Section: .. / Last 100 Advisory Files /
| /// File Name: | glsa-200805-08.txt | Description:
| Gentoo Linux Security Advisory GLSA 200805-08 - The namesx and uhnames modules do not properly validate network input, leading to a buffer overflow. Versions less than 1.1.19 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2399 | | Related CVE(s): | CVE-2008-1925 | | Last Modified: | May 9 13:53:32 2008 | | MD5 Checksum: | cdb2393100a4faec5400559fd35ff0f8 |
|
| /// File Name: | glsa-200805-07.txt | Description:
| Gentoo Linux Security Advisory GLSA 200805-07 - LTSP version 4.2, ships prebuilt copies of programs such as the Linux Kernel, the X.org X11 server (GLSA 200705-06, GLSA 200710-16, GLSA 200801-09), libpng (GLSA 200705-24, GLSA 200711-08), Freetype (GLSA 200705-02, GLSA 200705-22) and OpenSSL (GLSA 200710-06, GLSA 200710-30) which were subject to multiple security vulnerabilities since 2006. Please note that the given list of vulnerabilities might not be exhaustive. Versions less than 5.0 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 4366 | | Last Modified: | May 9 13:53:07 2008 | | MD5 Checksum: | b99107d7cc4efe620d3b52050bad0f8f |
|
| /// File Name: | glsa-200805-06.txt | Description:
| Gentoo Linux Security Advisory GLSA 200805-06 - Viesturs reported that the default configuration for Gentoo's init script (/etc/conf.d/firebird) sets the ISC_PASSWORD environment variable when starting Firebird. It will be used when no password is supplied by a client connecting as the SYSDBA user. Versions less than 2.0.3.12981.0-r6 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2857 | | Related CVE(s): | CVE-2008-1880 | | Last Modified: | May 9 13:52:37 2008 | | MD5 Checksum: | 85f645f65baa0b3fe9c141d775831681 |
|
| /// File Name: | MDVSA-2008-099.txt | Description:
| Mandriva Linux Security Advisory - A heap-based buffer overflow vulnerability was found in how ImageMagick parsed XCF files. If ImageMagick opened a specially-crafted XCF file, it could be made to overwrite heap memory beyond the bounds of its allocated memory, potentially allowing an attacker to execute arbitrary code on the system running ImageMagick. Another heap-based buffer overflow vulnerability was found in how ImageMagick processed certain malformed PCX images. If ImageMagick opened a specially-crafted PCX image file, an attacker could possibly execute arbitrary code on the system running ImageMagick. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7839 | | Related CVE(s): | CVE-2008-1096, CVE-2008-1097 | | Last Modified: | May 9 13:43:27 2008 | | MD5 Checksum: | 80671fb91b231ddf51ff6f60aef286c4 |
|
| /// File Name: | USN-611-3.txt | Description:
| Ubuntu Security Notice 611-3 - USN-611-1 fixed a vulnerability in Speex. This update provides the corresponding update for GStreamer Good Plugins. It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 15260 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | May 9 13:31:28 2008 | | MD5 Checksum: | 26dd30b7333f05b291b099650b8a9e89 |
|
| /// File Name: | USN-611-2.txt | Description:
| Ubuntu Security Notice 611-2 - USN-611-1 fixed a vulnerability in Speex. This update provides the corresponding update for ogg123, part of vorbis-tools. It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 7294 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | May 9 13:30:57 2008 | | MD5 Checksum: | a2c8b46ce1f3301d099c7eb67973f3b0 |
|
| /// File Name: | USN-611-1.txt | Description:
| Ubuntu Security Notice 611-1 - It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 13345 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | May 9 13:30:27 2008 | | MD5 Checksum: | 218704e90625568f9bf94f8cb18d0063 |
|
| /// File Name: | novell-stackoverflow.txt | Description:
| Novell Client versions 4.91 SP4 and below suffer from a local stack overflow vulnerability. | | Author: | laurent gaffi | | File Size: | 2335 | | Last Modified: | May 9 13:20:52 2008 | | MD5 Checksum: | dcfbc10b009f3e54667c1a67566d1691 |
|
| /// File Name: | 05.07.08-3.txt | Description:
| iDefense Security Advisory 05.07.08 - Remote exploitation of an integer signedness vulnerability in rdesktop, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged-in user. The vulnerability exists within the code responsible for reallocating dynamic buffers. The rdesktop xrealloc() function uses a signed comparison to determine if the requested allocation size is less than 1. When this occurs, the function will incorrectly set the allocation size to be 1. This results in an improperly sized heap buffer being allocated, which can later be overflowed. iDefense confirmed the existence of this vulnerability in rdesktop version 1.5.0. Previous versions may also be affected. | | Homepage: | http://www.idefense.com/ | | File Size: | 3416 | | Related CVE(s): | CVE-2008-1803 | | Last Modified: | May 7 20:43:37 2008 | | MD5 Checksum: | c3320ef9f586bf2a8eadea9bdb952524 |
|
| /// File Name: | 05.07.08-2.txt | Description:
| iDefense Security Advisory 05.07.08 - Remote exploitation of a BSS overflow vulnerability in rdesktop, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged-in user. The vulnerability exists within the code responsible for reading in an RDP redirect request. This request is used to redirect an RDP connection from one server to another. When parsing the redirect request, the rdesktop client reads several 32-bit integers from the request packet. These integers are then used to control the number of bytes read into statically allocated buffers. This results in several buffers located in the BSS section being overflowed, which can lead to the execution of arbitrary code. iDefense confirmed the existence of this vulnerability in rdesktop version 1.5.0. Previous versions may also be affected. | | Homepage: | http://www.idefense.com/ | | File Size: | 3480 | | Related CVE(s): | CVE-2008-1802 | | Last Modified: | May 7 20:42:49 2008 | | MD5 Checksum: | dcb778aa36d5093d53a1522ad73f6ceb |
|
| /// File Name: | 05.07.08-1.txt | Description:
| iDefense Security Advisory 05.07.08 - Remote exploitation of an integer underflow vulnerability in rdesktop, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged-in user. The vulnerability exists within the code responsible for reading in an RDP request. When reading a request, a 16-bit integer value that represents the number of bytes that follow is taken from the packet. This value is then decremented by 4, and used to calculate how many bytes to read into a heap buffer. The subtraction operation can underflow, which will then lead to the heap buffer being overflowed. iDefense confirmed the existence of this vulnerability in rdesktop version 1.5.0. Previous versions may also be affected. | | Homepage: | http://www.idefense.com/ | | File Size: | 3393 | | Related CVE(s): | CVE-2008-1801 | | Last Modified: | May 7 20:42:04 2008 | | MD5 Checksum: | c018aff3b2b98000cb2a48058984a14d |
|
| /// File Name: | google-spam.txt | Description:
| It appears that manipulating the forwarding functionality in Google's GMail service allows people to spam. | | Homepage: | http://ece.uprm.edu/~andre/insert | | File Size: | 2123 | | Last Modified: | May 7 20:40:32 2008 | | MD5 Checksum: | f7d31e6f454a2e5814a14ca9ac14dcfb |
|
| /// File Name: | glsa-200805-04.txt | Description:
| Gentoo Linux Security Advisory GLSA 200805-04 - A vulnerability has been reported in FCKEditor due to the way that file uploads are handled in the file editor/filemanager/upload/php/upload.php when a filename has multiple file extensions (CVE-2008-2041). Another vulnerability exists in the _bad_protocol_once() function in the file phpgwapi/inc/class.kses.inc.php, which allows remote attackers to bypass HTML filtering (CVE-2008-1502). Versions less than 1.4.004 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 3609 | | Related CVE(s): | CVE-2008-1502, CVE-2008-2041 | | Last Modified: | May 7 20:38:18 2008 | | MD5 Checksum: | 0ef7dd1b359cd5c05af051363a60b6d3 |
|
| /// File Name: | glsa-200805-03.txt | Description:
| Gentoo Linux Security Advisory GLSA 200805-03 - Bernhard R. Link discovered that Eterm opens a terminal on :0 if the -display option is not specified and the DISPLAY environment variable is not set. Further research by the Gentoo Security Team has shown that aterm, Mrxvt, multi-aterm, RXVT, rxvt-unicode, and wterm are also affected. Versions less than 1.0.1-r1 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 4335 | | Related CVE(s): | CVE-2008-1142, CVE-2008-1692 | | Last Modified: | May 7 20:37:56 2008 | | MD5 Checksum: | e7bce4b2f319f035e053ff26dbb0497a |
|
| /// File Name: | USN-610-1.txt | Description:
| Ubuntu Security Notice 610-1 - Christian Herzog discovered that it was possible to connect to any LTSP client's X session over the network. A remote attacker could eavesdrop on X events, read window contents, and record keystrokes, possibly gaining access to private information. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 7189 | | Related CVE(s): | CVE-2008-1293 | | Last Modified: | May 7 13:36:46 2008 | | MD5 Checksum: | 77ac0e795794d36deede12c886ccdf18 |
|
| /// File Name: | USN-609-1.txt | Description:
| Ubuntu Security Notice 609-1 - It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOffice.org. If a user were tricked into running a specially crafted query, a remote attacker could execute arbitrary Java with user privileges. Multiple memory overflow flaws were discovered in OpenOffice.org's handling of Quattro Pro, EMF, and OLE files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 62628 | | Related CVE(s): | CVE-2007-4575, CVE-2007-5745, CVE-2007-5746, CVE-2007-5747, CVE-2008-0320 | | Last Modified: | May 7 13:36:08 2008 | | MD5 Checksum: | a3deee4ad320e4a22639ce04c53c56e9 |
|
| /// File Name: | adobe-print-v2.txt | Description:
| A design error vulnerability exists in Adobe Reader and Adobe Acrobat Professional. A remote attacker who successfully exploit this vulnerability can control the printer without user's permission. Affected software versions include Adobe Reader 8.1.1 and below and Adobe Acrobat Professional 8.1.1 and below. This is an updated advisory. | | Author: | cocoruder | | Homepage: | http://ruder.cdut.net/ | | Related File: | adobe-print.txt | | File Size: | 2533 | | Related CVE(s): | CVE-2008-0655 | | Last Modified: | May 7 13:34:32 2008 | | MD5 Checksum: | b5590bc735cc6ed7a4c5c8923db40f71 |
|
| /// File Name: | aap-bypass.txt | Description:
| Two critical vulnerabilities exist in the javascript API of Adobe Acrobat Professional 7. A remote attacker who successfully exploits these vulnerabilities can execute restricted functions and arbitrary codes on the affected system. Adobe Acrobat Professional version 7.0.9 is affected. | | Author: | cocoruder | | Homepage: | http://ruder.cdut.net/ | | File Size: | 3586 | | Related CVE(s): | CVE-2008-2042 | | Last Modified: | May 7 13:32:04 2008 | | MD5 Checksum: | d5e4c5adb0d84a55148b570fa73bccdc |
|
| /// File Name: | MDVSA-2008-098.txt | Description:
| Mandriva Linux Security Advisory - A vulnerability in OpenSSH 4.4 through 4.8 allowed local attackers to bypass intended security restrictions enabling them to execute commands other than those specified by the ForceCommand directive, provided they are able to modify to ~/.ssh/rc. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6090 | | Related CVE(s): | CVE-2008-1657 | | Last Modified: | May 7 13:29:56 2008 | | MD5 Checksum: | c05d37c906d149b687d05a12d3686dbb |
|
| /// File Name: | MDVSA-2008-097.txt | Description:
| Mandriva Linux Security Advisory - A vulnerability was found in start_kdeinit in KDE 3.5.5 through 3.5.9 where, if it was installed setuid root, it could allow local users to cause a denial of service or possibly execute arbitrary code. By default, start_kdeinit is not installed setuid root on Mandriva Linux, however updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4032 | | Related CVE(s): | CVE-2008-1671 | | Last Modified: | May 7 13:29:17 2008 | | MD5 Checksum: | c4ad65a04bf01fc452431de16f2c99c3 |
|
| /// File Name: | MDVSA-2008-096.txt | Description:
| Mandriva Linux Security Advisory - Steve Grubb found that the vcdiff script in Emacs create temporary files insecurely when used with SCCS. A local user could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8840 | | Related CVE(s): | CVE-2008-1694 | | Last Modified: | May 6 19:15:29 2008 | | MD5 Checksum: | 3a0ea4e3b1b58f64a7459c160c351863 |
|
| /// File Name: | USN-605-1.txt | Description:
| Ubuntu Security Notice 605-1 - Various flaws were discovered in the JavaScript engine. If a user had JavaScript enabled and were tricked into opening a malicious email, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges. Several problems were discovered in Thunderbird which could lead to crashes and memory corruption. If a user had JavaScript enabled and were tricked into opening a malicious email, an attacker may be able to execute arbitrary code with the user's privileges. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 18180 | | Related CVE(s): | CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237 | | Last Modified: | May 6 19:12:13 2008 | | MD5 Checksum: | 0b243038ac4bfd44eec2a7fae256dc22 |
|
| /// File Name: | USN-608-1.txt | Description:
| Ubuntu Security Notice 608-1 - It was discovered that start_kdeinit in KDE 3 did not properly sanitize its input. A local attacker could exploit this to send signals to other processes and cause a denial of service or possibly execute arbitrary code. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 11178 | | Related CVE(s): | CVE-2008-1671 | | Last Modified: | May 6 19:11:14 2008 | | MD5 Checksum: | d59d8585bfa28ce139cf8e4ff1045cad |
|
| /// File Name: | USN-607-1.txt | Description:
| Ubuntu Security Notice 607-1 - It was discovered that Emacs did not account for precision when formatting integers. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly other unspecified actions. This issue does not affect Ubuntu 8.04. Steve Grubb discovered that the vcdiff script as included in Emacs created temporary files in an insecure way when used with SCCS. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 23245 | | Related CVE(s): | CVE-2008-1694, CVE-2007-6109 | | Last Modified: | May 6 19:10:40 2008 | | MD5 Checksum: | a268f077c248e418988b3225432e51aa |
|
| /// File Name: | AD20080506EN.txt | Description:
| The Yahoo! Assistant (3721) ActiveX control is susceptible to a remote code execution vulnerability. Versions 3.6 and below are affected. | | Author: | Sowhat | | Homepage: | http://www.nevisnetworks.com/ | | File Size: | 2584 | | Last Modified: | May 6 19:09:16 2008 | | MD5 Checksum: | 93a8a3701807b7809398c4ed10235e20 |
|
| /// File Name: | SE-2008-03.txt | Description:
| PHP versions 5.2.5 and below and 4.4.8 and below suffer from a multibyte shell command escaping bypass vulnerability. | | Author: | Stefan Esser | | Homepage: | http://www.sektioneins.de/ | | File Size: | 6019 | | Last Modified: | May 6 19:03:07 2008 | | MD5 Checksum: | 75f252427e7c381d010f1b575b551982 |
|
| /// File Name: | SE-2008-02.txt | Description:
| PHP versions 5.2.5 and below and 4.4.8 and below suffer from a weak random number seed vulnerability in GENERATE_SEED(). | | Author: | Stefan Esser | | Homepage: | http://www.sektioneins.de/ | | File Size: | 6356 | | Last Modified: | May 6 19:02:00 2008 | | MD5 Checksum: | 4b0cca74264389c41d1fdf9224233459 |
|
| /// File Name: | bugzilla-multi.txt | Description:
| Bugzilla Security Advisory - Bugzilla version 3.1.3 suffers from an unauthorized bug change vulnerability. Versions 2.17.2 and higher suffer from a cross site scripting vulnerability. Versions 2.23.4 and higher suffer from an account impersonation vulnerability. | | Author: | Frederic Buclin, Max Kanat-Alexander, Bradley Baetz, Loren Butler, Marc Schumann | | Homepage: | http://www.bugzilla.org/ | | File Size: | 3485 | | Last Modified: | May 6 18:53:45 2008 | | MD5 Checksum: | 13db085e595afc0bfe20386178dd1ece |
|
| /// File Name: | dsa-1570-1.txt | Description:
| Debian Security Advisory 1570-1 - Andrews Salomon reported that kazehakase, a GTK+-base web browser that allows pluggable rendering engines, contained an embedded copy of the PCRE library in its source tree which was compiled in and used in preference to the system-wide version of this library. The PCRE library has been updated to fix the security issues reported against it in previous Debian Security Advisories. This update ensures that kazehakase uses that supported library, and not its own embedded and insecure version. | | Homepage: | http://www.debian.org/security | | File Size: | 4937 | | Related CVE(s): | CVE-2006-7227, CVE-2006-7228, CVE-2006-7230, CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768 | | Last Modified: | May 6 16:44:01 2008 | | MD5 Checksum: | 7c06871d3debf143c6fa695b70d15b23 |
|
| /// File Name: | SSRT080034.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Netscape Directory Server (NDS). The vulnerability could be used locally to gain extended privileges. | | Homepage: | http://www.hp.com/ | | File Size: | 7308 | | Related CVE(s): | CVE-2008-0892 | | Last Modified: | May 6 16:42:02 2008 | | MD5 Checksum: | d484200e5c25c9765700282b3a715e10 |
|
| /// File Name: | dsa-1554-2.txt | Description:
| Debian Security Advisory 1554-2 - Roundup, an issue tracking system, fails to properly escape HTML input, allowing an attacker to inject client-side code (typically JavaScript) into a document that may be viewed in the victim's browser. | | Homepage: | http://www.debian.org/security | | File Size: | 3142 | | Related CVE(s): | CVE-2008-1474 | | Last Modified: | May 6 16:40:22 2008 | | MD5 Checksum: | 23546650cebe54b7719fbd4c9d712eed |
|
| /// File Name: | dsa-1569-2.txt | Description:
| Debian Security Advisory 1569-2 - The original update for cacti unfortunately introduced a regression. Updated packages have been created to address this. It was discovered that Cacti, a systems and services monitoring frontend, performed insufficient input sanitising, leading to cross site scripting and SQL injection being possible. | | Homepage: | http://www.debian.org/security | | File Size: | 3253 | | Related CVE(s): | CVE-2008-0783, CVE-2008-0785 | | Last Modified: | May 6 16:39:48 2008 | | MD5 Checksum: | 14da4de45a7965759e35ce4984df344d |
|
| /// File Name: | glsa-200805-02.txt | Description:
| Gentoo Linux Security Advisory GLSA 200805-02 - Cezary Tomczak reported that an undefined UploadDir variable exposes an information disclosure vulnerability when running on shared hosts. Versions less than 2.11.5.2 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2828 | | Related CVE(s): | CVE-2008-1924 | | Last Modified: | May 6 16:22:30 2008 | | MD5 Checksum: | f5057ea23bcd61d5a2859e06b80048e8 |
|
| /// File Name: | glsa-200805-01.txt | Description:
| Gentoo Linux Security Advisory GLSA 200805-01 - Multiple vulnerabilities in the Horde Application Framework may lead to the execution of arbitrary files, information disclosure, and allow a remote attacker to bypass security restrictions. Versions less than 3.1.7 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 4800 | | Related CVE(s): | CVE-2008-1284 | | Last Modified: | May 6 16:22:04 2008 | | MD5 Checksum: | fbc502d5bf403437b5eb5c915a78fca3 |
|
| /// File Name: | CORE-2008-0129.txt | Description:
| Core Security Technologies Advisory - A vulnerability was found in Wonderware SuiteLink Service ('slssvc.exe') that could allow an un-authenticated remote attacker with the ability to connect to the SuiteLink service TCP port to shutdown the service abnormally by sending a malformed packet. Exploitation of the vulnerability for remote code execution has not been proven, but it has not been eliminated as a potential scenario. | | Author: | Sebastian Muniz | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 17419 | | Related CVE(s): | CVE-2008-2005 | | Last Modified: | May 6 16:21:55 2008 | | MD5 Checksum: | cbba5446dc9d1e16b74a4f9c8d3500c9 |
|
| /// File Name: | novelledir-soap.txt | Description:
| Novell eDirectory versions 8.7.x through 8.8.1 suffer from an arbitrary access vulnerability due to client-side access control when using the SOAP interface. | | Author: | Nicob | | File Size: | 1472 | | Related CVE(s): | CVE-2008-0926 | | Last Modified: | May 6 16:17:50 2008 | | MD5 Checksum: | bfc87cfd78dc50b27221742df7b7e90f |
|
| /// File Name: | dsa-1569-1.txt | Description:
| Debian Security Advisory 1569-1 - It was discovered that Cacti, a systems and services monitoring frontend, performed insufficient input sanitizing, leading to cross site scripting and SQL injection being possible. | | Homepage: | http://www.debian.org/security | | File Size: | 3076 | | Related CVE(s): | CVE-2008-0783, CVE-2008-0785 | | Last Modified: | May 5 14:21:38 2008 | | MD5 Checksum: | 7e570d1ee38f5fd86083687cc05921e8 |
|
| /// File Name: | dsa-1568-1.txt | Description:
| Debian Security Advisory 1568-1 - "unsticky" discovered that b2evolution, a blog engine, performs insufficient input sanitising, allowing for cross site scripting. | | Homepage: | http://www.debian.org/security | | File Size: | 3120 | | Related CVE(s): | CVE-2007-0175 | | Last Modified: | May 5 14:20:54 2008 | | MD5 Checksum: | f9e73cec816de809b3aa14a1a0c1a5ce |
|
| /// File Name: | dsa-1567-1.txt | Description:
| Debian Security Advisory 1567-1 - Stefan Cornelius discovered a vulnerability in the Radiance High Dynamic Range (HDR) image parser in Blender, a 3D modelling application. The weakness could enable a stack-based buffer overflow and the execution of arbitrary code if a maliciously-crafted HDR file is opened, or if a directory containing such a file is browsed via Blender's image-open dialog. | | Homepage: | http://www.debian.org/security | | File Size: | 5193 | | Related CVE(s): | CVE-2008-1102 | | Last Modified: | May 5 14:20:24 2008 | | MD5 Checksum: | 17e02085dd445b7a2b13941066ee38c4 |
|
| /// File Name: | webmodz.txt | Description:
| WebMod versions 0.48 and below suffer from directory traversal, buffer overflow, and disclosure vulnerabilities. | | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | webmodz.zip | | File Size: | 3516 | | Last Modified: | May 5 14:03:20 2008 | | MD5 Checksum: | 446b41bca98f6c09f4273b89e3ff5922 |
|
| /// File Name: | USN-606-1.txt | Description:
| Ubuntu Security Notice 606-1 - Thomas Pollet discovered that CUPS did not properly validate the size of PNG images. A local attacker, and a remote attacker if printer sharing is enabled, could send a crafted file and cause a denial of service or possibly execute arbitrary code as the non-root user in Ubuntu 6.06 LTS and 7.04. In Ubuntu 7.10, attackers would be isolated by the AppArmor CUPS profile. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 18105 | | Related CVE(s): | CVE-2008-1722 | | Last Modified: | May 5 14:00:06 2008 | | MD5 Checksum: | 7d5d5bc230258dce039aa660f76063ad |
|
| /// File Name: | cod4statz.txt | Description:
| Call of Duty 4: Modern Warfare versions 1.5 and below are susceptible to a denial of service vulnerability. | | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | cod4statz.zip | | File Size: | 4044 | | Last Modified: | May 2 16:39:52 2008 | | MD5 Checksum: | e1f594ee499ddd8246fbc815033fbe6c |
|
| /// File Name: | dsa-1566-1.txt | Description:
| Debian Security Advisory 1566-1 - Dmitry Levin discovered a vulnerability in path handling code used by the cpio archive utility. The weakness could enable a denial of service (crash) or potentially the execution of arbitrary code if a vulnerable version of cpio is used to extract or to list the contents of a maliciously crafted archive. | | Homepage: | http://www.debian.org/security | | File Size: | 4745 | | Related CVE(s): | CVE-2007-4476 | | Last Modified: | May 2 15:28:57 2008 | | MD5 Checksum: | 476ba261ed8d427273e76818858d57c5 |
|
| /// File Name: | dsa-1565-1.txt | Description:
| Debian Security Advisory 1565-1 - Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. Cyrill Gorcunov reported a NULL pointer dereference in code specific to the CHRP PowerPC platforms. Local users could exploit this issue to achieve a Denial of Service (DoS). Nick Piggin of SuSE discovered a number of issues in subsystems which register a fault handler for memory mapped areas. This issue can be exploited by local users to achieve a Denial of Service (DoS) and possibly execute arbitrary code. David Peer discovered that users could escape administrator imposed cpu time limitations (RLIMIT_CPU) by setting a limit of 0. Alexander Viro discovered a race condition in the directory notification subsystem that allows local users to cause a Denial of Service (oops) and possibly result in an escalation of privileges. | | Homepage: | http://www.debian.org/security | | File Size: | 37278 | | Related CVE(s): | CVE-2007-6694, CVE-2008-0007, CVE-2008-1294, CVE-2008-1375 | | Last Modified: | May 1 18:34:19 2008 | | MD5 Checksum: | ae6543607f059d419bb854fa3f84d205 |
|
| /// File Name: | dsa-1564-1.txt | Description:
| Debian Security Advisory 1564-1 - Several remote vulnerabilities have been discovered in wordpress, a weblog manager. Multiple cross-site scripting vulnerabilities allowed remote authenticated administrators to inject arbitrary web script or HTML. SQL injection vulnerability allowed allowed remote authenticated administrators to execute arbitrary SQL commands. WordPress allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data. Insufficient input sanitising caused an attacker with a normal user account to access the administrative interface. | | Homepage: | http://www.debian.org/security | | File Size: | 3992 | | Related CVE(s): | CVE-2007-3639, CVE-2007-4153, CVE-2007-4154, CVE-2007-0540 | | Last Modified: | May 1 18:32:00 2008 | | MD5 Checksum: | c02afb1d586036ee19f75990816839c2 |
|
| /// File Name: | 04.30.08-1.txt | Description:
| iDefense Security Advisory 04.30.08 - Remote exploitation of a design error in Akamai Technologies, Inc's Download Manager allows attackers to execute arbitrary code in the context of the current user. iDefense confirmed the existence of this vulnerability using version 2.2.2.1 of Akamai Technologies Inc's DownloadManagerV2.ocx. Additionally, iDefense confirmed the problem exists in version 2.2.2.0 of the Download Manager Java Applet. All versions prior to the fixed version are suspected to be vulnerable. | | Author: | Peter Vreugdenhil | | Homepage: | http://www.idefense.com/ | | File Size: | 4508 | | Related CVE(s): | CVE-2008-6339 | | Last Modified: | May 1 18:26:46 2008 | | MD5 Checksum: | 4026d3cb280e06a5aeaf9544acbbbdd7 |
|
| /// File Name: | oracle-cdc.txt | Description:
| Team SHATTER Security Advisory - Oracle Database Server versions 10gR1, 10gR2 and 11gR1 suffer from a SQL injection vulnerability in SYS.DBMS_CDC_UTILITY.LOCK_CHANGE_SET. | | Author: | Esteban Martinez Fayo | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2397 | | Last Modified: | May 1 18:25:35 2008 | | MD5 Checksum: | 3262e67beb4e36a4ad72fdece4efc664 |
|
| /// File Name: | oracle-kupf.txt | Description:
| Team SHATTER Security Advisory - Oracle Database Server versions 9iR2, 10gR1, 10gR2 and 11gR1 suffer from a buffer overflow vulnerability in SYS.KUPF$FILE_INT.GET_FULL_FILENAME. | | Author: | Esteban Martinez Fayo | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2384 | | Last Modified: | May 1 18:25:06 2008 | | MD5 Checksum: | 3855f9163df523dcf29cdbacdf873df0 |
|
| /// File Name: | oracle-aqjms.txt | Description:
| Team SHATTER Security Advisory - Oracle Database Server versions 9iR1, 9iR2 (9.2.0.7 and previous patchsets) and 10gR1 suffer from a buffer overflow vulnerability in SYS.DBMS_AQJMS_INTERNAL. | | Author: | Esteban Martinez Fayo | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2446 | | Last Modified: | May 1 18:23:42 2008 | | MD5 Checksum: | b6ca92dc152400241d7c65a7995dfa11 |
|
| /// File Name: | astrocam-xss.txt | Description:
| AstroCam versions 2.5.0 through 2.7.3 suffer from a cross site scripting vulnerability. | | Author: | Steffen Wendzel | | Homepage: | http://www.wendzel.de/ | | File Size: | 598 | | Last Modified: | May 1 10:48:53 2008 | | MD5 Checksum: | da3dc7e8fa1ea5f18aabbed41e811105 |
|
| /// File Name: | akamai-activex.txt | Description:
| A security vulnerability has been discovered in versions prior to 2.2.3.5 of Akamai Download Manager. For successful exploitation, this vulnerability requires a user to be convinced to visit a malicious URL put into place by an attacker. This may then lead to an unauthorized download and automatic execution of arbitrary code run within the context of the victim user. | | Author: | iDefense | | Homepage: | http://www.akamai.com/ | | File Size: | 4350 | | Related CVE(s): | CVE-2007-6339 | | Last Modified: | Apr 30 20:50:51 2008 | | MD5 Checksum: | b705edaeedc6bd7e8536506f8e8c9491 |
|
| /// File Name: | dsa-1563-1.txt | Description:
| Debian Security Advisory 1563-1 - Joel R. Voss discovered that the IAX2 module of Asterisk, a free software PBX and telephony toolkit performs insufficient validation of IAX2 protocol messages, which may lead to denial of service. | | Homepage: | http://www.debian.org/security | | File Size: | 9703 | | Related CVE(s): | CVE-2008-1897 | | Last Modified: | Apr 30 20:49:01 2008 | | MD5 Checksum: | d3c0c0afebf4599c391e9e1d197a3ac5 |
|
| /// File Name: | SSRT080000.txt | Description:
| HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running WBEM Services. These vulnerabilities could be exploited remotely to execute arbitrary code or to gain extended privileges. | | Homepage: | http://www.hp.com/ | | File Size: | 7962 | | Related CVE(s): | CVE-2007-5360, CVE-2008-0003 | | Last Modified: | Apr 30 20:46:10 2008 | | MD5 Checksum: | e06432718809d3e5fcaa0f82bc13921f |
|
| /// File Name: | NGS-SNMPc.txt | Description:
| Wade Alcorn and John Heasman of NGSSoftware have discovered a stack overflow vulnerability in Castle Rock Computing SNMPc Network Manager. Versions 7.1 and below are affected. | | Author: | Wade Alcorn, John Heasman | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 2649 | | Last Modified: | Apr 30 20:40:56 2008 | | MD5 Checksum: | 16818ba4cc13453bab9e6d7c99b36067 |
|
| /// File Name: | MDVSA-2008-094.txt | Description:
| Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6360 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | Apr 29 20:25:28 2008 | | MD5 Checksum: | c3058a0c68a5329507b9199eb2357374 |
|
| /// File Name: | MDVSA-2008-093.txt | Description:
| Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library. The ogg123 application in vorbis-tools is similarly affected by this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3524 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | Apr 29 20:24:49 2008 | | MD5 Checksum: | c6dba30f19bdce266467d0eb81876aeb |
|
| /// File Name: | MDVSA-2008-092.txt | Description:
| Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library. The speex plugin in the gstreamer-plugins-good package is similarly affected by this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6372 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | Apr 29 20:24:03 2008 | | MD5 Checksum: | a7927b2bc291db5b5346c884eaa8ee12 |
|
| /// File Name: | glsa-200804-30.txt | Description:
| Gentoo Linux Security Advisory GLSA 200804-30 - Vulnerabilities have been reported in the processing of user-controlled data by start_kdeinit, which is setuid root by default. Versions less than 4.0 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2858 | | Related CVE(s): | CVE-2008-1671 | | Last Modified: | Apr 29 19:47:11 2008 | | MD5 Checksum: | 7cb96af75e50047c4cb88e232efaed5a |
|
| /// File Name: | CORE-2008-0320.txt | Description:
| Core Security Technologies Advisory - Insufficient argument validation of hooked SSDT functions exists in BitDefender Antivirus 2008 Build 11.0.11, Comodo Firewall Pro 2.4.18.184, Sophos Antivirus 7.0.5, and Rising Antivirus 19.60.0.0 and 19.66.0.0. Older versions may be affected, but were not checked. | | Author: | Damian Saura, Anibal Sacco, Dario Menichelli, Norberto Kueffner, Andres Blanco, Rodrigo Carvalho | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 24176 | | Related CVE(s): | CVE-2008-1735, CVE-2008-1736, CVE-2008-1737, CVE-2008-1738 | | Last Modified: | Apr 28 18:43:55 2008 | | MD5 Checksum: | 07f48db168be845e6c0d39ee8563171e |
|
| /// File Name: | msswi-blog.txt | Description:
| It appears that Microsoft may have incorrectly stated a few things regarding MS08-020 on their blog and are reluctant to fix it. | | Author: | Amit Klein | | Homepage: | http://www.trusteer.com/ | | File Size: | 10370 | | Last Modified: | Apr 28 18:33:57 2008 | | MD5 Checksum: | 5e1a39dbeaa19feb74181d88d9a056be |
|
| /// File Name: | groupwise70-overflow.txt | Description:
| The mailto: functionality in GroupWise 7.0 appears susceptible to a buffer overflow vulnerability. | | Author: | Juan Pablo Lopez Yacubian | | File Size: | 825 | | Last Modified: | Apr 28 18:31:09 2008 | | MD5 Checksum: | 78933519c25a9a493cb8771ae024207e |
|
| /// File Name: | dsa-1562-1.txt | Description:
| Debian Security Advisory 1562-1 - It was discovered that crashes in the Javascript engine of Iceape, an unbranded version of the Seamonkey internet suite could potentially lead to the execution of arbitrary code. | | Homepage: | http://www.debian.org/security | | File Size: | 16583 | | Related CVE(s): | CVE-2008-1380 | | Last Modified: | Apr 28 18:26:16 2008 | | MD5 Checksum: | 44efe19b09ab216dba3a560ccee827b3 |
|
| /// File Name: | dsa-1561-1.txt | Description:
| Debian Security Advisory 1561-1 - Christian Herzog discovered that within the Linux Terminal Server Project, it was possible to connect to X on any LTSP client from any host on the network, making client windows and keystrokes visible to that host. | | Homepage: | http://www.debian.org/security | | File Size: | 5747 | | Related CVE(s): | CVE-2008-1293 | | Last Modified: | Apr 28 11:08:15 2008 | | MD5 Checksum: | bc32356163c95e7e7e2543dfa9e798b9 |
|
| /// File Name: | dsa-1560-1.txt | Description:
| Debian Security Advisory 1560-1 - "The-0utl4w" discovered that the Kronolith, calendar component for the Horde Framework, didn't properly sanitize URL input, leading to a cross-site scripting vulnerability in the add event screen. | | Homepage: | http://www.debian.org/security | | File Size: | 3094 | | Last Modified: | Apr 28 11:07:30 2008 | | MD5 Checksum: | 4b932675e980a1f06662af53ca462b60 |
|
| /// File Name: | dsa-1556-2.txt | Description:
| Debian Security Advisory 1556-2 - An editorial mistake resulted in DSA-1556-1 not correctly applying the required change, making it ineffective. This DSA has been reissued as DSA-1556-2. It has been discovered that the Perl interpreter may encounter a buffer overflow condition when compiling certain regular expressions containing Unicode characters. This also happens if the offending characters are contained in a variable reference protected by the \Q...\E quoting construct. When encountering this condition, the Perl interpreter typically crashes, but arbitrary code execution cannot be ruled out. | | Homepage: | http://www.debian.org/security | | File Size: | 13470 | | Related CVE(s): | CVE-2008-1927 | | Last Modified: | Apr 28 11:06:46 2008 | | MD5 Checksum: | d385186a4b6ec37e19b30adc4b31b87b |
|
| /// File Name: | dsa-1559-1.txt | Description:
| Debian Security Advisory 1559-1 - It was discovered that phpGedView, an application to provide online access to genealogical data, performed insufficient input sanitising on some parameters, making it vulnerable to cross site scripting. | | Homepage: | http://www.debian.org/security | | File Size: | 3872 | | Related CVE(s): | CVE-2007-5051 | | Last Modified: | Apr 28 11:05:57 2008 | | MD5 Checksum: | fb2de4d559a520307a827d13e3789d95 |
|
| /// File Name: | dsa-1492-2.txt | Description:
| Debian Security Advisory 1492-2 - The security update DSA 1492-1 fixed the security problem below but introduced a new problem by not removing temporary directories in the ipp backend. This update corrects this. | | Homepage: | http://www.debian.org/security | | File Size: | 5199 | | Related CVE(s): | CVE-2008-0665, CVE-2008-0666 | | Last Modified: | Apr 28 11:05:21 2008 | | MD5 Checksum: | 6089ef64c5f3604733d60efdf1bde197 |
|
| /// File Name: | excel-xss.txt | Description:
| Excel may suffer from cross site scripting issues if launched within the DOM. | | Author: | Juan Pablo Lopez Yacubian | | File Size: | 841 | | Last Modified: | Apr 28 11:04:21 2008 | | MD5 Checksum: | 3cc3372ee2a4323d859b4e10f7c48a75 |
|
| /// File Name: | glsa-200804-29.txt | Description:
| Gentoo Linux Security Advisory GLSA 200804-29 - Comix does not properly sanitize filenames containing shell metacharacters when they are passed to the rar, unrar, or jpegtran programs (CVE-2008-1568). Comix also creates directories with predictable names (CVE-2008-1796). Versions less than 3.6.4-r1 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 3382 | | Related CVE(s): | CVE-2008-1568, CVE-2008-1796 | | Last Modified: | Apr 25 20:03:20 2008 | | MD5 Checksum: | 8ce89de703f5399b083a9db761aa6539 |
|
| /// File Name: | wordpress-cookie-integrity.txt | Description:
| An attacker, who is able to register a specially crafted username on a Wordpress 2.5 installation, is able to generate authentication cookies for other chosen accounts. This is not good. | | Author: | Steven J. Murdoch | | Homepage: | http://www.cl.cam.ac.uk/users/sjm217/ | | File Size: | 3767 | | Related CVE(s): | CVE-2008-1930 | | Last Modified: | Apr 25 11:57:22 2008 | | MD5 Checksum: | 4dc92444f474cfd6cca874b7f41b46bd |
|
| /// File Name: | dsa-1558-1.txt | Description:
| Debian Security Advisory 1558-1 - It was discovered that crashes in the Javascript engine of xulrunner, the Gecko engine library, could potentially lead to the execution of arbitrary code. | | Homepage: | http://www.debian.org/security | | File Size: | 27398 | | Related CVE(s): | CVE-2008-1380 | | Last Modified: | Apr 24 17:07:47 2008 | | MD5 Checksum: | 4850d8da80953fcdd093d6f183997530 |
|
| /// File Name: | SSRT080031.txt | Description:
| HP Security Bulletin - A potential vulnerability has been identified with the HPeDiag ActiveX control which is a component of HP Software Update running under windows. The vulnerability could be exploited to allow remote disclosure of information and execution of arbitrary code. | | Homepage: | http://www.hp.com/ | | File Size: | 7674 | | Related CVE(s): | CVE-2008-0712 | | Last Modified: | Apr 24 16:49:38 2008 | | MD5 Checksum: | 94d1e54ffae4bc8b8badbca2a431fe5f |
|
| /// File Name: | dsa-1557-1.txt | Description:
| Debian Security Advisory 1557-1 - Several remote vulnerabilities have been discovered in phpMyAdmin, an application to administrate MySQL over the WWW. Attackers with CREATE table permissions were allowed to read arbitrary files readable by the webserver via a crafted HTTP POST request. The PHP session data file stored the username and password of a logged in user, which in some setups can be read by a local user. Cross site scripting and SQL injection were possible by attackers that had permission to create cookies in the same cookie domain as phpMyAdmin runs in. | | Homepage: | http://www.debian.org/security | | File Size: | 3673 | | Related CVE(s): | CVE-2008-1149, CVE-2008-1567, CVE-2008-1924 | | Last Modified: | Apr 24 16:46:15 2008 | | MD5 Checksum: | 048c9857c58552e12caabe6fe8388596 |
|
| /// File Name: | dsa-1556-1.txt | Description:
| Debian Security Advisory 1556-1 - It has been discovered that the Perl interpreter may encounter a buffer overflow condition when compiling certain regular expressions containing Unicode characters. This also happens if the offending characters are contained in a variable reference protected by the \Q...\E quoting construct. When encountering this condition, the Perl interpreter typically crashes, but arbitrary code execution cannot be ruled out. | | Homepage: | http://www.debian.org/security | | File Size: | 13238 | | Related CVE(s): | CVE-2008-1927 | | Last Modified: | Apr 24 16:44:35 2008 | | MD5 Checksum: | 301dc75bc63005c52eccfcb3ffbdb515 |
|
| /// File Name: | glsa-200804-28.txt | Description:
| Gentoo Linux Security Advisory GLSA 200804-28 - Because of sharing the same codebase, JRockit is affected by the vulnerabilities mentioned in GLSA 200804-20. Versions less than 1.5.0.14 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 3029 | | Last Modified: | Apr 24 16:26:06 2008 | | MD5 Checksum: | 8adfd9b3fcb5d2b592286e4eb4c68173 |
|
| /// File Name: | glsa-200804-27.txt | Description:
| Gentoo Linux Security Advisory GLSA 200804-27 - Nathan G. Grennan reported a boundary error in SILC Toolkit within the silc_fingerprint() function in the file lib/silcutil/silcutil.c when passing overly long data, resulting in a stack-based buffer overflow. Versions less than 1.1.7 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 4182< |
|
|