Section: .. / 0704-advisories /
| /// File Name: |
MU-200704-01.txt |
Description:
|
An integer overflow vulnerability exists in the RPC runtime library (libinfo) that handles AUTH_UNIX authentication. By sending maliciously-crafted requests to the any RPC service (portmap, mount, nfs, etc), a remote attacker can trigger the overflow which may lead to arbitrary code execution as the 'daemon' user. Mac OS X versions 10.3.9 and 10.4.9 are affected.
| | Author: | Mu Security research team | | Homepage: | http://labs.musecurity.com/ | | File Size: | 3011 | | Last Modified: | Apr 24 09:02:58 2007 |
| MD5 Checksum: | 4deb7fb36d9bbaac2d410a439b859db1 |
|
| /// File Name: |
n.runs-SA-2007.007.txt |
Description:
|
A remote exploitable format string vulnerability has been identified in the in the Sun Java Web Console. According to the Sun Security Coordination Team, Solaris 10 Operating System, Sun Java Web Console 2.2.2, Sun Java Web Console 2.2.3, Sun Java Web Console 2.2.4 and Sun Java Web Console 2.2.5 are affected.
| | Author: | Frank Dick | | Homepage: | http://www.nruns.com/ | | File Size: | 4191 | | Related CVE(s): | CVE-2007-1681 | | Last Modified: | Apr 19 04:17:19 2007 |
| MD5 Checksum: | f683ae2fcf22380124bf98ce1d61b2a3 |
|
| /// File Name: |
neat-race.txt |
Description:
|
NeatUpload versions 1.2.11 through 1.2.16 and 1.1.18 through 1.1.23 suffer from a race condition.
| | Author: | Jamie Howell, Michael Teper | | File Size: | 2202 | | Last Modified: | Apr 23 05:47:35 2007 |
| MD5 Checksum: | 814a8e93d116a31f6a6e0bdc2273e316 |
|
| /// File Name: |
netsprint-exec.txt |
Description:
|
Netsprint Toolbar version 1.1 suffers from a buffer overrun vulnerability.
| | Author: | sapheal | | File Size: | 1059 | | Last Modified: | Apr 17 19:12:49 2007 |
| MD5 Checksum: | 2ae740719c2b81e7db1a73aa004b36d6 |
|
| /// File Name: |
NGS-openoffice.txt |
Description:
|
A stack overflow affects all versions of OpenOffice prior to 2.2. The flaw exists in the handling of StarCalc documents within OpenOffice.
| | Author: | John Heasman | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 2218 | | Last Modified: | Apr 5 07:27:32 2007 |
| MD5 Checksum: | 4cb88b7692996bad6ef684a86fef7deb |
|
| /// File Name: |
ods-overflow.txt |
Description:
|
Oracle Database Server version 8i, 9i, and 10gR1 suffer from buffer overflow vulnerabilities in DBMS_SNAP_INTERNAL.
| | Author: | Esteban Martinez Fayo | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2236 | | Last Modified: | Apr 19 06:49:24 2007 |
| MD5 Checksum: | f135f4a0c24a28e808cc3d0d4ad7c9fc |
|
| /// File Name: |
OPENADS-SA-2007-004.txt |
Description:
|
Max Media Manager versions 0.1.29-rc and below and 0.3.31-alpha-pr2 and below suffer from HTTP response splitting vulnerabilities.
| | Author: | Matteo Beccati | | Homepage: | http://www.openads.org/ | | File Size: | 1578 | | Last Modified: | Apr 17 05:33:16 2007 |
| MD5 Checksum: | b5d4c2b5e4f2a2c8ad332cbac55e96e1 |
|
| /// File Name: |
openssh-disclose.txt |
Description:
|
System account enumeration is possible when OpenSSH versions 4.6 and below have ChallengeResponseAuthentication enabled (S/KEY).
| | Author: | rembrandt | | File Size: | 2504 | | Last Modified: | Apr 23 06:03:50 2007 |
| MD5 Checksum: | 8abf45a36e343de9a549e64f06f0594a |
|
| /// File Name: |
php521-overflow.txt |
Description:
|
There is an integer overflow in PHP versions 5.2.1 and below in ext/gd/libgd/wbmp.c in the function readwbmp.
| | Author: | Ivan Fratric | | File Size: | 2115 | | Last Modified: | Apr 10 08:31:39 2007 |
| MD5 Checksum: | 8596383435c0e13959227a7f88ee7896 |
|
| /// File Name: |
pico-traverse.txt |
Description:
|
Acubix PicoZip version 4.02 suffers from a directory traversal vulnerability.
| | Author: | Hamid Ebadi | | Homepage: | http://www.bugtraq.ir/ | | File Size: | 1309 | | Last Modified: | Apr 17 05:31:20 2007 |
| MD5 Checksum: | d153adb9f1ae61b2699cb138ca16aa3e |
|
| /// File Name: |
raiden24-dos.txt |
Description:
|
RaidenFTP version 2.4 suffers from multiple denial of service vulnerabilities.
| | Author: | sapheal | | File Size: | 1099 | | Last Modified: | Apr 23 05:34:43 2007 |
| MD5 Checksum: | 487eb0934b21a32ec3c57c0b4c1d8b94 |
|
| /// File Name: |
sa22251.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in CinePlayer, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/22251/ | | File Size: | 2386 | | Last Modified: | Apr 12 03:03:40 2007 |
| MD5 Checksum: | 616584d053a258dbaa9b44a4ea90b6de |
|
| /// File Name: |
sa22896.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/22896/ | | File Size: | 3773 | | Last Modified: | Apr 11 04:12:21 2007 |
| MD5 Checksum: | c8fb26241ae460fa30d13c20754dcab9 |
|
| /// File Name: |
sa22924.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in GraceNote CDDBControl ActiveX Control, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/22924/ | | File Size: | 2649 | | Last Modified: | Apr 20 23:50:15 2007 |
| MD5 Checksum: | a21a74f8cd7a47aed3b4e7636bfc0c52 |
|
| /// File Name: |
sa24608.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for file. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24608/ | | File Size: | 1995 | | Last Modified: | Apr 3 01:13:40 2007 |
| MD5 Checksum: | 5c1ab7afef4e8f08c1262722cba203bb |
|
| /// File Name: |
sa24624.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged a vulnerability in Mozilla 1.7 for Sun Solaris, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24624/ | | File Size: | 2548 | | Last Modified: | Apr 3 01:13:40 2007 |
| MD5 Checksum: | abd49a6468af189a4254783fd0399af2 |
|
| /// File Name: |
sa24656.txt |
Description:
|
Secunia Security Advisory - David Vieira-Kurz has discovered a vulnerability in holaCMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/24656/ | | File Size: | 2228 | | Last Modified: | Apr 5 00:36:24 2007 |
| MD5 Checksum: | 5af98ab60f3eae27c966e082a4eb9316 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
