Section: .. / Last 100 Advisory Files /
| /// File Name: | DDIVRT-2008-15.txt | Description:
| The iPhone Configuration Web Utility 1.0 for Windows web interface is vulnerable to a common web directory traversal attack. Successful exploitation will result in arbitrary read-onlyfile access outside of the iPhone Configuration Web Utility 1.0 web root. | | Author: | Corey LeBleu,r@b13$ | | Homepage: | http://www.digitaldefense.net/ | | File Size: | 1066 | | Last Modified: | Nov 21 16:18:46 2008 | | MD5 Checksum: | 07526dbd17f8e037041006f8815ffe08 |
|
| /// File Name: | openssh-cbc-adv.txt | Description:
| The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary information, they are unable to properly assess its impact. | | Homepage: | http://www.openssh.com/ | | File Size: | 2506 | | Last Modified: | Nov 21 16:17:37 2008 | | MD5 Checksum: | d2688c59ac428caddd0526bb0979ec68 |
|
| /// File Name: | ZDI-08-076.txt | Description:
| A vulnerability allows remote attackers to retrieve arbitrary files on systems with vulnerable installations of EMC Control Center SAN Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the SAN Manager Master Agent service (msragent.exe) which listens by default on TCP port 10444. While processing SST_SENDFILE requests the service does not validate the requestor allowing any remote attacker to download arbitrary files. | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3322 | | Last Modified: | Nov 20 18:26:11 2008 | | MD5 Checksum: | 674545c3d3f0885dd630ad4bf3b66bd8 |
|
| /// File Name: | ZDI-08-075.txt | Description:
| A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of EMC Control Center SAN Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the SAN Manager Master Agent service (msragent.exe) which listens by default on TCP port 10444. While processing SST_CTGTRANS requests the process copies packet data into a fixed length stack buffer. Exploitation allows for arbitrary code execution under the context of the SYSTEM user. | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3366 | | Last Modified: | Nov 20 18:24:55 2008 | | MD5 Checksum: | baf5fcd61ddfffefe825752a5e5f8532 |
|
| /// File Name: | MDVSA-2008-233.txt | Description:
| Mandriva Linux Security Advisory 2008-233 - A heap overflow was found in the CDDB retrieval code of libcdaudio, which could result in the execution of arbitrary code. In addition, the fixes for were not applied to newer libcdaudio packages as shipped with Mandriva Linux, so the patch to fix that issue has been applied to 2008.1 and 2009.0 (this was originally fixed in MDKSA-2005:075). This issue is a buffer overflow flaw found by Joseph VanAndel. Corporate 3.0 has this fix already applied. The updated packages have been patched to prevent these issues. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4191 | | Related CVE(s): | CVE-2005-0706, CVE-2008-5030 | | Last Modified: | Nov 20 18:16:55 2008 | | MD5 Checksum: | 9c756b2e28e8d3771c77fdb2f9600b6d |
|
| /// File Name: | SSRT080059.txt | Description:
| HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM).The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). | | Homepage: | http://www.hp.com/ | | File Size: | 7471 | | Related CVE(s): | CVE-2007-6388, CVE-2007-5000 | | Last Modified: | Nov 20 14:21:09 2008 | | MD5 Checksum: | 95772fbd64f5296b53746839ca3c082f |
|
| /// File Name: | MDVSA-2008-232.txt | Description:
| Mandriva Linux Security Advisory 2008-232 - The ACL plugin in dovecot prior to version 1.1.4 treated negative access rights as though they were positive access rights, which allowed attackers to bypass intended access restrictions. The ACL plugin in dovecot prior to version 1.1.6 allowed attackers to bypass intended access restrictions by using the 'k' right to create unauthorized 'parent/child/child' mailboxes. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4496 | | Related CVE(s): | CVE-2008-4577, CVE-2008-4578 | | Last Modified: | Nov 19 18:47:25 2008 | | MD5 Checksum: | 74d6e20e2de494366564f42bf606f8cb |
|
| /// File Name: | USN-674-1.txt | Description:
| Ubuntu Security Notice USN-674-1 - It was discovered that the hpssd tool of hplip did not validate privileges in the alert-mailing function. A local attacker could exploit this to gain privileges and send e-mail messages from the account of the hplip user. This update alters hplip behavior by preventing users from setting alerts and by moving alert configuration to a root-controlled /etc/hp/alerts.conf file. It was discovered that the hpssd tool of hplip did not correctly handle certain commands. A local attacker could use a specially crafted packet to crash hpssd, leading to a denial of service. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 10985 | | Related CVE(s): | CVE-2008-2940, CVE-2008-2941 | | Last Modified: | Nov 19 18:46:56 2008 | | MD5 Checksum: | 40785ad48c0633533c0dbc0debeac5a5 |
|
| /// File Name: | PR08-09.txt | Description:
| An unauthenticated file retrieval vulnerability exists on the Sun Java System Identity Manager. | | Author: | Richard Brain | | Homepage: | http://www.procheckup.com/ | | File Size: | 2315 | | Last Modified: | Nov 19 18:15:41 2008 | | MD5 Checksum: | 027955185dafd3359535c914e02f64fa |
|
| /// File Name: | secunia-streamripper.txt | Description:
| Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user's system. Version 1.63.5 is affected. | | Author: | Stefan Cornelius | | Homepage: | http://secunia.com/ | | File Size: | 4581 | | Related CVE(s): | CVE-2008-4829 | | Last Modified: | Nov 19 17:55:36 2008 | | MD5 Checksum: | 2a667b6f5ea4090920bfdfceb7fa6c61 |
|
| /// File Name: | tonline-multi.txt | Description:
| The T-Online software offered by Deutsche Telekom installs and includes the use of vulnerable DLLs. | | Author: | Stefan Kanthak | | File Size: | 2364 | | Last Modified: | Nov 19 17:52:19 2008 | | MD5 Checksum: | 4f545cb45287d94079f395be11241a87 |
|
| /// File Name: | MDVSA-2008-231.txt | Description:
| Mandriva Linux Security Advisory 2008-231 - Drew Yaro of the Apple Product Security Team found two flaws in libxml2. The first is a denial of service flaw in libxml2's XML parser. If an application linked against libxml2 were to process certain malformed XML content, it cause the application to enter an infinite loop. The second is an integer overflow that caused a heap-based buffer overflow in libxml2's XML parser. If an application linked against libxml2 were to process certain malformed XML content, it could cause the application to crash or possibly execute arbitrary code. The updated packages have been patched to correct these issues. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7546 | | Related CVE(s): | CVE-2008-4225, CVE-2008-4226 | | Last Modified: | Nov 18 20:11:30 2008 | | MD5 Checksum: | 3c2bacdc0c614a94c24a9030e3f7f962 |
|
| /// File Name: | USN-673-1.txt | Description:
| Ubuntu Security Notice USN-673-1 - Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. If a user or automated system were tricked into processing a malicious XML document, a remote attacker could cause applications linked against libxml2 to enter an infinite loop, leading to a denial of service. Drew Yao discovered that libxml2 did not correctly handle large memory allocations. If a user or automated system were tricked into processing a very large XML document, a remote attacker could cause applications linked against libxml2 to crash, leading to a denial of service. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 25774 | | Related CVE(s): | CVE-2008-4225, CVE-2008-4226 | | Last Modified: | Nov 18 20:10:50 2008 | | MD5 Checksum: | 64f6a2da847d9cc80f75dd91c5ce02f7 |
|
| /// File Name: | CESA-2008-009.html | Description:
| Firefox versions 2.0.0.18 and below and WebKit nightly are affected by a cross-domain arbitrary image theft vulnerability. | | Author: | Chris Evans | | File Size: | 3011 | | Related CVE(s): | CVE-2008-5012 | | Last Modified: | Nov 18 19:31:05 2008 | | MD5 Checksum: | a5218b3dbe84d9457e5d725d2e5b90c9 |
|
| /// File Name: | SSRT080164.txt | Description:
| HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin. | | Homepage: | http://www.hp.com/ | | File Size: | 9279 | | Related CVE(s): | CVE-2008-4250, CVE-2008-4037, CVE-2007-0099, CVE-2008-4029, CVE-2008-4033 | | Last Modified: | Nov 18 19:25:40 2008 | | MD5 Checksum: | af2cc68c5723cced78fc00d623c7ba29 |
|
| /// File Name: | USN-672-1.txt | Description:
| Ubuntu Security Notice USN-672-1 - Moritz Jodeit discovered that ClamAV did not correctly handle certain strings when examining a VBA project. If a remote attacker tricked ClamAV into processing a malicious VBA file, ClamAV would crash, leading to a denial of service. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 7596 | | Related CVE(s): | CVE-2008-5050 | | Last Modified: | Nov 18 01:07:08 2008 | | MD5 Checksum: | 157f26b3a109779716d5541904cd8ff7 |
|
| /// File Name: | USN-667-1.txt | Description:
| Ubuntu Security Notice USN-667-1 - A large amount of vulnerabilities have been addressed in Firefox. Flaws such as information disclosure, bypassing of same-origin checks, arbitrary code execution, and more exist in prior versions. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 43945 | | Related CVE(s): | CVE-2008-0017, CVE-2008-4582, CVE-2008-5012, CVE-2008-5013CVE-2008-5014, CVE-2008-5015, CVE-2008-5016, CVE-2008-5017CVE-2008-5018, CVE-2008-5019, CVE-2008-5021, CVE-2008-5022CVE-2008-5023, CVE-2008-5024 | | Last Modified: | Nov 18 00:55:01 2008 | | MD5 Checksum: | d2b66e3a70af631dd3be6f985f566dab |
|
| /// File Name: | MDVSA-2008-230.txt | Description:
| Mandriva Linux Security Advisory 2008-230 - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.4. This update provides the latest Mozilla Firefox 3.x to correct these issues. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 22570 | | Related CVE(s): | CVE-2008-0017, CVE-2008-5014, CVE-2008-5015, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021, CVE-2008-5022, CVE-2008-5023, CVE-2008-5024 | | Last Modified: | Nov 18 00:32:31 2008 | | MD5 Checksum: | 19a0df874c10f5c60f644926fc593b96 |
|
| /// File Name: | MDVSA-2008-227-1.txt | Description:
| Mandriva Linux Security Advisory 2008-227-1 - Martin von Gagern found a flow in how GnuTLS versions 1.2.4 up until 2.6.1 verified certificate chains provided by a server. A malicious server could use this flaw to spoof its identity by tricking client applications that used the GnuTLS library to trust invalid certificates. It was found that the previously-published patch to correct this issue caused a regression when dealing with self-signed certificates. An updated patch that fixes the security issue and resolves the regression issue has been applied to these packages. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4825 | | Related CVE(s): | CVE-2008-4989 | | Last Modified: | Nov 18 00:31:55 2008 | | MD5 Checksum: | 40011f3af8744a4c252822a6224dcf76 |
|
| /// File Name: | USN-671-1.txt | Description:
| Ubuntu Security Notice USN-671-1 - It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This update alters table creation behavior by disallowing the use of the MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. It was discovered that MySQL did not handle empty bit-string literals properly. An attacker could exploit this problem and cause the MySQL server to crash, leading to a denial of service. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 14865 | | Related CVE(s): | CVE-2008-2079, CVE-2008-3963, CVE-2008-4097, CVE-2008-4098 | | Last Modified: | Nov 17 21:23:59 2008 | | MD5 Checksum: | 39c3cf301a96c689c184b762d83dedd8 |
|
| /// File Name: | glsa-200811-05.txt | Description:
| Gentoo Linux Security Advisory GLSA 200811-05 - PHP contains several vulnerabilities including buffer and integer overflows which could lead to the remote execution of arbitrary code. Versions less than 5.2.6-r6 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 6084 | | Related CVE(s): | CVE-2008-0599, CVE-2008-0674, CVE-2008-1384, CVE-2008-2050, CVE-2008-2051, CVE-2008-2107, CVE-2008-2108, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660 | | Last Modified: | Nov 16 19:22:36 2008 | | MD5 Checksum: | 8207fb94feefdc04cf3ecc1ec20920f1 |
|
| /// File Name: | MDVSA-2008-229.txt | Description:
| Mandriva Linux Security Advisory - An off-by-one error was found in ClamAV versions prior to 0.94.1 that could allow remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted VBA project file. Other bugs have also been corrected in 0.94.1 which is being provided with this update. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7678 | | Related CVE(s): | CVE-2008-5050 | | Last Modified: | Nov 15 18:37:28 2008 | | MD5 Checksum: | a46725972b446a48446465b5b1f6837b |
|
| /// File Name: | TA08-319A.txt | Description:
| Technical Cyber Security Alert TA08-319A - New versions of Firefox, Thunderbird, and SeaMonkey address several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system. | | Homepage: | http://www.us-cert.gov/ | | File Size: | 3446 | | Last Modified: | Nov 14 16:00:20 2008 | | MD5 Checksum: | a83fdeda6a32e1a008c98fbd8ac6de73 |
|
| /// File Name: | PSA08-010.txt | Description:
| Portcullis Security Advisory - An information disclosure vulnerability exists in the manner that Microsoft LDAP server responds when binding to the LDAP server. In the case when an invalid password is provided, the server will respond with result code 49 (invalidCredentials) and an error message. A different error message is returned if an invalid username is provided. | | Author: | Bernardo Damele | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 3894 | | Last Modified: | Nov 14 15:50:59 2008 | | MD5 Checksum: | 2a35a98673bd56e5bf65fbff37539fdc |
|
| /// File Name: | PSA08-009.txt | Description:
| Portcullis Security Advisory - By sending crafted packets to ports on the Checkpoint VPN-1 which are mapped by port address translation (PAT) to ports on internal devices, information about the internal network may be disclosed in the resulting ICMP error packets. | | Author: | Mark Lowe,Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 2933 | | Last Modified: | Nov 14 15:41:44 2008 | | MD5 Checksum: | 1b7d691c337938227fedd8e13cfb47cd |
|
| /// File Name: | PLSA-2008-71.txt | Description:
| Pardus Linux Security Advisory 2008-71 -ClamAV contains an off-by-one heap overflow vulnerability in the code responsible for parsing VBA project files. Successful exploitation could allow an attacker to execute arbitrary code with the privileges of the `clamd' process by sending an email with a prepared attachment. | | Author: | Pardus Linux | | File Size: | 1521 | | Last Modified: | Nov 14 15:37:38 2008 | | MD5 Checksum: | 27aaa45d926a27a8397aab617e52a3fe |
|
| /// File Name: | PLSA-2008-70.txt | Description:
| Pardus Linux Security Advisory 2008-70 -A vulnerability has been reported in GnuTLS, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error when validating the X.509 certificate chain and can be exploited to spoof arbitrary names e.g. during a Man-in-the-Middle (MitM) attack. | | Author: | Pardus Linux | | File Size: | 1488 | | Related CVE(s): | CVE-2008-4989 | | Last Modified: | Nov 14 15:35:04 2008 | | MD5 Checksum: | 8fb670a8ebee5e9608715fcd9804fba7 |
|
| /// File Name: | MDVSA-2008-228.txt | Description:
| Mandriva Linux Security Advisory - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 2.x, version 2.0.0.18. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 61149 | | Related CVE(s): | CVE-2008-0017, CVE-2008-5012, CVE-2008-5013, CVE-2008-5014, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021, CVE-2008-5022, CVE-2008-5023, CVE-2008-5024, CVE-2008-5052 | | Last Modified: | Nov 14 14:52:12 2008 | | MD5 Checksum: | 04ad2cf66bb646814b4b89a805925bf5 |
|
| /// File Name: | USN-670-1.txt | Description:
| Ubuntu Security Notice USN-670-1 -Mathias Gug discovered that vm-builder improperly set the root password when creating virtual machines. An attacker could exploit this to gain root privileges to the virtual machine by using a predictable password. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 11139 | | Last Modified: | Nov 14 14:43:29 2008 | | MD5 Checksum: | def0d8cb5eb6e5552e07c045b4d93473 |
|
| /// File Name: | shatter-ltadm.txt | Description:
| Team SHATTER Security Advisory - Oracle Database provides the "LTADM" PL/SQL package that is part of the Oracle Workspace Manager component. This package has instances of SQL Injection in COMPRESSSTATE and GOTOTS procedures. | | Author: | Esteban Martinez Fayo | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2724 | | Related CVE(s): | CVE-2008-3994 | | Last Modified: | Nov 13 19:02:17 2008 | | MD5 Checksum: | 79575c04561c6f6d1500323c9a4398af |
|
| /// File Name: | shatter-change.txt | Description:
| Team SHATTER Security Advisory - The PL/SQL package DBMS_CDC_PUBLISH owned by SYS has an instance of SQL Injection in the ALTER_AUTOLOG_CHANGE_SOURCE procedure. A malicious user can call the vulnerable procedure of this package with specially crafted parameters and execute SQL statements with the elevated privileges of the SYS user. Any Oracle database user with EXECUTE privilege on the package SYS.DBMS_CDC_PUBLISH can exploit this vulnerability. By default, users granted EXECUTE_CATALOG_ROLE have the required privilege. Exploitation of this vulnerability allows an attacker to execute SQL commands with SYS privileges. | | Author: | Esteban Martinez Fayo | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2440 | | Related CVE(s): | CVE-2008-3995 | | Last Modified: | Nov 13 18:59:16 2008 | | MD5 Checksum: | 4b63b8affb63460b0184537068a8402b |
|
| /// File Name: | shatter-internal.txt | Description:
| Team SHATTER Security Advisory - The PL/SQL package DBMS_CDC_IPUBLISH owned by SYS has an instance of SQL Injection in the ALTER_HOTLOG_INTERNAL_CSOURCE procedure. A malicious user can call the vulnerable procedure of this package with specially crafted parameters and execute SQL statements with the elevated privileges of the SYS user. Any Oracle database user with EXECUTE privilege on the package SYS.DBMS_CDC_IPUBLISH can exploit this vulnerability. By default, users granted EXECUTE_CATALOG_ROLE have the required privilege. Exploitation of this vulnerability allows an attacker to execute SQL commands with SYS privileges. | | Author: | Esteban Martinez Fayo | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2449 | | Related CVE(s): | CVE-2008-3996 | | Last Modified: | Nov 13 18:56:58 2008 | | MD5 Checksum: | 037b8cf8c0eabfea238dd83452c7a1a9 |
|
| /// File Name: | MDVSA-2008-227.txt | Description:
| Mandriva Linux Security Advisory - Martin von Gagern found a flow in how GnuTLS versions 1.2.4 up until 2.6.1 verified certificate chains provided by a server. A malicious server could use this flaw to spoof its identity by tricking client applications that used the GnuTLS library to trust invalid certificates. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4351 | | Related CVE(s): | CVE-2008-4989 | | Last Modified: | Nov 13 18:56:02 2008 | | MD5 Checksum: | 4887633167f84cbdee2a6116a020fc50 |
|
| /// File Name: | dsa-1665-1.txt | Description:
| Debian Security Advisory 1665-1 -It was discovered that a heap overflow in the CDDB retrieval code of libcdaudio, a library for controlling a CD-ROM when playing audio CDs, may result in the execution of arbitrary code. | | Homepage: | http://www.debian.org/security | | File Size: | 6607 | | Related CVE(s): | CVE-2008-5030 | | Last Modified: | Nov 12 19:30:20 2008 | | MD5 Checksum: | f3b45fc3667a88145d94c510e33c3a76 |
|
| /// File Name: | SSRT080161.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified with HP Service Manager version 7.01. The vulnerability could be exploited to gain extended privileges. | | Homepage: | http://www.hp.com/ | | File Size: | 6770 | | Related CVE(s): | CVE-2008-4415 | | Last Modified: | Nov 12 19:29:04 2008 | | MD5 Checksum: | 89910c56b69b8c1831565003f8fd479f |
|
| /// File Name: | TA08-316A.txt | Description:
| Technical Cyber Security Alert TA08-316A - As part of the Microsoft Security Bulletin Summary for November 2008, Microsoft released updates to address vulnerabilities that affect Microsoft Windows, Microsoft Office, and Microsoft XML Core Services. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code. | | Homepage: | http://www.us-cert.gov/ | | File Size: | 2657 | | Last Modified: | Nov 11 17:55:46 2008 | | MD5 Checksum: | 7375d08275b077e41d1e08be4c5cbdab |
|
| /// File Name: | smcfancontrol-overflows.txt | Description:
| smcFanControl version 2.1.2 for OSX suffers from multiple buffer overflows. | | Author: | Lau KaiJern | | File Size: | 4422 | | Last Modified: | Nov 11 17:53:02 2008 | | MD5 Checksum: | 7aa118c3ca1103d0fe74e6010d091b89 |
|
| /// File Name: | SSRT080121-2.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified with HP System Management Homepage (SMH) for HP-UX. The vulnerability could be exploited to create a local unauthorized access. | | Homepage: | http://www.hp.com/ | | File Size: | 7542 | | Related CVE(s): | CVE-2008-4413 | | Last Modified: | Nov 11 17:45:39 2008 | | MD5 Checksum: | 9b2bed34b3ba7cdea1dd554a7ebfb973 |
|
| /// File Name: | PLSA-2008-69.txt | Description:
| Pardus Linux Security Advisory 2008-69 - A vulnerability has been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a memory leak error within the "png_handle_tEXt()" function in pngrutil.c. This can be exploited to potentially exhaust all available memory via a specially crafted PNG image. Versions below 1.2.33-16-6 are affected. | | Author: | Pardus Linux | | File Size: | 1427 | | Last Modified: | Nov 11 16:01:24 2008 | | MD5 Checksum: | a1ca73fef916077319590a28f04a5282 |
|
| /// File Name: | USN-669-1.txt | Description:
| Ubuntu Security Notice USN-669-1 - It was discovered that the notify feature in gnome-screensaver could let a local attacker read the clipboard contents of a locked session by using Ctrl-V.Alan Matsuoka discovered that gnome-screensaver did not properly handle network outages when using a remote authentication service. During a network interruption, or by disconnecting the network cable, a local attacker could gain access to locked sessions. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 4354 | | Related CVE(s): | CVE-2007-6389, CVE-2008-0887 | | Last Modified: | Nov 11 15:59:06 2008 | | MD5 Checksum: | 524a1ab0a333379e3ec3013f9c50f0a3 |
|
| /// File Name: | dsa-1664-1.txt | Description:
| Debian Security Advisory 1664-1 - It was discovered that ekg, a console Gadu Gadu client performs insufficient input sanitising in the code to parse contact descriptions, which may result in denial of service. | | Homepage: | http://www.debian.org/security | | File Size: | 8332 | | Related CVE(s): | CVE-2008-4776 | | Last Modified: | Nov 10 15:36:08 2008 | | MD5 Checksum: | 6da23961952d48b519c84b8699066783 |
|
| /// File Name: | glsa-200811-04.txt | Description:
| Gentoo Linux Security Advisory GLSA 200811-04 - A buffer overflow in Graphviz might lead to user-assisted execution of arbitrary code via a DOT file. Roee Hay reported a stack-based buffer overflow in the push_subg() function in parser.y when processing a DOT file with a large number of Agraph_t elements. Versions less than 2.20.3 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2569 | | Related CVE(s): | CVE-2008-4555 | | Last Modified: | Nov 10 15:16:30 2008 | | MD5 Checksum: | f4d5b78db7972fefee3fbd17bd96ef01 |
|
| /// File Name: | glsa-200811-03.txt | Description:
| Gentoo Linux Security Advisory GLSA 200811-03 - A buffer overflow in FAAD2 might lead to user-assisted execution of arbitrary code via an MP4 file. The ICST-ERCIS (Peking University) reported a heap-based buffer overflow in the decodeMP4file() function in frontend/main.c. Versions less than 2.6.1-r2 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2513 | | Related CVE(s): | CVE-2008-4201 | | Last Modified: | Nov 10 15:16:04 2008 | | MD5 Checksum: | 2bb3416d2d0c94f10151b9c93951b8da |
|
| /// File Name: | dsa-1663-1.txt | Description:
| Debian Security Advisory 1663-1 - Several vulnerabilities have been discovered in NET SNMP, a suite of Simple Network Management Protocol applications. Wes Hardaker reported that the SNMPv3 HMAC verification relies on the client to specify the HMAC length, which allows spoofing of authenticated SNMPv3 packets. John Kortink reported a buffer overflow in the __snprint_value function in snmp_get causing a denial of service and potentially allowing the execution of arbitrary code via a large OCTETSTRING in an attribute value pair (AVP). It was reported that an integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c allows remote attackers to cause a denial of service attack via a crafted SNMP GETBULK request. | | Homepage: | http://www.debian.org/security | | File Size: | 12972 | | Related CVE(s): | CVE-2008-0960, CVE-2008-2292, CVE-2008-4309 | | Last Modified: | Nov 9 16:15:50 2008 | | MD5 Checksum: | 95c52c59aa17dab0037437c965d1f9d0 |
|
| /// File Name: | clamav-overflow.txt | Description:
| ClamAV contains an off-by-one heap overflow vulnerability in the code responsible for parsing VBA project files. Successful exploitation could allow an attacker to execute arbitrary code with the privileges of the `clamd' process by sending an email with a prepared attachment. Versions below 0.94.1 are affected. | | Author: | Moritz Jodeit | | File Size: | 2729 | | Last Modified: | Nov 9 15:39:29 2008 | | MD5 Checksum: | 6c2f467cbc3dfd58ce9d99fa10b588f4 |
|
| /// File Name: | vmware-guestescalate.txt | Description:
| By exploiting either of the VMware flaws described in this document, user-mode code executing in a virtual machine may gain kernel privileges within the virtual machine, dependent upon the guest operating system. The flaws have been proven exploitable on x64 versions of Windows, and they have produced potentially exploitable crashes on x64 versions of *BSD. The Linux kernel does not allow exploitation of these flaws on x64 versions of Linux. | | Author: | Derek Soeder | | File Size: | 25701 | | Related CVE(s): | CVE-2008-4279, CVE-2008-4915, CVE-2008-3890 | | Last Modified: | Nov 7 20:56:46 2008 | | MD5 Checksum: | 27b8c7a5be29107cda604fa31f5e5ec5 |
|
| /// File Name: | VMSA-2008-0018.txt | Description:
| VMware Security Advisory - VMware Hosted products and patches for ESX and ESXi resolve multiple security issues. A flaw in the CPU hardware emulation may allow for a privilege escalation on virtual machine guest operating systems. In addition a directory traversal issue is resolved. | | Homepage: | http://www.vmware.com/ | | File Size: | 11138 | | Related CVE(s): | CVE-2008-4915, CVE-2008-4281 | | Last Modified: | Nov 7 20:02:54 2008 | | MD5 Checksum: | 9767200e7774a23689467b983ca46137 |
|
| /// File Name: | PLSA-2008-67.txt | Description:
| Pardus Linux Security Advisory 2008-67 - A remotely exploitable heap-based buffer overflow exists in libcaudio versions prior to 0.99.12-2-2. | | Author: | Pardus Linux | | File Size: | 1209 | | Last Modified: | Nov 7 19:37:09 2008 | | MD5 Checksum: | f7fc3b93688550b2623694dbb2e42a56 |
|
| /// File Name: | PLSA-2008-66.txt | Description:
| Pardus Linux Security Advisory 2008-66 - An untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function.Blender versions prior to 2.47-14-3 are affected. | | Author: | Pardus Linux | | File Size: | 1636 | | Last Modified: | Nov 7 19:35:42 2008 | | MD5 Checksum: | cd581dc8862d658954b6cb46ade16189 |
|
| /// File Name: | PLSA-2008-64.txt | Description:
| Pardus Linux Security Advisory 2008-64 - A denial of service condition from invalid message address parsing exists in Dovecot versions before 1.1.6-18-3. | | Author: | Pardus Linux | | File Size: | 1312 | | Last Modified: | Nov 7 19:33:34 2008 | | MD5 Checksum: | 9a67b83338f15cc43c0607a84d775f2b |
|
| /// File Name: | PLSA-2008-63.txt | Description:
| Pardus Linux Security Advisory 2008-63 - Some vulnerabilities with unknown impact have been reported in imlib2. Versions before 1.4.2-10-3 are affected. | | Author: | Pardus Linux | | File Size: | 1314 | | Last Modified: | Nov 7 19:32:21 2008 | | MD5 Checksum: | 981d10f015201cac3c06fdd47c17a8f6 |
|
| /// File Name: | USN-666-1.txt | Description:
| Ubuntu Security Notice USN-666-1 - It was discovered that certain email headers were not correctly handled by Dovecot. If a remote attacker sent a specially crafted email to a user with a mailbox managed by Dovecot, that user's mailbox would become inaccessible through Dovecot, leading to a denial of service. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 4686 | | Related CVE(s): | CVE-2008-4907 | | Last Modified: | Nov 7 15:54:31 2008 | | MD5 Checksum: | dbeced28283be5933d5a6f313c0ccc0f |
|
| /// File Name: | USN-662-2.txt | Description:
| Ubuntu Security Notice USN-662-2 - Anders Kaseorg discovered that ndiswrapper did not correctly handle long ESSIDs. For a system using ndiswrapper, a physically near-by attacker could generate specially crafted wireless network traffic and execute arbitrary code with root privileges. USN-662-1 fixed vulnerabilities in ndiswrapper in Ubuntu 8.10. This update provides the corresponding updates for Ubuntu 8.04 and 7.10. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 21058 | | Related CVE(s): | CVE-2008-4395 | | Last Modified: | Nov 7 15:52:29 2008 | | MD5 Checksum: | 6b150b2bd7ba724c082f09f06ecac547 |
|
| /// File Name: | USN-665-1.txt | Description:
| Ubuntu Security Notice USN-665-1 - It was discovered that Netpbm could be made to overrun a buffer when loading certain images. If a user were tricked into opening a specially crafted GIF image, remote attackers could cause a denial of service or execute arbitrary code with user privileges. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 9682 | | Related CVE(s): | CVE-2008-0554 | | Last Modified: | Nov 7 15:50:53 2008 | | MD5 Checksum: | add6eb93d7d3c7a6b11e160008d885fb |
|
| /// File Name: | USN-664-1.txt | Description:
| Ubuntu Security Notice USN-664-1 - It was discovered that Tk could be made to overrun a buffer when loading certain images. If a user were tricked into opening a specially crafted GIF image, remote attackers could cause a denial of service or execute arbitrary code with user privileges. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 13717 | | Related CVE(s): | CVE-2008-0553 | | Last Modified: | Nov 7 15:48:38 2008 | | MD5 Checksum: | 84719e1fa61f074c29db04db35c6494b |
|
| /// File Name: | DDIVRT-2008-17.txt | Description:
| Orb Networks' Orb media server is vulnerable to directory traversal attacks. Users can leverage specially crafted GET requests to read arbitrary files. | | Author: | Steven James, r@b13$ | | Homepage: | http://www.digitaldefense.net/ | | File Size: | 1073 | | Last Modified: | Nov 7 15:31:57 2008 | | MD5 Checksum: | 80ddf95439f7628cb6ab20a17c61b714 |
|
| /// File Name: | SSRT080098.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified in the AdvFS "showfile" command running on HP Tru64 UNIX. The vulnerability could be exploited by a local user to gain extended privileges. | | Homepage: | http://www.hp.com/ | | File Size: | 6751 | | Related CVE(s): | CVE-2008-4414 | | Last Modified: | Nov 7 15:29:04 2008 | | MD5 Checksum: | 2e9a3758c07c25bc27effe7ca28bc444 |
|
| /// File Name: | TKADV2008-012.txt | Description:
| The VLC media player contains a stack overflow vulnerability while parsing malformed cue files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player. Versions below 0.9.6 are affected. | | Author: | Tobias Klein | | Homepage: | http://www.trapkit.de/ | | File Size: | 4552 | | Last Modified: | Nov 7 15:25:50 2008 | | MD5 Checksum: | 4c33a1a5286ab12e56c41f2d4c83e2c8 |
|
| /// File Name: | TKADV2008-011.txt | Description:
| The VLC media player contains a stack overflow vulnerability while parsing malformed RealText (rt) subtitle files. The vulnerability can be trivially exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player. Versions below 0.9.6 are affected. | | Author: | Tobias Klein | | Homepage: | http://www.trapkit.de/ | | File Size: | 4999 | | Last Modified: | Nov 7 15:23:47 2008 | | MD5 Checksum: | 4897e67b9a474afe06193251cd1fd8bb |
|
| /// File Name: | dsa-1662-1.txt | Description:
| Debian Security Advisory 1662-1 - A symlink traversal vulnerability was discovered in MySQL, a relational database server. The weakness could permit an attacker having both CREATE TABLE access to a database and the ability to execute shell commands on the database server to bypass MySQL access controls, enabling them to write to tables in databases to which they would not ordinarily have access. | | Homepage: | http://www.debian.org/security | | File Size: | 13545 | | Related CVE(s): | CVE-2008-4098 | | Last Modified: | Nov 6 20:15:14 2008 | | MD5 Checksum: | f6cd75a8cbf5b0950bf5d0562a95798b |
|
| /// File Name: | MDVSA-2008-225.txt | Description:
| Mandriva Linux Security Advisory - A denial of service vulnerability was discovered in how Net-SNMP processed GETBULK requests. A remote attacker with read access to the SNMP server could issue a specially-crafted request which would cause snmpd to crash. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 9692 | | Related CVE(s): | CVE-2008-4309 | | Last Modified: | Nov 5 19:23:18 2008 | | MD5 Checksum: | b9448d3112c7c82b7610a3299d6601b4 |
|
| /// File Name: | USN-663-1.txt | Description:
| Ubuntu Security Notice USN-663-1 - It was discovered that passwords changed (or new users created) via the "Users and Groups" tool were created with 3DES hashing. This reduced the security of stored user passwords, and was a regression from the correct MD5 hashing. This update fixes the problem; future password changes will correct the hashing used. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 2948 | | Last Modified: | Nov 5 17:33:59 2008 | | MD5 Checksum: | 4fbec5bc7358e679108fdc2dd5f607d5 |
|
| /// File Name: | USN-662-1.txt | Description:
| Ubuntu Security Notice USN-662-1 - It was discovered that the Linux kernel could be made to hang temporarily when mounting corrupted ext2/3 filesystems. If a user were tricked into mounting a specially crafted filesystem, a remote attacker could cause system hangs, leading to a denial of service. Anders Kaseorg discovered that ndiswrapper did not correctly handle long ESSIDs. For a system using ndiswrapper, a physically near-by attacker could generate specially crafted wireless network traffic and execute arbitrary code with root privileges. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 15644 | | Related CVE(s): | CVE-2008-3528, CVE-2008-4395 | | Last Modified: | Nov 5 17:28:43 2008 | | MD5 Checksum: | 8e0ed50d5010b4f57fe4b73bc8bbe185 |
|
| /// File Name: | avg-exec.txt | Description:
| There is a flaw in AVG version 8.0 that allows a user to shutdown the AVG Resident Shield Service via Task Manager temporarily and execute a malicious file while the AVG Resident Shield Service is restarting. | | Author: | Fabio Pinheiro | | Homepage: | http://dicas3000.blogspot.com/ | | File Size: | 762 | | Last Modified: | Nov 5 17:26:48 2008 | | MD5 Checksum: | edf5f74d43cf0848cf6a55c2c386af11 |
|
| /// File Name: | PLSA-2008-65.txt | Description:
| Pardus Linux Security Advisory 2008-62 - The getbulk code in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via vectors related to the number of responses or repeats. | | Author: | Pardus Linux | | File Size: | 1468 | | Last Modified: | Nov 5 02:45:59 2008 | | MD5 Checksum: | 4c4e68ceeac299938dccf71ad7279967 |
|
| /// File Name: | PLSA-2008-62.txt | Description:
| Pardus Linux Security Advisory 2008-62 - A vulnerability has been reported in Smarty, which can be exploited by malicious people to bypass certain security restrictions. Versions below 2.6.20-6-3 are affected. | | Author: | Pardus Linux | | File Size: | 1509 | | Last Modified: | Nov 5 02:44:22 2008 | | MD5 Checksum: | d41e6f946a975b412df3725b0cf77593 |
|
| /// File Name: | PLSA-2008-61.txt | Description:
| Pardus Linux Security Advisory 2008-61 - Some vulnerabilities have been discovered in KTorrent, which can be exploited by malicious users to compromise a vulnerable system and malicious people to bypass certain security restrictions. Versions below 2.2.7-30-4 are affected. | | Author: | Pardus Linux | | File Size: | 1945 | | Last Modified: | Nov 5 02:42:46 2008 | | MD5 Checksum: | 8ed47fdf9ee9d22b950ff2d8e7df3315 |
|
| /// File Name: | TA08-309A.txt | Description:
| Technical Cyber Security Alert TA08-309A - Adobe has released Security Bulletin APSB08-19 to address multiple vulnerabilities affecting Adobe Reader and Acrobat. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code. | | Homepage: | http://www.us-cert.gov/ | | File Size: | 4863 | | Last Modified: | Nov 5 02:29:10 2008 | | MD5 Checksum: | edd7724df5347cddbf87df683892ebbf |
|
| /// File Name: | ZDI-08-074.txt | Description:
| A vulnerability allows remote attackers to execute code on vulnerable installations of Adobe Acrobat. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when processing malicious javascript contained in a PDF document. When creating a Collab object and performing a specific sequence of actions on it, memory corruption occurs potentially resulting in remote code execution. If successfully exploited full control of the affected machine running under the credentials of the currently logged in user can be achieved. | | Author: | Peter Vreugdenhil | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3275 | | Related CVE(s): | CVE-2008-4813 | | Last Modified: | Nov 5 02:25:29 2008 | | MD5 Checksum: | 2602e0fba74adfed0e4660dc811173a6 |
|
| /// File Name: | ZDI-08-073.txt | Description:
| A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious web address or open a malicious file. The specific flaw exists within the parsing of PDF objects defined in the file. When a specific object becomes malformed, a small memory corruption occurs which can be leveraged by an attacker to execute arbitrary code under the context of the current user. | | Author: | Javier Vicente Vallejo | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3229 | | Related CVE(s): | CVE-2008-4813 | | Last Modified: | Nov 5 02:20:43 2008 | | MD5 Checksum: | 394ad75afeee59a39340fe468e3897b4 |
|
| /// File Name: | ZDI-08-072.txt | Description:
| A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the handling of embedded Javascript code when opening a PDF. Adobe Acrobat has defined it's own set of Javascript functions that can be used in a PDF file. Due to improper parameter checking to one of these functions arbitrary memory can be over-written leading to remote |
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
