Section: .. / 0804-advisories /
| /// File Name: |
sa30012.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for iceape. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/30012/ | | File Size: | 16109 | | Last Modified: | Apr 29 19:20:27 2008 |
| MD5 Checksum: | fde52baf453024d9cd8fb877a2d0bf84 |
|
| /// File Name: |
sa29886.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29886/ | | File Size: | 14485 | | Last Modified: | Apr 28 10:37:56 2008 |
| MD5 Checksum: | 2fda1c3fc2b89d394c5f1d44d8e63d61 |
|
| /// File Name: |
dsa-1539-1.txt |
Description:
|
Debian Security Advisory 1539-1 - Chris Schmidt and Daniel Morissette discovered two vulnerabilities in mapserver, a development environment for spatial and mapping applications. Lack of input sanitizing and output escaping in the CGI mapserver's template handling and error reporting routines leads to cross-site scripting vulnerabilities. Missing bounds checking in mapserver's template handling leads to a stack-based buffer overrun vulnerability, allowing a remote attacker to execute arbitrary code with the privileges of the CGI or httpd user.
| | Homepage: | http://www.debian.org/security | | File Size: | 13952 | | Related CVE(s): | CVE-2007-4542, CVE-2007-4629 | | Last Modified: | Apr 4 20:12:14 2008 |
| MD5 Checksum: | 2447663616ac764bd4c71d920e8e0627 |
|
| /// File Name: |
dsa-1556-2.txt |
Description:
|
Debian Security Advisory 1556-2 - An editorial mistake resulted in DSA-1556-1 not correctly applying the required change, making it ineffective. This DSA has been reissued as DSA-1556-2. It has been discovered that the Perl interpreter may encounter a buffer overflow condition when compiling certain regular expressions containing Unicode characters. This also happens if the offending characters are contained in a variable reference protected by the \Q...\E quoting construct. When encountering this condition, the Perl interpreter typically crashes, but arbitrary code execution cannot be ruled out.
| | Homepage: | http://www.debian.org/security | | File Size: | 13470 | | Related CVE(s): | CVE-2008-1927 | | Last Modified: | Apr 28 11:06:46 2008 |
| MD5 Checksum: | d385186a4b6ec37e19b30adc4b31b87b |
|
| /// File Name: |
sa29896.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for gnumeric. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29896/ | | File Size: | 13316 | | Last Modified: | Apr 28 10:37:56 2008 |
| MD5 Checksum: | 2d7bfda16fe1548a0742ae95d28ce0d2 |
|
| /// File Name: |
dsa-1556-1.txt |
Description:
|
Debian Security Advisory 1556-1 - It has been discovered that the Perl interpreter may encounter a buffer overflow condition when compiling certain regular expressions containing Unicode characters. This also happens if the offending characters are contained in a variable reference protected by the \Q...\E quoting construct. When encountering this condition, the Perl interpreter typically crashes, but arbitrary code execution cannot be ruled out.
| | Homepage: | http://www.debian.org/security | | File Size: | 13238 | | Related CVE(s): | CVE-2008-1927 | | Last Modified: | Apr 24 16:44:35 2008 |
| MD5 Checksum: | 301dc75bc63005c52eccfcb3ffbdb515 |
|
| /// File Name: |
USN-604-1.txt |
Description:
|
Ubuntu Security Notice 604-1 - Thilo Pfennig and Morten Welinder discovered that the XLS spreadsheet handling code in Gnumeric did not correctly calculate needed memory sizes. If a user or automated system were tricked into loading a specially crafted XLS document, a remote attacker could execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 13084 | | Related CVE(s): | CVE-2008-0668 | | Last Modified: | Apr 22 21:28:45 2008 |
| MD5 Checksum: | 42e2b1ba8c58127eda73c4a02607ef25 |
|
| /// File Name: |
dsa-1540-1.txt |
Description:
|
Debian Security Advisory 1540-1 - It was discovered that lighttpd, a fast webserver with minimal memory footprint, did not correctly handle SSL errors. This could allow a remote attacker to disconnect all active SSL connections.
| | Homepage: | http://www.debian.org/security | | File Size: | 13040 | | Related CVE(s): | CVE-2008-1531 | | Last Modified: | Apr 8 01:31:28 2008 |
| MD5 Checksum: | f8fac331687637375cb06cec297e82f8 |
|
| /// File Name: |
sa29582.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for Sun Java. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), to bypass certain security restrictions, or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29582/ | | File Size: | 12908 | | Last Modified: | Apr 4 16:56:23 2008 |
| MD5 Checksum: | 51643c8e08b9a0bb636ce0c2bf453184 |
|
| /// File Name: |
dsa-1542-1.txt |
Description:
|
Debian Security Advisory 1542-1 - Peter Valchev (Google Security) discovered a series of integer overflow weaknesses in Cairo, a vector graphics rendering library used by many other applications. If an application uses cairo to render a maliciously-crafted PNG image, the vulnerability allows the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 12772 | | Related CVE(s): | CVE-2007-5503 | | Last Modified: | Apr 10 10:12:48 2008 |
| MD5 Checksum: | 2fe7514d32330d4652a01caf2edba8f8 |
|
| /// File Name: |
sa29688.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mapserver. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29688/ | | File Size: | 12766 | | Last Modified: | Apr 7 22:57:36 2008 |
| MD5 Checksum: | 4b6034d2bef9774f24f6a4916936ffe3 |
|
| /// File Name: |
sa29601.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xine-lib. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29601/ | | File Size: | 12636 | | Last Modified: | Apr 1 22:02:54 2008 |
| MD5 Checksum: | 48c75f5d161693bfd01b0e3be5bb50a5 |
|
| /// File Name: |
sa29505.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for lighttpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/29505/ | | File Size: | 12453 | | Last Modified: | Apr 8 22:48:15 2008 |
| MD5 Checksum: | 74a4d25e9f7acb8afed60bef8892c57c |
|
| /// File Name: |
cisco-sa-20080403-drf.txt |
Description:
|
Cisco Security Advisory - Several products in the Cisco Unified Communications family of products contain a command execution vulnerability in the Disaster Recovery Framework (DRF) feature. A remote, unauthenticated user could exploit this vulnerability to execute arbitrary commands that may allow full administrative access to affected systems. There is a workaround for this vulnerability.
| | Homepage: | http://www.cisco.com/ | | File Size: | 12435 | | Related CVE(s): | CVE-2008-1154 | | Last Modified: | Apr 4 17:56:55 2008 |
| MD5 Checksum: | 9d04ddfdd8879fbb50747c67c1fb4a86 |
|
| /// File Name: |
cisco-sa-20080416-nac.txt |
Description:
|
Cisco Security Advisory - A vulnerability exists in the Cisco Network Admission Control (NAC) Appliance that can allow an attacker to obtain the shared secret that is used between the Cisco Clean Access Server (CAS) and the Cisco Clean Access Manager (CAM).
| | Homepage: | http://www.cisco.com/ | | File Size: | 12378 | | Related CVE(s): | CVE-2008-1155 | | Last Modified: | Apr 16 17:53:33 2008 |
| MD5 Checksum: | f0a4beb6ab4ff7f5a8cf2431ee424f93 |
|
| /// File Name: |
sa29813.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/29813/ | | File Size: | 12359 | | Last Modified: | Apr 15 19:22:47 2008 |
| MD5 Checksum: | 2a99fb796cb8fe8ff941d964c333b5d4 |
|
| /// File Name: |
sa29948.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29948/ | | File Size: | 12202 | | Last Modified: | Apr 28 10:37:56 2008 |
| MD5 Checksum: | 062c529ea7b70eb7b7fbb7f05a4dd513 |
|
| /// File Name: |
sa29767.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for libcairo. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/29767/ | | File Size: | 12129 | | Last Modified: | Apr 10 18:15:45 2008 |
| MD5 Checksum: | dcc0387a491492bf280a05561b354238 |
|
| /// File Name: |
USN-601-1.txt |
Description:
|
Ubuntu Security Notice 601-1 - It was discovered that Squid did not perform proper bounds checking when processing cache update replies. A remote authenticated user may be able to trigger an assertion error and cause a denial of service. This vulnerability is due to an incorrect fix for CVE-2007-6239.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 12069 | | Related CVE(s): | CVE-2007-6239, CVE-2008-1612 | | Last Modified: | Apr 14 19:00:09 2008 |
| MD5 Checksum: | 1aa71f11f950e52824311ffca966e3ae |
|
| /// File Name: |
MDVSA-2008-090.txt |
Description:
|
Mandriva Linux Security Advisory - A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or potentially execute arbitrary code if the malicious EMF image was added to a document or if a document containing such an EMF file was opened. A heap overflow was discovered in the OLE Structured Storage file parser, a format used by Microsoft Office documents. An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or potentially execute arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 12042 | | Related CVE(s): | CVE-2007-5746, CVE-2008-0320 | | Last Modified: | Apr 21 18:28:49 2008 |
| MD5 Checksum: | e7db4216804e0067e84bf3c32ba3e8ab |
|
| /// File Name: |
sa29640.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for apache and apache2. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and malicious users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/29640/ | | File Size: | 11204 | | Last Modified: | Apr 7 22:57:36 2008 |
| MD5 Checksum: | 809ff59a083bef4cc57a42241a2109f1 |
|
| /// File Name: |
dsa-1540-2.txt |
Description:
|
Debian Security Advisory 1540-2 - It was discovered that lighttpd, a fast webserver with minimal memory footprint, did not correctly handle SSL errors. This could allow a remote attacker to disconnect all active SSL connections. This security update fixes a regression in the previous one, which caused SSL failures.
| | Homepage: | http://www.debian.org/security | | File Size: | 11091 | | Related CVE(s): | CVE-2008-1531 | | Last Modified: | Apr 15 22:03:04 2008 |
| MD5 Checksum: | 092f75b80afc4f0cec9c33d9c65b5be9 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
