Section: .. / 0802-advisories /
| /// File Name: |
MDVSA-2008-040.txt |
Description:
|
Mandriva Linux Security Advisory - The LWZReadByte() and IMG_LoadLBM_RW() functions in SDL_image contain a boundary error that could be triggered to cause a static buffer overflow and a heap-based buffer overflow. If a user using an application linked against the SDL_image library were to open a carefully crafted GIF or IFF ILBM file, the application could crash or possibly allow for the execution of arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5737 | | Related CVE(s): | CVE-2007-6697, CVE-2008-0544 | | Last Modified: | Feb 7 21:34:29 2008 |
| MD5 Checksum: | a996830f404f5e838adcde28155a93b0 |
|
| /// File Name: |
logsurfer-exec.txt |
Description:
|
Use of the Logsurfer program when properly configured may leave the system vulnerable to a remote code execution vulnerability.
| | Author: | kcope | | File Size: | 5677 | | Last Modified: | Feb 20 23:41:11 2008 |
| MD5 Checksum: | 2902d1b8a9ed68aa97f84cb603ad1ea5 |
|
| /// File Name: |
SSRT071474.txt |
Description:
|
HP Security Bulletin - Potential vulnerabilities have been identified with the HP Storage Essentials, Storage Resource Management (SRM) software. These vulnerabilities could be exploited remotely to allow unauthorized access to a managed device.
| | Homepage: | http://www.hp.com/ | | File Size: | 5660 | | Related CVE(s): | CVE-2008-0215 | | Last Modified: | Feb 6 14:34:47 2008 |
| MD5 Checksum: | 8e4181d858316a7c63dbf9b65d314726 |
|
| /// File Name: |
TA08-043A.txt |
Description:
|
Technical Cyber Security Alert TA08-043A - Adobe has released Security advisory APSA08-01 to address multiple vulnerabilities affecting Adobe Reader and Acrobat. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code. Systems affected include Adobe Reader version 8.1.1 and earlier and Adobe Acrobat Professional, 3D, and Standard versions 8.1.1 and earlier.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 5557 | | Last Modified: | Feb 12 17:19:52 2008 |
| MD5 Checksum: | 0407c861a14046c7b118780c3cc2a651 |
|
| /// File Name: |
dsa-1496-1.txt |
Description:
|
Debian Security Advisory 1496-1 - Several buffer overflows have been discovered in the MPlayer movie player, which might lead to the execution of arbitrary code. Felipe Manzano and Anibal Sacco discovered a buffer overflow in the demuxer for MOV files. Reimar Doeffinger discovered a buffer overflow in the FLAC header parsing. Adam Bozanich discovered a buffer overflow in the CDDB access code. Adam Bozanich discovered a buffer overflow in URL parsing.
| | Homepage: | http://www.debian.org/security | | File Size: | 5436 | | Related CVE(s): | CVE-2008-0485, CVE-2008-0486, CVE-2008-0629, CVE-2008-0630 | | Last Modified: | Feb 12 17:59:18 2008 |
| MD5 Checksum: | 67a3e9665a60f89ce2ac2be6e2163aa8 |
|
| /// File Name: |
sa28919.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in various F-Secure products, which can be exploited by malware to bypass the scanning functionality.
| | Homepage: | http://secunia.com/advisories/28919/ | | File Size: | 5280 | | Last Modified: | Feb 13 19:18:22 2008 |
| MD5 Checksum: | c70bc9cee48c5692ca3d3a22bd9d2595 |
|
| /// File Name: |
MDVSA-2008-032.txt |
Description:
|
Mandriva Linux Security Advisory - Tavis Ormandy and Will Drewry found that the bost library did not properly perform input validation on regular expressions. An attacker could exploit this by sening a specially crafted regular expression to an application linked against boost and cause a denial of service via an application crash.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5118 | | Related CVE(s): | CVE-2008-0171, CVE-2008-0172 | | Last Modified: | Feb 3 16:01:27 2008 |
| MD5 Checksum: | a7527015947392ba88614568b1cd75ff |
|
| /// File Name: |
asus-samba.txt |
Description:
|
The ASUS Eee PC as shipped with Xandros comes with a vulnerable version of Samba installed that allows for remote compromise.
| | Homepage: | http://www.risesecurity.org/ | | File Size: | 5077 | | Last Modified: | Feb 8 17:26:29 2008 |
| MD5 Checksum: | 0c58ff1acc1480a4349bdc34730d9cf7 |
|
| /// File Name: |
mwsc-disclose.txt |
Description:
|
Level Platforms, Inc.'s Managed Workplace Server Center versions 4.x, 5.x, and 6.x suffer from information disclosure vulnerabilities.
| | Homepage: | http://www.tech-serve.com/ | | File Size: | 5055 | | Related CVE(s): | CVE-2008-0636 | | Last Modified: | Feb 8 17:57:57 2008 |
| MD5 Checksum: | 674f27556167fd344d0144a2d3e39660 |
|
| /// File Name: |
MDVSA-2008-054.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability was discovered by Havoc Pennington in how the dbus-daemon applied its security policy. A user with the ability to connect to the dbus-daemon could possibly execute certain method calls that they should not normally have access to.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4980 | | Related CVE(s): | CVE-2008-0595 | | Last Modified: | Feb 28 19:22:55 2008 |
| MD5 Checksum: | 394afef1d0e71f4050d6ba10e9acccd4 |
|
| /// File Name: |
sa28903.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28903/ | | File Size: | 4930 | | Last Modified: | Feb 12 17:33:42 2008 |
| MD5 Checksum: | 0e2dc0803b3e60a4ffcf92945f0ea32c |
|
| /// File Name: |
sa28989.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for xine-lib. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28989/ | | File Size: | 4845 | | Last Modified: | Feb 18 21:35:08 2008 |
| MD5 Checksum: | d845a244a1df863519631f9850ee0009 |
|
| /// File Name: |
officescaz.txt |
Description:
|
Trend Micro OfficeScan Corporate Edition versions 8.0 Patch 2 and below and versions 7.3 Patch 3 and below suffer from buffer overflow and dead process vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | officescaz.zip | | File Size: | 4820 | | Last Modified: | Feb 27 14:57:37 2008 |
| MD5 Checksum: | c82af56fdd5d57edf3fd9c330f3f503e |
|
| /// File Name: |
dsa-1492-1.txt |
Description:
|
Debian Security Advisory 1492-1 - Frank Lichtenheld and Nico Golde discovered that WML, an off-line HTML generation toolkit, creates insecure temporary files in the eperl and ipp backends and in the wmg.cgi script, which could lead to local denial of service by overwriting files.
| | Homepage: | http://www.debian.org/security | | File Size: | 4765 | | Related CVE(s): | CVE-2008-0665, CVE-2008-0666 | | Last Modified: | Feb 11 14:03:30 2008 |
| MD5 Checksum: | bc2ce85d338ccaddd0884aa09b0fe214 |
|
| /// File Name: |
dsa-1498-1.txt |
Description:
|
Debian Security Advisory 1498-1 - It was discovered that libimager-perl, a Perl extension for Generating 24 bit images, did not correctly handle 8-bit per-pixel compressed images, which could allow the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 4647 | | Related CVE(s): | CVE-2007-2459 | | Last Modified: | Feb 20 00:49:44 2008 |
| MD5 Checksum: | 00273116bd8a6796f878a1105f49023e |
|
| /// File Name: |
sa29036.txt |
Description:
|
Secunia Security Advisory - Adrian Pastor has reported some vulnerabilities in ZyXEL products, which can be exploited by malicious users to gain escalated privileges and by malicious people to bypass certain security restrictions or to hijack user sessions.
| | Homepage: | http://secunia.com/advisories/29036/ | | File Size: | 4620 | | Last Modified: | Feb 25 16:11:25 2008 |
| MD5 Checksum: | 3fa534278c1e6d914031d276090da39d |
|
| /// File Name: |
sa28902.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28902/ | | File Size: | 4617 | | Last Modified: | Feb 12 21:39:47 2008 |
| MD5 Checksum: | b9e80b18f102897c99074e73d08a6592 |
|
| /// File Name: |
sa28868.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for libimager-perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/28868/ | | File Size: | 4528 | | Last Modified: | Feb 20 23:22:27 2008 |
| MD5 Checksum: | 2ff647668946eeb4a470ca734d0c0e6a |
|
| /// File Name: |
sa28891.txt |
Description:
|
Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities and weaknesses.
| | Homepage: | http://secunia.com/advisories/28891/ | | File Size: | 4419 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | 8bb0937f444367c71b5d50d804fb7e6e |
|
| /// File Name: |
sa28758.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities and weaknesses have been reported Mozilla Firefox, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28758/ | | File Size: | 4403 | | Last Modified: | Feb 8 17:58:07 2008 |
| MD5 Checksum: | cc56263b501aca6ea2fd3230beed6bee |
|
| /// File Name: |
sa28871.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for phpbb2. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
| | Homepage: | http://secunia.com/advisories/28871/ | | File Size: | 4370 | | Last Modified: | Feb 12 14:09:00 2008 |
| MD5 Checksum: | dc5ba2735f51d1e016cf4117ed4042f6 |
|
| /// File Name: |
02.08.08-2.txt |
Description:
|
iDefense Security Advisory 02.08.08 - Remote exploitation of an unsafe library path vulnerability in Adobe Systems Inc.'s Adobe Reader may allow attackers to execute arbitrary code as the current user. This vulnerability is due to Adobe Reader using a path for "Security Provider" libraries that contains the directory the application was started in. Security Provider libraries provide encryption and signature verification routines to applications. If the current directory contains a file with the same name as a Security Provider library, the file will be loaded into the application, potentially allowing code execution. iDefense has confirmed this vulnerability exists in Adobe Reader 8.1 installed on Windows XP and Windows Vista. Previous versions, as well as those for other platforms, may also be affected.
| | Author: | Greg MacManus | | Homepage: | http://www.idefense.com/ | | File Size: | 4342 | | Related CVE(s): | CVE-2007-5666 | | Last Modified: | Feb 11 14:17:57 2008 |
| MD5 Checksum: | 38a5bc58a8ae1fc704006f3dbc4c00ed |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
