Section: .. / 0707-advisories /
| /// File Name: |
dsa-1333-1.txt |
Description:
|
Debian Security Advisory 1333-1 - It has been discovered that the GnuTLS certificate verification methods implemented in libcurl-gnutls, a solid, usable, and portable multi-protocol file transfer library, did not check for expired or invalid dates.
| | Homepage: | http://www.debian.org/security | | File Size: | 12557 | | Related CVE(s): | CVE-2007-3564 | | Last Modified: | Jul 19 05:20:26 2007 |
| MD5 Checksum: | 4f8fae878f598eb9ea98c3a5cbe27c1d |
|
| /// File Name: |
ASA-2007-014.txt |
Description:
|
Asterisk Project Security Advisory - The Asterisk IAX2 channel driver, chan_iax2, has a remotely exploitable stack buffer overflow vulnerability. It occurs when chan_iax2 is passed a voice or video frame with a data payload larger than 4 kB. This is exploitable by sending a very large RTP frame to an active RTP port number used by Asterisk when the other end of the call is an IAX2 channel. Exploiting this issue can cause a crash or allow arbitrary code execution on a remote machine.
| | Author: | Russell Bryant | | Homepage: | http://www.asterisk.org/security | | File Size: | 12473 | | Related CVE(s): | CVE-2007-3762 | | Last Modified: | Jul 18 06:58:02 2007 |
| MD5 Checksum: | 174e0e345f1492e575b88202751de7ef |
|
| /// File Name: |
sa26128.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for libcurl3-gnutls. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/26128/ | | File Size: | 11990 | | Last Modified: | Jul 20 07:47:25 2007 |
| MD5 Checksum: | 8ae6d5b540ab9d9e7485781678b22f35 |
|
| /// File Name: |
sa26010.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for openoffice.org. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26010/ | | File Size: | 11579 | | Last Modified: | Jul 12 01:06:45 2007 |
| MD5 Checksum: | f72495945eb56cab67783c4aa5a10f18 |
|
| /// File Name: |
dsa-1336-1.txt |
Description:
|
Debian Security Advisory 1336-1 - Several remote vulnerabilities have been discovered in Mozilla Firefox. These vulnerabilities range from cross site scripting to integer overflows.
| | Homepage: | http://www.debian.org/security | | File Size: | 11501 | | Related CVE(s): | CVE-2007-1282, CVE-2007-0994, CVE-2007-0995, CVE-2007-0996, CVE-2007-0981, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0778, CVE-2007-0045, CVE-2006-6077 | | Last Modified: | Jul 23 06:37:49 2007 |
| MD5 Checksum: | 828c6bc19547b45ddb365966e2c17d0a |
|
| /// File Name: |
AL-2007-0071.txt |
Description:
|
AUSCERT ALERT - A buffer overflow vulnerability in the image parsing code in the Java Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. A second vulnerability may allow an untrusted applet or application to cause the Java Virtual Machine to hang. The first vulnerability affects JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier. The second vulnerability affects JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier.
| | Homepage: | http://www.auscert.org/ | | File Size: | 10693 | | Related CVE(s): | CVE-2007-2788, CVE-2007-2789 | | Last Modified: | Jul 14 00:29:19 2007 |
| MD5 Checksum: | a41671b4f430da1c16c147c82f9ed593 |
|
| /// File Name: |
sa26084.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for mod_perl. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26084/ | | File Size: | 10589 | | Last Modified: | Jul 19 04:44:59 2007 |
| MD5 Checksum: | efcb2b2084116f962c016ad69654e777 |
|
| /// File Name: |
MDKSA-2007-139.txt |
Description:
|
Mandriva Linux Security Advisory - MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function. This issue does not affect MySQL 5.0.37 in Mandriva Linux 2007.1. The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference. MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 10424 | | Related CVE(s): | CVE-2007-1420, CVE-2007-2583, CVE-2007-2691 | | Last Modified: | Jul 7 06:28:16 2007 |
| MD5 Checksum: | 6d21e30c82007518384acd8195695bdf |
|
| /// File Name: |
USN-488-1.txt |
Description:
|
Ubuntu Security Notice 488-1 - Alex Solovey discovered that mod_perl did not correctly validate certain regular expression matches. A remote attacker could send a specially crafted request to a web application using mod_perl, causing the web server to monopolize CPU resources. This could lead to a remote denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 10253 | | Related CVE(s): | CVE-2007-1349 | | Last Modified: | Jul 18 06:16:11 2007 |
| MD5 Checksum: | 9554903b8b1bd33beb787ddc2290a529 |
|
| /// File Name: |
sa25961.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes some vulnerabilities and a weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or malicious people to cause a DoS and bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/25961/ | | File Size: | 10138 | | Last Modified: | Jul 10 02:45:30 2007 |
| MD5 Checksum: | 8c660b864d650b70c6bf3be04453a4f1 |
|
| /// File Name: |
SSRT071446.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA.
| | Homepage: | http://www.hp.com/ | | File Size: | 9851 | | Last Modified: | Jul 24 05:30:55 2007 |
| MD5 Checksum: | c3ac779fb88e5e90a6596af79e694299 |
|
| /// File Name: |
ASA-2007-015.txt |
Description:
|
Asterisk Project Security Advisory - The Asterisk IAX2 channel driver, chan_iax2, has a remotely exploitable crash vulnerability. A NULL pointer exception can occur when Asterisk receives a LAGRQ or LAGRP frame that is part of a valid session and includes information elements. The session used to exploit this issue does not have to be authenticated. It can simply be a NEW packet sent with an invalid username. The code that parses the incoming frame correctly parses the information elements of IAX frames. It then sets a pointer to NULL to indicate that there is not a raw data payload associated with this frame. However, it does not set the variable that indicates the number of bytes in the raw payload back to zero. Since the raw data length is non-zero, the code handling LAGRQ and LAGRP frames tries to copy data from a NULL pointer, causing a crash.
| | Author: | Russell Bryant | | Homepage: | http://www.asterisk.org/security | | File Size: | 9743 | | Related CVE(s): | CVE-2007-3763 | | Last Modified: | Jul 18 07:02:38 2007 |
| MD5 Checksum: | 099b772e3a144709929f99b4de56abb1 |
|
| /// File Name: |
ASA-2007-016.txt |
Description:
|
Asterisk Project Security Advisory - The Asterisk Skinny channel driver, chan_skinny, has a remotely exploitable crash vulnerability. A segfault can occur when Asterisk receives a packet where the claimed length of the data is between 0 and 3, followed by length + 4 or more bytes, due to an overly large memcpy. The side effects of this extremely large memcpy have not been investigated.
| | Author: | Jason Parker | | Homepage: | http://www.asterisk.org/security | | File Size: | 9431 | | Related CVE(s): | CVE-2007-3764 | | Last Modified: | Jul 18 07:04:24 2007 |
| MD5 Checksum: | 7910ebeb465f0d124f401f0746e0426b |
|
| /// File Name: |
sa25588.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for mozilla-firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25588/ | | File Size: | 9280 | | Last Modified: | Jul 24 02:06:33 2007 |
| MD5 Checksum: | 6363f6f165666e5f1c0c0f3bee94ba8c |
|
| /// File Name: |
dsa-1334-1.txt |
Description:
|
Debian Security Advisory 1334-1 - A problem was discovered with freetype, a FreeType2 font engine, which could allow the execution of arbitrary code via an integer overflow in specially crafted TTF files.
| | Homepage: | http://www.debian.org/security | | File Size: | 9219 | | Related CVE(s): | CVE-2007-2754 | | Last Modified: | Jul 19 05:21:38 2007 |
| MD5 Checksum: | 0fe3ecc159d2bcdf1b2fb7ab84a6adb1 |
|
| /// File Name: |
USN-487-1.txt |
Description:
|
Ubuntu Security Notice 487-1 - It was discovered that Dovecot, when configured to use non-system-user spools and compressed folders, would allow directory traversals in mailbox names. Remote authenticated users could potentially read email owned by other users.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 8965 | | Related CVE(s): | CVE-2007-2231 | | Last Modified: | Jul 18 06:15:00 2007 |
| MD5 Checksum: | 1a395f4269147a818dd83e8c739a0749 |
|
| /// File Name: |
ASA-2007-017.txt |
Description:
|
Asterisk Project Security Advisory - The Asterisk STUN implementation in the RTP stack has a remotely exploitable crash vulnerability. A pointer may run past accessible memory if Asterisk receives a specially crafted STUN packet on an active RTP port. The code that parses the incoming STUN packets incorrectly checks that the length indicated in the STUN attribute and the size of the STUN attribute header does not exceed the available data. This will cause the data pointer to run past accessible memory and when accessed will cause a crash.
| | Author: | Joshua Colp | | Homepage: | http://www.asterisk.org/security | | File Size: | 8963 | | Related CVE(s): | CVE-2007-3765 | | Last Modified: | Jul 18 07:06:14 2007 |
| MD5 Checksum: | 7406ca12249f52e17bf976b8271095c2 |
|
| /// File Name: |
sa26155.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in various CA products, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26155/ | | File Size: | 8917 | | Last Modified: | Jul 26 06:26:32 2007 |
| MD5 Checksum: | 7d7456003b2dd603cc66f66568f8a286 |
|
| /// File Name: |
sa26129.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/26129/ | | File Size: | 8896 | | Last Modified: | Jul 20 07:47:25 2007 |
| MD5 Checksum: | e513703788097da71d5fce49f4e6152d |
|
| /// File Name: |
CX-2007-05.txt |
Description:
|
Calyptix Security Advisory - Multiple versions of eSoft's InstaGate EX2 UTM device are vulnerable to cross-site request forgery. The vulnerable firmwares include 3.1.20031001, 3.1.20060921, and 3.1.20070605. Other eSoft products were not tested. This vulnerability allows an attacker to run commands on the web interface if the attacker can get the eSoft user to view a hostile web page while logged into his eSoft. These actions could include opening up remote access.
| | Author: | Daniel Weber | | File Size: | 8547 | | Last Modified: | Jul 12 04:08:35 2007 |
| MD5 Checksum: | 62b1f9e4a7b2de970c0fee20d541e429 |
|
| /// File Name: |
sa26151.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for iceweasel. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing and cross-site scripting attacks, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26151/ | | File Size: | 8530 | | Last Modified: | Jul 25 03:41:12 2007 |
| MD5 Checksum: | d880fc8b25f8b434af8962d429624b71 |
|
| /// File Name: |
sa25933.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for kdebase. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/25933/ | | File Size: | 8284 | | Last Modified: | Jul 6 04:01:35 2007 |
| MD5 Checksum: | b89950a519e19d223f43c8934af610d4 |
|
| /// File Name: |
MDKSA-2007-150.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in the RAR VM in ClamAV allowed user-assisted remote attackers to cause a crash via a crafted RAR archive which resulted in a NULL pointer dereference.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8267 | | Related CVE(s): | CVE-2007-3725 | | Last Modified: | Jul 26 07:53:21 2007 |
| MD5 Checksum: | d499e21944a3a41ef6ad8d92fad6784f |
|
| /// File Name: |
MSA01110707.txt |
Description:
|
By using a specially crafted "flv" video it is possible to trigger an integer overflow inside Adobe Flash interpreter which could lead to client/browser-plugin crash, arbitrary code execution or system denial of service.
| | Author: | Stefano di Paola | | Homepage: | http://www.mindedsecurity.com/ | | File Size: | 8196 | | Last Modified: | Jul 14 01:18:01 2007 |
| MD5 Checksum: | b746354064d05658a8ac2541f856ee2f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
