Section: .. / 0806-advisories /
| /// File Name: |
stalker39x.txt |
Description:
|
S.T.A.L.K.E.R.: Shadow of Chernobyl versions 1.0006 and below suffer from multiple buffer overflow vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | stalker39x.zip | | File Size: | 4314 | | Last Modified: | Jun 29 16:37:15 2008 |
| MD5 Checksum: | 8748175c36816983ed9b88629e1d66cd |
|
| /// File Name: |
stalkerboom.txt |
Description:
|
S.T.A.L.K.E.R.: Shadow of Chernobyl versions 1.0006 and below suffer from a denial of service vulnerability.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | stalkerboom.zip | | File Size: | 1764 | | Last Modified: | Jun 16 19:49:24 2008 |
| MD5 Checksum: | 94adbb4a5633f817905fc2cf6f70f2d6 |
|
| /// File Name: |
TA08-162A.txt |
Description:
|
Technical Cyber Security Alert TA08-162A - A vulnerability in the way implementations of SNMPv3 handle specially crafted packets may allow authentication bypass. This vulnerability allows attackers to read and modify any SNMP object that can be accessed using the authentication credentials that got them into the system. Attackers exploiting this vulnerability can view and modify the configuration of these devices. Attackers must gain access using credentials with write privileges in order to modify configurations.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4210 | | Last Modified: | Jun 10 12:26:10 2008 |
| MD5 Checksum: | 0f4359f32bc900b0e9eed16e18bf6fd8 |
|
| /// File Name: |
TA08-162B.txt |
Description:
|
Technical Cyber Security Alert TA08-162B - Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Windows Server, and Internet Explorer as part of the Microsoft Security Bulletin Summary for June 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3452 | | Last Modified: | Jun 10 23:01:42 2008 |
| MD5 Checksum: | 162c3610eb0035e82b62d3cc1f84c216 |
|
| /// File Name: |
TA08-162C.txt |
Description:
|
Technical Cyber Security Alert TA08-162C - Apple QuickTime contains multiple vulnerabilities as described in the Apple Knowledgebase article HT1991. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3882 | | Last Modified: | Jun 10 23:00:24 2008 |
| MD5 Checksum: | 82a9cd989ea7f409c0ac1d3cd9ac64ee |
|
| /// File Name: |
TKADV2008-003.txt |
Description:
|
The kernel of Solaris contains a vulnerability in the code that handles SIOCSIPMSFILTER IOCTL requests. Exploitation of this vulnerability can result in denial of service or code execution.
| | Author: | Tobias Klein | | Homepage: | http://www.trapkit.de/ | | File Size: | 5551 | | Last Modified: | Jun 16 19:41:30 2008 |
| MD5 Checksum: | e53d82b4778fa801c6c94fb300c32a70 |
|
| /// File Name: |
TPTI-08-05.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust SCM. Authentication is not required to exploit this vulnerability. The specific flaw exists in the HTTP Gateway service icihttp.exe running on port 8080. When issuing a request for a FTP service the process tries to decorate the contents of the transaction. In this particular case by specifying a overly long response to a LIST command a stack buffer can be overflowed. Successful exploitation can lead to complete system compromise under the SYSTEM context.
| | Author: | Cody Pierce | | Homepage: | http://www.tippingpoint.com/ | | File Size: | 1323 | | Related CVE(s): | CVE-2008-2541 | | Last Modified: | Jun 4 22:02:30 2008 |
| MD5 Checksum: | ed99d87dfb33a248a20b62f8abacab57 |
|
| /// File Name: |
typo3-xssexec.txt |
Description:
|
TYPO3 versions 3.x, 4.0 through 4.0.7, 4.1 through 4.1.6, and 4.2 suffer from arbitrary code execution and code execution vulnerabilities.
| | Author: | Lars Houmark | | Homepage: | http://www.typo3.org/ | | File Size: | 5453 | | Last Modified: | Jun 11 14:47:50 2008 |
| MD5 Checksum: | 9de19f9b40880ff334017389f70bbc4e |
|
| /// File Name: |
USN-612-10.txt |
Description:
|
Ubuntu Security Notice 612-10 - USN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by adding checks for vulnerable certificates and keys to OpenVPN. A regression was introduced in OpenVPN when using TLS with password protected certificates which caused OpenVPN to not start when used with applications such as NetworkManager.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5952 | | Related CVE(s): | CVE-2008-0166 | | Last Modified: | Jun 12 22:04:24 2008 |
| MD5 Checksum: | af0cb8e9377dc2fbd0e1fbdfd8c98519 |
|
| /// File Name: |
USN-612-11.txt |
Description:
|
Ubuntu Security Notice 612-11 - USN-612-3 addressed a weakness in OpenSSL certificate and key generation and introduced openssl-blacklist to aid in detecting vulnerable certificates and keys. This update adds RSA-4096 blacklists to the openssl-blacklist-extra package and adjusts openssl-vulnkey to properly handle RSA-4096 and higher moduli. by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH, OpenVPN and SSL certificates.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5294 | | Related CVE(s): | CVE-2008-0166 | | Last Modified: | Jun 18 19:58:51 2008 |
| MD5 Checksum: | 536fd2ade4c7226a228c8cdbafd92a9c |
|
| /// File Name: |
USN-612-9.txt |
Description:
|
Ubuntu Security Notice 612-9 - USN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by introducing openssl-blacklist to aid in detecting vulnerable private keys. This update enhances the openssl-vulnkey tool to check Certificate Signing Requests, accept input from STDIN, and check moduli without a certificate. It was also discovered that additional moduli are vulnerable if generated with OpenSSL 0.9.8g or higher. While it is believed that there are few of these vulnerable moduli in use, this update includes updated RSA-1024 and RSA-2048 blacklists. RSA-512 blacklists are also included in the new openssl-blacklist-extra package.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6413 | | Related CVE(s): | CVE-2008-0166 | | Last Modified: | Jun 12 22:03:45 2008 |
| MD5 Checksum: | 1ef0e8674faa8684889a01335eea5013 |
|
| /// File Name: |
USN-614-1.txt |
Description:
|
Ubuntu Security Notice 614-1 - It was discovered that PowerPC kernels did not correctly handle reporting certain system details. By requesting a specific set of information, a local attacker could cause a system crash resulting in a denial of service. A race condition was discovered between dnotify fcntl() and close() in the kernel. If a local attacker performed malicious dnotify requests, they could cause memory consumption leading to a denial of service, or possibly send arbitrary signals to any process. On SMP systems, a race condition existed in fcntl(). Local attackers could perform malicious locks, causing system crashes and leading to a denial of service. The tehuti network driver did not correctly handle certain IO functions. A local attacker could perform malicious requests to the driver, potentially accessing kernel memory, leading to privilege escalation or access to private system information.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 76898 | | Related CVE(s): | CVE-2007-6694, CVE-2008-1375, CVE-2008-1669, CVE-2008-1675 | | Last Modified: | Jun 3 20:42:46 2008 |
| MD5 Checksum: | e879ddc4fe4819bcf545b9a39c1b83dc |
|
| /// File Name: |
USN-615-1.txt |
Description:
|
Ubuntu Security Notice 615-1 - Alin Rad Pop of Secunia Research discovered that Evolution did not properly validate timezone data when processing iCalendar attachments. If a user disabled the ITip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denial of service or possibly execute code with user privileges. Note that the ITip Formatter plugin is enabled by default in Ubuntu. Alin Rad Pop of Secunia Research discovered that Evolution did not properly validate the DESCRIPTION field when processing iCalendar attachments. If a user were tricked into accepting a crafted iCalendar attachment and replied to it from the calendar window, an attacker code cause a denial of service or execute code with user privileges. Matej Cepl discovered that Evolution did not properly validate date fields when processing iCalendar attachments. If a user disabled the ITip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denial of service. Note that the ITip Formatter plugin is enabled by default in Ubuntu.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 19409 | | Related CVE(s): | CVE-2008-1108, CVE-2008-1109 | | Last Modified: | Jun 6 19:07:39 2008 |
| MD5 Checksum: | 2b77957f2a1fd2dfcb53ca8a889967db |
|
| /// File Name: |
USN-616-1.txt |
Description:
|
Ubuntu Security Notice 616-1 - Multiple flaws were found in the RENDER, RECORD, and Security extensions of X.org which did not correctly validate function arguments. An authenticated attacker could send specially crafted requests and gain root privileges or crash X. It was discovered that the MIT-SHM extension of X.org did not correctly validate the location of memory during an image copy. An authenticated attacker could exploit this to read arbitrary memory locations within X, exposing sensitive information.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 25658 | | Related CVE(s): | CVE-2008-1377, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362, CVE-2008-1379 | | Last Modified: | Jun 13 12:39:38 2008 |
| MD5 Checksum: | a0ffdd2dfdee818f9b6d08cd37d7f402 |
|
| /// File Name: |
USN-617-1.txt |
Description:
|
Ubuntu Security Notice 617-1 - Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service. Alin Rad Pop of Secunia Research discovered that Samba did not properly perform bounds checking when parsing SMB replies. A remote attacker could send crafted SMB packets and execute arbitrary code.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 34281 | | Related CVE(s): | CVE-2007-4572, CVE-2008-1105 | | Last Modified: | Jun 18 17:19:35 2008 |
| MD5 Checksum: | aa534b412941f7c7ac477625b6203640 |
|
| /// File Name: |
USN-620-1.txt |
Description:
|
Ubuntu Security Notice 620-1 - It was discovered that OpenSSL was vulnerable to a double-free when using TLS server extensions. A remote attacker could send a crafted packet and cause a denial of service via application crash in applications linked against OpenSSL. Ubuntu 8.04 LTS does not compile TLS server extensions by default. It was discovered that OpenSSL could dereference a NULL pointer. If a user or automated system were tricked into connecting to a malicious server with particular cipher suites, a remote attacker could cause a denial of service via application crash.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6008 | | Related CVE(s): | CVE-2008-0891, CVE-2008-1672 | | Last Modified: | Jun 26 12:09:36 2008 |
| MD5 Checksum: | e3d8ad2ad350589c4ffb1f35b0d2da37 |
|
| /// File Name: |
USN-621-1.txt |
Description:
|
Ubuntu Security Notice 621-1 - Drew Yao discovered several vulnerabilities in Ruby which lead to integer overflows. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program. Drew Yao discovered that Ruby did not sanitize its input when using ALLOCA. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service via memory corruption.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 33872 | | Related CVE(s): | CVE-2008-2662, CVE-2008-2663, CVE-2008-2725, CVE-2008-2726, CVE-2008-2664 | | Last Modified: | Jun 27 12:04:23 2008 |
| MD5 Checksum: | 3f9b36d1f7954def85af5e64b364ce99 |
|
| /// File Name: |
VMSA-2008-00010.txt |
Description:
|
VMware Security Advisory - Updated Tomcat and Java JRE packages have been made available for VMWare ESX 3.5. It is not a few updates either. Check out how many CVEs are covered. Judging by the CVE age, their turn around time on patching is quite sad.
| | Homepage: | http://www.vmware.com/ | | File Size: | 7372 | | Related CVE(s): | CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-1185, CVE-2008-1186, CVE-2008-1187, CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195, CVE-2008-1196, CVE-2008-0657, CVE-2007-5689, CVE-2007-5232, CVE-2007-5236, CVE-2007-5237, CVE-2007-5238, CVE-2007-5239, CVE-2007-5240, CVE-2007-5274 | | Last Modified: | Jun 17 14:10:31 2008 |
| MD5 Checksum: | 9af15b4e6d345993f78f547bd1ad7929 |
|
| /// File Name: |
VMSA-2008-0009.txt |
Description:
|
VMware Security Advisory - Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues.
| | Homepage: | http://www.vmware.com/ | | File Size: | 29263 | | Related CVE(s): | CVE-2007-5671, CVE-2008-0967, CVE-2008-2097, CVE-2008-2100, CVE-2006-1721, CVE-2008-0553, CVE-2007-5378, CVE-2007-4772, CVE-2008-0888, CVE-2008-0062, CVE-2008-0063, CVE-2008-0948 | | Last Modified: | Jun 4 21:56:09 2008 |
| MD5 Checksum: | 21a9f9bc9d12b67725e49cdbc7495422 |
|
| /// File Name: |
wicboom.txt |
Description:
|
World in Conflict versions 1.008 and below suffer from a NULL pointer vulnerability allowing for a server crash.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | wicboom.zip | | File Size: | 1448 | | Last Modified: | Jun 23 18:34:02 2008 |
| MD5 Checksum: | e0d33ab0c35d967d643f4025e65fd91f |
|
| /// File Name: |
ZDI-08-034.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard StorageWorks Storage Mirroring. Authentication is not required to exploit this vulnerability.
| | Author: | Titon | | Homepage: | http://www.zerodayinitiative.com/ | | Related File: | akamai-download.txt | | File Size: | 3469 | | Related CVE(s): | CVE-2008-1661 | | Last Modified: | Jun 4 22:10:15 2008 |
| MD5 Checksum: | 730ea833ea242cd3bfe956e149199fb5 |
|
| /// File Name: |
ZDI-08-036.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the HTTP Gateway service icihttp.exe running on port 8080. When issuing a request for a FTP service the process tries to decorate the contents of the transaction. In this particular case by specifying a overly long response to a LIST command a stack buffer can be overflowed. Successful exploitation can lead to complete system compromise under the SYSTEM context.
| | Author: | Sebastian Apelt | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3128 | | Related CVE(s): | CVE-2008-2541 | | Last Modified: | Jun 4 22:00:56 2008 |
| MD5 Checksum: | c136c175d2c76b7db8227fb2cf20d11e |
|
| /// File Name: |
ZDI-08-037.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple Quicktime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3182 | | Related CVE(s): | CVE-2008-1584 | | Last Modified: | Jun 10 22:45:18 2008 |
| MD5 Checksum: | 787def36b85df637ff885be5f7d8faf7 |
|
| /// File Name: |
ZDI-08-038.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file.
| | Author: | Petko Petkov | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3284 | | Related CVE(s): | CVE-2008-1585 | | Last Modified: | Jun 10 22:46:17 2008 |
| MD5 Checksum: | 3fb0ee81f459d8c41c8ff92cbbf7fe6e |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
