Section: .. / 0702-advisories /
| /// File Name: |
sa24170.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in LifeType, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/24170/ | | File Size: | 2391 | | Last Modified: | Feb 16 23:11:34 2007 |
| MD5 Checksum: | c10ec594a10d921260f3a7dec8e27548 |
|
| /// File Name: |
easymail.txt |
Description:
|
EasyMail Objects version 6.5 suffers from a connect method stack overflow vulnerability.
| | Author: | Paul Craig | | Homepage: | http://www.security-assessment.com/ | | File Size: | 2683 | | Last Modified: | Feb 16 03:06:24 2007 |
| MD5 Checksum: | 42312e8a0f02a0562d27b6a7dfe8f2bf |
|
| /// File Name: |
USN-422-1.txt |
Description:
|
Ubuntu Security Notice 422-1 - Vladimir Nadvornik discovered that the fix for CVE-2006-5456, released in USN-372-1, did not correctly solve the original flaw in PALM image handling. By tricking a user into processing a specially crafted image with an application that uses imagemagick, an attacker could execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 15445 | | Related CVE(s): | CVE-2006-5456, CVE-2007-0770 | | Last Modified: | Feb 16 03:03:05 2007 |
| MD5 Checksum: | 83ef0fab7da91635c6a588e992b001c8 |
|
| /// File Name: |
02.15.07-2.txt |
Description:
|
iDefense Security Advisory 02.15.07 - Remote exploitation of a directory traversal vulnerability in Clam AntiVirus' ClamAV allows attackers to overwrite files owned by the clamd scanner. The vulnerability specifically exists due to the lack of validation of the id parameter string taken from a MIME header. When parsing a multi-part message clam takes this string from the header and uses it to create a local file. By sending a string such as "../../../../some/file" an attacker can create or overwrite an arbitrary file owned by the clamd process. Data from the message body is later written to this file. iDefense has confirmed this vulnerability affects Clam AntiVirus ClamAV version 0.88.6. All versions prior to the 0.90 stable release are suspected to be vulnerable.
| | Homepage: | http://www.idefense.com | | File Size: | 3571 | | Related CVE(s): | CVE-2007-0898 | | Last Modified: | Feb 16 03:01:01 2007 |
| MD5 Checksum: | 36ee4ce39b9934279d0d981740612fec |
|
| /// File Name: |
02.15.07-1.txt |
Description:
|
iDefense Security Advisory 02.15.07 - Remote exploitation of a resource consumption vulnerability in Clam AntiVirus' ClamAV allows attackers to degrade the service of the clamd scanner. The vulnerability specifically exists due to a file descriptor leak. When clam encounters a cabinet header with a record length of zero it will return from a function without closing a local file descriptor. This can be triggered multiple times, eventually using up all but three of its available file descriptors. This prevents clam from scanning most archives, including zip and tar files. iDefense has confirmed this vulnerability affects Clam AntiVirus ClamAV v0.90RC1.1. All versions prior to the 0.90 stable release are suspected to be vulnerable.
| | Homepage: | http://www.idefense.com | | File Size: | 3639 | | Related CVE(s): | CVE-2007-0897 | | Last Modified: | Feb 16 02:59:38 2007 |
| MD5 Checksum: | b8d47572343b2242e38c953c15766fcf |
|
| /// File Name: |
pharming.txt |
Description:
|
A concept of drive-by pharming has been introduced where DNS for home routers can be easily redirected on home networks for targeted attacks. Obvious, but amusingly powerful.
| | Author: | Oliver Friedrichs, Zulfikar Ramzan | | File Size: | 1607 | | Last Modified: | Feb 16 02:57:41 2007 |
| MD5 Checksum: | 9f34ea6420700e851af5151123ddd889 |
|
| /// File Name: |
comodofp.txt |
Description:
|
Comodo Firewall Pro (former Comodo Personal Firewall) implements a component control, which is based on a checksum comparison of process modules. Probably to achieve a better performance, cyclic redundancy check (CRC32) is used as a checksum function in its implementation. However, CRC32 was developed for error detection purposes and can not be used as a reliable cryptographic hashing function because it is possible to generate collisions in real time.
| | Homepage: | http://www.matousec.com/ | | File Size: | 1299 | | Last Modified: | Feb 16 02:50:00 2007 |
| MD5 Checksum: | 09a26a30d9a7113a40ac361ea315efe6 |
|
| /// File Name: |
SSRT071297.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP Serviceguard for Linux that may allow remote unauthorized access.
| | Homepage: | http://www.hp.com | | File Size: | 5869 | | Last Modified: | Feb 16 02:25:36 2007 |
| MD5 Checksum: | 50621fe0d24d852fce9647398549b1ed |
|
| /// File Name: |
firefox-boom.txt |
Description:
|
Mozilla Firefox versions 2.0.0.1 and below does not handle writes to the location.hostname DOM property.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/ | | File Size: | 1757 | | Last Modified: | Feb 16 02:22:52 2007 |
| MD5 Checksum: | e03fdba9ebeb5f30f3ac6e99abb9d598 |
|
| /// File Name: |
sa24118.txt |
Description:
|
Secunia Security Advisory - Sebastian Wolfgarten has reported a vulnerability in IP3 NetAccess, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/24118/ | | File Size: | 2569 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | a05241afc5d9183d35b0d5f5449bd3c8 |
|
| /// File Name: |
sa24134.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in HP Serviceguard for Linux, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24134/ | | File Size: | 3060 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | f2c3c807a52012b9af16de376fcb2490 |
|
| /// File Name: |
sa24135.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and manipulate data, and by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24135/ | | File Size: | 6494 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | f6df0af4e650fd25a2e3903c0ad1c282 |
|
| /// File Name: |
sa24140.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24140/ | | File Size: | 7209 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | 8cc9b00006ceec95be72367cd0685e14 |
|
| /// File Name: |
sa24149.txt |
Description:
|
Secunia Security Advisory - Brett Moore has reported some vulnerabilities in DjVu Browser Plug-in, which can potentially be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24149/ | | File Size: | 2216 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | aca52f847a40d48a230749ddafb01ddb |
|
| /// File Name: |
sa24154.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in IBM AIX, which potentially can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/24154/ | | File Size: | 2309 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | 940116f728a41760dfa685711bf78291 |
|
| /// File Name: |
sa24159.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Amarok, which can potentially be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24159/ | | File Size: | 2223 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | 6a0b8ef934eb37a7b483d051dabbdf5a |
|
| /// File Name: |
sa24160.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Cisco PIX and ASA, which can be exploited by malicious users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24160/ | | File Size: | 3297 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | 88da80e78af219f04541e5be599bad47 |
|
| /// File Name: |
sa24167.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for imagemagick. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24167/ | | File Size: | 14300 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | 2730a41101bad168fe0a6295fd95cbf3 |
|
| /// File Name: |
sa24172.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities and a security issue have been reported in Cisco Firewall Services, which can be exploited by malicious people to cause a DoS or bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/24172/ | | File Size: | 4099 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | a9769a64d5ec7f0c4d4d3232bad8876d |
|
| /// File Name: |
sa24173.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in HP-UX, which can potentially be exploited by malicious, local users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24173/ | | File Size: | 2327 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | dffcfb51378df2fa37e8688fbe639f75 |
|
| /// File Name: |
sa24174.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for fetchmail. This fixes a security issue, which can be exploited by malicious people to gain sensitive information.
| | Homepage: | http://secunia.com/advisories/24174/ | | File Size: | 5239 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | 3c1159ad6f216114beade20329ad8114 |
|
| /// File Name: |
sa24178.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24178/ | | File Size: | 6823 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | 00d1b257bd9fdc30e48a45578cbd7b08 |
|
| /// File Name: |
sa24179.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Cisco PIX, which can be exploited by malicious people to cause a DoS (Denial of Service) or bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/24179/ | | File Size: | 2584 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | 2701cabb2e1f761784753b87fe20c22a |
|
| /// File Name: |
sa24180.txt |
Description:
|
Secunia Security Advisory - A vulnerability and a security issue have been reported in Cisco Firewall Services Module, which can be exploited by malicious people to cause a DoS (Denial of Service) or bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/24180/ | | File Size: | 2878 | | Last Modified: | Feb 16 01:49:41 2007 |
| MD5 Checksum: | d0cb82de934a0999a3f3671458bca5fe |
|
| /// File Name: |
sa24122.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24122/ | | File Size: | 2530 | | Last Modified: | Feb 16 01:49:15 2007 |
| MD5 Checksum: | bff937bf674684f73e0b9a4e1a851e0f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
