Section: .. / 0803-advisories /
| /// File Name: |
sa29385.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/29385/ | | File Size: | 8362 | | Last Modified: | Mar 17 22:46:50 2008 |
| MD5 Checksum: | 01c590a4143f2abcba3e215ff05a08a3 |
|
| /// File Name: |
CORE-2007-1212.txt |
Description:
|
Core Security Technologies Advisory - Secure Internet Life Conferencing (SILC) server versions 1.1.1 and below and client versions 1.1.3 and below suffer from a pkcs_decode related buffer overflow vulnerability.
| | Author: | Ariel Waissbein, Pedro Varangot, Martin Mizrahi, Oren Isacson, Carlos Garcia, Ivan Arce | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 8192 | | Last Modified: | Mar 25 20:29:31 2008 |
| MD5 Checksum: | 579aa50d9135f12aaf659ca54ca9d1d0 |
|
| /// File Name: |
SSRT080004.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP Compaq Business Notebook PC BIOS. The vulnerability could be exploited to create a Denial of Service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 8023 | | Related CVE(s): | CVE-2008-0211 | | Last Modified: | Mar 28 17:30:01 2008 |
| MD5 Checksum: | ff0afcf49d063bd287de5ec4c1fa5000 |
|
| /// File Name: |
dsa-1522-1.txt |
Description:
|
Debian Security Advisory 1522-1 - Tavis Ormandy discovered that unzip, when processing specially crafted ZIP archives, could pass invalid pointers to the C library's free routine, potentially leading to arbitrary code execution.
| | Homepage: | http://www.debian.org/security | | File Size: | 7903 | | Related CVE(s): | CVE-2008-0888 | | Last Modified: | Mar 17 19:56:59 2008 |
| MD5 Checksum: | 6c9aa039688c021669b09b1483eb4324 |
|
| /// File Name: |
MDVSA-2008-059.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in the Tcl regular expression handling engine was originally discovered by Will Drewry in the PostgreSQL database server's Tcl regular expression engine. This flaw can result in an infinite loop when processing certain regular expressions.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7825 | | Related CVE(s): | CVE-2007-4772 | | Last Modified: | Mar 12 14:42:31 2008 |
| MD5 Checksum: | 426850af1a24df7366d52235ac29b3a4 |
|
| /// File Name: |
sa29354.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for libnet-dns-perl. This fixes some vulnerabilities, which can be exploited by malicious people to poison the DNS cache or to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/29354/ | | File Size: | 7789 | | Last Modified: | Mar 12 20:06:24 2008 |
| MD5 Checksum: | 87a8f521ab9db27eafb5f65a5fcf30f5 |
|
| /// File Name: |
MITKRB5-SA-2008-002.txt |
Description:
|
MIT krb5 Security Advisory 2008-002 - Two bugs in the RPC library server code, used in the kadmin server, causes an array overrun if too many file descriptors are opened. Memory corruption can result.
| | Homepage: | http://web.mit.edu/ | | File Size: | 7715 | | Related CVE(s): | CVE-2008-0947, CVE-2008-0948 | | Last Modified: | Mar 18 22:22:52 2008 |
| MD5 Checksum: | 548fe30eb399d6ce1de24ef032f0fda9 |
|
| /// File Name: |
TKADV2008-001.txt |
Description:
|
The kernel driver cpoint.sys shipped with Panda Internet Security and Antivirus Firewall 2008 contains a vulnerability in the code that handles IOCTL requests. The vulnerability can lead to denial of service and arbitrary code execution attacks.
| | Author: | Tobias Klein | | Homepage: | http://www.trapkit.de/ | | File Size: | 7506 | | Last Modified: | Mar 12 18:31:24 2008 |
| MD5 Checksum: | e01729fb3cbdef6910c36ee5ca6205f0 |
|
| /// File Name: |
sa29432.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for unzip. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29432/ | | File Size: | 7192 | | Last Modified: | Mar 18 20:35:21 2008 |
| MD5 Checksum: | 1984d3ea71841380f075e7da78aae383 |
|
| /// File Name: |
sa29334.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for gcc. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29334/ | | File Size: | 6897 | | Last Modified: | Mar 14 19:08:30 2008 |
| MD5 Checksum: | dcfd65d08a5671872a3d1ee3dc15d331 |
|
| /// File Name: |
sa29388.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/29388/ | | File Size: | 6885 | | Last Modified: | Mar 17 22:46:50 2008 |
| MD5 Checksum: | a77452608bbc49ce87a1e9338cb2cbe9 |
|
| /// File Name: |
dsa-1511-1.txt |
Description:
|
Debian Security Advisory 1511-1 - libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames. A heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack.
| | Homepage: | http://www.debian.org/security | | File Size: | 6819 | | Related CVE(s): | CVE-2007-4770, CVE-2007-4771 | | Last Modified: | Mar 3 17:41:07 2008 |
| MD5 Checksum: | 7a21892de68e8fbb86fad8249d0d85f3 |
|
| /// File Name: |
sa29406.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for unzip. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29406/ | | File Size: | 6801 | | Last Modified: | Mar 21 19:24:01 2008 |
| MD5 Checksum: | 59591bdc692da714b46d9839169d50fc |
|
| /// File Name: |
SSRT080011.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified in the SFTP Server (sftp-server) component of SSH version 3.2.0 and earlier running on HP Tru64 UNIX. The vulnerability could be exploited by a remote user to execute arbitrary code or cause a Denial of Service (DoS). Yes, this is from 2006. Yes, HP is just notifying people now.
| | Homepage: | http://www.hp.com/ | | File Size: | 6728 | | Related CVE(s): | CVE-2006-0705 | | Last Modified: | Mar 26 16:29:50 2008 |
| MD5 Checksum: | ff783e16ea6d5ea497e199cd8890a3a2 |
|
| /// File Name: |
USN-586-1.txt |
Description:
|
Ubuntu Security Notice 586-1 - Multiple cross-site scripting flaws were discovered in mailman. A malicious list administrator could exploit this to execute arbitrary JavaScript, potentially stealing user credentials.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6649 | | Related CVE(s): | CVE-2008-0564 | | Last Modified: | Mar 15 16:19:42 2008 |
| MD5 Checksum: | 82521e3077399b7a1e41c3305b1fba39 |
|
| /// File Name: |
ASPR-2008-03-11-1.txt |
Description:
|
A HTML injection vulnerability exists in the WebLogic administration console. Version 10.0 is susceptible.
| | Author: | Sasa Kos, Mitja Kolsek | | Homepage: | http://www.acrossecurity.com/ | | File Size: | 6623 | | Last Modified: | Mar 12 23:58:12 2008 |
| MD5 Checksum: | 1c0c907c128f61e7c8b5352956944985 |
|
| /// File Name: |
SSRT071495.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running HP CIFS Server (Samba). The vulnerability could be exploited remotely to execute arbitrary code.
| | Homepage: | http://www.hp.com/ | | File Size: | 6570 | | Related CVE(s): | CVE-2007-4572, CVE-2007-5398, CVE-2007-6015 | | Last Modified: | Mar 12 23:50:49 2008 |
| MD5 Checksum: | ce71fdcaa53d0b48c9b5b3619b1f003c |
|
| /// File Name: |
SSRT080027.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP Compaq Notebook PC BIOS. The vulnerability could be exploited to allow local unauthorized users access to the system.
| | Homepage: | http://www.hp.com/ | | File Size: | 6467 | | Related CVE(s): | CVE-2008-0706 | | Last Modified: | Mar 28 17:30:57 2008 |
| MD5 Checksum: | 7b1b890b374ccbff7e77d8bb86e61f49 |
|
| /// File Name: |
camulti-overflow.txt |
Description:
|
CA Security Advisory - CA products that implement the DSM ListCtrl ActiveX control are vulnerable to a buffer overflow condition that can allow a remote attacker to cause a denial of service or execute arbitrary code with the privileges of the user running the web browser.
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 6462 | | Related CVE(s): | CVE-2008-1472 | | Last Modified: | Mar 28 17:29:16 2008 |
| MD5 Checksum: | 65eda83c7e5bae337d11f91b9d4e591b |
|
| /// File Name: |
SSRT080029.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP StorageWorks Library and Tape Tools (LTT) running on HP-UX. The vulnerability could be exploited by a local authorized user to gain unauthorized access.
| | Homepage: | http://www.hp.com/ | | File Size: | 6357 | | Related CVE(s): | CVE-2008-0707 | | Last Modified: | Mar 19 18:53:06 2008 |
| MD5 Checksum: | 6f20cb64c7f0f1fb5cf0ef6fe2351c90 |
|
| /// File Name: |
sa29317.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for evolution. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29317/ | | File Size: | 6325 | | Last Modified: | Mar 14 18:59:42 2008 |
| MD5 Checksum: | 2e72990620dfaceed22dfa52eca0c750 |
|
| /// File Name: |
USN-589-1.txt |
Description:
|
Ubuntu Security Notice 589-1 - Tavis Ormandy discovered that unzip did not correctly clean up pointers. If a user or automated service was tricked into processing a specially crafted ZIP archive, a remote attacker could execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6191 | | Related CVE(s): | CVE-2008-0888 | | Last Modified: | Mar 20 17:15:06 2008 |
| MD5 Checksum: | 15597a25fee88497611ca4c749a8a19f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
