Section: .. / 0802-advisories /
| /// File Name: |
ezipirla.txt |
Description:
|
EztremeZ-IP File and Printer Server versions 5.1.2x15 and below suffer from crash and directory traversal vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | ezipirla.zip | | File Size: | 3173 | | Last Modified: | Feb 11 16:32:45 2008 |
| MD5 Checksum: | e8e2f8f64e5912135317b34018724271 |
|
| /// File Name: |
sa28978.txt |
Description:
|
Secunia Security Advisory - Luca ikki Carettoni has reported a security issue and some vulnerabilities in Philips VOIP841, which can be exploited by malicious people to disclose sensitive information, conduct cross-site scripting attacks, and to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/28978/ | | File Size: | 3173 | | Last Modified: | Feb 20 23:22:27 2008 |
| MD5 Checksum: | 6708ad472b7019291875f9d85dc9ce37 |
|
| /// File Name: |
vmsplice-vuln.txt |
Description:
|
Multiple vulnerabilities have been discovered in the vmsplice() system call introduced in the Linux 2.6.23 kernel.
| | Author: | Wojciech Purczynski | | File Size: | 3159 | | Last Modified: | Feb 12 14:33:44 2008 |
| MD5 Checksum: | d28e6b0c84519bcbd0969e82b692bd13 |
|
| /// File Name: |
sa28974.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Dokeos, which can be exploited by malicious people to conduct cross-site scripting, script insertion, and SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/28974/ | | File Size: | 3156 | | Last Modified: | Feb 17 20:53:22 2008 |
| MD5 Checksum: | 7bac24fae6460d4ccdd47ec23b80a6de |
|
| /// File Name: |
01.31.08-2.txt |
Description:
|
iDefense Security Advisory 01.31.08 - Local exploitation of a file creation vulnerability in IBM Corp.'s Informix Dynamic Server allows attackers to elevate privileges to root. The set-uid root "onedcu" command requires six parameters to be specified when it is executed. The second parameter is a "Trace" file that this program will open and write to with elevated privileges.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3136 | | Related CVE(s): | CVE-2008-0368 | | Last Modified: | Feb 4 14:47:49 2008 |
| MD5 Checksum: | 86e2218851920479b4f3aec7120e1fee |
|
| /// File Name: |
sa28840.txt |
Description:
|
Secunia Security Advisory - Alexandr Polyakov and Stas Svistunovich have discovered some vulnerabilities in MODx, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
| | Homepage: | http://secunia.com/advisories/28840/ | | File Size: | 3136 | | Last Modified: | Feb 8 19:15:54 2008 |
| MD5 Checksum: | bdae89cf607d7166c92828691eae6a5f |
|
| /// File Name: |
glsa-200802-07.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200802-07 - Marcus Meissner from SUSE reported that the pa_drop_root() function does not properly check the return value of the system calls setuid(), seteuid(), setresuid() and setreuid() when dropping its privileges. Versions less than 0.9.9 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3129 | | Related CVE(s): | CVE-2008-0008 | | Last Modified: | Feb 13 17:30:57 2008 |
| MD5 Checksum: | 92f7f0c7cd30e14574f1bfebd887e26b |
|
| /// File Name: |
rintintin.txt |
Description:
|
TinTin++ / WinTin++ versions 1.97.9 and below suffer from buffer overflow and file creation vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | rintintin.zip | | File Size: | 3129 | | Last Modified: | Feb 7 23:22:06 2008 |
| MD5 Checksum: | 2a79d4f49f6543c06689dd8aac3e7f20 |
|
| /// File Name: |
sa29010.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in MoinMoin, which can be exploited by malicious people to conduct cross-site scripting attacks, to manipulate certain data, or potentially to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29010/ | | File Size: | 3128 | | Last Modified: | Feb 20 23:22:27 2008 |
| MD5 Checksum: | 31a0af081ed323beeb2f3973ae8fe20e |
|
| /// File Name: |
glsa-200802-01.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200802-01 - The LWZReadByte() function in file IMG_gif.c and the IMG_LoadLBM_RW() function in file IMG_lbm.c each contain a boundary error that can be triggered to cause a static buffer overflow and a heap-based buffer overflow. The first boundary error comes from some old vulnerable GD PHP code (CVE-2006-4484). Versions less than 1.2.6-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3124 | | Related CVE(s): | CVE-2007-6697, CVE-2008-0544 | | Last Modified: | Feb 6 17:48:12 2008 |
| MD5 Checksum: | 482a29deac6a61b9ebe3fd9350656d94 |
|
| /// File Name: |
sa29029.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/29029/ | | File Size: | 3123 | | Last Modified: | Feb 20 23:22:27 2008 |
| MD5 Checksum: | c73fe29828b5d0c91ec5dfe4cc0a5fda |
|
| /// File Name: |
02.19.08-1.txt |
Description:
|
iDefense Security Advisory 02.19.08 - Remote exploitation of multiple heap overflow vulnerabilities in EMC Corp.'s RepliStor could allow an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of these vulnerabilities in EMC RepliStor version 6.2 SP2. Previous versions may also be affected.
| | Author: | Stephen Fewer | | Homepage: | http://www.idefense.com/ | | File Size: | 3122 | | Related CVE(s): | CVE-2007-6426 | | Last Modified: | Feb 21 00:39:20 2008 |
| MD5 Checksum: | 8fdd689c073572f029a49569de013795 |
|
| /// File Name: |
MDVSA-2008-039.txt |
Description:
|
Mandriva Linux Security Advisory - A buffer overflow in the giftopnm utility in netpbm prior to version 10.27 could allow attackers to have an unknown impact via a specially crafted GIF file.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3120 | | Related CVE(s): | CVE-2008-0554 | | Last Modified: | Feb 7 21:33:27 2008 |
| MD5 Checksum: | 0158e14447c2d67b84681e1e62fa324f |
|
| /// File Name: |
PR07-42.txt |
Description:
|
Juniper Networks Secure Access 2000 versions prior to 5.5R3 suffer from a webroot disclosure flaw when parameters are stripped from the remediate.cgi script.
| | Author: | Richard Brain | | Homepage: | http://www.procheckup.com/ | | File Size: | 3114 | | Last Modified: | Feb 28 15:52:18 2008 |
| MD5 Checksum: | f4a33c2f7d2e55d82f70f3ae73a4bc62 |
|
| /// File Name: |
sa28779.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in MPlayer, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28779/ | | File Size: | 3112 | | Last Modified: | Feb 5 18:03:01 2008 |
| MD5 Checksum: | 1b98653558efb704c97c0eab568345ad |
|
| /// File Name: |
sa28955.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for mplayer. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28955/ | | File Size: | 3105 | | Last Modified: | Feb 15 18:04:00 2008 |
| MD5 Checksum: | c01d88180bf6cc1384fdb5a2b0c09063 |
|
| /// File Name: |
sa28893.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Internet Information Services (IIS), which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28893/ | | File Size: | 3100 | | Last Modified: | Feb 12 17:33:42 2008 |
| MD5 Checksum: | aa8908944f765c1f5b8a9656f025330d |
|
| /// File Name: |
ZDI-08-003.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Backup Exec System Recovery Manager. Authentication is not required to exploit this vulnerability. Backup Exec System Recovery Manager versions 7.0 and 7.0.1 are affected.
| | Author: | Titon | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3088 | | Related CVE(s): | CVE-2008-0457 | | Last Modified: | Feb 6 17:46:12 2008 |
| MD5 Checksum: | be7b33818fa9723d29f832bc0b43af58 |
|
| /// File Name: |
sa29032.txt |
Description:
|
Secunia Security Advisory - VMware has issued updates for VMware ESX Server. These fix some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29032/ | | File Size: | 3079 | | Last Modified: | Feb 25 11:11:53 2008 |
| MD5 Checksum: | c980f0fbfd353cdad48ba1b2bcc2deb9 |
|
| /// File Name: |
sa28746.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged a security issue in Sun Java Runtime Environment (JRE), which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/28746/ | | File Size: | 3073 | | Last Modified: | Feb 1 16:27:12 2008 |
| MD5 Checksum: | afd86107a10ed4f2e0e4842802b48fdc |
|
| /// File Name: |
sa28983.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for acroread. This fixes some vulnerabilities, some of which have unknown impacts while others can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28983/ | | File Size: | 3065 | | Last Modified: | Feb 19 21:19:51 2008 |
| MD5 Checksum: | 219df3f1226cb93aebb34b7da79e05ee |
|
| /// File Name: |
glsa-200802-03.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200802-03 - Ulf Harnhammar, Secunia Research discovered that the frame and frameset HTML tags are not properly filtered out. He also reported that certain HTTP requests are executed without being checked. Versions less than 4.1.6 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3051 | | Related CVE(s): | CVE-2007-6018 | | Last Modified: | Feb 11 17:58:38 2008 |
| MD5 Checksum: | 47a0f2adf894a8201011c42accd08a38 |
|
| /// File Name: |
iusa-canon.txt |
Description:
|
Certain Canon Multi Function Devices allow remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.
| | Author: | Nate Johnson | | File Size: | 3032 | | Related CVE(s): | CVE-2008-0303 | | Last Modified: | Mar 3 14:24:57 2008 |
| MD5 Checksum: | 056e6e1dd35f1d8b985326b0416c9b50 |
|
| /// File Name: |
sa28763.txt |
Description:
|
Secunia Security Advisory - Luigi Auriemma has discovered some vulnerabilities in WinCom LPD Total, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28763/ | | File Size: | 2988 | | Last Modified: | Feb 5 19:59:36 2008 |
| MD5 Checksum: | 1639f7025b7ca5d1671bbf7374e34f8a |
|
| /// File Name: |
glsa-200802-05.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200802-05 - Multiple integer overflow and signedness errors have been reported in the excel_read_HLINK() function in file plugins/excel/ms-excel-read.c when processing XLS HLINK opcodes. Versions less than 1.8.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2983 | | Related CVE(s): | CVE-2008-0668 | | Last Modified: | Feb 12 17:56:35 2008 |
| MD5 Checksum: | 2d1bb2508dcb611982e1166e88b8d02d |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
