Section: .. / 0804-advisories /
| /// File Name: |
sa29888.txt |
Description:
|
Secunia Security Advisory - Russ McRee has reported a vulnerability in ContRay, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/29888/ | | File Size: | 2366 | | Last Modified: | Apr 23 12:34:36 2008 |
| MD5 Checksum: | 4ad163037a55bbf4ea579c87abadc0b6 |
|
| /// File Name: |
sa29899.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in grsecurity, which can be exploited by malicious, local users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/29899/ | | File Size: | 2576 | | Last Modified: | Apr 23 12:34:36 2008 |
| MD5 Checksum: | f9831d20b49dc1a0fe7e7f7c2cc7b9fd |
|
| /// File Name: |
AST-2008-006.txt |
Description:
|
Asterisk Project Security Advisory - Javantea found multiple security issues in IAX2 including an incomplete 3-way handshake.
| | Author: | Javantea | | Homepage: | http://www.asterisk.org/security | | File Size: | 10837 | | Related CVE(s): | CVE-2008-1897 | | Last Modified: | Apr 22 21:41:02 2008 |
| MD5 Checksum: | 1784691eda57201cf6362b96624b5595 |
|
| /// File Name: |
dsa-1554-1.txt |
Description:
|
Debian Security Advisory 1554-1 - Roundup, an issue tracking system, fails to properly escape HTML input, allowing an attacker to inject client-side code (typically JavaScript) into a document that may be viewed in the victim's browser.
| | Homepage: | http://www.debian.org/security | | File Size: | 2870 | | Related CVE(s): | CVE-2008-1474 | | Last Modified: | Apr 22 21:38:46 2008 |
| MD5 Checksum: | 6b2b7779f8f672b281cfeb13dd219e04 |
|
| /// File Name: |
USN-602-1.txt |
Description:
|
Ubuntu Security Notice 602-1 - Flaws were discovered in Firefox which could lead to crashes during JavaScript garbage collection. If a user were tricked into opening a malicious web page, an attacker may be able to crash the browser or possibly execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 28998 | | Related CVE(s): | CVE-2008-1380 | | Last Modified: | Apr 22 21:29:24 2008 |
| MD5 Checksum: | 21e097647ae14be9643afff299913525 |
|
| /// File Name: |
USN-604-1.txt |
Description:
|
Ubuntu Security Notice 604-1 - Thilo Pfennig and Morten Welinder discovered that the XLS spreadsheet handling code in Gnumeric did not correctly calculate needed memory sizes. If a user or automated system were tricked into loading a specially crafted XLS document, a remote attacker could execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 13084 | | Related CVE(s): | CVE-2008-0668 | | Last Modified: | Apr 22 21:28:45 2008 |
| MD5 Checksum: | 42e2b1ba8c58127eda73c4a02607ef25 |
|
| /// File Name: |
MDVSA-2008-090.txt |
Description:
|
Mandriva Linux Security Advisory - A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or potentially execute arbitrary code if the malicious EMF image was added to a document or if a document containing such an EMF file was opened. A heap overflow was discovered in the OLE Structured Storage file parser, a format used by Microsoft Office documents. An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or potentially execute arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 12042 | | Related CVE(s): | CVE-2007-5746, CVE-2008-0320 | | Last Modified: | Apr 21 18:28:49 2008 |
| MD5 Checksum: | e7db4216804e0067e84bf3c32ba3e8ab |
|
| /// File Name: |
dsa-1553-1.txt |
Description:
|
Debian Security Advisory 1553-1 - It has been discovered that ikiwiki, a Wiki implementation, does not guard password and content changes against cross-site request forgery (CSRF) attacks.
| | Homepage: | http://www.debian.org/security | | File Size: | 2907 | | Related CVE(s): | CVE-2008-0165 | | Last Modified: | Apr 21 16:29:58 2008 |
| MD5 Checksum: | 40145921dada82148fce1f0b2786e383 |
|
| /// File Name: |
dsa-1552-1.txt |
Description:
|
Debian Security Advisory 1552-1 - It was discovered that the MPlayer movie player performs insufficient input sanitising on SDP session data, leading to potential execution of arbitrary code through a malformed multimedia stream.
| | Homepage: | http://www.debian.org/security | | File Size: | 4819 | | Related CVE(s): | CVE-2008-1558 | | Last Modified: | Apr 21 16:29:21 2008 |
| MD5 Checksum: | 61e35e32377c68a3a4e5e395f60218c1 |
|
| /// File Name: |
gwh-csrf.txt |
Description:
|
It appears that Google Web History is susceptible to an attack along the lines of cross site request forgery.
| | Author: | Alexander Konovalenko | | File Size: | 1565 | | Last Modified: | Apr 21 16:13:03 2008 |
| MD5 Checksum: | e587fcdc388c939153ad9998c5f2f0e4 |
|
| /// File Name: |
glsa-200804-24.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200804-24 - A vulnerability in DBMail's authldap module when used in conjunction with an Active Directory server has been reported by vugluskr. When passing a zero length password to the module, it tries to bind anonymously to the LDAP server. If the LDAP server allows anonymous binds, this bind succeeds and results in a successful authentication to DBMail. Versions less than 2.2.9 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2755 | | Related CVE(s): | CVE-2007-6714 | | Last Modified: | Apr 18 20:46:17 2008 |
| MD5 Checksum: | 2edb54c08de10fad088f964f33d07e1a |
|
| /// File Name: |
glsa-200804-23.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200804-23 - Thomas Pollet reported a possible integer overflow vulnerability in the PNG image handling in the file filter/image-png.c. Versions less than 1.2.12-r8 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2649 | | Related CVE(s): | CVE-2008-1722 | | Last Modified: | Apr 18 20:46:10 2008 |
| MD5 Checksum: | f5a253ce5790652bd643d860e18a7cf8 |
|
| /// File Name: |
sa29851.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for KOffice. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29851/ | | File Size: | 45514 | | Last Modified: | Apr 18 20:45:59 2008 |
| MD5 Checksum: | 1dd4b2f33a0bd0890889b807d7433fa5 |
|
| /// File Name: |
sa29869.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for poppler. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29869/ | | File Size: | 2448 | | Last Modified: | Apr 18 20:45:59 2008 |
| MD5 Checksum: | 3a540719b51b8dd0f8f093e811714411 |
|
| /// File Name: |
sa29884.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for poppler. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29884/ | | File Size: | 24798 | | Last Modified: | Apr 18 20:45:59 2008 |
| MD5 Checksum: | 8918bfb86e79ea4da0eb5efc454241a9 |
|
| /// File Name: |
sa29816.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Xpdf, which can potentially be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29816/ | | File Size: | 2362 | | Last Modified: | Apr 18 17:44:18 2008 |
| MD5 Checksum: | a8fec30f6f8869676703ec93988a2cce |
|
| /// File Name: |
sa29836.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Poppler, which can potentially be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29836/ | | File Size: | 2269 | | Last Modified: | Apr 18 17:44:18 2008 |
| MD5 Checksum: | ce186e771651ddf873dd7a43418eb2df |
|
| /// File Name: |
filezilla-disclose.txt |
Description:
|
Filezilla versions 3.0.9.2 and below allow local users access to all saved passwords due to the fact that they are stored in plain text in sitemanager.xml.
| | Author: | Carl Hardwick | | File Size: | 732 | | Last Modified: | Apr 18 17:09:36 2008 |
| MD5 Checksum: | c22854541cbb97ff330a427d51f9210e |
|
| /// File Name: |
sa29857.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for ImageMagick. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29857/ | | File Size: | 2747 | | Last Modified: | Apr 18 17:07:23 2008 |
| MD5 Checksum: | d78cea02775e027bd8018c1800a43950 |
|
| /// File Name: |
sa29878.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in VLC, which can potentially be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29878/ | | File Size: | 2434 | | Last Modified: | Apr 18 17:07:23 2008 |
| MD5 Checksum: | e6004bcb4191f3e7355ea2e8828fc94c |
|
| /// File Name: |
sa29786.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for ImageMagick. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29786/ | | File Size: | 3108 | | Last Modified: | Apr 18 17:05:03 2008 |
| MD5 Checksum: | 59a648c7b3a4514396b88505204358a0 |
|
| /// File Name: |
sa29875.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been discovered in Exponent CMS, which can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/29875/ | | File Size: | 2748 | | Last Modified: | Apr 18 17:03:36 2008 |
| MD5 Checksum: | ebe52978518a88d943339554b2392d16 |
|
| /// File Name: |
ibmdb2-exec.txt |
Description:
|
Team SHATTER Security Advisory - IBM DB2 UDB suffers from an arbitrary code execution vulnerability in the ADMIN_SP_C/ADMIN_SP_C2 procedures.
| | Author: | Martin Rakhmanov | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2125 | | Last Modified: | Apr 18 14:41:46 2008 |
| MD5 Checksum: | de94e730f8daddae561a8998a10bbfd2 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
