Section: .. / 0804-advisories /
| /// File Name: |
oCERT-2008-004.txt |
Description:
|
The reference speex decoder from the Speex library performs insufficient boundary checks on a header structure read from user input, this has been reported in oCERT-2008-002 advisory. Further investigation showed that several packages include similar code and are therefore vulnerable.
| | Author: | Andrea Barisani | | Homepage: | http://www.ocert.org/ | | File Size: | 2793 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | Apr 17 12:58:01 2008 |
| MD5 Checksum: | 51e341fb5d9d1dddb0849ae4adcf0490 |
|
| /// File Name: |
MDVSA-2008-087.txt |
Description:
|
Mandriva Linux Security Advisory - A format string vulnerability in the grant helper, in PolicyKit 0.7 and earlier, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2904 | | Related CVE(s): | CVE-2008-1658 | | Last Modified: | Apr 17 12:55:58 2008 |
| MD5 Checksum: | 018352abb4873073e6efe935b5d5ed7a |
|
| /// File Name: |
FreeBSD-SA-08-05.openssh.txt |
Description:
|
FreeBSD Security Advisory - OpenSSH has a X11-forwarding privilege escalation issue. When logging in via SSH with X11-forwarding enabled, sshd(8) fails to correctly handle the case where it fails to bind to an IPv4 port but successfully binds to an IPv6 port. In this case, applications which use X11 will connect to the IPv4 port, even though it had not been bound by sshd(8) and is therefore not being securely forwarded.
| | Homepage: | http://security.freebsd.org/ | | File Size: | 5931 | | Related CVE(s): | CVE-2008-1483 | | Last Modified: | Apr 17 12:54:59 2008 |
| MD5 Checksum: | f72e2f658b80a6129b0b66d7c1896f52 |
|
| /// File Name: |
sa29761.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for redhat-ds-admin. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/29761/ | | File Size: | 3102 | | Last Modified: | Apr 16 18:08:48 2008 |
| MD5 Checksum: | 8c12dab937d23d491310405bcfe526be |
|
| /// File Name: |
sa29785.txt |
Description:
|
Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose sensitive information, or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29785/ | | File Size: | 2869 | | Last Modified: | Apr 16 18:08:48 2008 |
| MD5 Checksum: | 44845a6a5d3aa394f71082ee9f9066e6 |
|
| /// File Name: |
ZDI-08-022.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in WebKit. When nesting regular expressions with large repetitions, a heap overflow occurs resulting in a condition allowing the execution of arbitrary code.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3372 | | Related CVE(s): | CVE-2008-1026 | | Last Modified: | Apr 16 18:08:34 2008 |
| MD5 Checksum: | 8c59082cde3c46c9f1624a17dd595252 |
|
| /// File Name: |
cadsm-activex.txt |
Description:
|
CA products that implement the DSM gui_cm_ctrls ActiveX control contain a vulnerability that can allow a remote attacker to cause a denial of service or execute arbitrary code. The vulnerability is due to insufficient verification of function arguments by the gui_cm_ctrls control. An attacker can execute arbitrary code under the context of the user running the web browser.
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 8206 | | Related CVE(s): | CVE-2008-1786 | | Last Modified: | Apr 16 18:07:18 2008 |
| MD5 Checksum: | 0459d642cca948564271c7536b495555 |
|
| /// File Name: |
04.15.08-1.txt |
Description:
|
iDefense Security Advisory 04.15.08 - Local exploitation of a design error vulnerability in Oracle Corp.'s Application Express web application development tool allows attackers to gain elevated privileges. The vulnerability exists in "run_ddl" function within the "wwv_execute_immediate" package. This package is included in the "flows_030000" schema. This function allows attackers to execute SQL commands as any database user, such as SYS. iDefense confirmed the existence of this vulnerability in Oracle Application Express version 3.0.1.00.08, which is installed by default with Oracle Database 11g R1 (version 11.1.0.6.0). Previous versions may also be affected. However, Oracle Database 10g R2 does not install Oracle Application Express by default.
| | Author: | Joxean Koret | | Homepage: | http://www.idefense.com/ | | File Size: | 3626 | | Related CVE(s): | CVE-2008-1811 | | Last Modified: | Apr 16 17:56:48 2008 |
| MD5 Checksum: | 1e409ad2d78ffd4cf194be4d198943f6 |
|
| /// File Name: |
cisco-sa-20080416-nac.txt |
Description:
|
Cisco Security Advisory - A vulnerability exists in the Cisco Network Admission Control (NAC) Appliance that can allow an attacker to obtain the shared secret that is used between the Cisco Clean Access Server (CAS) and the Cisco Clean Access Manager (CAM).
| | Homepage: | http://www.cisco.com/ | | File Size: | 12378 | | Related CVE(s): | CVE-2008-1155 | | Last Modified: | Apr 16 17:53:33 2008 |
| MD5 Checksum: | f0a4beb6ab4ff7f5a8cf2431ee424f93 |
|
| /// File Name: |
INFIGO-2008-04-08.txt |
Description:
|
INFIGO IS's security team has identified a critical remote buffer overflow vulnerability in the latest ICQ version (ICQ 6.0).
| | Author: | Leon Juranic | | Homepage: | http://www.infigo.hr/ | | File Size: | 4045 | | Last Modified: | Apr 16 17:52:46 2008 |
| MD5 Checksum: | c38cbe7ca06aa48e9bbb69dd2592ca5c |
|
| /// File Name: |
sa29734.txt |
Description:
|
Secunia Security Advisory - cO2 has discovered a vulnerability in Lasernet CMS, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/29734/ | | File Size: | 2557 | | Last Modified: | Apr 16 17:41:11 2008 |
| MD5 Checksum: | 90d978397473dcb97320364aef62e1b2 |
|
| /// File Name: |
sa29780.txt |
Description:
|
Secunia Security Advisory - securfrog has discovered a vulnerability in DivX Player, which can potentially be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29780/ | | File Size: | 2704 | | Last Modified: | Apr 16 17:41:11 2008 |
| MD5 Checksum: | 4f6dadcd0e30bc6642528e945c39a3b5 |
|
| /// File Name: |
sa29784.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in IBM DB2, which can be exploited by malicious, local users to perform certain actions with escalated privileges or gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/29784/ | | File Size: | 3602 | | Last Modified: | Apr 16 17:41:11 2008 |
| MD5 Checksum: | 9512ba9a95045197b5dd424c6c094f00 |
|
| /// File Name: |
sa29819.txt |
Description:
|
Secunia Security Advisory - Morgan ARMAND has discovered a vulnerability in DotClear, which can be exploited by malicious users to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29819/ | | File Size: | 2731 | | Last Modified: | Apr 16 17:41:11 2008 |
| MD5 Checksum: | 8685552fa92326fe82aa8747b5978abb |
|
| /// File Name: |
sa29829.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported for various Oracle products. Some vulnerabilities have unknown impacts while others can be exploited by malicious users to bypass certain security restrictions, conduct SQL injection attacks, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29829/ | | File Size: | 5303 | | Last Modified: | Apr 16 17:41:11 2008 |
| MD5 Checksum: | b8cd33ef86351c7b632f595747903373 |
|
| /// File Name: |
sa29831.txt |
Description:
|
Secunia Security Advisory - Matteo Memelli has discovered a vulnerability in BigAnt Messenger, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29831/ | | File Size: | 2564 | | Last Modified: | Apr 16 17:41:11 2008 |
| MD5 Checksum: | ae6046d1d249b5dfba06d158be02f3dd |
|
| /// File Name: |
sa29832.txt |
Description:
|
Secunia Security Advisory - Felipe Sateler has discovered a security issue in Cecilia, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/29832/ | | File Size: | 2525 | | Last Modified: | Apr 16 17:41:11 2008 |
| MD5 Checksum: | 372439d51d074727d97a51603b5b52f0 |
|
| /// File Name: |
MDVSA-2008-086.txt |
Description:
|
Mandriva Linux Security Advisory - The isdn_ioctl function in isdn_common.c in the Linux kernel prior to 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which trigger a buffer overflow. The do_corefump function in fs/exec.c in the Linux kernel prior to 2.6.24-rc3 did not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which could possibly allow local users to obtain sensitive information. The shmem_getpage function in mm/shmem.c in the Linux kernel versions 2.6.11 through 2.6.23 did not properly clear allocated memory in certain rare circumstances related to tmps, which could possibly allow local users to read sensitive kernel data or cause a crash.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5064 | | Related CVE(s): | CVE-2007-6151, CVE-2007-6417, CVE-2007-6206 | | Last Modified: | Apr 15 22:23:15 2008 |
| MD5 Checksum: | 3b12b60b85bd9e3f44e1959c914adee2 |
|
| /// File Name: |
04.14.08-2.txt |
Description:
|
iDefense Security Advisory 04.14.08 - Remote exploitation of a heap overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. The vulnerability exists within the code responsible for reading in sections within a PE binary packed with the WWPack executable compressor. iDefense has confirmed the existence of this vulnerability in ClamAV 0.92.1. Previous versions may also be affected.
| | Author: | Damian Put, Thomas Pollet | | Homepage: | http://www.idefense.com/ | | File Size: | 4038 | | Last Modified: | Apr 15 22:20:03 2008 |
| MD5 Checksum: | 1c921dba4cf8fb44e3d81f7dfc3c50eb |
|
| /// File Name: |
04.14.08-1.txt |
Description:
|
iDefense Security Advisory 04.14.08 - Remote exploitation of a heap overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. The vulnerability exists within the code responsible for decompressing sections within a PE binary packed with the PeSpin executable protector. iDefense has confirmed the existence of this vulnerability in ClamAV 0.92.1. Previous versions may also be affected.
| | Author: | Damian Put | | Homepage: | http://www.idefense.com/ | | File Size: | 4920 | | Related CVE(s): | CVE-2008-0314 | | Last Modified: | Apr 15 22:19:13 2008 |
| MD5 Checksum: | 0cff3792678a8d41bb86d0a0066243e0 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
