Section: .. / 0802-advisories /
| /// File Name: |
ipsimene.txt |
Description:
|
Ipswitch Instant Messaging versions 2.0.8.1 and below suffer from format string, NULL pointer, and file creation vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | ipsimene.zip | | File Size: | 4197 | | Last Modified: | Feb 7 23:18:53 2008 |
| MD5 Checksum: | 5aa330a61c03eedf9eccbf494192ef2f |
|
| /// File Name: |
iusa-canon.txt |
Description:
|
Certain Canon Multi Function Devices allow remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.
| | Author: | Nate Johnson | | File Size: | 3032 | | Related CVE(s): | CVE-2008-0303 | | Last Modified: | Mar 3 14:24:57 2008 |
| MD5 Checksum: | 056e6e1dd35f1d8b985326b0416c9b50 |
|
| /// File Name: |
liscripts-sql.txt |
Description:
|
LI-Scripts LI-Countdown suffers from a SQL injection vulnerability.
| | Author: | sex | | Homepage: | http://www.aaa-aaa.net.ru/ | | File Size: | 957 | | Last Modified: | Feb 12 17:52:02 2008 |
| MD5 Checksum: | fbef1e6ab3642744f3900c0e4e4d5239 |
|
| /// File Name: |
logsurfer-exec.txt |
Description:
|
Use of the Logsurfer program when properly configured may leave the system vulnerable to a remote code execution vulnerability.
| | Author: | kcope | | File Size: | 5677 | | Last Modified: | Feb 20 23:41:11 2008 |
| MD5 Checksum: | 2902d1b8a9ed68aa97f84cb603ad1ea5 |
|
| /// File Name: |
MDVSA-2008-031.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability was found in xdg-open and xdg-email commands, which allows remote attackers to execute arbitrary commands if the user is tricked into trying to open a maliciously crafted URL.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2775 | | Related CVE(s): | CVE-2008-0386 | | Last Modified: | Feb 1 11:08:16 2008 |
| MD5 Checksum: | e07a45fe54042e612ad686fb50bee89d |
|
| /// File Name: |
MDVSA-2008-032.txt |
Description:
|
Mandriva Linux Security Advisory - Tavis Ormandy and Will Drewry found that the bost library did not properly perform input validation on regular expressions. An attacker could exploit this by sening a specially crafted regular expression to an application linked against boost and cause a denial of service via an application crash.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5118 | | Related CVE(s): | CVE-2008-0171, CVE-2008-0172 | | Last Modified: | Feb 3 16:01:27 2008 |
| MD5 Checksum: | a7527015947392ba88614568b1cd75ff |
|
| /// File Name: |
MDVSA-2008-033.txt |
Description:
|
Mandriva Linux Security Advisory - A format string vulnerability in Ruby-GNOME 2 0.16.0, and SVN versions before 20071127, allows context-dependent attackers to execute arbitrary code via format string specifiers in the message parameter.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 10562 | | Related CVE(s): | CVE-2007-6183 | | Last Modified: | Feb 3 16:02:01 2008 |
| MD5 Checksum: | fbb0bb2b2c3ad4a57bcfd66b49747865 |
|
| /// File Name: |
MDVSA-2008-034.txt |
Description:
|
Mandriva Linux Security Advisory - The hack-local-variable function in Emacs 22 prior to version 22.2, when enable-local-variables is set to ':safe', did not properly search lists of unsafe or risky variables, which could allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration. A stack-based buffer overflow in emacs could allow user-assisted attackers to cause an application crash or possibly have other unspecified impacts via a large precision value in an integer format string specifier to the format function.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8947 | | Related CVE(s): | CVE-2007-5795, CVE-2007-6109 | | Last Modified: | Feb 5 19:59:19 2008 |
| MD5 Checksum: | 43d84dd65d655a66d0fadde2705d36e0 |
|
| /// File Name: |
MDVSA-2008-035.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in the image decoders of ImageMagick. If a user or automated system were tricked into processing malicious DCM, DIB, XBM, XCF, or XWD images, a remote attacker could execute arbitrary code with user privileges.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7536 | | Related CVE(s): | CVE-2007-4985, CVE-2007-4986, CVE-2007-4987, CVE-2007-4988 | | Last Modified: | Feb 5 19:58:36 2008 |
| MD5 Checksum: | 51b149bf68f7ea9568ba5c822ffa3258 |
|
| /// File Name: |
MDVSA-2008-036.txt |
Description:
|
Mandriva Linux Security Advisory - Wei Wang found that the SNMP discovery backend in CUPS did not correctly calculate the length of strings. If a user could be tricked into scanning for printers, a remote attacker could send a specially crafted packet and possibly execute arbitrary code. As well, the fix for CVE-2007-0720 in MDKSA-2007:086 caused another denial of service regression within SSL handling.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8659 | | Related CVE(s): | CVE-2007-4045, CVE-2007-5849 | | Last Modified: | Feb 6 17:48:02 2008 |
| MD5 Checksum: | 353883d4cd49a9b873d5af1744f2627d |
|
| /// File Name: |
MDVSA-2008-037.txt |
Description:
|
Mandriva Linux Security Advisory - A stack-based buffer overflow was discovered in libcdio that allowed context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image file that contains a long joliet file name. In addition, a fix for failed UTF-8 conversions that would cause a segfault on certain ISOs was also fixed.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8112 | | Related CVE(s): | CVE-2007-6613 | | Last Modified: | Feb 7 21:32:04 2008 |
| MD5 Checksum: | 375263142722b29b9f162fafd77a2c89 |
|
| /// File Name: |
MDVSA-2008-038.txt |
Description:
|
Mandriva Linux Security Advisory - Buffer overflow in the LWZReadByte() function in gd_gif_in.c in GD prior to 2.0.34 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array. This was originally fixed in PHP's embedded GD with MDKSA-2006:162; patches had not been applied to the system libgd at that time.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4338 | | Related CVE(s): | CVE-2006-4484 | | Last Modified: | Feb 7 21:32:51 2008 |
| MD5 Checksum: | ddbc139605e4f4eef3b09d5b33b85cac |
|
| /// File Name: |
MDVSA-2008-039.txt |
Description:
|
Mandriva Linux Security Advisory - A buffer overflow in the giftopnm utility in netpbm prior to version 10.27 could allow attackers to have an unknown impact via a specially crafted GIF file.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3120 | | Related CVE(s): | CVE-2008-0554 | | Last Modified: | Feb 7 21:33:27 2008 |
| MD5 Checksum: | 0158e14447c2d67b84681e1e62fa324f |
|
| /// File Name: |
MDVSA-2008-040.txt |
Description:
|
Mandriva Linux Security Advisory - The LWZReadByte() and IMG_LoadLBM_RW() functions in SDL_image contain a boundary error that could be triggered to cause a static buffer overflow and a heap-based buffer overflow. If a user using an application linked against the SDL_image library were to open a carefully crafted GIF or IFF ILBM file, the application could crash or possibly allow for the execution of arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5737 | | Related CVE(s): | CVE-2007-6697, CVE-2008-0544 | | Last Modified: | Feb 7 21:34:29 2008 |
| MD5 Checksum: | a996830f404f5e838adcde28155a93b0 |
|
| /// File Name: |
MDVSA-2008-041.txt |
Description:
|
Mandriva Linux Security Advisory - The ReadImage() function in Tk did not check codeSize read from GIF images prior to initializing the append array, which could lead to a buffer overflow with unknown impact.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7928 | | Related CVE(s): | CVE-2008-0553 | | Last Modified: | Feb 7 21:35:43 2008 |
| MD5 Checksum: | a0d7e2ec2821412aeccaa3db54191735 |
|
| /// File Name: |
MDVSA-2008-042.txt |
Description:
|
Mandriva Linux Security Advisory - A potential vulnerability was discovered in Qt4 version 4.3.0 through 4.3.2 which may cause a certificate verification in SSL connections not to be performed. As a result, code that uses QSslSocket could be tricked into thinking that the certificate was verified correctly when it actually failed in one or more criteria.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8235 | | Related CVE(s): | CVE-2007-5965 | | Last Modified: | Feb 8 03:23:05 2008 |
| MD5 Checksum: | 31f621027015afc57042c111b0bd09f0 |
|
| /// File Name: |
MDVSA-2008-043.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in the vmsplice system call did not properly verify address arguments passed by user-space processes, which allowed local attackers to overwrite arbitrary kernel memory and gain root privileges. Mandriva urges all users to upgrade to these new kernels immediately as this flaw is being actively exploited. This issue only affects 2.6.17 and newer Linux kernels, so neither Corporate 3.0 nor Corporate 4.0 are affected.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6741 | | Related CVE(s): | CVE-2008-0600 | | Last Modified: | Feb 12 14:15:05 2008 |
| MD5 Checksum: | c66d23c33a8ea1cec9bb4de1209da80d |
|
| /// File Name: |
MDVSA-2008-046-1.txt |
Description:
|
Mandriva Linux Security Advisory - An array index vulnerability found in the FLAC audio demuxer might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. Although originally an MPlayer issue, it also affects xine-lib due to code similarity. The previous update used a bad patch which made Amarok interface very unresponsive while playing FLAC files. This new update fixes the security issue with a better patch.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8011 | | Related CVE(s): | CVE-2008-0486 | | Last Modified: | Feb 21 00:27:29 2008 |
| MD5 Checksum: | 04d67cfa2eb502925ea59569ac33519d |
|
| /// File Name: |
MDVSA-2008-046.txt |
Description:
|
Mandriva Linux Security Advisory - An array index vulnerability found in the FLAC audio demuxer might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. Although originally an MPlayer issue, it also affects xine-lib due to code similarity.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7578 | | Related CVE(s): | CVE-2008-0486 | | Last Modified: | Feb 15 18:05:52 2008 |
| MD5 Checksum: | 8cefaacccfbe5caed8d0f7461275c19a |
|
| /// File Name: |
MDVSA-2008-048.txt |
Description:
|
Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.12.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 62499 | | Related CVE(s): | CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0420, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594 | | Last Modified: | Feb 22 20:33:34 2008 |
| MD5 Checksum: | 1f8b82c153be77f8b27e3ab5f5114034 |
|
| /// File Name: |
MDVSA-2008-049.txt |
Description:
|
Mandriva Linux Security Advisory - A race condition in nss_ldap, when used in applications that use pthread and fork after a call to nss_ldap, does not properly handle the LDAP connection, which might cause nss_ldap to return the wrong user data to the wrong process, giving one user access to data belonging to another user, in some cases.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2894 | | Related CVE(s): | CVE-2007-5794 | | Last Modified: | Feb 25 15:59:03 2008 |
| MD5 Checksum: | 800b8ecf21f91b665521f7a262d05567 |
|
| /// File Name: |
MDVSA-2008-050.txt |
Description:
|
Mandriva Linux Security Advisory - Dave Camp at Critical Path Software discovered a buffer overflow in CUPS 1.1.23 and earlier could allow local admin users to execute arbitrary code via a crafted URI to the CUPS service. The Red Hat Security Team also found two flaws in CUPS 1.1.x where a malicious user on the local subnet could send a set of carefully crafted IPP packets to the UDP port in such a way as to cause CUPS to crash or consume memory and lead to a CUPS crash. Finally, another flaw was found in how CUPS handled the addition and removal of remote printers via IPP that could allow a remote attacker to send a malicious IPP packet to the UDP port causing CUPS to crash.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3852 | | Related CVE(s): | CVE-2007-5848, CVE-2008-0596, CVE-2008-0597, CVE-2008-0886 | | Last Modified: | Feb 26 19:21:01 2008 |
| MD5 Checksum: | 81ed5a71558215cc1fa00282444155b3 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
