Section: .. / 0704-advisories /
| /// File Name: |
sa24804.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xmms. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24804/ | | File Size: | 6789 | | Last Modified: | Apr 10 01:10:43 2007 |
| MD5 Checksum: | 47b259902c7bb2dacee824d6d64675fd |
|
| /// File Name: |
sa24801.txt |
Description:
|
Secunia Security Advisory - Jochen Voß has reported a vulnerability in man-db, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/24801/ | | File Size: | 1973 | | Last Modified: | Apr 10 01:10:43 2007 |
| MD5 Checksum: | cbfdbfd6738ef5ca6045ce993e73e4af |
|
| /// File Name: |
sa24794.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for libwpd. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/24794/ | | File Size: | 1951 | | Last Modified: | Apr 10 01:10:43 2007 |
| MD5 Checksum: | 5bbd2d2f53c333cced190e66a14638c2 |
|
| /// File Name: |
sa24787.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for evince. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24787/ | | File Size: | 1892 | | Last Modified: | Apr 10 01:10:43 2007 |
| MD5 Checksum: | 9518fce9a4a35215a78d037a8e214dfb |
|
| /// File Name: |
sa24780.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Ichitaro, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24780/ | | File Size: | 2186 | | Last Modified: | Apr 10 01:10:43 2007 |
| MD5 Checksum: | e38438a4b412c86566d4e06f0949e152 |
|
| /// File Name: |
sa24766.txt |
Description:
|
Secunia Security Advisory - Piotr Bania has reported a vulnerability in Winamp, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24766/ | | File Size: | 2222 | | Last Modified: | Apr 10 01:10:43 2007 |
| MD5 Checksum: | 0d0e5e30ffb442a8e0dbf00be3d7d2c3 |
|
| /// File Name: |
major_rls42.txt |
Description:
|
webblizzard CMS suffers from cross site scripting and session fixation vulnerabilities.
| | Author: | David "Aesthetico" Vieira-Kurz | | Homepage: | http://www.majorsecurity.de | | File Size: | 2934 | | Last Modified: | Apr 8 02:58:14 2007 |
| MD5 Checksum: | 8ba46e85bb2b5ca69f9c215d518d5174 |
|
| /// File Name: |
glsa-200704-07.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-07 - libwpd contains heap-based overflows in two functions that convert WordPerfect document tables. In addition, it contains an integer overflow in a text-conversion function. Versions less than 0.8.9 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2644 | | Related CVE(s): | CVE-2007-0002, CVE-2007-1466 | | Last Modified: | Apr 8 02:56:06 2007 |
| MD5 Checksum: | d5e362d91a4c64bcc9be45ac5025f95d |
|
| /// File Name: |
glsa-200704-06.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-06 - Evince includes code from GNU gv that does not properly boundary check user-supplied data before copying it into process buffers. Versions less than 0.6.1-r3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2627 | | Related CVE(s): | CVE-2006-5864 | | Last Modified: | Apr 8 02:55:51 2007 |
| MD5 Checksum: | 3a3242c9e2ec79fb6276d48088ec26b1 |
|
| /// File Name: |
dsa-1278-1.txt |
Description:
|
Debian Security Advisory 1278-1 - A buffer overflow has been discovered in the man command that could allow an attacker to execute code as the man user by providing specially crafted arguments to the -H flag. This is likely to be an issue only on machines with the man and mandb programs installed setuid.
| | Homepage: | http://www.debian.org/security | | File Size: | 5019 | | Related CVE(s): | CVE-2006-4250 | | Last Modified: | Apr 8 02:55:31 2007 |
| MD5 Checksum: | e606532640cf05baa6b7bcd9bd4e9e31 |
|
| /// File Name: |
major_rls41.txt |
Description:
|
The online booking script called courts online suffers from a session fixation issue.
| | Author: | David "Aesthetico" Vieira-Kurz | | Homepage: | http://www.majorsecurity.de | | File Size: | 2657 | | Last Modified: | Apr 8 02:47:30 2007 |
| MD5 Checksum: | bb65ba5800bc0c99cd61eaa6d5e1062e |
|
| /// File Name: |
major_rls40.txt |
Description:
|
The oboShop e-commerce web shopping script suffers from a session fixation issue.
| | Author: | David "Aesthetico" Vieira-Kurz | | Homepage: | http://www.majorsecurity.de | | File Size: | 2642 | | Last Modified: | Apr 8 02:46:43 2007 |
| MD5 Checksum: | e1a37980ab400a85150eb7bdeb46008a |
|
| /// File Name: |
major_rls39.txt |
Description:
|
The onelook onebyone CMS suffers from a session fixation issue.
| | Author: | David "Aesthetico" Vieira-Kurz | | Homepage: | http://www.majorsecurity.de | | File Size: | 2695 | | Last Modified: | Apr 8 02:45:54 2007 |
| MD5 Checksum: | 418089f35e57f23c1563780cc6a5cb75 |
|
| /// File Name: |
ZDI-07-014.txt |
Description:
|
A vulnerability allows remote attackers to download and remove any file on vulnerable installations of Kaspersky Anti-Virus. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3285 | | Related CVE(s): | CVE-2007-1112 | | Last Modified: | Apr 8 01:34:49 2007 |
| MD5 Checksum: | 5fb57dc785145ad453c8aab5f3152ad1 |
|
| /// File Name: |
ZDI-07-013.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of the Kaspersky Anti-Virus Engine. User interaction is not required to exploit this vulnerability. The specific flaw exists in the engine's handling of the ARJ archive format. The Kaspersky engine copies data from scanned archives into an unchecked heap-based buffer. This results in heap corruption when a malformed ARJ archive is processed by an application that utilizes the engine. This corruption can be exploited to execute arbitrary code.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2741 | | Related CVE(s): | CVE-2007-0445 | | Last Modified: | Apr 8 01:34:15 2007 |
| MD5 Checksum: | fdc2beeaf16d503b4abd7949e28a77fc |
|
| /// File Name: |
SSRT071341.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running CIFS Server (Samba). This vulnerability may allow a remote unauthorized user to create a Denial of Service (DoS).
| | Homepage: | http://www.hp.com | | File Size: | 6297 | | Related CVE(s): | CVE-2007-0452 | | Last Modified: | Apr 8 01:33:31 2007 |
| MD5 Checksum: | 44cd3d59cc8a8d9654c16b5a643594d9 |
|
| /// File Name: |
04.04.07-2.txt |
Description:
|
iDefense Security Advisory 04.04.07 - Remote exploitation of a buffer overflow vulnerability within Environmental Systems Research Institute (ESRI) Inc.'s ArcSDE service allows attackers to execute arbitrary code in the context of the running service. An iDefense contributor reported that version 9.2 is vulnerability to this attack. ESRI confirmed the vulnerability. All prior versions are suspected to be vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3646 | | Last Modified: | Apr 8 01:28:41 2007 |
| MD5 Checksum: | 75819d79ed48371e0a643b82e4be2de5 |
|
| /// File Name: |
sa24800.txt |
Description:
|
Secunia Security Advisory - mrzayas has reported a vulnerability in Nuke ET, which can be exploited by malicious people to delete arbitrary users.
| | Homepage: | http://secunia.com/advisories/24800/ | | File Size: | 2262 | | Last Modified: | Apr 7 21:35:58 2007 |
| MD5 Checksum: | 05a2f332f4def96e2c17a2e1fc675644 |
|
| /// File Name: |
sa24799.txt |
Description:
|
Secunia Security Advisory - IBM has acknowledged two vulnerabilities in OpenSSH for AIX, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24799/ | | File Size: | 1944 | | Last Modified: | Apr 7 21:35:58 2007 |
| MD5 Checksum: | 39ad48642d46cc535182fe0987dd563f |
|
| /// File Name: |
sa24798.txt |
Description:
|
Secunia Security Advisory - Novell has acknowledged a vulnerability in Novell Kerberos KDC, which can be exploited by malicious users to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24798/ | | File Size: | 1983 | | Last Modified: | Apr 7 21:35:58 2007 |
| MD5 Checksum: | c287fcc641bbcb59e207cabea04fb095 |
|
| /// File Name: |
sa24795.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Lite-CMS, which can be exploited by malicious users to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/24795/ | | File Size: | 2199 | | Last Modified: | Apr 7 21:35:58 2007 |
| MD5 Checksum: | b7b941a7f93608be3c48724f37b6d485 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
