Section: .. / 0701-advisories /
| /// File Name: |
glsa-200701-13.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-13 - Neil Hoggarth has discovered that when delivering messages to a message delivery agent by means of the mda option, Fetchmail passes a NULL pointer to the ferror() and fflush() functions when refusing a message. Isaac Wilcox has discovered numerous means of plain-text password disclosure due to errors in secure connection establishment. Versions less than 6.3.6 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3043 | | Last Modified: | Jan 23 23:08:26 2007 |
| MD5 Checksum: | bbbbb5a9b5ba6b2d82d6bd8602632926 |
|
| /// File Name: |
glsa-200701-14.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-14 - Mod_auth_kerb improperly handles component byte encoding in the der_get_oid() function, allowing for a buffer overflow to occur if there are no components which require more than one byte for encoding. Versions less than 5.0_rc7-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2677 | | Last Modified: | Jan 24 01:25:30 2007 |
| MD5 Checksum: | ab11e67e54f0cd8ca455002fb181b00f |
|
| /// File Name: |
glsa-200701-15.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-15 - Chris Evans has discovered multiple buffer overflows in Sun JDK and Sun JRE possibly related to various AWT or font layout functions. Tom Hawtin has discovered an unspecified vulnerability in Sun JDK and Sun JRE relating to unintended applet data access. He has also discovered multiple other unspecified vulnerabilities in Sun JDK and Sun JRE allowing unintended Java applet or application resource acquisition. Versions less than 1.4.2.13 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4209 | | Last Modified: | Jan 24 01:25:56 2007 |
| MD5 Checksum: | d2db38c2c38bf541f3f7634cfcd4846d |
|
| /// File Name: |
glsa-200701-16.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-16 - Adobe Acrobat Reader in stand-alone mode is vulnerable to remote code execution via heap corruption when loading a specially crafted PDF file. Versions less than 7.0.9 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3806 | | Last Modified: | Jan 24 01:26:16 2007 |
| MD5 Checksum: | b4c745513433e639e39d3ebb59b52050 |
|
| /// File Name: |
glsa-200701-17.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-17 - Liu Qishuai discovered that glibtop_get_proc_map_s() in sysdeps/linux/procmap.c does not properly allocate memory for storing a filename, allowing certain filenames to cause the buffer to overflow on the stack. Versions less than 2.14.6 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2783 | | Last Modified: | Jan 24 01:39:25 2007 |
| MD5 Checksum: | f2b7f0baf630c02ca8099d8379093ce8 |
|
| /// File Name: |
glsa-200701-18.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-18 - Due to the improper handling and use of format strings, the errors_create_window() function in errors.c does not safely write data to memory. Versions less than 0.99.5_pre20060716 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2596 | | Last Modified: | Jan 24 01:46:05 2007 |
| MD5 Checksum: | cfc5521003f9c8f419d867fc54d02c43 |
|
| /// File Name: |
glsa-200701-19.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-19 - Tavis Ormandy of the Gentoo Linux Security Team has discovered that the file gencert.sh distributed with the Gentoo ebuild for OpenLDAP does not exit upon the existence of a directory in /tmp during installation allowing for directory traversal. Versions less than 2.1.30-r10 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3110 | | Last Modified: | Jan 24 01:47:22 2007 |
| MD5 Checksum: | 14abc6ea3c398a78d14b17917370862e |
|
| /// File Name: |
glsa-200701-20.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-20 - When interfacing with the LiveJournal service, Centericq does not appropriately allocate memory for incoming data, in some cases creating a buffer overflow. Versions less than or equal to 4.21.0-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3023 | | Last Modified: | Jan 24 01:49:53 2007 |
| MD5 Checksum: | a80760ff41279aa06f56724c5f790c3a |
|
| /// File Name: |
glsa-200701-21.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-21 - The Kerberos administration daemon, and possibly other applications using the GSS-API or RPC libraries, could potentially call a function pointer in a freed heap buffer, or attempt to free an uninitialized pointer. Versions less than 1.5.2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2691 | | Last Modified: | Jan 26 21:33:21 2007 |
| MD5 Checksum: | 416aaab898c19734ca136b7c4382147e |
|
| /// File Name: |
glsa-200701-22.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-22 - Squid fails to correctly handle ftp:// URI's. There is also an error in the external_acl queue which can cause an infinite looping condition. Versions less than 2.6.7 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2701 | | Last Modified: | Jan 26 23:06:00 2007 |
| MD5 Checksum: | 610c37d0ca0db59710755f281679c3f6 |
|
| /// File Name: |
glsa-200701-23.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-23 - rgod discovered that the Cacti cmd.php and copy_cacti_user.php scripts do not properly control access to the command shell, and are remotely accessible by unauthenticated users. This allows SQL injection via cmd.php and copy_cacti_user.php URLs. Further, the results from the injected SQL query are not properly sanitized before being passed to a command shell. The vulnerabilities require that the register_argc_argv option is enabled, which is the Gentoo default. Also, a number of similar problems in other scripts were reported. Versions less than 0.8.6i-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2872 | | Last Modified: | Jan 26 23:18:24 2007 |
| MD5 Checksum: | 20755595642f5525d446d60a180d6784 |
|
| /// File Name: |
glsa-200701-24.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-24 - Kevin Finisterre has discovered that when handling media locations, various functions throughout VLC media player make improper use of format strings. Versions less than 0.8.6-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2589 | | Last Modified: | Jan 26 23:21:59 2007 |
| MD5 Checksum: | 3a87d60d4bd0556d18867ef4c2c999b7 |
|
| /// File Name: |
glsa-200701-25.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-25 - Multiple memory corruption vulnerabilities have been found in the ProcDbeGetVisualInfo() and the ProcDbeSwapBuffers() of the DBE extension, and ProcRenderAddGlyphs() in the Render extension. Versions less than 1.1.1-r4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2893 | | Last Modified: | Jan 29 11:32:22 2007 |
| MD5 Checksum: | 7b32d79997096fb64e0c1d9f92b12c2b |
|
| /// File Name: |
ipswitch2007.txt |
Description:
|
Ipswitch WS_FTP 2007 Professional suffers from an access violation vulnerability.
| | Author: | sapheal | | File Size: | 1003 | | Last Modified: | Jan 13 20:07:30 2007 |
| MD5 Checksum: | 287a3ed0e588dd0aa0e24b95b2c9b39d |
|
| /// File Name: |
isowincmd.txt |
Description:
|
A vulnerability has been found in iso_wincmd Total Commander Plugin. When exploited, the vulnerability allows execution of arbitrary code when the user opens a malicious ISO file. iso_wincmd version 1.7.3.3 (1.7.3 Beta 3) and version 1.6.10 have this vulnerability.
| | Author: | Tan Chew Keong | | File Size: | 536 | | Last Modified: | Jan 1 21:52:24 2007 |
| MD5 Checksum: | b3ac2b9dd555ef8a538c284504861dc2 |
|
| /// File Name: |
lds-18.txt |
Description:
|
A format string vulnerability has been discovered within BitDefender Client Professional Plus build 8.02.
| | Author: | Deral Heiland | | Homepage: | http://www.LayeredDefense.com | | File Size: | 1749 | | Last Modified: | Jan 19 22:51:24 2007 |
| MD5 Checksum: | 133280dc130ba6c0ed48e28b6f9afd8c |
|
| /// File Name: |
LS-20061002.pdf |
Description:
|
LSsec has discovered a vulnerability in Computer Associates BrightStor ARCserve Backup version 11.5, which could be exploited by an anonymous attacker in order to execute arbitrary code with SYSTEM privileges on an affected system.
| | Homepage: | http://www.lssec.com/ | | File Size: | 10892 | | Last Modified: | Jan 13 19:42:59 2007 |
| MD5 Checksum: | 2a88fd2c9cc44efd2cf38e86bd71bb0f |
|
| /// File Name: |
LS-20061102.pdf |
Description:
|
LSsec has discovered a vulnerability in Business Objects Crystal Reports XI Professional, which could be exploited by an attacker in order to execute arbitrary code on an affected system. Exploitation requires that the attacker coerce the target user into opening a malicious .RPT file.
| | Homepage: | http://www.lssec.com/ | | Related Exploit: | LS-20061102.rar | | File Size: | 17597 | | Last Modified: | Jan 5 02:22:38 2007 |
| MD5 Checksum: | fb382ee64fb9b1d4a0314fc038312ca6 |
|
| /// File Name: |
MDKSA-2007-001.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier allow user-assisted remote attackers to execute arbitrary code via long strings in ITP files used by the CSoundFile::ReadITProject function in soundlib/Load_it.cpp and crafted modules used by the CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as demonstrated by crafted AMF files.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2762 | | Related CVE(s): | CVE-2006-4192 | | Last Modified: | Jan 2 20:52:43 2007 |
| MD5 Checksum: | 51a3a40df8054e9dcf031fcb45413519 |
|
| /// File Name: |
MDKSA-2007-002.txt |
Description:
|
Mandriva Linux Security Advisory - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. The Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which could allow a local user to cause a Denial of Service (process crash). The seqfile handling in the 2.6 kernel up to 2.6.18 allows local users to cause a DoS (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels. An integer overflow in the 2.6 kernel prior to 2.6.18.4 could allow a local user to execute arbitrary code via a large maxnum value in an ioctl request. A race condition in the ISO9660 filesystem handling could allow a local user to cause a DoS (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures. A vulnerability in the bluetooth support could allow for overwriting internal CMTP and CAPI data structures via malformed packets.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5011 | | Related CVE(s): | CVE-2006-5757, CVE-2006-5751, CVE-2006-5173, CVE-2006-5619, CVE-2006-6106 | | Last Modified: | Jan 2 20:56:02 2007 |
| MD5 Checksum: | c52590a8885f06097dd021687a1f9561 |
|
| /// File Name: |
MDKSA-2007-003.txt |
Description:
|
Mandriva Linux Security Advisory - The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that points to itself.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6281 | | Related CVE(s): | CVE-2006-6870 | | Last Modified: | Jan 13 17:50:35 2007 |
| MD5 Checksum: | 364fffd615a57fbb8ea2473c274c3209 |
|
| /// File Name: |
MDKSA-2007-004.txt |
Description:
|
Mandriva Linux Security Advisory - Dean Gaudet discovered the geoipupdate utility fails to do sanity checking on the filename returned by "GET /app/update_getfilename?product_id=%s".
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2934 | | Last Modified: | Jan 13 17:54:08 2007 |
| MD5 Checksum: | e457892cf44a968efdf07c9fed540c49 |
|
| /// File Name: |
MDKSA-2007-006.txt |
Description:
|
Mandriva Linux Security Advisory - Several integer overflows were discovered in the OpenOffice.org WMF file processor. An attacker could create a carefully crafted WMF file that would cause OpenOffice.org to execute arbitrary code when opened.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 21330 | | Related CVE(s): | CVE-2006-5870 | | Last Modified: | Jan 13 18:30:38 2007 |
| MD5 Checksum: | d149d9cdcedfeecc30106ca461c1d2a4 |
|
| /// File Name: |
MDKSA-2007-007.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in the NVIDIA Xorg driver was discovered by Derek Abdine who found that it did not correctly verify the size of buffers used to render text glyphs, resulting in a crash of the server when displaying very long strings of text. If a user was tricked into viewing a specially crafted series of glyphs, this flaw could be exploited to run arbitrary code with root privileges.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3072 | | Related CVE(s): | CVE-2006-5379 | | Last Modified: | Jan 13 18:45:14 2007 |
| MD5 Checksum: | 7d26cb114323b4398a01d9a778daebef |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
