Section: .. / 0806-advisories /
| /// File Name: |
CAID-disc-dos.txt |
Description:
|
CA ARCserve Backup contains a vulnerability in the Discovery service (casdscsvc) that can allow a remote attacker to cause a denial of service condition. CA has issued patches to address the vulnerability. The vulnerability occurs due to insufficient verification of client data. An attacker can make a request that can crash the service.
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 7625 | | Related CVE(s): | CVE-2008-1979 | | Last Modified: | Jun 18 18:09:57 2008 |
| MD5 Checksum: | cb294251feff0e35d4a5033bbfadf55f |
|
| /// File Name: |
CAID-scmgw.txt |
Description:
|
CA Secure Content Manager contains multiple vulnerabilities in the HTTP Gateway service that can allow a remote attacker to cause a denial of service condition or execute arbitrary code.
| | Author: | Sebastian Apelt, Cody Pierce | | Homepage: | http://www3.ca.com/ | | File Size: | 3392 | | Last Modified: | Jun 4 22:25:47 2008 |
| MD5 Checksum: | 8ec4ecb144db690c89a16b3fe908a140 |
|
| /// File Name: |
cisco-sa-20080604-asa.txt |
Description:
|
Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. The first four vulnerabilities may lead to a denial of service (DoS) condition and the fifth vulnerability may allow an attacker to bypass control-plane access control lists (ACL).
| | Homepage: | http://www.cisco.com/ | | File Size: | 29659 | | Related CVE(s): | CVE-2008-2055 | | Last Modified: | Jun 4 21:53:01 2008 |
| MD5 Checksum: | 2c024c8810f6e22e8f2cadeb828229af |
|
| /// File Name: |
cisco-sa-20080610-snmpv3.txt |
Description:
|
Cisco Security Advisory - Multiple Cisco products contain either of two authentication vulnerabilities in the Simple Network Management Protocol version 3 (SNMPv3) feature. These vulnerabilities can be exploited when processing a malformed SNMPv3 message. These vulnerabilities could allow the disclosure of network information or may enable an attacker to perform configuration changes to vulnerable devices. The SNMP server is an optional service that is disabled by default in Cisco products. Only SNMPv3 is impacted by these vulnerabilities. Workarounds are available for mitigating the impact of the vulnerabilities described in this document.
| | Homepage: | http://www.cisco.com/ | | File Size: | 82165 | | Related CVE(s): | CVE-2008-0960 | | Last Modified: | Jun 10 20:59:03 2008 |
| MD5 Checksum: | a90f74b6f09d67478056a2900825af18 |
|
| /// File Name: |
cisco-sa-20080618-ips.txt |
Description:
|
Cisco Security Advisory - Cisco Intrusion Prevention System (IPS) platforms that have gigabit network interfaces installed and are deployed in inline mode contain a denial of service vulnerability in the handling of jumbo Ethernet frames. This vulnerability may lead to a kernel panic that requires a power cycle to recover platform operation. Platforms deployed in promiscuous mode only or that do not contain gigabit network interfaces are not vulnerable.
| | Homepage: | http://www.cisco.com/ | | File Size: | 13672 | | Related CVE(s): | CVE-2008-2060 | | Last Modified: | Jun 18 17:55:38 2008 |
| MD5 Checksum: | abd95b1ec23ffaaf910a0461f8f0cb14 |
|
| /// File Name: |
cisco-sa-20080625-cucm.txt |
Description:
|
Cisco Security Advisory - Cisco Unified Communications Manager (CUCM), formerly Cisco CallManager, contains a denial of service (DoS) vulnerability in the Computer Telephony Integration (CTI) Manager service that may cause an interruption in voice services and an authentication bypass vulnerability in the Real-Time Information Server (RIS) Data Collector that may expose information that is useful for reconnaissance.
| | Homepage: | http://www.cisco.com/ | | File Size: | 16962 | | Related CVE(s): | CVE-2008-2061 | | Last Modified: | Jun 25 19:45:27 2008 |
| MD5 Checksum: | bbf0e1d565388241508962bd68574324 |
|
| /// File Name: |
cod4vamap.txt |
Description:
|
Call of Duty 4: Modern Warfare versions 1.6 and below suffer from denial of service vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | cod4vamap.zip | | File Size: | 3502 | | Last Modified: | Jun 23 18:36:29 2008 |
| MD5 Checksum: | a5ba45f763b0de861d77eb9303a7bf09 |
|
| /// File Name: |
CORE-2008-0125.txt |
Description:
|
Core Security Technologies Advisory - A vulnerability was found in CitectSCADA that could allow a remote un-authenticated attacker to force an abnormal termination of the vulnerable software (Denial of Service) or to execute arbitrary code on vulnerable systems to gain complete control of the software. To accomplish such goal the would-be attacker must be able to connect to the vulnerable service on a TCP high-port.
| | Author: | Sebastian Muniz | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 26834 | | Related CVE(s): | CVE-2008-2639 | | Last Modified: | Jun 11 14:49:38 2008 |
| MD5 Checksum: | 05d523bd4c70fe5989f629e5358a80e8 |
|
| /// File Name: |
crysislog.txt |
Description:
|
Crysis versions 1.21 and below suffer from an information disclosure vulnerability.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | crysislog.zip | | File Size: | 2488 | | Last Modified: | Jun 16 19:47:07 2008 |
| MD5 Checksum: | 030d3197c83d43c676c11c527e8068af |
|
| /// File Name: |
dsa-1553-2.txt |
Description:
|
Debian Security Advisory 1553-2 - The update of ikiwiki in DSA-1553-1 caused two regressions. An updated version of ikiwiki is available that fixes these problems. It has been discovered that ikiwiki, a Wiki implementation, does not guard password and content changes against cross-site request forgery (CSRF) attacks.
| | Homepage: | http://www.debian.org/security | | File Size: | 3087 | | Related CVE(s): | CVE-2008-0165 | | Last Modified: | Jun 2 11:25:20 2008 |
| MD5 Checksum: | b472faa0b77846ae496c2a1e652b28e1 |
|
| /// File Name: |
dsa-1591-1.txt |
Description:
|
Debian Security Advisory 1591-1 - Several local (remote) vulnerabilities have been discovered in libvorbis, a library for the Vorbis general-purpose compressed audio codec. libvorbis does not properly handle a zero value which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. Integer overflow in libvorbis allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. Integer overflow in libvorbis allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file which triggers a heap overflow.
| | Homepage: | http://www.debian.org/security | | File Size: | 11252 | | Related CVE(s): | CVE-2008-1419, CVE-2008-1420, CVE-2008-1423 | | Last Modified: | Jun 3 14:16:22 2008 |
| MD5 Checksum: | 3aeb9d94360c24799fbb61c59f1deed9 |
|
| /// File Name: |
dsa-1592-1.txt |
Description:
|
Debian Security Advisory 1592-1 - Two vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution. Wei Wang from McAfee reported a potential heap overflow in the ASN.1 decode code that is used by the SNMP NAT and CIFS subsystem. Exploitation of this issue may lead to arbitrary code execution. This issue is not believed to be exploitable with the pre-built kernel images provided by Debian, but it might be an issue for custom images built from the Debian-provided source package. Brandon Edwards of McAfee Avert labs discovered an issue in the DCCP subsystem. Due to missing feature length checks it is possible to cause an overflow they may result in remote arbitrary code execution.
| | Homepage: | http://www.debian.org/security | | File Size: | 33749 | | Related CVE(s): | CVE-2008-1673, CVE-2008-2358 | | Last Modified: | Jun 9 10:35:32 2008 |
| MD5 Checksum: | 6711c649d1e889d9a7a4224589db5f68 |
|
| /// File Name: |
dsa-1592-2.txt |
Description:
|
Debian Security Advisory 1592-2 - Two vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution. Wei Wang from McAfee reported a potential heap overflow in the ASN.1 decode code that is used by the SNMP NAT and CIFS subsystem. Exploitation of this issue may lead to arbitrary code execution. This issue is not believed to be exploitable with the pre-built kernel images provided by Debian, but it might be an issue for custom images built from the Debian-provided source package. Brandon Edwards of McAfee Avert labs discovered an issue in the DCCP subsystem. Due to missing feature length checks it is possible to cause an overflow they may result in remote arbitrary code execution. This updated advisory adds the linux-2.6 build for mipsel which was not yet available at the time of DSA-1592-1.
| | Homepage: | http://www.debian.org/security | | File Size: | 36393 | | Related CVE(s): | CVE-2008-1673, CVE-2008-2358 | | Last Modified: | Jun 9 15:49:47 2008 |
| MD5 Checksum: | 7a55df5d90d45c720f4f79ce568d12d5 |
|
| /// File Name: |
dsa-1593-1.txt |
Description:
|
Debian Security Advisory 1593-1 - It was discovered that the Host Manager web application performed insufficient input sanitizing, which could lead to cross-site scripting.
| | Homepage: | http://www.debian.org/security | | File Size: | 3384 | | Related CVE(s): | CVE-2008-1947 | | Last Modified: | Jun 9 17:49:15 2008 |
| MD5 Checksum: | a3cfa2d865fad8c5d975bdf87a2b9796 |
|
| /// File Name: |
dsa-1594-1.txt |
Description:
|
Debian Security Advisory 1594-1 - Stefan Cornelius discovered two buffer overflows in Imlib's - a powerful image loading and rendering library - image loaders for PNM and XPM images, which may result in the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 6811 | | Related CVE(s): | CVE-2008-2426 | | Last Modified: | Jun 11 18:05:17 2008 |
| MD5 Checksum: | 7d15ab47d571786396571179470ab37c |
|
| /// File Name: |
dsa-1595-1.txt |
Description:
|
Debian Security Advisory 1595-1 - Lack of validation of the parameters of the SProcSecurityGenerateAuthorization SProcRecordCreateContext functions makes it possible for a specially crafted request to trigger the swapping of bytes outside the parameter of these requests, causing memory corruption. An integer overflow in the validation of the parameters of the ShmPutImage() request makes it possible to trigger the copy of arbitrary server memory to a pixmap that can subsequently be read by the client, to read arbitrary parts of the X server memory space. An integer overflow may occur in the computation of the size of the glyph to be allocated by the AllocateGlyph() function which will cause less memory to be allocated than expected, leading to later heap overflow. An integer overflow may occur in the computation of the size of the glyph to be allocated by the ProcRenderCreateCursor() function which will cause less memory to be allocated than expected, leading later to dereferencing un-mapped memory, causing a crash of the X server. Integer overflows can also occur in the code validating the parameters for the SProcRenderCreateLinearGradient, SProcRenderCreateRadialGradient and SProcRenderCreateConicalGradient functions, leading to memory corruption by swapping bytes outside of the intended request parameters.
| | Homepage: | http://www.debian.org/security | | File Size: | 17212 | | Related CVE(s): | CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362 | | Last Modified: | Jun 12 21:52:32 2008 |
| MD5 Checksum: | f83e5d1509dce4327dbb2137017aeeb2 |
|
| /// File Name: |
dsa-1596-1.txt |
Description:
|
Debian Security Advisory 1596-1 - Several remote vulnerabilities have been discovered in the TYPO3 content management framework. Because of a not sufficiently secure default value of the TYPO3 configuration variable fileDenyPattern, authenticated backend users could upload files that allowed to execute arbitrary code as the webserver user. User input processed by fe_adminlib.inc is not being properly filtered to prevent Cross Site Scripting (XSS) attacks, which is exposed when specific plugins are in use.
| | Homepage: | http://www.debian.org/security | | File Size: | 3547 | | Last Modified: | Jun 12 21:53:05 2008 |
| MD5 Checksum: | abd238c4c3b04c94dd5a15bb02ea8127 |
|
| /// File Name: |
dsa-1597-1.txt |
Description:
|
Debian Security Advisory 1597-1 - Three vulnerabilities have been discovered in the mt-daapd DAAP audio server (also known as the Firefly Media Server). Insufficient validation and bounds checking of the Authorization: HTTP header enables a heap buffer overflow, potentially enabling the execution of arbitrary code. Format string vulnerabilities in debug logging within the authentication of XML-RPC requests could enable the execution of arbitrary code. An integer overflow weakness in the handling of HTTP POST variables could allow a heap buffer overflow and potentially arbitrary code execution.
| | Homepage: | http://www.debian.org/security | | File Size: | 5761 | | Related CVE(s): | CVE-2007-5824, CVE-2007-5825, CVE-2008-1771 | | Last Modified: | Jun 12 21:54:31 2008 |
| MD5 Checksum: | d70edf60c6b03f994db07bdb06c2aa33 |
|
| /// File Name: |
dsa-1598-1.txt |
Description:
|
Debian Security Advisory 1598-1 - It was discovered that a buffer overflow in the GIF image parsing code of Tk, a cross-platform graphical toolkit, could lead to denial of service and potentially the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 4884 | | Related CVE(s): | CVE-2008-0553 | | Last Modified: | Jun 20 15:08:16 2008 |
| MD5 Checksum: | 67c2da80832ee419712197cfa786bc42 |
|
| /// File Name: |
dsa-1599-1.txt |
Description:
|
Debian Security Advisory 1599-1 - Havoc Pennington discovered that DBus, a simple interprocess messaging system, performs insufficient validation of security policies, which might allow local privilege escalation.
| | Homepage: | http://www.debian.org/security | | File Size: | 9397 | | Related CVE(s): | CVE-2008-0595 | | Last Modified: | Jun 27 12:03:19 2008 |
| MD5 Checksum: | 5dca316831d6a1cd5fdaf050dfb288a7 |
|
| /// File Name: |
evolution-dos.txt |
Description:
|
Evolution version 2.22.2 suffers from a denial of service vulnerability.
| | Author: | Juan Pablo Lopez Yacubian | | File Size: | 1064 | | Last Modified: | Jun 26 15:01:40 2008 |
| MD5 Checksum: | 8b50a4dabc00806b64b2caf21de573b6 |
|
| /// File Name: |
facebook-xss.txt |
Description:
|
The Facebook fb:silverlight FBML tag suffers from a persistent cross site scripting vulnerability.
| | Author: | Jouko Pynnonen | | Homepage: | http://iki.fi/jouko | | File Size: | 3619 | | Last Modified: | Jun 20 15:34:23 2008 |
| MD5 Checksum: | ceb2553c62df84f3c436e234aeac382b |
|
| /// File Name: |
fetchmail-SA-2007-02.txt |
Description:
|
Fetchmail versions 6.3.9 and below suffer from a NULL pointer deference vulnerability that can be triggered by outside circumstances.
| | Author: | Earl Chew | | Homepage: | http://fetchmail.berlios.de/ | | File Size: | 4049 | | Related CVE(s): | CVE-2007-4565 | | Last Modified: | Jun 17 14:20:39 2008 |
| MD5 Checksum: | e266c2e4f91f4a028481c87c7b005bb0 |
|
| /// File Name: |
fetchmail-SA-2008-01.txt |
Description:
|
Fetchmail versions 6.3.9 and below suffer from a dereferencing garbage pointer vulnerability that can lead to a denial of service condition.
| | Author: | Petr Uzel, Petr Cerny, Gunter Nau | | Homepage: | http://fetchmail.berlios.de/ | | File Size: | 5084 | | Related CVE(s): | CVE-2008-2711 | | Last Modified: | Jun 17 14:22:12 2008 |
| MD5 Checksum: | 424b4f932299ff20815c03c610027bfe |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
