heasman | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 2649 | | Last Modified: | Apr 30 20:40:56 2008 |
| MD5 Checksum: | 16818ba4cc13453bab9e6d7c99b36067 |
|
| /// File Name: |
oCERT-2008-003.txt |
Description:
|
Applications using libpng that install unknown chunk handlers, or copy unknown chunks, may be vulnerable to a security issue which may result in incorrect output, information leaks, crashes, or arbitrary code execution. The libpng project indicates libpng-1.0.6 through 1.0.32, libpng-1.2.0 through 1.2.26, and libpng-1.4.0beta01 through libpng-1.4.0beta19 built with PNG_READ_UNKNOWN_CHUNKS_SUPPORTED or PNG_READ_USER_CHUNKS_SUPPORTED (default configuration) are affected.
| | Author: | Tavis Ormandy | | Homepage: | http://www.ocert.org/ | | File Size: | 1703 | | Related CVE(s): | CVE-2008-1382 | | Last Modified: | Apr 14 16:39:05 2008 |
| MD5 Checksum: | 95c71dc1fb7cff1e7190e752ae50d625 |
|
| /// File Name: |
oCERT-2008-004.txt |
Description:
|
The reference speex decoder from the Speex library performs insufficient boundary checks on a header structure read from user input, this has been reported in oCERT-2008-002 advisory. Further investigation showed that several packages include similar code and are therefore vulnerable.
| | Author: | Andrea Barisani | | Homepage: | http://www.ocert.org/ | | File Size: | 2793 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | Apr 17 12:58:01 2008 |
| MD5 Checksum: | 51e341fb5d9d1dddb0849ae4adcf0490 |
|
| /// File Name: |
openmosix-overflow.txt |
Description:
|
The openMosix userspace library suffers from a stack based buffer overflow.
| | Author: | Jose Carlos Norte | | File Size: | 780 | | Last Modified: | Apr 8 00:28:33 2008 |
| MD5 Checksum: | 50f104cfaa6fc4605179eab3512b94ff |
|
| /// File Name: |
sa27477.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27477/ | | File Size: | 2703 | | Last Modified: | Apr 10 10:08:38 2008 |
| MD5 Checksum: | 4e3fae24c75a2423b86f37c5c922629a |
|
| /// File Name: |
sa27567.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or to potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27567/ | | File Size: | 2393 | | Last Modified: | Apr 10 10:08:38 2008 |
| MD5 Checksum: | a31a70f459abd25c0cf5610741e6b480 |
|
| /// File Name: |
sa27707.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27707/ | | File Size: | 5268 | | Last Modified: | Apr 8 22:22:39 2008 |
| MD5 Checksum: | b19dedcb71b3e9aed618bfbc7d9cf101 |
|
| /// File Name: |
sa27763.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Symantec Mail Security for Domino and Symantec Mail Security for Exchange, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27763/ | | File Size: | 2789 | | Last Modified: | Apr 8 22:22:39 2008 |
| MD5 Checksum: | 5a5296c2a963690f18ca5ceb6c06f77e |
|
| /// File Name: |
sa28083.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or to potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28083/ | | File Size: | 4631 | | Last Modified: | Apr 10 10:08:38 2008 |
| MD5 Checksum: | 2498d04b1ac336c9c6868dcbeb983986 |
|
| /// File Name: |
sa28140.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in activePDF DocConverter, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28140/ | | File Size: | 2576 | | Last Modified: | Apr 8 22:22:39 2008 |
| MD5 Checksum: | a42daee4a3b6e96d747ef35a80dd0f4f |
|
| /// File Name: |
sa28209.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28209/ | | File Size: | 5568 | | Last Modified: | Apr 8 22:22:39 2008 |
| MD5 Checksum: | daee12fef5dbebb1de40e54a4e182ebd |
|
| /// File Name: |
sa28210.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28210/ | | File Size: | 2721 | | Last Modified: | Apr 8 22:22:39 2008 |
| MD5 Checksum: | 8b6cf2e96893fe9fb1198353b9e4e8b7 |
|
| /// File Name: |
sa29000.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in ClamAV, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29000/ | | File Size: | 2688 | | Last Modified: | Apr 15 13:23:16 2008 |
| MD5 Checksum: | bf94b9f00de33b30cac463fde82c201a |
|
| /// File Name: |
sa29091.txt |
Description:
|
Secunia Security Advisory - Joren McReynolds has discovered some vulnerabilities in Akiva WebBoard, which can be exploited by malicious users to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/29091/ | | File Size: | 2585 | | Last Modified: | Apr 28 10:37:56 2008 |
| MD5 Checksum: | 4a5194233b03e268cb0a351bb95ad28d |
|
| /// File Name: |
sa29324.txt |
Description:
|
Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in LANDesk Management Suite, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/29324/ | | File Size: | 2597 | | Last Modified: | Apr 1 22:02:54 2008 |
| MD5 Checksum: | 7bf59f3fb18faba10dc43497d587c019 |
|
| /// File Name: |
sa29342.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Symantec Mail Security for SMTP, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29342/ | | File Size: | 2699 | | Last Modified: | Apr 8 22:22:39 2008 |
| MD5 Checksum: | d83c438928ede12e3fe5982c3b3482e9 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
