Section: .. / 0802-advisories /
| /// File Name: |
sa28865.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for icedove. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28865/ | | File Size: | 19487 | | Last Modified: | Feb 12 14:09:00 2008 |
| MD5 Checksum: | 13a5c2cd407cf5c134264e326dbcca38 |
|
| /// File Name: |
dsa-1494-1.txt |
Description:
|
Debian Security Advisory 1494-1 - The vmsplice system call did not properly verify address arguments passed by user space processes, which allowed local attackers to overwrite arbitrary kernel memory, gaining root privileges. In the vserver-enabled kernels, a missing access check on certain symlinks in /proc enabled local attackers to access resources in other vservers.
| | Homepage: | http://www.debian.org/security | | File Size: | 19108 | | Related CVE(s): | CVE-2008-0010, CVE-2008-0600, CVE-2008-0163 | | Last Modified: | Feb 11 14:05:40 2008 |
| MD5 Checksum: | b42537a9d76554c92306fe4961b6dc02 |
|
| /// File Name: |
sa28806.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes some security issues and vulnerabilities, where some have unknown impacts and others can be exploited by malicious, local users to disclose potentially sensitive information, bypass certain security restrictions, corrupt a file system, and gain escalated privileges, or by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28806/ | | File Size: | 19085 | | Last Modified: | Feb 11 13:45:05 2008 |
| MD5 Checksum: | 11c0c2548bbed6b7bd80f5602759c9a7 |
|
| /// File Name: |
dsa-1506-1.txt |
Description:
|
Debian Security Advisory 1506-1 - Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.
| | Homepage: | http://www.debian.org/security | | File Size: | 19052 | | Related CVE(s): | CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594 | | Last Modified: | Feb 25 11:13:52 2008 |
| MD5 Checksum: | 76d9e510ec6e6ed82b90c17c5eb189fb |
|
| /// File Name: |
USN-582-1.txt |
Description:
|
Ubuntu Security Notice 582-1 - It was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type. If a user were to open a specially crafted email, an attacker could cause a denial of service via application crash or possibly execute arbitrary code as the user. Various flaws were discovered in Thunderbird and its JavaScript engine. By tricking a user into opening a malicious message, an attacker could execute arbitrary code with the user's privileges. Various flaws were discovered in the JavaScript engine. By tricking a user into opening a malicious message, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges. Gerry Eisenhaur discovered that the chrome URI scheme did not properly guard against directory traversal. Under certain circumstances, an attacker may be able to load files or steal session data. Ubuntu is not vulnerable in the default installation. Flaws were discovered in the BMP decoder. By tricking a user into opening a specially crafted BMP file, an attacker could obtain sensitive information.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 18598 | | Related CVE(s): | CVE-2008-0420, CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0304, CVE-2008-0418 | | Last Modified: | Mar 3 14:33:19 2008 |
| MD5 Checksum: | 34890bd0a0e9cf83e242f860168920b9 |
|
| /// File Name: |
sa28875.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for linux-2.6. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28875/ | | File Size: | 17870 | | Last Modified: | Feb 12 21:39:47 2008 |
| MD5 Checksum: | e9db2e4246380ad0086b3d1889ebf40e |
|
| /// File Name: |
sa28738.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for pulseaudio. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/28738/ | | File Size: | 16642 | | Last Modified: | Feb 1 17:35:37 2008 |
| MD5 Checksum: | 5ef1059333bbe14ac24566a3850555c9 |
|
| /// File Name: |
dsa-1499-1.txt |
Description:
|
Debian Security Advisory 1499-1 - It was discovered that specially crafted regular expressions involving codepoints greater than 255 could cause a buffer overflow in the PCRE library.
| | Homepage: | http://www.debian.org/security | | File Size: | 16477 | | Related CVE(s): | CVE-2008-0674 | | Last Modified: | Feb 20 00:50:34 2008 |
| MD5 Checksum: | 95dfbe17ccdafbc52101bb3a4f2b8e9f |
|
| /// File Name: |
sa29086.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for iceape. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29086/ | | File Size: | 15942 | | Last Modified: | Feb 25 20:14:50 2008 |
| MD5 Checksum: | 8621e415b558a697a15f38d98629a02f |
|
| /// File Name: |
sa28957.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for pcre3. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/28957/ | | File Size: | 15511 | | Last Modified: | Feb 20 23:22:27 2008 |
| MD5 Checksum: | f3036784a01550627f44862f4deaa041 |
|
| /// File Name: |
dsa-1497-1.txt |
Description:
|
Debian Security Advisory 1497-1 - Several vulnerabilities have been discovered in the Clam anti-virus toolkit, which may lead to the execution of arbitrary or local denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 15426 | | Related CVE(s): | CVE-2007-6596, CVE-2008-0318 | | Last Modified: | Feb 17 21:32:37 2008 |
| MD5 Checksum: | 419ea804dac0c882350b048a29e86cf6 |
|
| /// File Name: |
dsa-1508-1.txt |
Description:
|
Debian Security Advisory 1508-1 - Dan Dennison discovered that Diatheke, a CGI program to make a bible website, performs insufficient sanitising of a parameter, allowing a remote attacker to execute arbitrary shell commands as the web server user.
| | Homepage: | http://www.debian.org/security | | File Size: | 15005 | | Related CVE(s): | CVE-2008-0932 | | Last Modified: | Feb 25 16:11:08 2008 |
| MD5 Checksum: | a691db077309b48439b497dcbe48b208 |
|
| /// File Name: |
dsa-1501-1.txt |
Description:
|
Debian Security Advisory 1501-1 - Tobias Gruetzmacher discovered that a Debian-provided CRON script in dspam, a statistical spam filter, included a database password on the command line when using the MySQL backend. This allowed a local attacker to read the contents of the dspam database, such as emails.
| | Homepage: | http://www.debian.org/security | | File Size: | 14918 | | Related CVE(s): | CVE-2007-6418 | | Last Modified: | Feb 22 02:51:03 2008 |
| MD5 Checksum: | 24894da35ec0609f00e10eb5e356a420 |
|
| /// File Name: |
dsa-1480-1.txt |
Description:
|
Debian Security Advisory 1480-1 - Alin Rad Pop discovered several buffer overflows in the Poppler PDF library, which could allow the execution of arbitrary code if a malformed PDF file is opened.
| | Homepage: | http://www.debian.org/security | | File Size: | 14473 | | Related CVE(s): | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 | | Last Modified: | Feb 5 21:47:17 2008 |
| MD5 Checksum: | c30ee030a44ee251528b284774f55794 |
|
| /// File Name: |
USN-581-1.txt |
Description:
|
Ubuntu Security Notice 581-1 - It was discovered that PCRE did not correctly handle very long strings containing UTF8 sequences. In certain situations, an attacker could exploit applications linked against PCRE by tricking a user or automated system in processing a malicious regular expression leading to a denial of service or possibly arbitrary code execution.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 14176 | | Related CVE(s): | CVE-2008-0674 | | Last Modified: | Feb 22 02:52:23 2008 |
| MD5 Checksum: | 4dbd038f45013cc12873a363da6b0838 |
|
| /// File Name: |
sa28949.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28949/ | | File Size: | 14168 | | Last Modified: | Feb 18 21:35:08 2008 |
| MD5 Checksum: | 8db68a9e9b1099ab73bccfc7e33ac16a |
|
| /// File Name: |
sa29027.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for pcre3. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/29027/ | | File Size: | 14031 | | Last Modified: | Feb 22 19:49:38 2008 |
| MD5 Checksum: | 1b6bd564d7d2e1ddd69924d101444152 |
|
| /// File Name: |
sa29059.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for dspam. This fixes a security issue, which can be exploited by malicious, local users to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/29059/ | | File Size: | 14002 | | Last Modified: | Feb 22 19:48:31 2008 |
| MD5 Checksum: | 2411c2f8aa6c34f2ffc619779506ce16 |
|
| /// File Name: |
sa25400.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for diatheke. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/25400/ | | File Size: | 13966 | | Last Modified: | Feb 27 01:35:25 2008 |
| MD5 Checksum: | c64d8b1c9cb3e438071949b3eb4cb15d |
|
| /// File Name: |
sa28698.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges or cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28698/ | | File Size: | 13761 | | Last Modified: | Feb 6 16:48:39 2008 |
| MD5 Checksum: | 3489c6c8adf4aaf46399e14bd3f6271c |
|
| /// File Name: |
sa28812.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for poppler. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/28812/ | | File Size: | 13647 | | Last Modified: | Feb 6 20:07:43 2008 |
| MD5 Checksum: | b4d3aad511241691b6b0d377678e970b |
|
| /// File Name: |
sa28958.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for MozillaFirefox and seamonkey. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28958/ | | File Size: | 13159 | | Last Modified: | Feb 18 21:35:08 2008 |
| MD5 Checksum: | dde26da14313200ebec69ec69b4aaacd |
|
| /// File Name: |
MDVSA-2008-055.txt |
Description:
|
Mandriva Linux Security Advisory - Chris Evans found a buffer overflow condition in Ghostscript, which can lead to arbitrary code execution as the user running any application using it to process a maliciously crafted Postscript file.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 13100 | | Related CVE(s): | CVE-2008-0411 | | Last Modified: | Mar 3 14:20:41 2008 |
| MD5 Checksum: | 52ccd7ac9349294e22e4288af884a5a8 |
|
| /// File Name: |
dsa-1510-1.txt |
Description:
|
Debian Security Advisory 1510-1 - Chris Evans discovered a buffer overflow in the color space handling code of the Ghostscript PostScript/PDF interpreter, which might result in the execution of arbitrary code if a user is tricked into processing a malformed file.
| | Homepage: | http://www.debian.org/security | | File Size: | 12758 | | Related CVE(s): | CVE-2008-0411 | | Last Modified: | Feb 27 13:48:09 2008 |
| MD5 Checksum: | 494c001d4244d76d9882a2ef7cc2fcc3 |
|
| /// File Name: |
dsa-1493-1.txt |
Description:
|
Debian Security Advisory 1493-1 - Several local/remote vulnerabilities have been discovered in the image loading library for the Simple DirectMedia Layer 1.2. Gynvael Coldwind discovered a buffer overflow in GIF image parsing, which could result in denial of service and potentially the execution of arbitrary code. It was discovered that a buffer overflow in IFF ILBM image parsing could result in denial of service and potentially the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 12740 | | Related CVE(s): | CVE-2007-6697, CVE-2008-0554 | | Last Modified: | Feb 11 14:04:19 2008 |
| MD5 Checksum: | 72bbc9959cf2a3e4342467b27b1fbd0d |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
