Section: .. / 0507-advisories /
| /// File Name: |
Yawp106.txt |
Description:
|
Yawp/YaWiki versions 1.0.6 and below suffer from a remote URL include vulnerability.
| | Author: | Stefan Esser | | Homepage: | http://www.hardened-php.net | | File Size: | 3325 | | Last Modified: | Jul 13 08:55:56 2005 |
| MD5 Checksum: | b6ebc7cafb264f82545bea7fffd3a1d4 |
|
| /// File Name: |
glsa-200507-11.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200507-11 - Daniel Wachdorf discovered that MIT Kerberos 5 could corrupt the heap by freeing unallocated memory when receiving a special TCP request (CAN-2005-1174). He also discovered that the same request could lead to a single-byte heap overflow (CAN-2005-1175). Magnus Hagander discovered that krb5_recvauth() function of MIT Kerberos 5 might try to double-free memory (CAN-2005-1689). Versions less than 1.4.1-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3458 | | Related CVE(s): | CAN-2005-1174, CAN-2005-1175, CAN-2005-1689 | | Last Modified: | Jul 13 08:52:52 2005 |
| MD5 Checksum: | 052e264a3f340deaae419d4b7e9f62ae |
|
| /// File Name: |
MITKRB5-SA-2005-003.txt |
Description:
|
MIT krb5 Security Advisory 2005-003 - The krb5_recvauth() function can free previously freed memory under some error conditions. This vulnerability may allow an unauthenticated remote attacker to execute arbitrary code.
| | Homepage: | http://web.mit.edu | | File Size: | 4254 | | Related CVE(s): | CAN-2005-1689 | | Last Modified: | Jul 13 08:52:39 2005 |
| MD5 Checksum: | 1ab88c5dc1dcb20d49026ebda4522f20 |
|
| /// File Name: |
07.12.05.txt |
Description:
|
iDEFENSE Security Advisory 07.12.05 - Remote exploitation of a buffer overflow vulnerability in Microsoft Corp.'s Word could allow execution of arbitrary code. A specially crafted .doc file, containing long font information, can cause Word to overwrite stack space. No checks are made on the length of data being copied, allowing the return address on the stack to be overwritten.
| | Homepage: | http://www.idefense.com | | File Size: | 3369 | | Related CVE(s): | CAN-2005-0564 | | Last Modified: | Jul 13 08:47:05 2005 |
| MD5 Checksum: | 7c0686309820251406b07fd09cba93a2 |
|
| /// File Name: |
cisco-sa-20050712-ccm.txt |
Description:
|
Cisco Security Advisory - Cisco CallManager 3.3 and earlier, 4.0, and 4.1 are vulnerable to Denial of Service (DoS) attacks, memory leaks, and memory corruption which may result in services being interrupted, servers rebooting, or arbitrary code being executed.
| | Homepage: | http://www.cisco.com/warp/public/707/cisco-sa-20050712-ccm.shtml | | File Size: | 14216 | | Last Modified: | Jul 13 08:34:34 2005 |
| MD5 Checksum: | 609c1ff4a15bf93a491b5cf1157193a9 |
|
| /// File Name: |
sa16039.txt |
Description:
|
Secunia Security Advisory - Eric Romang has reported a vulnerability in heartbeat, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
| | Homepage: | http://secunia.com/advisories/16039/ | | File Size: | 2284 | | Last Modified: | Jul 13 08:27:58 2005 |
| MD5 Checksum: | e897049253427e87d959e468a5f25d3c |
|
| /// File Name: |
sa16037.txt |
Description:
|
Secunia Security Advisory - SGI has issued a patch for SGI Advanced Linux Environment. This fixes multiple vulnerabilities, which can be exploited malicious people to gain knowledge of system information, or by malicious, local users to execute arbitrary commands with escalated privileges.
| | Homepage: | http://secunia.com/advisories/16037/ | | File Size: | 2153 | | Last Modified: | Jul 13 08:27:58 2005 |
| MD5 Checksum: | 5ab3c02cfe3e1fb7c05be3b8bdefe9f4 |
|
| /// File Name: |
sa16036.txt |
Description:
|
Secunia Security Advisory - SGI has issued a patch for SGI Advanced Linux Environment. This fixes a vulnerability, which potentially can be exploited by malicious users to conduct SQL injection attacks or to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/16036/ | | File Size: | 2025 | | Last Modified: | Jul 13 08:27:58 2005 |
| MD5 Checksum: | 4e404fa2888ab55ce14c78ed50ce39c3 |
|
| /// File Name: |
sa16033.txt |
Description:
|
Secunia Security Advisory - fRoGGz has discovered a security issue and a vulnerability in wMailserver, which be exploited by malicious, local users to gain knowledge of sensitive information or by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/16033/ | | File Size: | 2568 | | Last Modified: | Jul 13 08:27:58 2005 |
| MD5 Checksum: | e601bcfb764ab8f5951d6072d2578dae |
|
| /// File Name: |
sa16031.txt |
Description:
|
Secunia Security Advisory - V4mu has discovered two vulnerabilities in iPhotoAlbum, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/16031/ | | File Size: | 2083 | | Last Modified: | Jul 13 08:27:58 2005 |
| MD5 Checksum: | 285f396f6689ada666ce86d4d383e820 |
|
| /// File Name: |
sa16019.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for cpio. This fixes a vulnerability, which can be exploited by malicious people to cause files to be unpacked to arbitrary locations on a user's system.
| | Homepage: | http://secunia.com/advisories/16019/ | | File Size: | 3196 | | Last Modified: | Jul 13 08:27:58 2005 |
| MD5 Checksum: | 7c2d1e15075e7d9309efb07dbdf0c999 |
|
| /// File Name: |
sa16008.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in BIG-IP, which potentially can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/16008/ | | File Size: | 2377 | | Last Modified: | Jul 13 08:27:58 2005 |
| MD5 Checksum: | 42f8c5c15617d8794e426b1784348556 |
|
| /// File Name: |
sa16005.txt |
Description:
|
Secunia Security Advisory - SPI Labs has reported a vulnerability in ASP.NET, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/16005/ | | File Size: | 2389 | | Last Modified: | Jul 13 08:27:58 2005 |
| MD5 Checksum: | 3ea82e731962f3cb396a16df82de66a4 |
|
| /// File Name: |
sa16004.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/16004/ | | File Size: | 4105 | | Last Modified: | Jul 13 08:27:58 2005 |
| MD5 Checksum: | 444a3c86164c2bc0c94d709f88a9f565 |
|
| /// File Name: |
sa15998.txt |
Description:
|
Secunia Security Advisory - Lord Yup has reported a vulnerability in Microsoft Word, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/15998/ | | File Size: | 3430 | | Last Modified: | Jul 13 08:27:58 2005 |
| MD5 Checksum: | 07acaed094013359ef4b86884e5bee7c |
|
| /// File Name: |
sa15977.txt |
Description:
|
Secunia Security Advisory - Eric Romang has reported a vulnerability in Elmo, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
| | Homepage: | http://secunia.com/advisories/15977/ | | File Size: | 2241 | | Last Modified: | Jul 13 08:27:58 2005 |
| MD5 Checksum: | 4313b3489d27083520a6368fdc9dda30 |
|
| /// File Name: |
NateOnMessenger30.txt |
Description:
|
NateOn Messenger version 3.0 suffers from a file sharing flaw that allows for traversal attacks allowing for directory listings.
| | Author: | PARK | | File Size: | 62230 | | Last Modified: | Jul 12 16:55:17 2005 |
| MD5 Checksum: | d5bb8e32de0d862cd7423c29f28aa274 |
|
| /// File Name: |
aspRCP.txt |
Description:
|
ASP.NET RCP/Encoded web services suffer from a denial of service vulnerability.
| | Author: | Bryan Sullivan, Sacha Faust | | File Size: | 4482 | | Last Modified: | Jul 12 16:50:27 2005 |
| MD5 Checksum: | dba0ffc66a8e5d63a0926d92a9259bb1 |
|
| /// File Name: |
dsa-751-1.txt |
Description:
|
Debian Security Advisory DSA 751-1 - The upstream developers have discovered a bug in the DNS lookup code of Squid, the popular WWW proxy cache. When the DNS client UDP port (assigned by the operating system at startup) is unfiltered and the network is not protected from IP spoofing, malicious users can spoof DNS lookups which could result in users being redirected to arbitrary web sites.
| | Homepage: | http://security.debian.org/ | | File Size: | 8622 | | Related CVE(s): | CAN-2005-1519 | | Last Modified: | Jul 12 16:44:33 2005 |
| MD5 Checksum: | 30fb3feb33beb089c0ef6065ada59b1a |
|
| /// File Name: |
glsa-200507-09.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200507-09 - A buffer overflow has been discovered in the UnixAppOpenFilePerform() function, which is called when Adobe Acrobat Reader tries to open a file with the \Filespec tag. Versions less than or equal to 5.10 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2874 | | Related CVE(s): | CAN-2005-1625 | | Last Modified: | Jul 12 16:42:33 2005 |
| MD5 Checksum: | 8e73681c04f3da92848f2808d8b80e06 |
|
| /// File Name: |
dsa-748-1.txt |
Description:
|
Debian Security Advisory DSA 748-1 - A vulnerability has been discovered in ruby 1.8 that could allow arbitrary command execution on a server running the ruby xmlrpc server.
| | Homepage: | http://security.debian.org/ | | File Size: | 20254 | | Related CVE(s): | CAN-2005-1992 | | Last Modified: | Jul 12 16:42:20 2005 |
| MD5 Checksum: | e1081c0b95a9b1effe8db20462deab33 |
|
| /// File Name: |
dsa-750-1.txt |
Description:
|
Debian Security Advisory DSA 750-1 - infamous42md discovered that dhcpcd, a DHCP client for automatically configuring IPv4 networking, can be tricked into reading past the end of the supplied DHCP buffer which could lead to the daemon crashing.
| | Homepage: | http://security.debian.org/ | | File Size: | 4840 | | Related CVE(s): | CAN-2005-1848 | | Last Modified: | Jul 12 16:41:15 2005 |
| MD5 Checksum: | fbb4dff36357723cf9a29cc9795848e1 |
|
| /// File Name: |
adv4.pdf |
Description:
|
A race condition vulnerability has been found in the ia32 compatibility execve() systemcall of the Linux kernel. The race condition may lead to heap corruption. Versions up to 2.4.31 and 2.6.6 are affected.
| | Author: | Ilja van Sprundel | | Homepage: | http://www.suresec.org/ | | File Size: | 56041 | | Related CVE(s): | CAN-2005-1768 | | Last Modified: | Jul 12 16:35:56 2005 |
| MD5 Checksum: | d3d8659f1b53b656ded2430e67270208 |
|
| /// File Name: |
glsa-200507-08.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200507-08 - The XML-RPC implementations of phpGroupWare and eGroupWare fail to sanitize input sent to the XML-RPC server using the POST method. Versions less than 0.9.16.006 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3091 | | Related CVE(s): | CAN-2005-1921 | | Last Modified: | Jul 12 16:27:30 2005 |
| MD5 Checksum: | 0f323fd38a350e39009397d836279631 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
