Section: .. / 0706-advisories /
| /// File Name: |
TPTI-07-09.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Business Objects Crystal Reports. Exploitation requires the target to visit a malicious web site. This specific flaw exists within the ActiveX control with CLSID 85A4A99C-8C3D-499E-A386-E0743DFF8FB7. Specifying large values to two specific functions available in this control results in an exploitable stack based buffer overflow.
| | Author: | Pedram Amini | | Homepage: | http://dvlabs.tippingpoint.com/ | | File Size: | 2331 | | Related CVE(s): | CVE-2007-2419 | | Last Modified: | Jun 7 01:13:24 2007 |
| MD5 Checksum: | a440dfaa362613690d1d0536cd4c4e4f |
|
| /// File Name: |
sa25888.txt |
Description:
|
Secunia Security Advisory - Trustix has issued an update for kerberos5. This fixes some vulnerabilities, which can be exploited by malicious users and malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/25888/ | | File Size: | 2289 | | Last Modified: | Jun 29 20:49:08 2007 |
| MD5 Checksum: | 6173edfb30528efd7b6a1b2c6f501776 |
|
| /// File Name: |
winpt-spoof.txt |
Description:
|
WinPT suffers from a user ID spoofing vulnerability.
| | Author: | nnposter | | File Size: | 2285 | | Last Modified: | Jun 12 20:28:05 2007 |
| MD5 Checksum: | b585bb3e70a3ea95cfeeb1821bf0e026 |
|
| /// File Name: |
icf-xss.txt |
Description:
|
The Internet Communication Framework from SAP suffers from a cross site scripting vulnerability. SAP Basis component versions 640 SP19 and below and SAP Basis component versions 700 SP11 and below are vulnerable.
| | Author: | Cyrill Brunschwiler | | Homepage: | http://www.csnc.ch/ | | File Size: | 2276 | | Last Modified: | Jun 29 01:05:04 2007 |
| MD5 Checksum: | b99a70ec87a15421b7c3258a9006d935 |
|
| /// File Name: |
sa25884.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in FreeType, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/25884/ | | File Size: | 2260 | | Last Modified: | Jun 29 20:49:08 2007 |
| MD5 Checksum: | e9bdcd8db2d556d09b92e962c2ab6469 |
|
| /// File Name: |
sa25885.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in IBM OS/400, which potentially can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/25885/ | | File Size: | 2216 | | Last Modified: | Jun 29 20:49:08 2007 |
| MD5 Checksum: | fcea0545cebaafc5688cec9739deaa46 |
|
| /// File Name: |
mtcookie-06_033.txt |
Description:
|
Movable Type stores the login and password hash of a given account in an issued cookie allowing for replay attacks.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 2184 | | Last Modified: | Jun 7 00:09:51 2007 |
| MD5 Checksum: | 4796a1ef69c9d45fbd0b4e5f7dd245ff |
|
| /// File Name: |
rtf-office.txt |
Description:
|
John Heasman of NGSSoftware has discovered a high risk vulnerability in the handling of RTF documents within OpenOffice. The vulnerability affects all versions of OpenOffice prior to 2.2.1. If an attacker can coax a user into opening a specially crafted RTF document then the attacker can execute arbitrary code in the security context of their victim.
| | Author: | John Heasman | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 2082 | | Last Modified: | Jun 14 01:21:11 2007 |
| MD5 Checksum: | 441625f8c894ccf28e88b1f84926d095 |
|
| /// File Name: |
mtdirectory-06_034.txt |
Description:
|
Movable Type suffers from a flaw that allows for an arbitrary directory to be set during the creation of new blogs.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 1964 | | Last Modified: | Jun 7 00:11:53 2007 |
| MD5 Checksum: | a39645b54ea62f9529a613458d37cdbd |
|
| /// File Name: |
elxis-sql.txt |
Description:
|
Elxis CMS versions 2006.4 and below suffer from a SQL injection vulnerability.
| | Author: | Nico Leidecker | | File Size: | 1878 | | Last Modified: | Jun 14 23:12:31 2007 |
| MD5 Checksum: | 27a45dcd948db61da36c9cdaaae72831 |
|
| /// File Name: |
mtphishing-06_36.txt |
Description:
|
Movable Type suffers from a potential phishing related vulnerability via the comments mechanism.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 1873 | | Last Modified: | Jun 7 00:16:06 2007 |
| MD5 Checksum: | 5dfeef85af2468ea4c5dbdd7e3156729 |
|
| /// File Name: |
mtupload-06_037.txt |
Description:
|
Movable Type suffers from an arbitrary code execution flaw via the upload mechanism.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 1850 | | Last Modified: | Jun 7 00:17:03 2007 |
| MD5 Checksum: | c1b72c2e673f7196c99e021263e998b3 |
|
| /// File Name: |
vlc086b-overflow.txt |
Description:
|
VLC 0.8.6.b is vulnerable to a format string attack in the parsing of Vorbis comments in Ogg Vorbis and Ogg Theora files, CDDA data or SAP/SDP service discovery messages. Additionally, there are two errors in the handling of wav files, one a denial of service due to an uninitialized variable, and one integer overflow in sampling frequency calculations.
| | Homepage: | http://www.isecpartners.com/ | | File Size: | 1831 | | Last Modified: | Jun 26 15:59:15 2007 |
| MD5 Checksum: | fd2898dba3f967890e3be5702c5a427f |
|
| /// File Name: |
denyfailblock-inject.txt |
Description:
|
DenyHosts, Fail2ban, and BlockHosts are vulnerable to remote log injection attacks that can lead to arbitrary injection of IP addresses in /etc/hosts.deny.
| | Author: | Daniel B. Cid | | Homepage: | http://www.ossec.net/ | | File Size: | 1681 | | Last Modified: | Jun 7 03:10:20 2007 |
| MD5 Checksum: | ec319e1024aecc80b1939fa1373da75f |
|
| /// File Name: |
cacti-dos.txt |
Description:
|
Cacti suffers from a denial of service vulnerability when an authenticated user manipulates some parameters.
| | Author: | Mathieu Dessus | | File Size: | 1641 | | Last Modified: | Jun 7 02:50:09 2007 |
| MD5 Checksum: | 047b66c615530bd2f0e796931840a072 |
|
| /// File Name: |
flac123-overflow.txt |
Description:
|
flac123 version 0.0.9, also known as flac-tools, is vulnerable to a buffer overflow in vorbis comment parsing. This allows for the execution of arbitrary code.
| | Author: | David Thiel | | Homepage: | http://www.isecpartners.com/ | | File Size: | 1480 | | Last Modified: | Jun 29 22:44:05 2007 |
| MD5 Checksum: | 3f267591db23c699112102a030ecc7b4 |
|
| /// File Name: |
pcsoft-overflow.txt |
Description:
|
The .wdp project file handling in PCSoft WinDEV suffers from a buffer overflow vulnerability.
| | Author: | Jerome Athias | | Homepage: | http://www.JA-PSI.fr/ | | File Size: | 1462 | | Last Modified: | Jun 29 01:20:20 2007 |
| MD5 Checksum: | 03e2b0381750550784d286d7af738550 |
|
| /// File Name: |
kaspersky-is6.txt |
Description:
|
Kaspersky Internet Security 6 hooks many functions in SSDT and in at least nine cases it fails to validate arguments that come from the user mode.
| | Homepage: | http://www.matousec.com/ | | Related Exploit: | BTP00000P006KA.zip | | File Size: | 1433 | | Last Modified: | Jun 15 14:45:25 2007 |
| MD5 Checksum: | 7c65a8678ae988278cfbb4e964b3c93d |
|
| /// File Name: |
rpm2html-xss.txt |
Description:
|
rpm2html version 1.6 suffers from a cross site scripting vulnerability.
| | Author: | Vladiii | | Homepage: | http://www.rstzone.net/ | | File Size: | 1433 | | Last Modified: | Jun 14 00:40:24 2007 |
| MD5 Checksum: | 6f53292487c7a49a98562428dd5e3759 |
|
| /// File Name: |
CVE-2007-2450.txt |
Description:
|
Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.36, 5.0.0 to 5.0.30, 5.5.0 to 5.5.24, and 6.0.0 to 6.0.13 suffer from a cross site scripting flaw in the Host Manager Application.
| | Homepage: | http://tomcat.apache.org/ | | File Size: | 1377 | | Related CVE(s): | CVE-2007-2450 | | Last Modified: | Jun 14 23:00:20 2007 |
| MD5 Checksum: | d749caffa30a4143a19313f8a0e45291 |
|
| /// File Name: |
CVE-2007-1358.txt |
Description:
|
Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.34, 5.0.0 to 5.0.30, 5.5.0 to 5.5.20, and 6.0.0 to 6.0.5 suffer from a cross site scripting flaw in Accept-Language header processing.
| | Homepage: | http://tomcat.apache.org/ | | File Size: | 1351 | | Related CVE(s): | CVE-2007-1358 | | Last Modified: | Jun 20 00:53:01 2007 |
| MD5 Checksum: | fc3b3bcfefce5d61eb18aa13d0de4e53 |
|
| /// File Name: |
maradns-dos.txt |
Description:
|
MaraDNS versions 1.2.12.05-stable and below and 1.3.04-testing and below suffer from a denial of service condition.
| | Author: | Joao Antunes | | File Size: | 1309 | | Last Modified: | Jun 20 00:58:34 2007 |
| MD5 Checksum: | 43b9ef6d73586725777de4d3463a7a3a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
