Section: .. / 0804-advisories /
| /// File Name: |
AKLINK-SA-2008-005.txt |
Description:
|
Apache-SSL versions prior to apache_1.3.41+ssl_1.59 suffer from a memory disclosure vulnerability that may allow for privilege escalation.
| | Author: | Alexander Klink | | Homepage: | https://www.cynops.de/ | | File Size: | 5271 | | Related CVE(s): | CVE-2008-0555 | | Last Modified: | Apr 3 01:13:41 2008 |
| MD5 Checksum: | 2878008d9e266abac14534bd7ec467fe |
|
| /// File Name: |
sa27707.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27707/ | | File Size: | 5268 | | Last Modified: | Apr 8 22:22:39 2008 |
| MD5 Checksum: | b19dedcb71b3e9aed618bfbc7d9cf101 |
|
| /// File Name: |
CAarc-multi.txt |
Description:
|
CA Security Advisory - CA ARCserve Backup for Laptops and Desktops Server contains multiple vulnerabilities that can allow a remote attacker to execute arbitrary code or cause a denial of service condition. CA has issued updates to address the vulnerabilities. The first issue occurs due to insufficient bounds checking on command arguments by the LGServer service. The second issue occurs due to insufficient verification of file uploads by the NetBackup service. In most cases, an attacker can potentially gain complete control of an affected installation. Additionally, only a server installation of BrightStor ARCserve Backup for Laptops and Desktops is affected. The client installation is not affected.
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 5240 | | Related CVE(s): | CVE-2008-1328, CVE-2008-1329 | | Last Modified: | Apr 4 20:08:05 2008 |
| MD5 Checksum: | 579f6632d25d2375c8f0987283a05848 |
|
| /// File Name: |
dsa-1492-2.txt |
Description:
|
Debian Security Advisory 1492-2 - The security update DSA 1492-1 fixed the security problem below but introduced a new problem by not removing temporary directories in the ipp backend. This update corrects this.
| | Homepage: | http://www.debian.org/security | | File Size: | 5199 | | Related CVE(s): | CVE-2008-0665, CVE-2008-0666 | | Last Modified: | Apr 28 11:05:21 2008 |
| MD5 Checksum: | 6089ef64c5f3604733d60efdf1bde197 |
|
| /// File Name: |
MDVSA-2008-086.txt |
Description:
|
Mandriva Linux Security Advisory - The isdn_ioctl function in isdn_common.c in the Linux kernel prior to 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which trigger a buffer overflow. The do_corefump function in fs/exec.c in the Linux kernel prior to 2.6.24-rc3 did not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which could possibly allow local users to obtain sensitive information. The shmem_getpage function in mm/shmem.c in the Linux kernel versions 2.6.11 through 2.6.23 did not properly clear allocated memory in certain rare circumstances related to tmps, which could possibly allow local users to read sensitive kernel data or cause a crash.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5064 | | Related CVE(s): | CVE-2007-6151, CVE-2007-6417, CVE-2007-6206 | | Last Modified: | Apr 15 22:23:15 2008 |
| MD5 Checksum: | 3b12b60b85bd9e3f44e1959c914adee2 |
|
| /// File Name: |
secunia-graphics.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in Autonomy Keyview utilised in Lotus Notes, which can be exploited by malicious people to compromise a vulnerable system when viewing Applix documents. Lotus Notes versions 7.0.3 and 8.0 are affected.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4937 | | Related CVE(s): | CVE-2007-5405, CVE-2007-5406 | | Last Modified: | Apr 14 17:43:43 2008 |
| MD5 Checksum: | 6b1e5c2f43af293caf0561ec4dd4a5e9 |
|
| /// File Name: |
04.02.08-1.txt |
Description:
|
iDefense Security Advisory 04.02.08 - Remote exploitation of a buffer overflow vulnerability in Borland Software Corp.'s CaliberRM enterprise software requirements management system could allow attackers to execute arbitrary code with SYSTEM level privileges. iDefense confirmed that the trial version of Borland CaliberRM 2006 (file version 9.0.809.000) is vulnerable. The actual vulnerable component is StarTeam Multicast Service 6.4. Other Borland products containing StarTeam Multicast Service component, such as Borland StarTeam, may also be affected.
| | Homepage: | http://www.idefense.com/ | | File Size: | 4927 | | Related CVE(s): | CVE-2008-0311 | | Last Modified: | Apr 4 18:53:10 2008 |
| MD5 Checksum: | 4e3ea5589c83878f0b1b738b83c55cd6 |
|
| /// File Name: |
sa29704.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29704/ | | File Size: | 4923 | | Last Modified: | Apr 8 22:22:39 2008 |
| MD5 Checksum: | 00b438b2624db50bc62d14856cf5ee39 |
|
| /// File Name: |
04.14.08-1.txt |
Description:
|
iDefense Security Advisory 04.14.08 - Remote exploitation of a heap overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. The vulnerability exists within the code responsible for decompressing sections within a PE binary packed with the PeSpin executable protector. iDefense has confirmed the existence of this vulnerability in ClamAV 0.92.1. Previous versions may also be affected.
| | Author: | Damian Put | | Homepage: | http://www.idefense.com/ | | File Size: | 4920 | | Related CVE(s): | CVE-2008-0314 | | Last Modified: | Apr 15 22:19:13 2008 |
| MD5 Checksum: | 0cff3792678a8d41bb86d0a0066243e0 |
|
| /// File Name: |
secunia-applix.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. A couple of boundary errors and an unsafe call may allow for arbitrary code execution. A logic error may cause a denial of service condition.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4877 | | Related CVE(s): | CVE-2007-5405 | | Last Modified: | Apr 14 17:31:57 2008 |
| MD5 Checksum: | 722239f5c8c2446ddc8174a02afe027c |
|
| /// File Name: |
sa29650.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to disclose potentially sensitive information or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29650/ | | File Size: | 4855 | | Last Modified: | Apr 4 16:56:23 2008 |
| MD5 Checksum: | c4cb5f069054ffd5dc1cb3492b13699f |
|
| /// File Name: |
secunia-emlreader.txt |
Description:
|
Secunia Research has discovered multiple vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a user's system. Various boundary errors exist in the EML reader (emlsr.dll). Autonomy Keyview version 10.3.0.0 is affected.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4842 | | Related CVE(s): | CVE-2007-5399 | | Last Modified: | Apr 14 17:33:35 2008 |
| MD5 Checksum: | 2b9ab8c858a1e87599cd6acaed1cc49d |
|
| /// File Name: |
sa29921.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mplayer. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29921/ | | File Size: | 4839 | | Last Modified: | Apr 28 10:37:56 2008 |
| MD5 Checksum: | b11f287c3262127d4cdb3d2e26a39985 |
|
| /// File Name: |
dsa-1552-1.txt |
Description:
|
Debian Security Advisory 1552-1 - It was discovered that the MPlayer movie player performs insufficient input sanitising on SDP session data, leading to potential execution of arbitrary code through a malformed multimedia stream.
| | Homepage: | http://www.debian.org/security | | File Size: | 4819 | | Related CVE(s): | CVE-2008-1558 | | Last Modified: | Apr 21 16:29:21 2008 |
| MD5 Checksum: | 61e35e32377c68a3a4e5e395f60218c1 |
|
| /// File Name: |
MDVSA-2008-083.txt |
Description:
|
Mandriva Linux Security Advisory - Joe Nall reported a stack-based buffer overflow in Audit's log handling that could allow remote attackers to execute arbitrary code via a long command argument.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4780 | | Related CVE(s): | CVE-2008-1628 | | Last Modified: | Apr 10 17:15:22 2008 |
| MD5 Checksum: | b1861deefc509ff4b3368da7903d4b11 |
|
| /// File Name: |
secunia-symantec.txt |
Description:
|
Secunia Research has discovered 21 vulnerabilities in Symantec Mail Security, which can be exploited by malicious people to compromise a vulnerable system. Boundary errors within the "Folio Flat File" speed reader (foliosr.dll) when handling attribute values of a number of tags (eg. DI, FD, FT, JD, JL, LE, OB, OD, OL, PN, PS, PW, RD, QL, or TS) can be exploited to cause stack-based buffer overflows.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4780 | | Related CVE(s): | CVE-2007-6020 | | Last Modified: | Apr 14 17:35:59 2008 |
| MD5 Checksum: | e7d7d5429a32af526b6677bedbf2cdec |
|
| /// File Name: |
secunia-activeapplix.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in activePDF DocConverter, which can be exploited by malicious people to compromise a vulnerable system when converting Applix documents. A couple of boundary errors and an unsafe call may allow for arbitrary code execution. A logic error may cause a denial of service condition.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4770 | | Related CVE(s): | CVE-2007-5405, CVE-2007-5406 | | Last Modified: | Apr 14 17:43:35 2008 |
| MD5 Checksum: | 57556bf4ae454d318bc134811ae3017c |
|
| /// File Name: |
sa29714.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29714/ | | File Size: | 4738 | | Last Modified: | Apr 8 22:22:39 2008 |
| MD5 Checksum: | 8e86168789621d18a63b0ff6a8b3e6d1 |
|
| /// File Name: |
secunia-eml.txt |
Description:
|
Secunia Research has discovered multiple vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a user's system. Various boundary errors exist in the EML reader (emlsr.dll). Lotus Notes version 8.0 is affected.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4727 | | Related CVE(s): | CVE-2007-5399 | | Last Modified: | Apr 14 17:18:04 2008 |
| MD5 Checksum: | e6020892898385c53e8429c09144723d |
|
| /// File Name: |
sa29837.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in various CA products, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29837/ | | File Size: | 4722 | | Last Modified: | Apr 18 14:12:52 2008 |
| MD5 Checksum: | f61db8fc240c88218a5b720b3e07aca9 |
|
| /// File Name: |
sa29777.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29777/ | | File Size: | 4698 | | Last Modified: | Apr 15 21:46:04 2008 |
| MD5 Checksum: | 84b55457c08ab86f97cb550fc0f396c1 |
|
| /// File Name: |
sa28083.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or to potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28083/ | | File Size: | 4631 | | Last Modified: | Apr 10 10:08:38 2008 |
| MD5 Checksum: | 2498d04b1ac336c9c6868dcbeb983986 |
|
| /// File Name: |
sa29906.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for firefox. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29906/ | | File Size: | 4620 | | Last Modified: | Apr 28 10:37:56 2008 |
| MD5 Checksum: | a1a54f481ca2bdeb95c8c1302b057ce6 |
|
| /// File Name: |
sa29781.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29781/ | | File Size: | 4598 | | Last Modified: | Apr 15 21:46:04 2008 |
| MD5 Checksum: | cd503cfc78227777d28929e0df588350 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
