Section: .. / 0802-advisories /
| /// File Name: |
sa28802.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities with unknown impacts have been reported in Adobe Reader.
| | Homepage: | http://secunia.com/advisories/28802/ | | File Size: | 2012 | | Last Modified: | Feb 6 20:07:33 2008 |
| MD5 Checksum: | bc26421421934a0d69517ac732db9807 |
|
| /// File Name: |
sa28948.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for gnumeric. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28948/ | | File Size: | 2004 | | Last Modified: | Feb 13 19:18:22 2008 |
| MD5 Checksum: | 5756ed92cc2afb58fa860ddcb21c72ef |
|
| /// File Name: |
sa28860.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for boost. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28860/ | | File Size: | 1995 | | Last Modified: | Feb 14 15:03:00 2008 |
| MD5 Checksum: | a3bf387a6674099f1e820d83a758051d |
|
| /// File Name: |
sa28943.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for boost. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28943/ | | File Size: | 1995 | | Last Modified: | Feb 15 13:15:35 2008 |
| MD5 Checksum: | 01576c5d375da19c36d5e354e9aa089b |
|
| /// File Name: |
s21sec-040-en.txt |
Description:
|
S21Sec Advisory - BEA Weblogic versions 7.0sp6, 8.1sp4, and 9.0sp2 suffer from a flaw where it is possible to launch a credential brute force attack against known users through an internal servlet that permits the bypass of the user locking mechanism.
| | Author: | Ramon Pinuaga Cascales | | Homepage: | http://www.s21sec.com/ | | File Size: | 1899 | | Last Modified: | Feb 25 15:58:30 2008 |
| MD5 Checksum: | 6b2ed5236648b861932af9ca7a34a770 |
|
| /// File Name: |
wachof.txt |
Description:
|
Foxit Remote Access Server (WAC Server) versions 2.0 Build 3503 and below suffer from telnet option heap overflow and SSH packet heap overflow vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | wachof.zip | | File Size: | 1838 | | Last Modified: | Feb 20 01:18:28 2008 |
| MD5 Checksum: | 2b2d992dc5ce85b671f7e9185f38df74 |
|
| /// File Name: |
saplpdz.txt |
Description:
|
SAPlpd versions 6.28 and below suffer from multiple vulnerabilities relating to the use of memcpy, strcpy, etc.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | saplpdz.zip | | File Size: | 1686 | | Last Modified: | Feb 4 19:35:21 2008 |
| MD5 Checksum: | 476fcef05459e69b8915eef262883ac9 |
|
| /// File Name: |
firefoxurl-spoof.txt |
Description:
|
Firefox appears to suffer from another URI spoofing vulnerability when fed a missing username.
| | Author: | Carl Hardwick | | File Size: | 1553 | | Last Modified: | Feb 11 16:10:14 2008 |
| MD5 Checksum: | f285694114aeea1f576a89f64cc37851 |
|
| /// File Name: |
aps-overflow.txt |
Description:
|
Anon Proxy Server version 0.102 and below suffer from a remote buffer overflow vulnerability.
| | Author: | L4teral | | File Size: | 1533 | | Last Modified: | Feb 4 13:50:08 2008 |
| MD5 Checksum: | 8e9f78c5cdd54f2a3eeb489f9ee0570b |
|
| /// File Name: |
endian_02.txt |
Description:
|
The Endian firewall version 2.1.2 suffers from cross site scripting vulnerabilities.
| | Author: | syniack | | Homepage: | http://bsecure.net.pk/ | | File Size: | 1484 | | Last Modified: | Feb 12 17:17:29 2008 |
| MD5 Checksum: | 19ed77001120ac16b78a647e7e13f28b |
|
| /// File Name: |
rpmlpdbof.txt |
Description:
|
The RPM Remote Print Manager versions 4.5.1.11 and below suffer from a unicode related buffer overflow vulnerability.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | rpmlpdbof.zip | | File Size: | 1464 | | Last Modified: | Feb 12 17:47:50 2008 |
| MD5 Checksum: | 64aa54c0c4a91a8e878c8bdd8955ebbf |
|
| /// File Name: |
CVE-2007-5333.txt |
Description:
|
Apache Tomcat versions 4.1.0 through 4.1.36, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14 suffers from a cookie handling vulnerability that allows for session hi-jacking.
| | Homepage: | http://tomcat.apache.org/security.html | | File Size: | 1446 | | Related CVE(s): | CVE-2007-5333 | | Last Modified: | Feb 11 13:56:07 2008 |
| MD5 Checksum: | acbae294fbaccc1ba6298805f1302c65 |
|
| /// File Name: |
ciscoval-bypass.txt |
Description:
|
Cisco has confirmed that their 7921 Wi-Fi VoIP phone is vulnerable to a bypass vulnerability where digital certificates are not verified.
| | Author: | George Ou | | Related File: | vocera-flaw.txt | | File Size: | 1381 | | Last Modified: | Feb 25 13:20:21 2008 |
| MD5 Checksum: | e703237a6234a63dc3a23f32e0382281 |
|
| /// File Name: |
beehive-hardcode.txt |
Description:
|
The Beehive/SendFile.NET Secure File Transfer appliance appears to have credentials hardcoded within the outboxWriteUnsent() function of the FTPThread.class file of SendFile.jar.
| | Author: | Brad Antoniewicz | | File Size: | 1344 | | Last Modified: | Mar 3 14:19:59 2008 |
| MD5 Checksum: | 704d2fd0218615186c6c97c7a8362b90 |
|
| /// File Name: |
adobe-print.txt |
Description:
|
A design error vulnerability exists in Adobe Reader and Adobe Acrobat Professional. A remote attacker who successfully exploit this vulnerability can control the printer without user's permission. Affected software versions include Adobe Reader 8.1.1 and below and Adobe Acrobat Professional 8.1.1 and below.
| | Author: | cocoruder | | Homepage: | http://ruder.cdut.net/ | | File Size: | 1301 | | Last Modified: | Feb 7 23:32:09 2008 |
| MD5 Checksum: | 18d7663c9bdf663b2b385e73e35eb32a |
|
| /// File Name: |
ghostscript-overflow.txt |
Description:
|
Ghostscript versions 8.61 and below suffer from a stack-based buffer overflow in the zseticcspace() function in zicc.c.
| | Author: | Chris Evans | | Related Exploit: | ghostscript-poc.txt | | File Size: | 1231 | | Last Modified: | Mar 3 14:15:37 2008 |
| MD5 Checksum: | e8908af1dfabf34c4b2eab9ea0ace408 |
|
| /// File Name: |
CVE-2007-6286.txt |
Description:
|
Apache Tomcat versions 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15 suffer from a duplicate request processing vulnerability.
| | Homepage: | http://tomcat.apache.org/security.html | | File Size: | 1183 | | Related CVE(s): | CVE-2007-6286 | | Last Modified: | Feb 11 13:56:58 2008 |
| MD5 Checksum: | 5747a91001a9756598a25e6ad2e7200e |
|
| /// File Name: |
ioactive-sitescope.txt |
Description:
|
IOActive Security Advisory - IOActive has discovered multiple critical vulnerabilities within the Mercury SiteScope server monitoring software, some of which allow for complete remote compromise of the entire monitored network, as well as arbitrary code execution on all servers managed by the SiteScope software. All versions are affected.
| | Homepage: | http://www.ioactive.com/ | | File Size: | 1172 | | Last Modified: | Feb 12 14:13:24 2008 |
| MD5 Checksum: | 95e0e0d468d0a2b636152b0a84d0763c |
|
| /// File Name: |
vocera-flaw.txt |
Description:
|
It appears that the Vocera wireless LAN VoIP communicators do not bother to cryptographically confirm the validity of a digital certificate.
| | Author: | George Ou | | File Size: | 1152 | | Last Modified: | Feb 21 20:03:40 2008 |
| MD5 Checksum: | 07818869afcef6ad4f8cf98aa65639cb |
|
| /// File Name: |
tomcat-disclose.txt |
Description:
|
Apache Tomcat versions 6.0.5 through 6.0.15 suffer from an interesting flaw. If an exception occurs during the processing of parameters then it is possible that the parameters submitted for that request will be incorrectly processed as part of a following request.
| | Homepage: | http://tomcat.apache.org/security.html | | File Size: | 978 | | Related CVE(s): | CVE-2008-0002 | | Last Modified: | Feb 8 18:01:34 2008 |
| MD5 Checksum: | 60b98ac1f2ff69dbe2e3779706818f68 |
|
| /// File Name: |
liscripts-sql.txt |
Description:
|
LI-Scripts LI-Countdown suffers from a SQL injection vulnerability.
| | Author: | sex | | Homepage: | http://www.aaa-aaa.net.ru/ | | File Size: | 957 | | Last Modified: | Feb 12 17:52:02 2008 |
| MD5 Checksum: | fbef1e6ab3642744f3900c0e4e4d5239 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
