Section: .. / 0802-advisories /
| /// File Name: |
dsa-1494-2.txt |
Description:
|
Debian Security Advisory 1494-2 - The vmsplice system call did not properly verify address arguments passed by user space processes, which allowed local attackers to overwrite arbitrary kernel memory, gaining root privileges. In the vserver-enabled kernels, a missing access check on certain symlinks in /proc enabled local attackers to access resources in other vservers.
| | Homepage: | http://www.debian.org/security | | File Size: | 36918 | | Related CVE(s): | CVE-2008-0010, CVE-2008-0163, CVE-2008-0600 | | Last Modified: | Feb 13 17:23:21 2008 |
| MD5 Checksum: | fcaa16c388cd1512b0f196fbca14702d |
|
| /// File Name: |
sa28858.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28858/ | | File Size: | 3585 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | a233de53d6cac416671961bfa133b4d6 |
|
| /// File Name: |
sa28885.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in NX Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28885/ | | File Size: | 2094 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | e60bb653f849eeae0d99aff50e7fce05 |
|
| /// File Name: |
sa28891.txt |
Description:
|
Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities and weaknesses.
| | Homepage: | http://secunia.com/advisories/28891/ | | File Size: | 4419 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | 8bb0937f444367c71b5d50d804fb7e6e |
|
| /// File Name: |
sa28895.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Novell Client, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28895/ | | File Size: | 2574 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | 1220a32bb9f1ebdc914cf2fccff08cce |
|
| /// File Name: |
sa28896.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28896/ | | File Size: | 2305 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | 3783c06661d50d77603caf314722d7c8 |
|
| /// File Name: |
sa28897.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for horde-imp. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions and manipulate data.
| | Homepage: | http://secunia.com/advisories/28897/ | | File Size: | 2085 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | 645b55ba5297e533c760b7f5bda204e6 |
|
| /// File Name: |
sa28898.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for gallery. This fixes a weakness and some vulnerabilities, where some have unspecified impacts and others can be exploited by malicious users or malicious people to disclose sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28898/ | | File Size: | 2281 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | 8cc13600f0e07d9a53eb0c6e99ed3351 |
|
| /// File Name: |
sa28916.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/28916/ | | File Size: | 2051 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | 817a2ed425eb3eadcec0db36a870e652 |
|
| /// File Name: |
sa28921.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28921/ | | File Size: | 2837 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | 6d0c385464fc67a9a20447ad3a1ebb56 |
|
| /// File Name: |
sa28925.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28925/ | | File Size: | 2138 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | 69991aea7f44e44e4f9e9a56e5ad87e7 |
|
| /// File Name: |
sa28933.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28933/ | | File Size: | 142038 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | d9bd8288ecf63af1e2e8efdef4a246f6 |
|
| /// File Name: |
sa28950.txt |
Description:
|
Secunia Security Advisory - DNX has discovered a vulnerability in AuraCMS, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/28950/ | | File Size: | 2386 | | Last Modified: | Feb 13 16:32:17 2008 |
| MD5 Checksum: | 2823aeab38890f7b1e5085947c2efbee |
|
| /// File Name: |
ZDI-08-006.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Versions 6 and 7 are affected.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3359 | | Related CVE(s): | CVE-2008-0077 | | Last Modified: | Feb 12 22:05:39 2008 |
| MD5 Checksum: | da7140d01af19b3603eb9f159f3ea5d6 |
|
| /// File Name: |
sa28908.txt |
Description:
|
Secunia Security Advisory - Ivan Sanchez and Maximiliano Soler have reported a vulnerability in Beyond! Job Board, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/28908/ | | File Size: | 2253 | | Last Modified: | Feb 12 22:03:43 2008 |
| MD5 Checksum: | 34326fd70d96772b4bd20bc63ba810da |
|
| /// File Name: |
02.12.08-6.txt |
Description:
|
iDefense Security Advisory 02.12.08 - Remote exploitation of a memory corruption vulnerability in Adobe Systems Inc.'s Flash Media Server 2 could allow an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of this vulnerability in Flash Media Server 2 version 2.0.4 on Windows. Previous versions, as well as the Linux version, may also be affected.
| | Author: | Sean Larsson | | Homepage: | http://www.idefense.com/ | | File Size: | 3875 | | Related CVE(s): | CVE-2007-6148 | | Last Modified: | Feb 12 21:54:44 2008 |
| MD5 Checksum: | 7fa9af0e97539be892bb793f90a0390c |
|
| /// File Name: |
02.12.08-5.txt |
Description:
|
iDefense Security Advisory 02.12.08 - Remote exploitation of multiple integer overflow vulnerabilities in Adobe Systems Inc.'s Flash Media Server 2 could allow an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of these vulnerabilities in Flash Media Server 2 version 2.0.4 on Windows. Previous versions, as well as the Linux version, may also be affected.
| | Author: | Sebastian Apelt | | Homepage: | http://www.idefense.com/ | | File Size: | 3981 | | Related CVE(s): | CVE-2007-6149 | | Last Modified: | Feb 12 21:53:43 2008 |
| MD5 Checksum: | c01b3d0bd61486b81a51c53670a21e62 |
|
| /// File Name: |
02.12.08-4.txt |
Description:
|
iDefense Security Advisory 02.12.08 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer web browser allows attackers to execute arbitrary code within the context of the affected user. When certain properties are assigned malformed values, memory can be corrupted in a way that leads to Internet Explorer making a call to a member function of an already released property object. If the memory location of the released property object happens to be filled by attacker controlled content, the attacker can execute arbitrary code. iDefense testing shows that Internet Explorer 6.0 and Internet Explorer 7.0, with all available security patches as of October 22nd, 2007, are vulnerable. Older versions of Internet Explorer may also be vulnerable.
| | Author: | hyy | | Homepage: | http://www.idefense.com/ | | File Size: | 3583 | | Related CVE(s): | CVE-2008-0077 | | Last Modified: | Feb 12 21:51:12 2008 |
| MD5 Checksum: | 4d18eb70c0164aefaeaf8f513ab07c2e |
|
| /// File Name: |
02.12.08-3.txt |
Description:
|
iDefense Security Advisory 02.12.08 - Remote exploitation of a buffer overflow vulnerability in Microsoft Corp.'s Works Converter allows attackers to execute arbitrary code as the current user. This vulnerability stems from improper input validation of section length headers when converting a Microsoft Works document (WPS extension) to Rich Text Format (RTF). When certain fields are modified, such as the length or count values, a stack-based buffer overflow occurs. This leads to a directly exploitable condition. iDefense confirmed that wkcvqd01.dll version 7.03.0616.0, as included with Microsoft Office 2003, is vulnerable. Older versions of Microsoft Office as well as Microsoft Works are also assumed vulnerable.
| | Author: | sillypea | | Homepage: | http://www.idefense.com/ | | File Size: | 4020 | | Related CVE(s): | CVE-2008-0108 | | Last Modified: | Feb 12 21:50:04 2008 |
| MD5 Checksum: | ee77d750d6c26ba974b04cc311b3d90c |
|
| /// File Name: |
02.12.08-2.txt |
Description:
|
iDefense Security Advisory 02.12.08 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Works Converter, as included with Microsoft Office, could potentially allow an attacker to execute arbitrary code as the current user. This vulnerability stems from improper input validation of OLE structures within wkcvqd01.dll when converting a Microsoft Works document (WPS extension) to Rich Text Format (RTF). When certain fields are modified, such as the length or count values, heap corruption can occur. This leads to a potentially exploitable condition. iDefense has confirmed that wkcvqd01.dll version 7.03.0616.0, as included with Microsoft Office 2003, is vulnerable to this issue. Older versions are assumed to be vulnerable as well. Additionally, Microsoft Works itself is suspected to be vulnerable.
| | Author: | Damian Put | | Homepage: | http://www.idefense.com/ | | File Size: | 4030 | | Related CVE(s): | CVE-2007-0216 | | Last Modified: | Feb 12 21:47:57 2008 |
| MD5 Checksum: | 08d9b1088229a0b470104e19a8c1a6ba |
|
| /// File Name: |
sa28889.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes a security issue an a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information or gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28889/ | | File Size: | 10041 | | Last Modified: | Feb 12 21:40:15 2008 |
| MD5 Checksum: | f3df46ca45e6cf3c7f3ebf36fcc5690b |
|
| /// File Name: |
sa28863.txt |
Description:
|
Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in SafeNet Sentinel Protection Server and Key Server, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/28863/ | | File Size: | 2552 | | Last Modified: | Feb 12 21:39:47 2008 |
| MD5 Checksum: | 8a2e550ae03f86df3a51f8c306bbad00 |
|
| /// File Name: |
sa28875.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for linux-2.6. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28875/ | | File Size: | 17870 | | Last Modified: | Feb 12 21:39:47 2008 |
| MD5 Checksum: | e9db2e4246380ad0086b3d1889ebf40e |
|
| /// File Name: |
sa28883.txt |
Description:
|
Secunia Security Advisory - breaker_unit has discovered two vulnerabilities in the Rapid Recipe component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/28883/ | | File Size: | 2632 | | Last Modified: | Feb 12 21:39:47 2008 |
| MD5 Checksum: | 494d50d70a1f41a9d6fb144c0fee230f |
|
| /// File Name: |
sa28890.txt |
Description:
|
Secunia Security Advisory - Luigi Auriemma has discovered two vulnerabilities in Larson Network Print Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28890/ | | File Size: | 2735 | | Last Modified: | Feb 12 21:39:47 2008 |
| MD5 Checksum: | 80916c03b76ecfb6e558cc0d1b02864f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
