Section: .. / 0805-advisories /
| /// File Name: |
cisco-sa-20080521-ssh.txt |
Description:
|
Cisco Security Advisory - The Secure Shell server (SSH) implementation in Cisco IOS contains multiple vulnerabilities that allow unauthenticated users the ability to generate a spurious memory access error or, in certain cases, reload the device. The IOS SSH server is an optional service that is disabled by default, but its use is highly recommended as a security best practice for management of Cisco IOS devices. SSH can be configured as part of the AutoSecure feature in the initial configuration of IOS devices, AutoSecure run after initial configuration, or manually. Devices that are not configured to accept SSH connections are not affected by these vulnerabilities.
| | Homepage: | http://www.cisco.com/ | | File Size: | 25352 | | Related CVE(s): | CVE-2008-1159 | | Last Modified: | May 22 01:27:05 2008 |
| MD5 Checksum: | 3063102a29fafb554148bce2f727f0f5 |
|
| /// File Name: |
cisco-sa-20080528-cw.txt |
Description:
|
Cisco Security Advisory - CiscoWorks Common Services contains a vulnerability that could allow a remote attacker to execute arbitrary code.
| | Homepage: | http://www.cisco.com/ | | File Size: | 15579 | | Related CVE(s): | CVE-2008-2054 | | Last Modified: | May 28 20:15:11 2008 |
| MD5 Checksum: | 38d6cc8fd58abffd052e1dab7fab0d7d |
|
| /// File Name: |
cod4statz.txt |
Description:
|
Call of Duty 4: Modern Warfare versions 1.5 and below are susceptible to a denial of service vulnerability.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | cod4statz.zip | | File Size: | 4044 | | Last Modified: | May 2 16:39:52 2008 |
| MD5 Checksum: | e1f594ee499ddd8246fbc815033fbe6c |
|
| /// File Name: |
CORE-2008-0129.txt |
Description:
|
Core Security Technologies Advisory - A vulnerability was found in Wonderware SuiteLink Service ('slssvc.exe') that could allow an un-authenticated remote attacker with the ability to connect to the SuiteLink service TCP port to shutdown the service abnormally by sending a malformed packet. Exploitation of the vulnerability for remote code execution has not been proven, but it has not been eliminated as a potential scenario.
| | Author: | Sebastian Muniz | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 17419 | | Related CVE(s): | CVE-2008-2005 | | Last Modified: | May 6 16:21:55 2008 |
| MD5 Checksum: | cbba5446dc9d1e16b74a4f9c8d3500c9 |
|
| /// File Name: |
CORE-2008-0415.txt |
Description:
|
Core Security Technologies Advisory - The Borland Interbase 2007 database server is vulnerable to an integer overflow when a malformed packet is sent to the default TCP port 3050. The integer overflow can cause a stack overflow, which allows arbitrary code execution with system privileges. Service pack 2 (0.1.0.256) on Solaris and Windows are both vulnerable.
| | Author: | Sebastian Muniz | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 11715 | | Related CVE(s): | CVE-2008-0467 | | Last Modified: | May 20 19:18:22 2008 |
| MD5 Checksum: | 93959d28c78b97cac7689bb78abbd0c8 |
|
| /// File Name: |
dsa-1554-2.txt |
Description:
|
Debian Security Advisory 1554-2 - Roundup, an issue tracking system, fails to properly escape HTML input, allowing an attacker to inject client-side code (typically JavaScript) into a document that may be viewed in the victim's browser.
| | Homepage: | http://www.debian.org/security | | File Size: | 3142 | | Related CVE(s): | CVE-2008-1474 | | Last Modified: | May 6 16:40:22 2008 |
| MD5 Checksum: | 23546650cebe54b7719fbd4c9d712eed |
|
| /// File Name: |
dsa-1564-1.txt |
Description:
|
Debian Security Advisory 1564-1 - Several remote vulnerabilities have been discovered in wordpress, a weblog manager. Multiple cross-site scripting vulnerabilities allowed remote authenticated administrators to inject arbitrary web script or HTML. SQL injection vulnerability allowed allowed remote authenticated administrators to execute arbitrary SQL commands. WordPress allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data. Insufficient input sanitising caused an attacker with a normal user account to access the administrative interface.
| | Homepage: | http://www.debian.org/security | | File Size: | 3992 | | Related CVE(s): | CVE-2007-3639, CVE-2007-4153, CVE-2007-4154, CVE-2007-0540 | | Last Modified: | May 1 18:32:00 2008 |
| MD5 Checksum: | c02afb1d586036ee19f75990816839c2 |
|
| /// File Name: |
dsa-1565-1.txt |
Description:
|
Debian Security Advisory 1565-1 - Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. Cyrill Gorcunov reported a NULL pointer dereference in code specific to the CHRP PowerPC platforms. Local users could exploit this issue to achieve a Denial of Service (DoS). Nick Piggin of SuSE discovered a number of issues in subsystems which register a fault handler for memory mapped areas. This issue can be exploited by local users to achieve a Denial of Service (DoS) and possibly execute arbitrary code. David Peer discovered that users could escape administrator imposed cpu time limitations (RLIMIT_CPU) by setting a limit of 0. Alexander Viro discovered a race condition in the directory notification subsystem that allows local users to cause a Denial of Service (oops) and possibly result in an escalation of privileges.
| | Homepage: | http://www.debian.org/security | | File Size: | 37278 | | Related CVE(s): | CVE-2007-6694, CVE-2008-0007, CVE-2008-1294, CVE-2008-1375 | | Last Modified: | May 1 18:34:19 2008 |
| MD5 Checksum: | ae6543607f059d419bb854fa3f84d205 |
|
| /// File Name: |
dsa-1566-1.txt |
Description:
|
Debian Security Advisory 1566-1 - Dmitry Levin discovered a vulnerability in path handling code used by the cpio archive utility. The weakness could enable a denial of service (crash) or potentially the execution of arbitrary code if a vulnerable version of cpio is used to extract or to list the contents of a maliciously crafted archive.
| | Homepage: | http://www.debian.org/security | | File Size: | 4745 | | Related CVE(s): | CVE-2007-4476 | | Last Modified: | May 2 15:28:57 2008 |
| MD5 Checksum: | 476ba261ed8d427273e76818858d57c5 |
|
| /// File Name: |
dsa-1567-1.txt |
Description:
|
Debian Security Advisory 1567-1 - Stefan Cornelius discovered a vulnerability in the Radiance High Dynamic Range (HDR) image parser in Blender, a 3D modelling application. The weakness could enable a stack-based buffer overflow and the execution of arbitrary code if a maliciously-crafted HDR file is opened, or if a directory containing such a file is browsed via Blender's image-open dialog.
| | Homepage: | http://www.debian.org/security | | File Size: | 5193 | | Related CVE(s): | CVE-2008-1102 | | Last Modified: | May 5 14:20:24 2008 |
| MD5 Checksum: | 17e02085dd445b7a2b13941066ee38c4 |
|
| /// File Name: |
dsa-1568-1.txt |
Description:
|
Debian Security Advisory 1568-1 - "unsticky" discovered that b2evolution, a blog engine, performs insufficient input sanitising, allowing for cross site scripting.
| | Homepage: | http://www.debian.org/security | | File Size: | 3120 | | Related CVE(s): | CVE-2007-0175 | | Last Modified: | May 5 14:20:54 2008 |
| MD5 Checksum: | f9e73cec816de809b3aa14a1a0c1a5ce |
|
| /// File Name: |
dsa-1569-1.txt |
Description:
|
Debian Security Advisory 1569-1 - It was discovered that Cacti, a systems and services monitoring frontend, performed insufficient input sanitizing, leading to cross site scripting and SQL injection being possible.
| | Homepage: | http://www.debian.org/security | | File Size: | 3076 | | Related CVE(s): | CVE-2008-0783, CVE-2008-0785 | | Last Modified: | May 5 14:21:38 2008 |
| MD5 Checksum: | 7e570d1ee38f5fd86083687cc05921e8 |
|
| /// File Name: |
dsa-1569-2.txt |
Description:
|
Debian Security Advisory 1569-2 - The original update for cacti unfortunately introduced a regression. Updated packages have been created to address this. It was discovered that Cacti, a systems and services monitoring frontend, performed insufficient input sanitising, leading to cross site scripting and SQL injection being possible.
| | Homepage: | http://www.debian.org/security | | File Size: | 3253 | | Related CVE(s): | CVE-2008-0783, CVE-2008-0785 | | Last Modified: | May 6 16:39:48 2008 |
| MD5 Checksum: | 14da4de45a7965759e35ce4984df344d |
|
| /// File Name: |
dsa-1570-1.txt |
Description:
|
Debian Security Advisory 1570-1 - Andrews Salomon reported that kazehakase, a GTK+-base web browser that allows pluggable rendering engines, contained an embedded copy of the PCRE library in its source tree which was compiled in and used in preference to the system-wide version of this library. The PCRE library has been updated to fix the security issues reported against it in previous Debian Security Advisories. This update ensures that kazehakase uses that supported library, and not its own embedded and insecure version.
| | Homepage: | http://www.debian.org/security | | File Size: | 4937 | | Related CVE(s): | CVE-2006-7227, CVE-2006-7228, CVE-2006-7230, CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768 | | Last Modified: | May 6 16:44:01 2008 |
| MD5 Checksum: | 7c06871d3debf143c6fa695b70d15b23 |
|
| /// File Name: |
dsa-1571-1.txt |
Description:
|
Debian Security Advisory 1571-1 - Luciano Bello discovered that the random number generator in Debian's openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package. As a result, cryptographic key material may be guessable. This is a Debian-specific vulnerability which does not affect other operating systems which are not based on Debian. However, other systems can be indirectly affected if weak keys are imported into them. It is strongly recommended that all cryptographic key material which has been generated by OpenSSL versions starting with 0.9.8c-1 on Debian systems is recreated from scratch. Furthermore, all DSA keys ever used on affected Debian systems for signing or authentication purposes should be considered compromised; the Digital Signature Algorithm relies on a secret random value used during signature generation.
| | Homepage: | http://www.debian.org/security | | File Size: | 14589 | | Related CVE(s): | CVE-2008-0166 | | Last Modified: | May 13 11:10:24 2008 |
| MD5 Checksum: | 3519042f913d5ce265ca79a43a1d7f92 |
|
| /// File Name: |
dsa-1572-1.txt |
Description:
|
Debian Security Advisory 1572-1 - Several vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language. The glob function allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter. Integer overflow allows context-dependent attackers to cause a denial of service and possibly have other impact via a printf format parameter with a large width specifier. Stack-based buffer overflow in the FastCGI SAPI. The escapeshellcmd API function could be attacked via incomplete multibyte chars.
| | Homepage: | http://www.debian.org/security | | File Size: | 40512 | | Related CVE(s): | CVE-2007-3806, CVE-2008-1384, CVE-2008-2050, CVE-2008-2051 | | Last Modified: | May 12 10:39:51 2008 |
| MD5 Checksum: | 65c9c530978f313191386160ca68b3a9 |
|
| /// File Name: |
dsa-1573-1.txt |
Description:
|
Debian Security Advisory 1573-1 - Several remote vulnerabilities have been discovered in rdesktop, a Remote Desktop Protocol client. Remote exploitation of an integer underflow vulnerability allows attackers to execute arbitrary code with the privileges of the logged-in user. Remote exploitation of a BSS overflow vulnerability allows attackers to execute arbitrary code with the privileges of the logged-in user. Remote exploitation of an integer signedness vulnerability allows attackers to execute arbitrary code with the privileges of the logged-in user.
| | Homepage: | http://www.debian.org/security | | File Size: | 5587 | | Related CVE(s): | CVE-2008-1801, CVE-2008-1802, CVE-2008-1803 | | Last Modified: | May 12 10:41:01 2008 |
| MD5 Checksum: | ba15a8cc0a3d8d809028c215d0f8f9a2 |
|
| /// File Name: |
dsa-1574-1.txt |
Description:
|
Debian Security Advisory 1574-1 - Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. "moz_bug_r_a4" discovered that variants of CVE-2007-3738 and CVE-2007-5338 allow the execution of arbitrary code through XPCNativeWrapper. "moz_bug_r_a4" discovered that insecure handling of event handlers could lead to cross-site scripting. Boris Zbarsky, Johnny Stenback, and "moz_bug_r_a4" discovered that incorrect principal handling can lead to cross-site scripting and the execution of arbitrary code. Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett and Mats Palmgren discovered crashes in the layout engine, which might allow the execution of arbitrary code. "georgi", "tgirmann" and Igor Bukanov discovered crashes in the Javascript engine, which might allow the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 16567 | | Related CVE(s): | CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237 | | Last Modified: | May 12 15:57:20 2008 |
| MD5 Checksum: | 88c086a46a80505846192144f8ae384e |
|
| /// File Name: |
dsa-1575-1.txt |
Description:
|
Debian Security Advisory 1575-1 - A vulnerability has been discovered in the Linux kernel that may lead to a denial of service. Alexander Viro discovered a race condition in the fcntl code that may permit local users on multi-processor systems to execute parallel code paths that are otherwise prohibited and gain re-ordered access to the descriptor table.
| | Homepage: | http://www.debian.org/security | | File Size: | 36131 | | Related CVE(s): | CVE-2008-1669 | | Last Modified: | May 13 11:04:01 2008 |
| MD5 Checksum: | a095807a32a3fc4ee13e1e39f557b145 |
|
| /// File Name: |
dsa-1576-1.txt |
Description:
|
Debian Security Advisory 1576-1 - The recently announced vulnerability in Debian's openssl package (DSA-1571-1, CVE-2008-0166) indirectly affects OpenSSH. As a result, all user and host keys generated using broken versions of the openssl package must be considered untrustworthy, even after the openssl update has been applied.
| | Homepage: | http://www.debian.org/security | | File Size: | 15197 | | Related CVE(s): | CVE-2008-0166 | | Last Modified: | May 15 03:50:46 2008 |
| MD5 Checksum: | a79fd4e6e656f73f69d8c73cf16f3723 |
|
| /// File Name: |
dsa-1576-2.txt |
Description:
|
Debian Security Advisory 1576-2 - Matt Zimmerman discovered that entries in ~/.ssh/authorized_keys with options (such as "no-port-forwarding" or forced commands) were ignored by the new ssh-vulnkey tool introduced in openssh 1:4.3p2-9etch1 (see DSA 1576-1). This could cause some compromised keys not to be listed in ssh-vulnkey's output.
| | Homepage: | http://www.debian.org/security | | File Size: | 11669 | | Related CVE(s): | CVE-2008-0166 | | Last Modified: | May 19 14:53:44 2008 |
| MD5 Checksum: | 99b2764eac7fd3255e11c28f7cd3f369 |
|
| /// File Name: |
dsa-1577-1.txt |
Description:
|
Debian Security Advisory 1577-1 - Stephen Gran and Mark Hymers discovered that some scripts run by GForge, a collaborative development tool, open files in write mode in a potentially insecure manner. This may be exploited to overwrite arbitrary files on the local system.
| | Homepage: | http://www.debian.org/security | | File Size: | 5237 | | Related CVE(s): | CVE-2008-0167 | | Last Modified: | May 15 03:51:39 2008 |
| MD5 Checksum: | 81f578fa45368e855560e91c2dd60d4e |
|
| /// File Name: |
dsa-1578-1.txt |
Description:
|
Debian Security Advisory 1578-1 - Several vulnerabilities have been discovered in PHP version 4, a server-side, HTML-embedded scripting language. The session_start function allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from various parameters. A denial of service was possible through a malicious script abusing the glob() function. Certain maliciously constructed input to the wordwrap() function could lead to a denial of service attack. Large len values of the stspn() or strcspn() functions could allow an attacker to trigger integer overflows to expose memory or cause denial of service. The escapeshellcmd API function could be attacked via incomplete multibyte chars.
| | Homepage: | http://www.debian.org/security | | File Size: | 41977 | | Related CVE(s): | CVE-2007-3799, CVE-2007-3806, CVE-2007-3998, CVE-2007-4657, CVE-2008-2051 | | Last Modified: | May 19 21:10:44 2008 |
| MD5 Checksum: | 3205ee8e6939c1ffec9ba34acd35594f |
|
| /// File Name: |
dsa-1579-1.txt |
Description:
|
Debian Security Advisory 1579-1 - A vulnerability was discovered in the GIF reader implementation in netpbm-free, a suite of image manipulation utilities. Insufficient input data validation could allow a maliciously-crafted GIF file to overrun a stack buffer, potentially permitting the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 12452 | | Related CVE(s): | CVE-2008-0554 | | Last Modified: | May 19 21:11:24 2008 |
| MD5 Checksum: | 5ba4b12b7513e8a9eb5d95741e785e77 |
|
| /// File Name: |
dsa-1580-1.txt |
Description:
|
Debian Security Advisory 1580-1 - It was discovered that phpGedView, an application to provide online access to genealogical data, allowed remote attackers to gain administrator privileges due to a programming error.
| | Homepage: | http://www.debian.org/security | | File Size: | 4397 | | Related CVE(s): | CVE-2008-2064 | | Last Modified: | May 20 10:16:19 2008 |
| MD5 Checksum: | 85cc2abdaaad9d63dd016aac385c4e66 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
