Section: .. / 0704-advisories /
| /// File Name: |
sa24980.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for nas. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24980/ | | File Size: | 1951 | | Last Modified: | Apr 24 09:55:08 2007 |
| MD5 Checksum: | a7b35a1731d1308c0caa5aa033fd126c |
|
| /// File Name: |
SSRT061243.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running sendmail. This vulnerability could allow a remote user to cause a Denial of Service (DoS).
| | Homepage: | http://www.hp.com | | File Size: | 7734 | | Last Modified: | Apr 24 09:49:29 2007 |
| MD5 Checksum: | 0eb9d9b7d152034fd3a35b97ce143f59 |
|
| /// File Name: |
glsa-200704-20.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-20 - Luigi Auriemma has discovered multiple vulnerabilities in NAS, some of which include a buffer overflow in the function accept_att_local(), an integer overflow in the function ProcAuWriteElement(), and a null pointer error in the function ReadRequestFromClient(). Versions less than 1.8b are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3177 | | Related CVE(s): | CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546, CVE-2007-1547 | | Last Modified: | Apr 24 09:44:15 2007 |
| MD5 Checksum: | 6c8d940373b646fc47f6b47472c346af |
|
| /// File Name: |
MDKSA-2007-093.txt |
Description:
|
Mandriva Linux Security Advisory - A stack-based buffer overflow in the ZZIPlib library could allow user-assisted remote attackers to cause an application crash (DoS) or execute arbitrary code via a long filename.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2580 | | Related CVE(s): | CVE-2007-1614 | | Last Modified: | Apr 24 09:44:04 2007 |
| MD5 Checksum: | deab07197054db0abcdcc24310a3bb22 |
|
| /// File Name: |
MDKSA-2007-092.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple buffer overflows were found in the FreeRADIUS package version 1.0.4 and prior that could allow a remote attacker to cause a crash via the rlm_sqlcounter module. As well, an SQL injection vulnerability was also found in the rlm_sqlcounter that could allow a remote attacker to execute arbitrary SQL commands via unknown attack vectors.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4154 | | Related CVE(s): | CVE-2005-4746, CVE-2005-4745 | | Last Modified: | Apr 24 09:43:02 2007 |
| MD5 Checksum: | 18fb07741dd139aef29a89fcdc0788d9 |
|
| /// File Name: |
glsa-200704-19.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-19 - Stefan Cornelius of Secunia Research discovered an insecure use of the eval() function in kmz_ImportWithMesh.py. Versions less than 2.43 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2540 | | Related CVE(s): | CVE-2007-1253 | | Last Modified: | Apr 24 09:41:48 2007 |
| MD5 Checksum: | 0499bdbd7236906765ebe893e2a9de74 |
|
| /// File Name: |
cpzl-lpe.txt |
Description:
|
ZoneAlarm's srescan.sys versions 5.0.155 and below suffer from a local privilege escalation vulnerability.
| | Author: | Ruben Santamarta | | File Size: | 4119 | | Last Modified: | Apr 24 09:40:27 2007 |
| MD5 Checksum: | 7f845a9089ba5a194901574a6286d244 |
|
| /// File Name: |
glsa-200704-18.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-18 - CJ Kucera has discovered that some Courier-IMAP scripts don't properly handle the XMAILDIR variable, allowing for shell command injection. Versions less than 4.0.6-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2479 | | Last Modified: | Apr 24 09:22:35 2007 |
| MD5 Checksum: | 3789b9f6c96e5616d26f6dcff9c098eb |
|
| /// File Name: |
glsa-200704-17.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-17 - The 3proxy development team reported a buffer overflow in the logurl() function when processing overly long requests. Versions less than 0.5.3h are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2500 | | Related CVE(s): | CVE-2007-2031 | | Last Modified: | Apr 24 09:22:04 2007 |
| MD5 Checksum: | 1220026febf9dc1fc0bdfadb7a0423ae |
|
| /// File Name: |
glsa-200704-16.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200704-16 - Jonathan So reported that the airodump-ng module does not correctly check the size of 802.11 authentication packets before copying them into a buffer. Versions less than 0.7-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2798 | | Related CVE(s): | CVE-2007-2057 | | Last Modified: | Apr 24 09:21:50 2007 |
| MD5 Checksum: | c326424043a0760ed3280988c993ab79 |
|
| /// File Name: |
dsa-1279-1.txt |
Description:
|
Debian Security Advisory 1279-1 - It was discovered that WebCalendar, a PHP-based calendar application, performs insufficient sanitizing in the exports handler, which allows injection of web script.
| | Homepage: | http://www.debian.org/security | | File Size: | 2935 | | Related CVE(s): | CVE-2006-6669 | | Last Modified: | Apr 24 09:14:03 2007 |
| MD5 Checksum: | b5951da89d3b7a7ca2871e83f381a17a |
|
| /// File Name: |
wsftp-dos.txt |
Description:
|
WS_FTP Home 2007 NetscapeFTPHandler is prone to a denial of service vulnerability. The vulnerability stems from a null pointer dereference.
| | Author: | sapheal | | File Size: | 884 | | Last Modified: | Apr 24 09:09:38 2007 |
| MD5 Checksum: | 3d99a5d058817263dd99e17d3be02b69 |
|
| /// File Name: |
MU-200704-01.txt |
Description:
|
An integer overflow vulnerability exists in the RPC runtime library (libinfo) that handles AUTH_UNIX authentication. By sending maliciously-crafted requests to the any RPC service (portmap, mount, nfs, etc), a remote attacker can trigger the overflow which may lead to arbitrary code execution as the 'daemon' user. Mac OS X versions 10.3.9 and 10.4.9 are affected.
| | Author: | Mu Security research team | | Homepage: | http://labs.musecurity.com/ | | File Size: | 3011 | | Last Modified: | Apr 24 09:02:58 2007 |
| MD5 Checksum: | 4deb7fb36d9bbaac2d410a439b859db1 |
|
| /// File Name: |
sa24979.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for krb5. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/24979/ | | File Size: | 3759 | | Last Modified: | Apr 24 02:07:09 2007 |
| MD5 Checksum: | 30f3078d8c168adbc4f4561ccad47844 |
|
| /// File Name: |
sa24968.txt |
Description:
|
Secunia Security Advisory - Dj7xpl has discovered a vulnerability in Maran PHP Forum, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24968/ | | File Size: | 2182 | | Last Modified: | Apr 24 02:07:09 2007 |
| MD5 Checksum: | a66eb766aaa4e2763cee32a1ccbef027 |
|
| /// File Name: |
sa24963.txt |
Description:
|
Secunia Security Advisory - Gentoo has acknowledged a vulnerability in courier-imap, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24963/ | | File Size: | 2121 | | Last Modified: | Apr 23 16:29:12 2007 |
| MD5 Checksum: | 0e015c675d9edef20788c07df85bb69a |
|
| /// File Name: |
sa25003.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in NeatUpload, which can be exploited by malicious people to gain knowledge of potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/25003/ | | File Size: | 2320 | | Last Modified: | Apr 23 16:27:41 2007 |
| MD5 Checksum: | d490e516cc8d105bf9702638f1fe581b |
|
| /// File Name: |
sa25001.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for 3proxy. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/25001/ | | File Size: | 1895 | | Last Modified: | Apr 23 16:27:41 2007 |
| MD5 Checksum: | 80ceb7b554f627f382d63598f017bea3 |
|
| /// File Name: |
sa24996.txt |
Description:
|
Secunia Security Advisory - Trustix has issued an update for freetype and clamav. This fixes some vulnerabilities, where one has unknown impacts, and others can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24996/ | | File Size: | 2333 | | Last Modified: | Apr 23 16:27:41 2007 |
| MD5 Checksum: | 1a9ff20098afdefe4678c822120b352f |
|
| /// File Name: |
sa24995.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to manipulate data, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to manipulate data, conduct cross-site scripting attacks, cause a DoS, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24995/ | | File Size: | 4029 | | Last Modified: | Apr 23 16:27:41 2007 |
| MD5 Checksum: | 22298b06d91f2d75ba3a5e4d8b22755f |
|
| /// File Name: |
sa24994.txt |
Description:
|
Secunia Security Advisory - Marsu has discovered a vulnerability in ACDSee products, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24994/ | | File Size: | 2386 | | Last Modified: | Apr 23 16:27:41 2007 |
| MD5 Checksum: | d1648a109a72faf947e338c3c196538f |
|
| /// File Name: |
sa24987.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS / IR, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24987/ | | File Size: | 2313 | | Last Modified: | Apr 23 16:27:41 2007 |
| MD5 Checksum: | e4fd473585bfe28596006cc1666faee5 |
|
| /// File Name: |
sa24986.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in ZomeAlarm products, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/24986/ | | File Size: | 3616 | | Last Modified: | Apr 23 16:27:41 2007 |
| MD5 Checksum: | b9275e17044ae00e5296f1723b945e27 |
|
| /// File Name: |
sa24981.txt |
Description:
|
Secunia Security Advisory - Marsu has discovered a vulnerability in PhotoFiltre Studio, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24981/ | | File Size: | 2122 | | Last Modified: | Apr 23 16:27:41 2007 |
| MD5 Checksum: | c3ce9908e3c0fa5a0374435d942d7871 |
|
| /// File Name: |
sa24974.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for webcalendar. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/24974/ | | File Size: | 2758 | | Last Modified: | Apr 23 16:27:41 2007 |
| MD5 Checksum: | 9b54814a4fb93793a0351c899bf7da1d |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
