.:[ packet storm ]:.
                             
validate everything - trust no vendor
validate everything - trust no vendor

 Section:  .. / 0709-advisories  /

Page 2 of 20
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 >> Files 25 - 50 of 493
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: sa26684.txt
Description:
 Secunia Security Advisory - Ubuntu has issued an update for krb5 and librpcsecgss. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26684/
File Size:27783
Last Modified:Sep 5 19:40:40 2007
MD5 Checksum:733825a774fd145db4fc90c8e636b6d2

 ///  File Name: MDKSA-2007-186.txt
Description:
 Mandriva Linux Security Advisory - An integer overflow in the TIFF parser in OpenOffice.org prior to version 2.3 allows remote attackers to execute arbitrary code via a TIFF file with crafted values which triggers the allocation of an incorrect amount of memory which results in a heap-based buffer overflow.
Homepage:http://www.mandriva.com/security/
File Size:26317
Related CVE(s):CVE-2007-2834
Last Modified:Sep 20 22:32:49 2007
MD5 Checksum:48daad3abb75727188499460fc4fd7d1

 ///  File Name: sa26855.txt
Description:
 Secunia Security Advisory - Fedora has issued an update for openoffice.org. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
Homepage:http://secunia.com/advisories/26855/
File Size:24043
Last Modified:Sep 20 04:11:10 2007
MD5 Checksum:ccc07e6481bdf18c3b810d0d7d04f351

 ///  File Name: VMSA-2007-0006.txt
Description:
 VMware Security Advisory - Updates have been released for arbitrary code execution, denial of service, and other various vulnerabilities in VMware.
Homepage:http://www.vmware.com/
File Size:24017
Related CVE(s):CVE-2007-2446, CVE-2007-2447, CVE-2007-0494, CVE-2007-2442, CVE-2007-2443, CVE-2007-2798, CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-4059, CVE-2007-4155, CVE-2007-4496, CVE-2007-4497, CVE-2007-1856, CVE-2006-1174, CVE-2006-4600, CVE-2004-0813, CVE-2007-1716, CVE-2006-3619, CVE-2006-4146
Last Modified:Sep 20 05:08:36 2007
MD5 Checksum:75a1ac8862ee8690edac336336695646

 ///  File Name: MDKSA-2007-183.txt
Description:
 Mandriva Linux Security Advisory - A buffer overflow was found in how Qt expanded malformed Unicode strings. If an application linked against Qt parsed a malicious Unicode string, it could lead to a denial of service or potentially allow for the execution of arbitrary code.
Homepage:http://www.mandriva.com/security/
File Size:22618
Related CVE(s):CVE-2007-4137
Last Modified:Sep 18 11:01:30 2007
MD5 Checksum:60270093f0eb4e64c8b5dd737cef32d4

 ///  File Name: dsa-1367-1.txt
Description:
 Debian Security Advisory 1367-1 - It was discovered that a buffer overflow of the RPC library of the MIT Kerberos reference implementation allows the execution of arbitrary code.
Homepage:http://www.debian.org/security
File Size:22219
Related CVE(s):CVE-2007-3999
Last Modified:Sep 5 01:19:30 2007
MD5 Checksum:cd3b0483bd86eaeb6194c88e59c99250

 ///  File Name: sa26691.txt
Description:
 Secunia Security Advisory - Debian has issued an update for krb5. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26691/
File Size:20719
Last Modified:Sep 5 19:40:40 2007
MD5 Checksum:84cfc0a8298f1137d01a2e735e912f58

 ///  File Name: MDKSA-2007-176.txt
Description:
 Mandriva Linux Security Advisory - konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion.
Homepage:http://www.mandriva.com/security/
File Size:20650
Related CVE(s):CVE-2007-3820, CVE-2007-4224, CVE-2007-4225
Last Modified:Sep 7 03:13:18 2007
MD5 Checksum:8845b54a33c277e691a99e611d053b84

 ///  File Name: dsa-1367-2.txt
Description:
 Debian Security Advisory 1367-2 - It was discovered that a buffer overflow of the RPC library of the MIT Kerberos reference implementation allows the execution of arbitrary code. The original patch from DSA-1367-1 didn't address the problem fully.
Homepage:http://www.debian.org/security
File Size:20544
Related CVE(s):CVE-2007-3999
Last Modified:Sep 7 03:07:57 2007
MD5 Checksum:70d0460c6663846831d0fe8654f23c50

 ///  File Name: MDKSA-2007-187.txt
Description:
 Mandriva Linux Security Advisory - Numerous vulnerabilities were discovered in the PHP scripting language that are corrected with this update. Not just a couple, not a few, but many.
Homepage:http://www.mandriva.com/security/
File Size:16451
Related CVE(s):CVE-2007-1375, CVE-2007-1399, CVE-2007-1900, CVE-2007-2727, CVE-2007-2728, CVE-2007-2748, CVE-2007-2756, CVE-2007-2872, CVE-2007-3799, CVE-2007-3996, CVE-2007-3998, CVE-2007-4658, CVE-2007-4670
Last Modified:Sep 24 23:41:53 2007
MD5 Checksum:b96e8da2cd6e8f174d150d88670ccbcd

 ///  File Name: dsa-1366-1.txt
Description:
 Debian Security Advisory 1366-1 - Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. It was discovered that the RTF and RFC2397 parsers can be tricked into dereferencing a NULL pointer, resulting in denial of service. It was discovered clamav-milter performs insufficient input sanitizing, resulting in the execution of arbitrary shell commands.
Homepage:http://www.debian.org/security
File Size:16292
Related CVE(s):CVE-2007-4510, CVE-2007-4560
Last Modified:Sep 5 01:17:36 2007
MD5 Checksum:ae17bf9e4755b92155e8289d2260e7e1

 ///  File Name: dsa-1372-1.txt
Description:
 Debian Security Advisory 1372-1 - Aaron Plattner discovered a buffer overflow in the Composite extension of the X.org X server, which can lead to local privilege escalation.
Homepage:http://www.debian.org/security
File Size:15858
Related CVE(s):CVE-2007-4730
Last Modified:Sep 9 16:59:36 2007
MD5 Checksum:02de3edbeb1381faa137fdf06866763f

 ///  File Name: cisco-sa-20070905-csm.txt
Description:
 Cisco Security Advisory - The Cisco Content Switching Modules (CSM) and Cisco Content Switching Module with SSL (CSM-S) contain two vulnerabilities that can lead to a denial of service (DoS) condition. The first vulnerability exists when processing TCP packets, and the second vulnerability affects devices with service termination enabled.
Homepage:http://www.cisco.com/
File Size:15815
Last Modified:Sep 5 20:52:30 2007
MD5 Checksum:88ed2445566f9f66cdb946006a04e6df

 ///  File Name: MDKSA-2007-188.txt
Description:
 Mandriva Linux Security Advisory - PostgreSQL 8.1 and probably later and earlier versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1. PostgreSQL 8.1 and probably later and earlier versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and execute functions, as demonstrated by functions that perform local brute-force password guessing attacks, which may evade intrusion detection. The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system function in libc.so.6 to gain shell access.
Homepage:http://www.mandriva.com/security/
File Size:15576
Related CVE(s):CVE-2007-3280, CVE-2007-3278, CVE-2007-3279
Last Modified:Sep 25 22:09:37 2007
MD5 Checksum:2e812643b0f00032f1b34401724f05be

 ///  File Name: sa26654.txt
Description:
 Secunia Security Advisory - Debian has issued an update for clamav. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26654/
File Size:15131
Last Modified:Sep 4 22:20:04 2007
MD5 Checksum:b8454e3e8a5939b62faabc2a813a1de5

 ///  File Name: sa26755.txt
Description:
 Secunia Security Advisory - Debian has issued an update for xorg-server. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
Homepage:http://secunia.com/advisories/26755/
File Size:14872
Last Modified:Sep 10 17:30:15 2007
MD5 Checksum:0d8d2d1720d6860b7290b671246d13e8

 ///  File Name: cisco-sa-20070905-video.txt
Description:
 Cisco Security Advisory - Cisco Video Surveillance IP Gateway video encoder and decoder, Services Platform (SP), and Integrated Services Platform (ISP) devices contain authentication vulnerabilities that allow remote users with network connectivity to gain the complete administrative control of vulnerable devices. There are no workarounds for these vulnerabilities.
Homepage:http://www.cisco.com/
File Size:14045
Last Modified:Sep 5 20:51:42 2007
MD5 Checksum:2d7292c6464eed9ee1b649bcd7a8fdad

 ///  File Name: USN-522-1.txt
Description:
 Ubuntu Security Notice 522-1 - It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes. Moritz Jodeit discovered that OpenSSL's SSL_get_shared_ciphers function did not correctly check the size of the buffer it was writing to. A remote attacker could exploit this to write one NULL byte past the end of an application's cipher list buffer, possibly leading to arbitrary code execution or a denial of service.
Homepage:http://security.ubuntu.com/
File Size:12962
Related CVE(s):CVE-2007-3108, CVE-2007-5135
Last Modified:Sep 30 02:29:55 2007
MD5 Checksum:81a8377a3cae000f1224491d8f4272e7

 ///  File Name: MDKSA-2007-190.txt
Description:
 Mandriva Linux Security Advisory - A vulnerability was discovered in KDM by Kees Huijgen where under certain circumstances and in particular configurations, KDM could be tricked into allowing users to login without a password.
Homepage:http://www.mandriva.com/security/
File Size:12317
Related CVE(s):CVE-2007-4569
Last Modified:Sep 30 01:45:50 2007
MD5 Checksum:9be7857e3066a43ebdd940e6aa5d3048

 ///  File Name: sa26822.txt
Description:
 Secunia Security Advisory - Trustix has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or bypass certain security restrictions, and by malicious people to cause a DoS, conduct cross-site scripting attacks, or compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26822/
File Size:11466
Last Modified:Sep 18 21:26:49 2007
MD5 Checksum:50fce91fad0516010a7c06348116a8bb

 ///  File Name: MDKSA-2007-185.txt
Description:
 Mandriva Linux Security Advisory - The Avahi daemon in 0.6.20 and previous allows attackers to cause a denial of service via empty TXT data over D-Bus, which triggers an assert error.
Homepage:http://www.mandriva.com/security/
File Size:10933
Related CVE(s):CVE-2007-3372
Last Modified:Sep 18 13:06:16 2007
MD5 Checksum:f55b8b65bf1d9bb5a32742e3cae9706d

 ///  File Name: MDKSA-2007-178.txt
Description:
 Mandriva Linux Security Advisory - Aaron Plattner discovered a buffer overflow in the Composite extension of the X.org X server, which if exploited could lead to local privilege escalation.
Homepage:http://www.mandriva.com/security/
File Size:10324
Related CVE(s):CVE-2007-4730
Last Modified:Sep 12 20:03:20 2007
MD5 Checksum:63aca371dacd039c77c8df380386599d

 ///  File Name: MDKSA-2007-177.txt
Description:
 Mandriva Linux Security Advisory - A vulnerability was found in MySQL's authentication protocol, making it possible for a remote unauthenticated attacker to send a specially crafted authentication request to the MySQL server causing it to crash. Another flaw was discovered in MySQL that allowed remote authenticated users to gain update privileges for a table in another database via a view that refers to the external table.
Homepage:http://www.mandriva.com/security/
File Size:10090
Related CVE(s):CVE-2007-3780, CVE-2007-3782
Last Modified:Sep 7 03:14:37 2007
MD5 Checksum:bca4ce77541163f6924dfe742318bcab

 ///  File Name: dsa-1343-2.txt
Description:
 Debian Security Advisory 1343-2 - The Debian 4.0r1 release contains a file package with the same version number as the last security update (4.17-5etch2), potentially overriding it. This security advisory reissues DSA-1343-1 with a higher version number, to ensure that its changes remain in effect. The changes from Debian 4.0r1 (which fix a minor denial of service issue, CVE-2007-2026) are included as well.
Homepage:http://www.debian.org/security
File Size:9926
Related CVE(s):CVE-2007-2799, CVE-2007-2026
Last Modified:Sep 26 22:51:53 2007
MD5 Checksum:a444df46f046149995068a46cc48bc51

 ///  File Name: cisco-sr-20070926-lb.txt
Description:
 Cisco Security Advisory - Cisco Catalyst 6500 and Cisco 7600 series devices use addresses from the 127.0.0.0/8 (loopback) range in the Ethernet Out-of-Band Channel (EOBC) for internal communication. Addresses from this range that are used in the EOBC on Cisco Catalyst 6500 and Cisco 7600 series devices are accessible from outside of the system. The Supervisor module, Multilayer Switch Feature Card (MSFC), or any other intelligent module may receive and process packets that are destined for the 127.0.0.0/8 network. An attacker can exploit this behavior to bypass existing access control lists that do not filter 127.0.0.0/8 address range; however, an exploit will not allow an attacker to bypass authentication or authorization. Valid authentication credentials are still required to access the module in question.
Homepage:http://www.cisco.com/
File Size:9913
Last Modified:Sep 27 21:02:06 2007
MD5 Checksum:6e93ee9fd6cdbb94b05db75190415dbc
 

 ///  Last 10 Files
  1. :· pacpoll-disclose.txt
  2. :· USN-682-1.txt
  3. :· USN-681-1.txt
  4. :· BMSA-2008-09.txt
  5. :· webhub-bypass.txt
  6. :· infinite-bypass.txt
  7. :· VA_VD_87_08_XRDP.pdf
  8. :· TKADV2008-013.txt
  9. :· sqlinj-insouts.txt
  10. :· bcoos1013-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· USN-682-1.txt
  2. :· USN-681-1.txt
  3. :· VA_VD_87_08_XRDP.pdf
  4. :· TKADV2008-013.txt
  5. :· dsa-1675-1.txt
  6. :· dsa-1674-1.txt
  7. :· dsa-1673-1.txt
  8. :· dsa-1672-1.txt
  9. :· USN-679-1.txt
  10. :· USN-680-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· pacpoll-disclose.txt
  2. :· BMSA-2008-09.txt
  3. :· webhub-bypass.txt
  4. :· infinite-bypass.txt
  5. :· bcoos1013-sql.txt
  6. :· preonline-cmsqlxss.txt
  7. :· preclass-sqlxss.txt
  8. :· aspportal-disclose.txt
  9. :· preshoppingmall-cmsqlxss.txt
  10. :· ezpoll-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· vncrush.txt
  2. :· rshatter.txt
  3. :· Exomind-v0.2.tar.gz
  4. :· clamav-0.94.2.tar.gz
  5. :· cadfile.zip
  6. :· anehta-v0.6.0fixed2.zip
  7. :· tagfuzz.txt
  8. :· BrowserRider.20081124.tar.bz2
  9. :· mp3nema-v0_2.tar.gz
  10. :· squid-nufw-helper-1.1.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· sqlinj-insouts.txt
  2. :· format-string-linux.txt
  3. :· frame-pointer-overwrite-linux.txt
  4. :· iptablesf.txt
  5. :· nufw-2.2.19.tar.gz
  6. :· frhack2009-cfp.txt
  7. :· oracle-forensics-scns.pdf
  8. :· cansecwest-2009.txt
  9. :· A5.1.zip
  10. :· a51-php.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice