Section: .. / 0703-advisories /
| /// File Name: |
truecrypt-dos.txt |
Description:
|
It seems to be possible to perform various denial of service attacks on a Linux computer running TrueCrypt version 4.3 in setuid root mode, or possibly introduce evil binaries into normally trusted locations.
| | Author: | Tim Rees | | File Size: | 3357 | | Last Modified: | Mar 29 08:59:34 2007 |
| MD5 Checksum: | db98fbeafa6162466a942f5d230e0a4d |
|
| /// File Name: |
sa24659.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24659/ | | File Size: | 3339 | | Last Modified: | Apr 2 04:42:23 2007 |
| MD5 Checksum: | ca86bb6100303495137e184776288264 |
|
| /// File Name: |
sa24489.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for gnupg. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions when applications use GnuPG in an insecure manner.
| | Homepage: | http://secunia.com/advisories/24489/ | | File Size: | 3330 | | Last Modified: | Mar 13 23:06:07 2007 |
| MD5 Checksum: | 45c79917d2be04ac1fec94aa5a8690dc |
|
| /// File Name: |
rhapsody-irc.txt |
Description:
|
The Rhapsody IRC client version 0.28b is susceptible to multiple buffer overflow vulnerabilities.
| | Author: | starcadi | | File Size: | 3330 | | Last Modified: | Mar 20 16:16:55 2007 |
| MD5 Checksum: | 02a97c5353f4be069294ca3d7a95dbb3 |
|
| /// File Name: |
sa24466.txt |
Description:
|
Secunia Security Advisory - cocoruder has reported some vulnerabilities in McAfee ePolicy Orchestrator and ProtectionPilot, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24466/ | | File Size: | 3315 | | Last Modified: | Mar 17 03:22:27 2007 |
| MD5 Checksum: | 43c06f5533aaf0aba73428eb5f7373ab |
|
| /// File Name: |
02.27.07-1.txt |
Description:
|
iDefense Security Advisory 02.27.07 - Computer Associates eTrust Intrusion Detection is susceptible to a denial of service condition during key length validation. iDefense has confirmed this vulnerability in Computer Associates eTrust Intrusion Detection version 3.0.5.57. Other versions are suspected vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3299 | | Related CVE(s): | CVE-2007-1005 | | Last Modified: | Mar 6 05:15:55 2007 |
| MD5 Checksum: | 3782103db7e6d2c6d3e94970cac75966 |
|
| /// File Name: |
sa24527.txt |
Description:
|
Secunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in Network Audio System, which potentially can be exploited by malicious, local users to gain escalated privileges or by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24527/ | | File Size: | 3293 | | Last Modified: | Mar 20 03:46:32 2007 |
| MD5 Checksum: | 83a58037cf4964951accbd4a47fb1699 |
|
| /// File Name: |
sa24320.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24320/ | | File Size: | 3254 | | Last Modified: | Mar 6 00:12:53 2007 |
| MD5 Checksum: | c1c4871f389b4a7504c6836c597114cb |
|
| /// File Name: |
sa24530.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24530/ | | File Size: | 3230 | | Last Modified: | Mar 17 03:22:27 2007 |
| MD5 Checksum: | 88bc9b272f023963a0143243af6914d5 |
|
| /// File Name: |
CAID-35145.txt |
Description:
|
The CA eTrust Admin GINA component contains a privilege escalation vulnerability within the reset password interface. This vulnerability is exploitable only through physical interactive access or through Remote Desktop. Affected products include eTrust Admin 8.1 SP2 (8.1.2), eTrust Admin 8.1 SP1 (8.1.1), and eTrust Admin 8.1 (8.1.0).
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 3216 | | Related OSVDB(s): | 32722 | | Related CVE(s): | CVE-2007-1345 | | Last Modified: | Mar 9 04:26:54 2007 |
| MD5 Checksum: | c6562cb4f6cf0c40deb50930f24bdb74 |
|
| /// File Name: |
glsa-200703-13.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200703-13 - The SSH Secure Shell Server contains a format string vulnerability in the SFTP code that handles file transfers (scp2 and sftp2). In some situations, this code passes the accessed filename to the system log. During this operation, an unspecified error could allow uncontrolled stack access. Versions less than 4.3.7 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3187 | | Related CVE(s): | CVE-2006-0705 | | Last Modified: | Mar 20 05:12:32 2007 |
| MD5 Checksum: | b56d2c9a45892d02d35e413b38c81ef8 |
|
| /// File Name: |
sa24531.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Java System Web Server, which can be exploited by malicious users to bypass certain security restriction.
| | Homepage: | http://secunia.com/advisories/24531/ | | File Size: | 3180 | | Last Modified: | Mar 17 03:22:27 2007 |
| MD5 Checksum: | 3cb77d42bdc3af9e9af6bed3cecf628f |
|
| /// File Name: |
03.28.07.txt |
Description:
|
iDefense Security Advisory 03.28.07 - Remote exploitation of a cross-site scripting vulnerability in IBM Lotus Domino Web Access allows attackers to execute arbitrary script code in a targeted users browser. The vulnerability specifically exists due to improper HTML filtering of e-mail message contents. Although Web Access attempts to filter out HTML and script code, certain code sequences will bypass the filters and successfully execute JavaScript. iDefense has confirmed that Lotus Domino Web Access 7.0 is vulnerable. Earlier versions are suspected vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3152 | | Related CVE(s): | CVE-2006-4843 | | Last Modified: | Mar 29 08:23:03 2007 |
| MD5 Checksum: | c98de655a9e1663189d5fba0586928d6 |
|
| /// File Name: |
sa24419.txt |
Description:
|
Secunia Security Advisory - Trustix has issued an update for php4. This fixes some vulnerabilities and a weakness, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24419/ | | File Size: | 3138 | | Last Modified: | Mar 13 01:30:19 2007 |
| MD5 Checksum: | 781eac4b2c4b66255fe8db0eeceacad7 |
|
| /// File Name: |
sa24634.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Sun Java System Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24634/ | | File Size: | 3106 | | Last Modified: | Mar 27 03:03:50 2007 |
| MD5 Checksum: | 07b4c64e4e11a5a47f058ca06bdf9666 |
|
| /// File Name: |
glsa-200703-24.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200703-24 - mgv includes code from gv that does not properly boundary check user-supplied data before copying it into process buffers. Versions less than or equal to 3.1.5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3038 | | Related CVE(s): | CVE-2006-5864 | | Last Modified: | Mar 27 05:45:02 2007 |
| MD5 Checksum: | 38bd5e4e89fca134cde78bb1b571463e |
|
| /// File Name: |
dsa-1269-1.txt |
Description:
|
Debian Security Advisory 1269-1 - Tatsuya Kinoshita discovered that Lookup, a search interface to electronic dictionaries on emacsen, creates a temporary file in an insecure fashion when the ndeb-binary feature is used, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.
| | Homepage: | http://www.debian.org/security | | File Size: | 3033 | | Related CVE(s): | CVE-2007-0237 | | Last Modified: | Mar 20 16:23:30 2007 |
| MD5 Checksum: | e62f2f71dc14c7a754b957096c9ff821 |
|
| /// File Name: |
glsa-200703-22.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200703-22 - iDefense has reported two potential buffer overflow vulnerabilities found by researcher regenrecht in the code implementing the SSLv2 protocol. Versions less than 3.11.5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3031 | | Related CVE(s): | CVE-2007-0008, CVE-2007-0009 | | Last Modified: | Mar 21 04:12:23 2007 |
| MD5 Checksum: | 942dca52b7305221aa8d354bc1ea527d |
|
| /// File Name: |
ms0713.txt |
Description:
|
The original MS07-012 patch was released to fix an issue in the MFC library MFC42u.dll. The issue was the result of MS not taking into account that a TCHAR string is actually twice as big as its CHAR counterparts. To fix this, the patch readjusted the nMaxCount variable to half of its original value in the GetMenuStringW(...) call. Unfortunately, GetMenuStringW will null terminate a long string at the end adding two additional characters to the string. This gives a returned string of (nMaxCount*2) + 2 bytes in size.
| | Author: | Greg Sinclair | | File Size: | 3021 | | Last Modified: | Mar 20 06:45:12 2007 |
| MD5 Checksum: | e483bae6d51075d3fc6bbbdc4adb0750 |
|
| /// File Name: |
sa24506.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes several vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting and script insertion attacks, gain knowledge of potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24506/ | | File Size: | 3013 | | Last Modified: | Mar 17 03:22:27 2007 |
| MD5 Checksum: | 3062b4dcba390cdd61b5ce3ea88b7177 |
|
| /// File Name: |
sa24309.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in CA eTrust Intrusion Detection, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24309/ | | File Size: | 3002 | | Last Modified: | Mar 6 00:12:53 2007 |
| MD5 Checksum: | 7251a085e19234e15d99fb99d36faa3c |
|
| /// File Name: |
sa24588.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in OpenOffice.org, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24588/ | | File Size: | 2984 | | Last Modified: | Mar 22 02:31:03 2007 |
| MD5 Checksum: | 8f72427709fc4f52816107fbefc0a744 |
|
| /// File Name: |
glsa-200703-20.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200703-20 - LSAT insecurely writes in /tmp with a predictable filename. Versions less than or equal to 0.9.2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2984 | | Last Modified: | Mar 20 06:53:45 2007 |
| MD5 Checksum: | b533e47d6e91d6e5e2cab42300d805eb |
|
| /// File Name: |
MDKSA-2007-070.txt |
Description:
|
Mandriva Linux Security Advisory - A format string error in the "write_html()" function in calendar/gui/ e-cal-component-memo-preview.c when displaying a memo's categories can potentially be exploited to execute arbitrary code via a specially crafted shared memo containing format specifiers.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2983 | | Related CVE(s): | CVE-2007-1002 | | Last Modified: | Mar 28 17:56:01 2007 |
| MD5 Checksum: | 40e91c58acdbcb54b4d5658d7cfb1868 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
