Section: .. / 0702-advisories /
| /// File Name: |
sa24313.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for nexuiz. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24313/ | | File Size: | 2190 | | Last Modified: | Feb 27 11:54:22 2007 |
| MD5 Checksum: | 806b6c9fbb155119f1b174aee751a177 |
|
| /// File Name: |
sa24265.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for spamassassin. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24265/ | | File Size: | 2182 | | Last Modified: | Feb 27 11:54:22 2007 |
| MD5 Checksum: | aa66c9bf9862dea7a5ab42219301e6ba |
|
| /// File Name: |
sa24109.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24109/ | | File Size: | 2181 | | Last Modified: | Feb 14 14:41:53 2007 |
| MD5 Checksum: | a1580aa9cbad5944a3be5ac5024c1dfd |
|
| /// File Name: |
sa24145.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for samba. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24145/ | | File Size: | 2179 | | Last Modified: | Feb 14 14:41:53 2007 |
| MD5 Checksum: | 47fd39211e686b98f9dcdae0ad906195 |
|
| /// File Name: |
sa24105.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24105/ | | File Size: | 2165 | | Last Modified: | Feb 12 19:06:32 2007 |
| MD5 Checksum: | a927652e6e3f9de68393fab02fcdd1af |
|
| /// File Name: |
sa24107.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for gd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24107/ | | File Size: | 2147 | | Last Modified: | Feb 12 19:06:32 2007 |
| MD5 Checksum: | 6e8c103e57325a2bb7629ae17204092b |
|
| /// File Name: |
sa24163.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for proftpd. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/24163/ | | File Size: | 2144 | | Last Modified: | Feb 14 14:41:53 2007 |
| MD5 Checksum: | c1054ebbbea49c1d23b3b588167eabaf |
|
| /// File Name: |
sa24227.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities with unknown impact have been reported in web-app.org WebAPP.
| | Homepage: | http://secunia.com/advisories/24227/ | | File Size: | 2143 | | Last Modified: | Feb 23 17:44:59 2007 |
| MD5 Checksum: | 2ef459e26ae7b6b5db5f1dd7816ad957 |
|
| /// File Name: |
sa24184.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for fail2ban. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24184/ | | File Size: | 2137 | | Last Modified: | Feb 16 23:12:18 2007 |
| MD5 Checksum: | 79c2006f6e31cb965adf027064c707d5 |
|
| /// File Name: |
sa24201.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24201/ | | File Size: | 2135 | | Last Modified: | Feb 23 17:44:59 2007 |
| MD5 Checksum: | c0896b5d26a80375637eafbc463698ab |
|
| /// File Name: |
sa24252.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Mozilla Thunderbird, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24252/ | | File Size: | 2121 | | Last Modified: | Feb 27 11:54:22 2007 |
| MD5 Checksum: | 15074d33d42b2a47fe8c4a6edcf08034 |
|
| /// File Name: |
sa24164.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for snort. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24164/ | | File Size: | 2115 | | Last Modified: | Feb 14 14:41:53 2007 |
| MD5 Checksum: | 2236891fbfbe5be6ef808b3735b95bf4 |
|
| /// File Name: |
jportal231-csrf.txt |
Description:
|
JPortal version 2.3.1 is susceptible to a CSRF vulnerability.
| | Author: | dzitu | | File Size: | 1880 | | Last Modified: | Feb 13 03:46:07 2007 |
| MD5 Checksum: | 2d150cc7829330face96c8ded37ad550 |
|
| /// File Name: |
webtester-sqlxss.txt |
Description:
|
WebTester versions 5.0.20060927 and below suffer from SQL injection and cross site scripting flaws.
| | Author: | Moran Zavdi | | Homepage: | http://www.vigilon.com/ | | File Size: | 1880 | | Last Modified: | Feb 14 17:14:48 2007 |
| MD5 Checksum: | d0b5f67ac553dd18db44913d585a9af3 |
|
| /// File Name: |
libevent-dos.txt |
Description:
|
A denial of service flaw exists in the parsing of DNS responses in libevent, specifically in the handling of label pointers. Versions 1.2 and 1.2a are affected.
| | Author: | Jon Oberheide | | File Size: | 1834 | | Last Modified: | Feb 19 20:11:11 2007 |
| MD5 Checksum: | a21155e823885e05984c506fbe4cf71f |
|
| /// File Name: |
esupport.txt |
Description:
|
ESupport versions 3.00.13 and 3.04.10 suffer from an input validation flaw.
| | Author: | Doz | | Homepage: | http://www.hackerscenter.com/ | | File Size: | 1782 | | Last Modified: | Feb 22 21:58:48 2007 |
| MD5 Checksum: | 834ab5da293dcd92bfd6079a72c99da4 |
|
| /// File Name: |
CVE-2007-0453.tgz |
Description:
|
Samba versions 3.0.21 through 3.0.23d suffer from a potential overrun in the gethostbyname() and getipnodebyname() in the nss_winbind.so.1 library on Solaris that can potentially allow for code execution. Patch included.
| | Author: | Olivier Gay | | Homepage: | http://www.samba.org/ | | File Size: | 1777 | | Related CVE(s): | CVE-2007-0453 | | Last Modified: | Feb 6 00:33:25 2007 |
| MD5 Checksum: | 9d2e2d59f2d09444848d5da2e098f6be |
|
| /// File Name: |
firefox-boom.txt |
Description:
|
Mozilla Firefox versions 2.0.0.1 and below does not handle writes to the location.hostname DOM property.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/ | | File Size: | 1757 | | Last Modified: | Feb 16 02:22:52 2007 |
| MD5 Checksum: | e03fdba9ebeb5f30f3ac6e99abb9d598 |
|
| /// File Name: |
ledger-multi.txt |
Description:
|
Another security issue has been found in LedgerSMB versions 1.1.5 and below and all versions of SQL-Ledger which allows an attacker to engage in directory transversal, retrieval of sensitive information, user account fabrication, or even arbitrary code execution.
| | Author: | Chris Travers | | File Size: | 1744 | | Last Modified: | Mar 6 00:05:49 2007 |
| MD5 Checksum: | 3ecf46beda31a0753fb83f0cdfdc107b |
|
| /// File Name: |
CVE-2007-0454.tgz |
Description:
|
The name of a file on the server's share is used as the format string when setting an NT security descriptor through the afsacl.so VFS plugin. This affects Samba versions 3.0.6 through 3.0.23d. Patch included.
| | Homepage: | http://www.samba.org/ | | File Size: | 1689 | | Related CVE(s): | CVE-2007-0454 | | Last Modified: | Feb 6 00:38:08 2007 |
| MD5 Checksum: | eccb0d5eb64aff39de90329ce4125dc9 |
|
| /// File Name: |
sapwebas-dos.txt |
Description:
|
Multiple vulnerabilities exist in SAP Web AS version 6.40 below patch 136 and 7.00 below patch 66. These flaws allow for remote file disclosure, remote denial of service attacks, and local privilege escalation.
| | Author: | Nicob | | Related Exploit: | r3-stealer-1.0.pl.txt | | File Size: | 1636 | | Last Modified: | Feb 13 00:40:56 2007 |
| MD5 Checksum: | a51963a221e2225c0715eb86459d20a5 |
|
| /// File Name: |
firefox-file.txt |
Description:
|
There is an interesting logic flaw in Mozilla Firefox web browser. The vulnerability allows the attacker to silently redirect focus of selected key press events to an otherwise protected file upload form field.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/ | | File Size: | 1621 | | Last Modified: | Feb 13 03:42:17 2007 |
| MD5 Checksum: | 42000d5f88fc6a835d6a4864a994494b |
|
| /// File Name: |
pharming.txt |
Description:
|
A concept of drive-by pharming has been introduced where DNS for home routers can be easily redirected on home networks for targeted attacks. Obvious, but amusingly powerful.
| | Author: | Oliver Friedrichs, Zulfikar Ramzan | | File Size: | 1607 | | Last Modified: | Feb 16 02:57:41 2007 |
| MD5 Checksum: | 9f34ea6420700e851af5151123ddd889 |
|
| /// File Name: |
NDSA20070206.txt.asc |
Description:
|
Nth Dimension Security Advisory (NDSA20070206) - The FreeProxy HTTP proxy server suffers from a denial of service condition which causes the server to hang. This occurs when an attacker makes a request for the hostname/portnumber combination in use by the server itself.
| | Author: | Tim Brown | | Homepage: | http://www.nth-dimension.org.uk/ | | File Size: | 1582 | | Last Modified: | Feb 8 00:22:48 2007 |
| MD5 Checksum: | 0f9d113c539cc7f6a8c443c154d5ef25 |
|
| /// File Name: |
sehato-msvulns.txt |
Description:
|
Multiple vulnerabilities have surfaced in multiple Windows applications. Follow the links in your Russian is decent.
| | Author: | SehaTo | | File Size: | 1535 | | Last Modified: | Feb 27 19:51:59 2007 |
| MD5 Checksum: | da452c44ad9c1a1f2607d1ab4d76c382 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
