Section: .. / 0708-advisories /
| /// File Name: |
HPSBMA02242.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code.
| | Homepage: | http://www.hp.com | | File Size: | 8390 | | Last Modified: | Aug 14 06:04:44 2007 |
| MD5 Checksum: | dd2e6da4fcb3ac720a1c0ade14802d0a |
|
| /// File Name: |
HPSBMA02244.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with the HP OpenView Business Process Insight family of products running Shared Trace Service on Windows. The vulnerability could be remotely exploited to execute arbitrary code. The HP OpenView Business Process Insight family of products includes HP OpenView Business Process Insight (OVBPI), HP Business Process Insight (HPBPI) , HP OpenView Service Desk Process Insight (SDPI), and HP Service Desk Process Insight (HPSDPI).
| | Homepage: | http://www.hp.com | | File Size: | 6980 | | Last Modified: | Aug 14 06:06:07 2007 |
| MD5 Checksum: | 4dfb45ad0c5bb74806c6f7d471403c22 |
|
| /// File Name: |
HPSBMA02245.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Dashboard running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code.
| | Homepage: | http://www.hp.com | | File Size: | 6487 | | Last Modified: | Aug 14 06:07:06 2007 |
| MD5 Checksum: | b43e0e124b2bfe3f6f27e6d124487d29 |
|
| /// File Name: |
HPSBMA02246.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Performance Insight (OVPI) running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code.
| | Homepage: | http://www.hp.com | | File Size: | 6626 | | Last Modified: | Aug 14 06:08:21 2007 |
| MD5 Checksum: | 29a45446c2a6c1f64352b49bb2758144 |
|
| /// File Name: |
HS-A007.txt |
Description:
|
Harmony Security Advisory - Qbik's WinGate versions below 6.2.2 suffer from a remote denial of service vulnerability.
| | Author: | Stephen Fewer | | Homepage: | http://www.harmonysecurity.com/ | | File Size: | 2546 | | Last Modified: | Aug 12 00:04:53 2007 |
| MD5 Checksum: | 45c1a91e39daec5d0522f41741611a6b |
|
| /// File Name: |
infrant-password.txt |
Description:
|
Infrant ReadyNAS RAIDiator suffers from a weakly created root password vulnerability.
| | Author: | Brian Chapados, Felix Domke | | File Size: | 5377 | | Last Modified: | Aug 14 05:43:11 2007 |
| MD5 Checksum: | 0c74b0a2b708f456bc4a210b5d3d7162 |
|
| /// File Name: |
ipswitchftp-xss.txt |
Description:
|
VDA Labs Advisory - Ipswitch FTP suffers from a cross site scripting vulnerability.
| | Author: | John Harwold | | File Size: | 1264 | | Last Modified: | Aug 24 03:34:16 2007 |
| MD5 Checksum: | 254d521bb16bbffb1cce50f20b82f04d |
|
| /// File Name: |
ircscripts.txt |
Description:
|
Various "now playing" scripts for various IRC clients allow for forced client side command execution on the IRC server in use.
| | Author: | Wouter Coekaerts | | File Size: | 2688 | | Last Modified: | Aug 14 05:32:22 2007 |
| MD5 Checksum: | f9b4a3b62651bbb9943d7bf8f20c4a3b |
|
| /// File Name: |
ircu-multi.txt |
Description:
|
Ircu, the open source IRC server, is susceptible to multiple vulnerabilities.
| | Author: | Wouter Coekaerts | | File Size: | 9913 | | Last Modified: | Aug 14 05:25:20 2007 |
| MD5 Checksum: | 866874bb6b3a4a534b530e1329122792 |
|
| /// File Name: |
kde357-dos.txt |
Description:
|
KDE's Konqueror versions 3.5.7 and below suffer from a denial of service vulnerability.
| | Author: | Thomas Waldegger | | Homepage: | http://buha.info/board/ | | File Size: | 3606 | | Last Modified: | Aug 8 06:58:07 2007 |
| MD5 Checksum: | 40a2b81559278a98990ee22636d8c909 |
|
| /// File Name: |
konq-spoof.txt |
Description:
|
Konqueror version 3.5.7 suffers from a URL address spoofing vulnerability.
| | Author: | Robert Swiecki | | Homepage: | http://alt.swiecki.net/ | | File Size: | 1096 | | Last Modified: | Aug 8 09:37:42 2007 |
| MD5 Checksum: | db4642e8f59aab6d9cd54bd2d9e9ce27 |
|
| /// File Name: |
lfsfp.txt |
Description:
|
Live For Speed versions 0.5X10 and below suffer from multiple buffer overflow vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | lfsfp.zip | | File Size: | 4526 | | Last Modified: | Aug 15 06:23:28 2007 |
| MD5 Checksum: | 230d3bc49f1922554443690d579c2f02 |
|
| /// File Name: |
linux-signal.txt |
Description:
|
The Linux 2.4 and 2.6 kernel series suffer from a flaw where an unprivileged local user may send arbitrary signals to a child process despite security restrictions.
| | Author: | Wojciech Purczynski | | File Size: | 3357 | | Last Modified: | Aug 14 19:57:17 2007 |
| MD5 Checksum: | 23b2c89639dc24156d051cc99606bf03 |
|
| /// File Name: |
mambocms-fixation.txt |
Description:
|
Mambo CMS version 4.6.2 suffers from a session fixation vulnerability.
| | Author: | Tomaz Bratusa | | Homepage: | http://www.teamintell.com/ | | File Size: | 5215 | | Last Modified: | Aug 8 06:40:21 2007 |
| MD5 Checksum: | 2770f3bf47ebfd85f23883e72a2243c3 |
|
| /// File Name: |
mcafee-advisory-08-2007.txt |
Description:
|
A buffer overflow exists in McAfee Virus Scan for Linux and Unix version 5.10.0 that may allow for code execution in the context of the uid running it.
| | Author: | Sebastian Wolfgarten | | Homepage: | http://www.devtarget.org/ | | File Size: | 4762 | | Last Modified: | Aug 16 10:42:17 2007 |
| MD5 Checksum: | bfdf3833ccef43127c2e0bed56d2de14 |
|
| /// File Name: |
MDKSA-2007-151.txt |
Description:
|
Mandriva Linux Security Advisory - A number of format string flaws have been discovered in how Qt handled error messages by Dirk Mueller and Tracey Parry of Portcullis Computer Security. If an application linked against Qt created an error message from user-supplied data in a certain way, it could possibly lead to the execution of arbitrary code or a denial of service.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 12281 | | Related CVE(s): | CVE-2007-3388 | | Last Modified: | Aug 8 07:02:33 2007 |
| MD5 Checksum: | 9ec9446759f68678fe951a1f04c4e0e2 |
|
| /// File Name: |
MDKSA-2007-152.txt |
Description:
|
Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.6.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 52335 | | Related CVE(s): | CVE-2007-3089, CVE-2007-3285, CVE-2007-3656, CVE-2007-3670, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738, CVE-2007-3844, CVE-2007-3845 | | Last Modified: | Aug 8 07:04:03 2007 |
| MD5 Checksum: | a0fd2b4a65019d2ea2d16383d6d1de2a |
|
| /// File Name: |
MDKSA-2007-154.txt |
Description:
|
Mandriva Linux Security Advisory - A format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors. XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain M3U file that contains a long #EXTINF line and contains format string specifiers in an invalid udp:// URI, possibly a variant of CVE-2007-0017.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3065 | | Related CVE(s): | CVE-2007-0254, CVE-2007-0255 | | Last Modified: | Aug 12 00:01:50 2007 |
| MD5 Checksum: | 268e895274be2192c27c40aa0f244c11 |
|
| /// File Name: |
MDKSA-2007-155.txt |
Description:
|
Mandriva Linux Security Advisory - An off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2380 | | Related CVE(s): | CVE-2007-1218 | | Last Modified: | Aug 12 00:03:19 2007 |
| MD5 Checksum: | 37bf7fd21a18b67253f387d0014ed9a0 |
|
| /// File Name: |
MDKSA-2007-156.txt |
Description:
|
Mandriva Linux Security Advisory - M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load() function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an application using Imlib2 attempts to view the image. The tga loader fails to bounds check input data to make sure the input data does not load outside the memory mapped region. The RLE decoding loops of the load() function in the tga loader does not check that the count byte of an RLE packet does not cause a heap overflow of the pixel buffer. The load() function of the pnm loader writes arbitrary length user data into a fixed size stack allocated buffer buf[] without bounds checking.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3971 | | Related CVE(s): | CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809 | | Last Modified: | Aug 14 02:19:17 2007 |
| MD5 Checksum: | d4af1e18a20cc3f1ee01cf9799dbf0e9 |
|
| /// File Name: |
MDKSA-2007-157.txt |
Description:
|
Mandriva Linux Security Advisory - The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478. Also affects kdelibs 3.5.6, as per KDE official advisory.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3112 | | Related CVE(s): | CVE-2007-0537 | | Last Modified: | Aug 14 02:24:12 2007 |
| MD5 Checksum: | e569c31ed38b297ccce25a7fa0be9234 |
|
| /// File Name: |
MDKSA-2007-158.txt |
Description:
|
Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause xpdf to crash and possibly execute arbitrary code open a user opening the file.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3978 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Aug 14 19:42:47 2007 |
| MD5 Checksum: | a1ece8107dd103f05f3f507001a088dd |
|
| /// File Name: |
MDKSA-2007-159.txt |
Description:
|
Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause gpdf to crash and possibly execute arbitrary code open a user opening the file.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2424 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Aug 14 19:43:20 2007 |
| MD5 Checksum: | ad7c71e6ee4c270a104e17026140e69d |
|
| /// File Name: |
MDKSA-2007-160.txt |
Description:
|
Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause pdftohtml to crash and possibly execute arbitrary code open a user opening the file.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2846 | | Related CVE(s): | CVE-2007-3387 | | Last Modified: | Aug 14 19:43:50 2007 |
| MD5 Checksum: | 397ed1aba510834d880dd0ec6ec06549 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
