Section: .. / 0711-advisories /
| /// File Name: |
sa27855.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks or potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27855/ | | File Size: | 3347 | | Last Modified: | Nov 30 00:36:59 2007 |
| MD5 Checksum: | ad89063dcfaa50b1470a8115d8aaff0e |
|
| /// File Name: |
sa27856.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for cups, poppler, and tetex. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27856/ | | File Size: | 2701 | | Last Modified: | Nov 30 00:36:59 2007 |
| MD5 Checksum: | abd5c436bae8c817193d8e2049f54e35 |
|
| /// File Name: |
sa27857.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for cpio. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27857/ | | File Size: | 2838 | | Last Modified: | Nov 30 00:36:59 2007 |
| MD5 Checksum: | 137fe09ab3f186e003af56cbf7074031 |
|
| /// File Name: |
sa27858.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for pidgin. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27858/ | | File Size: | 5831 | | Last Modified: | Nov 30 00:36:59 2007 |
| MD5 Checksum: | 2eaae8ad5eaef751b5facf464b498903 |
|
| /// File Name: |
sa27860.txt |
Description:
|
Secunia Security Advisory - Some security issues have been reported in Lotus Notes for Linux, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/27860/ | | File Size: | 2981 | | Last Modified: | Nov 30 00:36:59 2007 |
| MD5 Checksum: | 0079e40c7d0e8bcf633e45f98c7c9e0d |
|
| /// File Name: |
sa27862.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged a vulnerability in various Avaya products, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27862/ | | File Size: | 2817 | | Last Modified: | Nov 30 00:36:59 2007 |
| MD5 Checksum: | 0227f711ac5f8a4d02745878b6f82ffd |
|
| /// File Name: |
sa27866.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been discovered in TuMusika Evolution, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/27866/ | | File Size: | 3103 | | Last Modified: | Nov 30 00:36:59 2007 |
| MD5 Checksum: | 40a269e2b69912b68b6e21996f64d22a |
|
| /// File Name: |
sa27869.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/27869/ | | File Size: | 2798 | | Last Modified: | Nov 30 00:36:59 2007 |
| MD5 Checksum: | b008d1e6aa3f5c6c93dad59a23dd864a |
|
| /// File Name: |
sa27870.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged a vulnerability and a weakness in various Avaya products, which can be exploited by malicious, local users to disclose sensitive information and by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27870/ | | File Size: | 2984 | | Last Modified: | Nov 30 00:36:59 2007 |
| MD5 Checksum: | 049e50c2ff88c405ec1b5adab78d4d91 |
|
| /// File Name: |
safrcdlg-overflow.txt |
Description:
|
The Microsoft Remote Help safrcdlg.dll appears to suffer from a buffer overflow vulnerability.
| | Author: | Elazar Broad | | File Size: | 708 | | Last Modified: | Nov 12 23:28:54 2007 |
| MD5 Checksum: | 5b8e23d1f09548e80c7ef89b763d71b8 |
|
| /// File Name: |
samba-nmbdexec.txt |
Description:
|
Secunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect may only be exploited when the "wins support" parameter has been enabled in smb.conf. Samba versions 3.0.0 through 3.0.26a are affected.
| | Homepage: | http://www.samba.org/samba/security/ | | File Size: | 2120 | | Related CVE(s): | CVE-2007-5398 | | Last Modified: | Nov 16 02:17:00 2007 |
| MD5 Checksum: | 654dd8b16cb5fa9e199fa2e9017d8162 |
|
| /// File Name: |
samba-nmbdoverflow.txt |
Description:
|
Samba versions 3.0.0 through 3.0.26a suffer from a vulnerability where the processing of specially crafted GETDC mailslot requests can result in a buffer overrun in nmbd.
| | Homepage: | http://www.samba.org/samba/security/ | | File Size: | 2250 | | Related CVE(s): | CVE-2007-4572 | | Last Modified: | Nov 15 11:47:30 2007 |
| MD5 Checksum: | 075f97f649c9adb362e7901b79904f00 |
|
| /// File Name: |
sblog-csrf.txt |
Description:
|
sBlog version 0.7.3 Beta suffers from a cross site request forgery vulnerability.
| | Author: | Guns | | Homepage: | http://www.0x90.com.ar/ | | File Size: | 1703 | | Last Modified: | Nov 2 12:04:32 2007 |
| MD5 Checksum: | ba29c4cf0f8b494b577b5914ecfc6c5f |
|
| /// File Name: |
secunia-abiword.txt |
Description:
|
Secunia Research has discovered a vulnerability in AbiWord Link Grammar, which can be exploited by malicious people to compromise an application using the library. Version 4.2.4 is affected.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4543 | | Related CVE(s): | CVE-2007-5395 | | Last Modified: | Nov 7 15:23:18 2007 |
| MD5 Checksum: | 1c86e3f869d0038b2ad11508623a5f58 |
|
| /// File Name: |
secunia-acdsee.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in ACDSee products, which can be exploited by malicious people to compromise a user's system. The flaws reside in PSP image file processing and LHA archive processing. Affected are ACDSee Photo Manager version 9.0 build 108, ACDSee Pro Photo Manager version 8.1 build 99, and ACDSee Photo Editor version 4.0 build 195.
| | Author: | JJ Reyes | | Homepage: | http://secunia.com/ | | File Size: | 4695 | | Related CVE(s): | CVE-2007-4344 | | Last Modified: | Nov 2 12:21:31 2007 |
| MD5 Checksum: | 18f14e10ba13bbc0cedcc859cb151dbe |
|
| /// File Name: |
secunia-linkgrammar.txt |
Description:
|
Secunia Research has discovered a vulnerability in Link Grammar, which can be exploited by malicious people to compromise an application using the affected code. Version 4.1b is affected.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4479 | | Related CVE(s): | CVE-2007-5395 | | Last Modified: | Nov 7 15:22:13 2007 |
| MD5 Checksum: | e57538a745ad765db929c35cbe71ad93 |
|
| /// File Name: |
secunia-netbios.txt |
Description:
|
Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "reply_netbios_packet()" function in nmbd/nmbd_packets.c when sending NetBIOS replies. This can be exploited to cause a stack-based buffer overflow by sending multiple specially crafted WINS "Name Registration" requests followed by a WINS "Name Query" request. Samba version 3.0.26a is affected.
| | Homepage: | http://secunia.com/ | | File Size: | 4590 | | Related CVE(s): | CVE-2007-5398 | | Last Modified: | Nov 16 02:18:43 2007 |
| MD5 Checksum: | db0f59106b8205bb0ddf17f924d35fa6 |
|
| /// File Name: |
secunia-samba.txt |
Description:
|
Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "reply_netbios_packet()" function in nmbd/nmbd_packets.c when sending NetBIOS replies. This can be exploited to cause a stack-based buffer overflow by sending multiple specially crafted WINS "Name Registration" requests followed by a WINS "Name Query" request. Successful exploitation allows execution of arbitrary code, but requires that Samba is configured to run as a WINS server (the "wins support" option is enabled). Samba version 3.0.26a is affected.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4792 | | Related CVE(s): | CVE-2007-5398 | | Last Modified: | Nov 15 11:31:52 2007 |
| MD5 Checksum: | a78f93bd20591fd195541b9b8aab6c25 |
|
| /// File Name: |
secunia-symantecbackup.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in Symantec Backup Exec for Windows Servers, which can be exploited by malicious people to cause a DoS (Denial of Service). Affected software includes Symantec Backup Exec for Windows Servers version 11d (11.0 rev 7170).
| | Author: | JJ Reyes | | Homepage: | http://secunia.com/ | | File Size: | 5083 | | Related CVE(s): | CVE-2007-4346, CVE-2007-4347 | | Last Modified: | Nov 28 20:12:16 2007 |
| MD5 Checksum: | 70be5dcb65405683c82b0fdaf41ddbda |
|
| /// File Name: |
secunia-xpdf.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in Xpdf, which can be exploited by malicious people to compromise a user's system. An array indexing error, integer overflow, and boundary error all exist. Xpdf version 3.02 with the xpdf-3.02pl1.patch is affected.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4883 | | Related CVE(s): | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 | | Last Modified: | Nov 7 15:26:29 2007 |
| MD5 Checksum: | 799a1d5d74d1d0cd593022e5323f4b12 |
|
| /// File Name: |
sentinel-traverse.txt |
Description:
|
A classic directory traversal condition exists within the Sentinel Protection Server. By sending in an HTTP GET request with a path of a file proceeded by and escaped traversal sequence, an attacker can leverage an arbitrary file access condition on the affected system. Sentinel Protection Server version 7.1 is affected.
| | Author: | Corey Lebleu | | Homepage: | http://www.digitaldefense.net/ | | File Size: | 1157 | | Last Modified: | Nov 26 22:22:51 2007 |
| MD5 Checksum: | 1bf464d15cc6808d2e855feb01c1d0c7 |
|
| /// File Name: |
skype-se.txt |
Description:
|
Skype users are being spammed with what seems like a malware related social engineering scam.
| | Author: | Dragos Ruiu | | File Size: | 1646 | | Last Modified: | Nov 2 12:18:24 2007 |
| MD5 Checksum: | e9c4e5d990dd18e806e45092ada5d8d6 |
|
| /// File Name: |
SSRT071319.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could by exploited remotely to allow cross site scripting (XSS).
| | Homepage: | http://www.hp.com/ | | File Size: | 7342 | | Last Modified: | Nov 30 01:03:53 2007 |
| MD5 Checksum: | e07411d9a1c25a2867dcd1ccdf2f004b |
|
| /// File Name: |
SSRT071461.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with HP-UX running BIND 8. The vulnerability could be exploited remotely to cause DNS cache poisoning.
| | Homepage: | http://www.hp.com/ | | File Size: | 5803 | | Related CVE(s): | CVE-2007-2930 | | Last Modified: | Nov 26 17:29:49 2007 |
| MD5 Checksum: | 0ba5ce2c58f488f4b6a9a7f8cfb737bd |
|
| /// File Name: |
SSRT071465.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified in OpenView Operations (OVO) running on HP-UX and Solaris. These vulnerabilities may be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 6590 | | Related CVE(s): | CVE-2007-3922, CVE-2007-3698 | | Last Modified: | Nov 14 21:06:20 2007 |
| MD5 Checksum: | 2d9d3de100d7678ae81bc5ebc689317f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
