Section: .. / 0704-advisories /
| /// File Name: |
sa24933.txt |
Description:
|
Secunia Security Advisory - Patrick Webster has reported a vulnerability in webMethods Glue, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/24933/ | | File Size: | 2667 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | b92e817fffd01fb446c8b70d1f8e0ccf |
|
| /// File Name: |
sa24931.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for madwifi-ng. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of potentially sensitive information or cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24931/ | | File Size: | 1987 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | 514f849118625e9f619d5f01a4cc6562 |
|
| /// File Name: |
sa24930.txt |
Description:
|
Secunia Security Advisory - HP has acknowledged some vulnerabilities in HP Tru64 Unix.
| | Homepage: | http://secunia.com/advisories/24930/ | | File Size: | 3244 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | 06c2cd76edae4729bf7043fd93145e8e |
|
| /// File Name: |
sa24929.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in various Oracle products. Some of these vulnerabilities have unknown impacts, while others can be exploited to bypass certain security restrictions, cause a DoS (Denial of Service), conduct cross-site scripting and SQL injection attacks, or potentially compromise a vulnerable system..
| | Homepage: | http://secunia.com/advisories/24929/ | | File Size: | 4393 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | 017d3f021ebef93c834ee213d0fd502d |
|
| /// File Name: |
sa24927.txt |
Description:
|
Secunia Security Advisory - Frank Dick has reported a vulnerability in Sun Solaris and Java Web Console, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24927/ | | File Size: | 2780 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | 467c81a03bbc999037a729c2700e8771 |
|
| /// File Name: |
sa24918.txt |
Description:
|
Secunia Security Advisory - Gentoo has acknowledged a security issue in file, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24918/ | | File Size: | 2205 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | f17ccc4ce0314bc58e538f04e046c24d |
|
| /// File Name: |
sa24917.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for freeradius. This fixes a security issue, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24917/ | | File Size: | 1885 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | bff5af11fcc7491a8937570cb28eed61 |
|
| /// File Name: |
sa24914.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in McAfee VirusScan Enterprise, which can be exploited by malicious people to cause a DoS or to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24914/ | | File Size: | 2788 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | dcafad0ad0ca60152e5a56fd7c14eab0 |
|
| /// File Name: |
sa24908.txt |
Description:
|
Secunia Security Advisory - Dj7xpl has discovered a vulnerability in Anthologia, which can be exploited by malicious people to compromise a vulnerable system or to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/24908/ | | File Size: | 2282 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | f31cb2db3a6386b8a121e7521fb47552 |
|
| /// File Name: |
sa24893.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in McAfee e-Business Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24893/ | | File Size: | 2817 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | 79ca0e592b68c9f8f2a3f1eeaafd734a |
|
| /// File Name: |
sa24887.txt |
Description:
|
Secunia Security Advisory - Janek Vind has discovered some vulnerabilities in the vWar module for PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks and cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/24887/ | | File Size: | 3079 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | 5b0f841e632590910b69622773f854c0 |
|
| /// File Name: |
sa24867.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in ProFTPD, which potentially can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/24867/ | | File Size: | 2298 | | Last Modified: | Apr 19 02:36:06 2007 |
| MD5 Checksum: | f4eff58573dcaa012f23e189d770f4f5 |
|
| /// File Name: |
netsprint-exec.txt |
Description:
|
Netsprint Toolbar version 1.1 suffers from a buffer overrun vulnerability.
| | Author: | sapheal | | File Size: | 1059 | | Last Modified: | Apr 17 19:12:49 2007 |
| MD5 Checksum: | 2ae740719c2b81e7db1a73aa004b36d6 |
|
| /// File Name: |
04.16.07-2.txt |
Description:
|
iDefense Security Advisory 04.16.07 - Remote exploitation of a buffer overflow vulnerability in Akamai Technologies, Inc's Download Manager ActiveX Control could allow an attacker to execute arbitrary code within the security context of the targeted user. iDefense has confirmed the existence of this vulnerability within version 2.2.0.5 of Akamai Technologies Inc's DownloadManagerV2.ocx. All older versions are suspected to be vulnerable.
| | Author: | McSlibin | | Homepage: | http://www.idefense.com/ | | File Size: | 4175 | | Related CVE(s): | CVE-2007-1891 | | Last Modified: | Apr 17 19:11:08 2007 |
| MD5 Checksum: | c84a7094094da11cbde394fb5d68e9d3 |
|
| /// File Name: |
MDKSA-2007-086.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw was discovered in how CUPS handled SSL negotiation that could allow a remote attacker capable of connecting to the CUPS daemon to cause a DoS to other CUPS users.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5779 | | Related CVE(s): | CVE-2007-0720 | | Last Modified: | Apr 17 19:09:50 2007 |
| MD5 Checksum: | eacc9aaf506e8f243a6cf84adeb1cbe7 |
|
| /// File Name: |
glsa-200704-12.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-12 - John Heasman of NGSSoftware has discovered a stack-based buffer overflow in the StarCalc parser and an input validation error when processing metacharacters in a link. Also OpenOffice.Org includes code from libwpd making it vulnerable to heap-based overflows when converting WordPerfect document tables (GLSA 200704-07). Versions less than 2.1.0-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3582 | | Related CVE(s): | CVE-2007-0002, CVE-2007-0238, CVE-2007-0239 | | Last Modified: | Apr 17 19:09:04 2007 |
| MD5 Checksum: | 808ac7bd7870bd34227ed9c74e8c24ec |
|
| /// File Name: |
MDKSA-2007-085.txt |
Description:
|
Mandriva Linux Security Advisory - A memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7632 | | Related CVE(s): | CVE-2007-2028 | | Last Modified: | Apr 17 19:08:57 2007 |
| MD5 Checksum: | ca5b8b1d8286850c8478cdfa66b19dda |
|
| /// File Name: |
MDKSA-2007-084.txt |
Description:
|
Mandriva Linux Security Advisory - The ipsec-tools package prior to version 0.6.7 allows remote attackers to cause a Denial of Service (tunnel crash) via crafted DELTE and NOTIFY messages.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4732 | | Related CVE(s): | CVE-2007-1841 | | Last Modified: | Apr 17 19:08:22 2007 |
| MD5 Checksum: | 50244c14b7e61065a25cf150c68bee6c |
|
| /// File Name: |
ATSA-2007-001.txt |
Description:
|
Akamai Technologies Security Advisory 2007-0001 - Two security vulnerabilities have been discovered in the ActiveX version of Akamai Download Manager. For successful exploitation, both vulnerabilities require the user to visit a malicious URL, triggering a stack-based buffer overflow that allows the attacker to execute arbitrary code within the context of the victim.
| | Author: | Fortinet, iDefense | | Homepage: | http://www.akamai.com/ | | File Size: | 4477 | | Related CVE(s): | CVE-2007-1891, CVE-2007-1892 | | Last Modified: | Apr 17 19:07:48 2007 |
| MD5 Checksum: | c35d99f51e62cd01b32e771ab6142984 |
|
| /// File Name: |
glsa-200704-11.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-11 - During an internal audit, Raphael Marichez of the Gentoo Linux Security Team found that Vixie Cron has weak permissions set on Gentoo, allowing for a local user to create hard links to system and users cron files, while a st_nlink check in database.c will generate a superfluous error. Versions less than 4.1-r10 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2767 | | Related CVE(s): | CVE-2007-1856 | | Last Modified: | Apr 17 18:33:41 2007 |
| MD5 Checksum: | a43e77a55d5756dddb7cd414526044d5 |
|
| /// File Name: |
04.16.07-1.txt |
Description:
|
iDefense Security Advisory 04.16.07 - Remote exploitation of a buffer overflow vulnerability in Clam AntiVirus' ClamAV allows attackers to execute arbitrary code with the privileges of the affected process. The vulnerability exists within the cab_unstore() function in libclamav, the library used by clamd to scan various file types. A 32-bit signed integer is taken from the packet and compared against the sizeof() the destination buffer. However, the sizeof() return value is improperly casted to a signed integer. By supplying a negative value, an attacker can pass cause the comparison to succeed. This eventually leads to an exploitable stack-based buffer overflow. iDefense has confirmed the existence of this vulnerability in ClamAV in versions 0.90rc3 through 0.90.1.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3463 | | Related CVE(s): | CVE-2007-1997 | | Last Modified: | Apr 17 18:32:28 2007 |
| MD5 Checksum: | c651a7e917f03cee3ad31c1a26299810 |
|
| /// File Name: |
major_rls45.txt |
Description:
|
oe2edit CMS suffers from cross site scripting and cookie manipulation vulnerabilities.
| | Author: | David "Aesthetico" Vieira-Kurz | | Homepage: | http://www.majorsecurity.de | | File Size: | 1821 | | Last Modified: | Apr 17 18:26:25 2007 |
| MD5 Checksum: | 15f09e8a2f7efe6e974bb9cc644005cb |
|
| /// File Name: |
sa24924.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24924/ | | File Size: | 2533 | | Last Modified: | Apr 17 18:18:04 2007 |
| MD5 Checksum: | 4da313c99fa7d8548e48f21c51a44fa7 |
|
| /// File Name: |
sa24919.txt |
Description:
|
Secunia Security Advisory - David Vieira-Kurz has reported a vulnerability in oe2edit, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/24919/ | | File Size: | 2102 | | Last Modified: | Apr 17 18:18:04 2007 |
| MD5 Checksum: | cf13f0d8d2b7cd3a513617e911f1b3e0 |
|
| /// File Name: |
sa24913.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in the Wizz RSS News Reader extension for Mozilla Firefox, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24913/ | | File Size: | 2448 | | Last Modified: | Apr 17 18:18:04 2007 |
| MD5 Checksum: | 25e53b2d3fffebc71f45741e7333fb02 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
