Section: .. / 0507-advisories /
| /// File Name: |
SSRT4743-SSRT4884.txt |
Description:
|
HP Security Bulletin - Several potential security vulnerabilities have been identified in the HP Tru64 UNIX TCP/IP including ICMP, and Initial Sequence Number generation (ISNs). These exploits could result in a remote Denial of Service (DoS) from network throughput reduction for TCP connections, the reset of TCP connections, or TCP spoofing.
| | Homepage: | http://www.hp.com | | File Size: | 11562 | | Related CVE(s): | CAN-2004-0790, CAN-2004-0791, CAN-2004-1060, CAN-2001-0328 | | Last Modified: | Jul 19 16:36:44 2005 |
| MD5 Checksum: | cf012e700b07b6fc00d58fa21c3ba41c |
|
| /// File Name: |
SSRT4884.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS).
| | Homepage: | http://www.hp.com | | File Size: | 13937 | | Related CVE(s): | CAN-2004-0790, CAN-2004-0791, CAN-2004-1060 | | Last Modified: | Jul 20 09:23:12 2005 |
| MD5 Checksum: | 848203de6dd2d00623a935f795ade27d |
|
| /// File Name: |
SSRT5954.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running TCP/IP (IPv4). This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service (DoS).
| | Homepage: | http://www.hp.com | | File Size: | 11519 | | Related CVE(s): | CAN-2005-1192 | | Last Modified: | Jul 20 09:20:56 2005 |
| MD5 Checksum: | 052031cfdd509e3180744e24e56a85a5 |
|
| /// File Name: |
sybaseEAServer.txt |
Description:
|
Sybase EAServer versions 4.2.5 through 5.2 suffer from a stack-based buffer overflow.
| | Homepage: | http://www.spidynamics.com/ | | File Size: | 1904 | | Last Modified: | Jul 16 11:05:26 2005 |
| MD5 Checksum: | b39bfccfb04ef29a667e424fa62c4a80 |
|
| /// File Name: |
TA05-189A.txt |
Description:
|
Technical Cyber Security Alert TA05-189A - Apparently there is a heightened amount of direct email attacks where trojans are being passed to unsuspecting users. The emails being sent are very well crafted and are directed specifically to the users they are being sent to.
| | Homepage: | http://www.us-cert.gov/cas/techalerts/TA05-189A.html | | File Size: | 8257 | | Last Modified: | Jul 9 09:33:22 2005 |
| MD5 Checksum: | ce42c70ef473032b039446dfc97d22eb |
|
| /// File Name: |
TA05-193A.txt |
Description:
|
Technical Cyber Security Alert TA05-193A - Microsoft has released updates that address critical vulnerabilities in Windows, Office, and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code on an affected system.
| | Homepage: | http://www.us-cert.gov/cas/techalerts/TA05-193A.html | | File Size: | 4474 | | Related CVE(s): | CAN-2005-1219, CAN-2005-2087, CAN-2005-0564 | | Last Modified: | Jul 13 09:04:42 2005 |
| MD5 Checksum: | e016cabd4cf87cc5f1025978a989331c |
|
| /// File Name: |
TA05-194A.txt |
Description:
|
Technical Cyber Security Alert TA05-194A - Various Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include unauthenticated, remote code execution, information disclosure, and denial of service.
| | Homepage: | http://www.cert.org | | File Size: | 7840 | | Last Modified: | Jul 14 09:18:49 2005 |
| MD5 Checksum: | a6c160b657e299040f0147f948873116 |
|
| /// File Name: |
TA05-210A.txt |
Description:
|
Technical Cyber Security Alert TA05-210A - Cisco IOS IPv6 processing functionality contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service.
| | Homepage: | http://www.cert.org | | File Size: | 4497 | | Last Modified: | Aug 5 07:41:02 2005 |
| MD5 Checksum: | c95a2cc5b0c309abb290bf31b8d70b2d |
|
| /// File Name: |
trillianClear.txt |
Description:
|
Trillian Pro 3.1 Build 121 saves a user password in clear text in a temporary file that is world readable when attempting to connect to Yahoo mail.
| | Author: | Suramya Tomar | | Homepage: | http://www.suramya.com | | File Size: | 2237 | | Last Modified: | Aug 5 07:43:49 2005 |
| MD5 Checksum: | 7556ddc77fad7efe9e137628505daece |
|
| /// File Name: |
USN-152-1.txt |
Description:
|
Ubuntu Security Notice USN-152-1 - Andrea Barisani discovered a flaw in the SSL handling of pam-ldap and libnss-ldap. When a client connected to a slave LDAP server using SSL, the slave server did not use SSL as well when contacting the LDAP master server. This caused passwords and other confident information to be transmitted unencrypted between the slave and the master.
| | Homepage: | http://www.ubuntu.com/ | | File Size: | 10742 | | Related CVE(s): | CAN-2005-2069 | | Last Modified: | Jul 22 09:01:55 2005 |
| MD5 Checksum: | 7b48ea67d909e579b55b086390dbeda1 |
|
| /// File Name: |
USN-156-1.txt |
Description:
|
Ubuntu Security Notice USN-156-1 - Wouter Hanegraaff discovered that the TIFF library did not sufficiently validate the YCbCr subsampling value in TIFF image headers. Decoding a malicious image with a zero value resulted in an arithmetic exception, which caused the program that uses the TIFF library to crash. This leads to a Denial of Service in server applications that use libtiff (like the CUPS printing system) and can cause data loss in, for example, the Evolution email client.
| | Homepage: | http://www.ubuntu.com/ | | File Size: | 5243 | | Last Modified: | Aug 5 07:20:35 2005 |
| MD5 Checksum: | ec51f28424e28a2a62ac33df15b97212 |
|
| /// File Name: |
veritasNetbackup.txt |
Description:
|
Veritas Netbackup 5.1 suffers from a TIME_STAMP vulnerability that can cause an access violation.
| | Homepage: | http://www.hat-squad.com/ | | File Size: | 2879 | | Last Modified: | Jul 23 18:30:00 2005 |
| MD5 Checksum: | cf4d1189b1a75c4a3b02afe1ca525116 |
|
| /// File Name: |
voip-phones.txt |
Description:
|
Due to ignoring the value of Call-ID and even tag and branch while processing NOTIFY messages, VOIP-Hardphones process spoofed status messages like Messages-Waiting.
| | Author: | Tobias Glemser | | Homepage: | http://pentest.tele-consulting.com | | File Size: | 3140 | | Last Modified: | Jul 7 15:52:56 2005 |
| MD5 Checksum: | e725ab7932a1adec8a882fe879c0faee |
|
| /// File Name: |
websiteBaker.txt |
Description:
|
The Website Baker Project is susceptible to path disclosure and cross site scripting vulnerabilities.
| | Author: | tgo | | File Size: | 1281 | | Last Modified: | Aug 5 06:59:12 2005 |
| MD5 Checksum: | 592786bb447195f1b20f943929fd3437 |
|
| /// File Name: |
whatpulse.txt |
Description:
|
A vulnerability in Whatpulse.Org profiles allows cross site scripting and session hijacking.
| | Author: | rift13 | | File Size: | 1494 | | Last Modified: | Jul 8 08:51:19 2005 |
| MD5 Checksum: | c98db0a8ecbc5ab052cf90ff0d618c80 |
|
| /// File Name: |
WPS-070.txt |
Description:
|
WPS Web-Portal-System version 0.7.0 suffers from a remote command execution vulnerability in wps_shop.cgi due to proper variable sanitization.
| | Author: | blahplok | | File Size: | 1199 | | Last Modified: | Jul 14 08:27:05 2005 |
| MD5 Checksum: | f18abe630f96a81afc76779ee7d5e115 |
|
| /// File Name: |
Yawp106.txt |
Description:
|
Yawp/YaWiki versions 1.0.6 and below suffer from a remote URL include vulnerability.
| | Author: | Stefan Esser | | Homepage: | http://www.hardened-php.net | | File Size: | 3325 | | Last Modified: | Jul 13 08:55:56 2005 |
| MD5 Checksum: | b6ebc7cafb264f82545bea7fffd3a1d4 |
|
| /// File Name: |
ZH2005-16SA.txt |
Description:
|
Skype for Linux versions 1.1.0.20 and below suffer from an insecure file creation vulnerability.
| | Author: | Giovanni Delvecchio | | Homepage: | http://www.zone-h.org/ | | File Size: | 6143 | | Last Modified: | Jul 16 11:09:04 2005 |
| MD5 Checksum: | 57ff3d83e9e9e6b2fa879cde49eae0d4 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
