Section: .. / 0703-advisories /
| /// File Name: |
USN-431-1.txt |
Description:
|
Ubuntu Security Notice 431-1 - The SSLv2 protocol support in the NSS library did not sufficiently check the validity of public keys presented with a SSL certificate. A malicious SSL web site using SSLv2 could potentially exploit this to execute arbitrary code with the user's privileges. The SSLv2 protocol support in the NSS library did not sufficiently verify the validity of client master keys presented in an SSL client certificate. A remote attacker could exploit this to execute arbitrary code in a server application that uses the NSS library. Various flaws have been reported that could allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 12753 | | Related CVE(s): | CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0776, CVE-2007-0777 | | Last Modified: | Mar 9 03:20:08 2007 |
| MD5 Checksum: | fca21518a8373a321d2bb42012f82a91 |
|
| /// File Name: |
dsa-1263-1.txt |
Description:
|
Debian Security Advisory 1263-1 - Several remote vulnerabilities have been discovered in in the Clam anti-virus toolkit, which may lead to denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 15695 | | Related CVE(s): | CVE-2007-0897, CVE-2007-0898 | | Last Modified: | Mar 9 01:25:28 2007 |
| MD5 Checksum: | dec08b49bd5e91f60e77ce77fe18358d |
|
| /// File Name: |
USN-430-1.txt |
Description:
|
Ubuntu Security Notice 430-1 - Miles Egan discovered that mod_python, when used in output filter mode, did not handle output larger than 16384 bytes, and would display freed memory, possibly disclosing private data. Thanks to Jim Garrison of the Software Freedom Law Center for identifying the original bug as a security vulnerability.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5699 | | Related CVE(s): | CVE-2004-2680 | | Last Modified: | Mar 9 01:24:40 2007 |
| MD5 Checksum: | cf8966bd1da80323253d39eaaa117faa |
|
| /// File Name: |
USN-429-1.txt |
Description:
|
Ubuntu Security Notice 429-1 - Moritz Jodeit discovered that tcpdump had an overflow in the 802.11 packet parser. Remote attackers could send specially crafted packets, crashing tcpdump, possibly leading to a denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4931 | | Related CVE(s): | CVE-2007-1218 | | Last Modified: | Mar 9 01:23:52 2007 |
| MD5 Checksum: | 418390d32d6eefff4b70c64add466220 |
|
| /// File Name: |
glsa-200703-07.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200703-07 - Two buffer overflows have been discovered, one in print floats and one in the rope constructor. Versions less than 5.0.3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2549 | | Related CVE(s): | CVE-2007-0803 | | Last Modified: | Mar 9 01:22:44 2007 |
| MD5 Checksum: | 98f6604ff8358e6438492aa5179451d8 |
|
| /// File Name: |
TA07-065A.txt |
Description:
|
Technical Cyber Security Alert TA07-065A - Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4523 | | Last Modified: | Mar 9 01:22:35 2007 |
| MD5 Checksum: | f8320697666b1b2ebc497fa01dfeb98c |
|
| /// File Name: |
03.05.07-1.txt |
Description:
|
iDefense Security Advisory 03.05.07 - Remote exploitation of a heap corruption vulnerability in Apple Computer Inc.'s QuickTime media player could allow an attacker to execute arbitrary commands in the context of the current user. The vulnerability specifically exists in QuickTime players handling of Video media atoms. When the 'Color table ID' field in the Video Sample Description is 0, QuickTime expects a color table to be present immediately after the description. A byte swap process is then performed on the memory following the description, regardless if a table is present or not. Heap corruption will occur in the case when the memory following the description is not part of the heap chunk being processed. iDefense Labs confirmed this vulnerability exists in version 7.1.3 of QuickTime on Windows. Previous versions are suspected to be vulnerable.
| | Author: | Ruben Santamarta | | Homepage: | http://www.idefense.com/ | | File Size: | 3674 | | Related CVE(s): | CVE-2007-0718 | | Last Modified: | Mar 9 00:27:30 2007 |
| MD5 Checksum: | 54feb9602d6d111ed4418218312eece5 |
|
| /// File Name: |
sava-sql.txt |
Description:
|
Sava's Guestbook version 23.11.2006 is susceptible to SQL injection attacks.
| | Author: | Belsec Team | | Homepage: | http://belsec.com/ | | File Size: | 1189 | | Last Modified: | Mar 9 00:23:57 2007 |
| MD5 Checksum: | dac7a2334b7ccd5b386bed5385ea0e81 |
|
| /// File Name: |
liguestbook-sql.txt |
Description:
|
LI-Guestbook version 1.1 is susceptible to SQL injection attacks.
| | Author: | Belsec Team | | Homepage: | http://belsec.com/ | | File Size: | 1029 | | Last Modified: | Mar 9 00:23:12 2007 |
| MD5 Checksum: | 801b410d80306fb2e368aa8b81bdacd2 |
|
| /// File Name: |
eportfolio10-multi.txt |
Description:
|
ePortfolio version 1.0 suffers from java related input validation vulnerabilities.
| | Author: | Stefan Friedli | | Homepage: | http://www.scip.ch/ | | File Size: | 3400 | | Last Modified: | Mar 9 00:22:22 2007 |
| MD5 Checksum: | f53eaf2b962ec6930e6f137e8d1d547b |
|
| /// File Name: |
dsa-1262-1.txt |
Description:
|
Debian Security Advisory 1262-1 - "Mu Security" discovered that a format string vulnerability in the VoIP solution GnomeMeeting allows the execution of arbitrary code
| | Homepage: | http://www.debian.org/security | | File Size: | 5117 | | Related CVE(s): | CVE-2007-1007 | | Last Modified: | Mar 8 23:45:32 2007 |
| MD5 Checksum: | ec080c4ef8b1ab53843558ca88d1b983 |
|
| /// File Name: |
konq-dos.txt |
Description:
|
Konqueror crashes if Javascript code tries to read the source of a child iframe when it is set to a ftp:// URL.
| | Author: | mark | | Homepage: | http://bindshell.net/ | | File Size: | 1351 | | Last Modified: | Mar 8 23:44:50 2007 |
| MD5 Checksum: | 8c43a72abdcbb2dd021c2e2057df2cab |
|
| /// File Name: |
MDKSA-2007-050-1.txt |
Description:
|
Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8735 | | Related CVE(s): | CVE-2006-6077, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996, CVE-2007-1092 | | Last Modified: | Mar 8 23:28:15 2007 |
| MD5 Checksum: | 272b47bdd64a3e3aed526ce2a414c45e |
|
| /// File Name: |
netrekfs.txt |
Description:
|
Netrek versions 2.12.0 and below suffer from a format string vulnerability.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | netrekfs.zip | | File Size: | 1973 | | Last Modified: | Mar 8 23:25:54 2007 |
| MD5 Checksum: | 7c7c823ba8ce3115f39bad50638c6691 |
|
| /// File Name: |
sa24458.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for imagemagick. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24458/ | | File Size: | 2199 | | Last Modified: | Mar 8 19:52:08 2007 |
| MD5 Checksum: | 682b41733f38e6e1491d86b95e38507d |
|
| /// File Name: |
sa24457.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24457/ | | File Size: | 2365 | | Last Modified: | Mar 8 19:52:08 2007 |
| MD5 Checksum: | eaad2b9b9992159f9cc968b20328c429 |
|
| /// File Name: |
sa24456.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for mozilla-thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24456/ | | File Size: | 2305 | | Last Modified: | Mar 8 19:52:08 2007 |
| MD5 Checksum: | 682d93d1352068a851ad4327c9dfbf65 |
|
| /// File Name: |
sa24455.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for mozilla-firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24455/ | | File Size: | 2493 | | Last Modified: | Mar 8 19:52:08 2007 |
| MD5 Checksum: | ceaa1b669b8549b0e5853c1b5f4508e4 |
|
| /// File Name: |
sa24447.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Sun Fire X2100 and Sun Fire X2200, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/24447/ | | File Size: | 2662 | | Last Modified: | Mar 8 19:52:08 2007 |
| MD5 Checksum: | d747d6a89af25bf1c9d6485f7037d054 |
|
| /// File Name: |
sa24445.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Novell Netmail, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24445/ | | File Size: | 2459 | | Last Modified: | Mar 8 19:52:08 2007 |
| MD5 Checksum: | 57b90cd905b5d608880f779c0419d545 |
|
| /// File Name: |
sa24438.txt |
Description:
|
Secunia Security Advisory - Slackware has issued an update for gnupg. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions when applications use GnuPG in an insecure manner.
| | Homepage: | http://secunia.com/advisories/24438/ | | File Size: | 2930 | | Last Modified: | Mar 8 19:52:08 2007 |
| MD5 Checksum: | 964ff48b84aa3862d886e68a37d7acbe |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
