Section: .. / 0711-advisories /
| /// File Name: |
glsa-200711-24.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-24 - Multiple vulnerabilities have been reported in Mozilla Thunderbird's HTML browser engine and JavaScript engine that can be exploited to cause a memory corruption. Versions less than 2.0.0.9 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 3703 | | Related CVE(s): | CVE-2007-5339, CVE-2007-5340 | | Last Modified: | Nov 26 17:10:55 2007 |
| MD5 Checksum: | 4a12b5bd1ff975567e015e39baddc728 |
|
| /// File Name: |
glsa-200711-25.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-25 - Joe Gallo and Artem Russakovskii reported an error in the convert_search_mode_to_innobase() function in ha_innodb.cc in the InnoDB engine that is leading to a failed assertion when handling CONTAINS operations. Versions less than 5.0.44-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2833 | | Related CVE(s): | CVE-2007-5925 | | Last Modified: | Nov 26 17:11:02 2007 |
| MD5 Checksum: | 036505c0ef830c9c876bffba789560eb |
|
| /// File Name: |
glsa-200711-26.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-26 - Joachim Schrod discovered several buffer overflow vulnerabilities and an insecure temporary file creation in the dvilj application that is used by dvips to convert DVI files to printer formats. Bastien Roucaries reported that the dvips application is vulnerable to two stack-based buffer overflows when processing DVI documents with long \href{} URIs. teTeX also includes code from Xpdf that is vulnerable to a memory corruption and two heap-based buffer overflows (GLSA 200711-22); and it contains code from T1Lib that is vulnerable to a buffer overflow when processing an overly long font filename (GLSA 200710-12). Versions less than 3.0_p1-r6 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 3879 | | Related CVE(s): | CVE-2007-5935, CVE-2007-5936, CVE-2007-5937 | | Last Modified: | Nov 26 17:12:03 2007 |
| MD5 Checksum: | 939fb5b05b883ecc852b7f833900b729 |
|
| /// File Name: |
glsa-200711-27.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-27 - Alin Rad Pop from Secunia Research discovered a boundary error in the function separate_sentence() in file tokenize.c when processing an overly long word which might lead to a stack-based buffer overflow. Versions less than 4.2.4-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3083 | | Related CVE(s): | CVE-2007-5395 | | Last Modified: | Nov 26 17:12:15 2007 |
| MD5 Checksum: | 1eeae44c2f9d21dea0bc4f6fc98c980a |
|
| /// File Name: |
glsa-200711-28.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-28 - Tavis Ormandy and Will Drewry (Google Security Team) discovered a heap-based buffer overflow in the Regular Expression engine (regcomp.c) that occurs when switching from byte to Unicode (UTF-8) characters in a regular expression. Versions less than 5.8.8-r4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3039 | | Related CVE(s): | CVE-2007-5116 | | Last Modified: | Nov 26 17:21:19 2007 |
| MD5 Checksum: | c119debc5cff12e519f8b6d94077184f |
|
| /// File Name: |
glsa-200711-29.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-29 - Two vulnerabilities have been reported in nmbd. Alin Rad Pop (Secunia Research) discovered a boundary checking error in the reply_netbios_packet() function which could lead to a stack-based buffer overflow. The Samba developers discovered a boundary error when processing GETDC logon requests also leading to a buffer overflow. Versions less than 3.0.26a-r2 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 4043 | | Related CVE(s): | CVE-2007-4572, CVE-2007-5398 | | Last Modified: | Nov 26 17:39:07 2007 |
| MD5 Checksum: | 59576880c4488e87c92b0899e49e96d3 |
|
| /// File Name: |
glsa-200711-30.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-30 - Tavis Ormandy (Google Security) discovered multiple vulnerabilities in PCRE. He reported an error when processing \Q\E sequences with unmatched \E codes that can lead to the compiled bytecode being corrupted. PCRE does not properly calculate sizes for unspecified multiple forms of character class, which triggers a buffer overflow. Further improper calculations of memory boundaries were reported when matching certain input bytes against regex patterns in non UTF-8 mode and when searching for unmatched brackets or parentheses. Multiple integer overflows when processing escape sequences may lead to invalid memory read operations or potentially cause heap-based buffer overflows. PCRE does not properly handle \P and \P{x} sequences which can lead to heap-based buffer overflows or trigger the execution of infinite loops, PCRE is also prone to an error when optimizing character classes containing a singleton UTF-8 sequence which might lead to a heap-based buffer overflow. Versions less than 7.3-r1 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 5255 | | Related CVE(s): | CVE-2006-7227, CVE-2006-7228, CVE-2006-7230, CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768 | | Last Modified: | Nov 26 17:40:19 2007 |
| MD5 Checksum: | 52301116aa5ae4963242b6577a6a61d2 |
|
| /// File Name: |
glsa-200711-31.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-31 - The SNMP agent (snmpd) does not properly handle GETBULK requests with an overly large max-repetitions field. Versions less than 5.4.1-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2810 | | Related CVE(s): | CVE-2007-5846 | | Last Modified: | Nov 26 17:40:25 2007 |
| MD5 Checksum: | 6450376a8f26ae23f45184edccf54575 |
|
| /// File Name: |
glsa-200711-32.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-32 - Kevin B. McCarty discovered that the feynmf.pl script creates a temporary properly list file at the location $TMPDIR/feynmf$PID.pl, where $PID is the process ID. Versions less than 1.08-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3104 | | Related CVE(s): | CVE-2007-5940 | | Last Modified: | Nov 26 17:40:41 2007 |
| MD5 Checksum: | bc3c2237199688d83b19f00a7ff8e45b |
|
| /// File Name: |
glsa-200711-33.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-33 - Josh Burley reported that nss_ldap does not properly handle the LDAP connections due to a race condition that can be triggered by multi-threaded applications using nss_ldap, which might lead to requested data being returned to a wrong process. Versions less than 258 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3064 | | Related CVE(s): | CVE-2007-5794 | | Last Modified: | Nov 26 22:07:53 2007 |
| MD5 Checksum: | 91fbe75e5024d67237681c85d6b56e08 |
|
| /// File Name: |
glsa-200711-34.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-34 - Multiple issues were found in the teTeX 2 codebase that CSTeX builds upon (GLSA 200709-17, GLSA 200711-26). CSTeX also includes vulnerable code from the GD library (GLSA 200708-05), from Xpdf (GLSA 200709-12, GLSA 200711-22) and from T1Lib (GLSA 200710-12). Versions less than 2.0.2-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 4114 | | Last Modified: | Nov 26 22:14:38 2007 |
| MD5 Checksum: | c33d31a631b5831bdc0888c4124f1862 |
|
| /// File Name: |
iedosowc11-dos.txt |
Description:
|
An unhandled memory access violation in the OWC11.DataSourceControl in Internet Explorer may cause a denial of service condition.
| | Author: | Elazar Broad | | File Size: | 750 | | Last Modified: | Nov 12 22:12:02 2007 |
| MD5 Checksum: | 167bf60f97e78d10625a872a2a1640e3 |
|
| /// File Name: |
IRM-tibcodos.txt |
Description:
|
The TIBCO Rendezvous RVD daemon is vulnerable to a memory leak, which when remotely triggered, prevents any further RV communication until the daemon is manually restarted.
| | Author: | Varun Uppal, Andy Davis | | Homepage: | http://www.irmplc.com/ | | File Size: | 2981 | | Last Modified: | Nov 30 01:00:48 2007 |
| MD5 Checksum: | 33fa196ab9bb365713d31238582bca13 |
|
| /// File Name: |
konqueror-dos.txt |
Description:
|
Konqueror versions 3.5.6 and below suffer from a denial of service condition when handling too large of cookies.
| | Author: | laurent gaffi | | File Size: | 836 | | Last Modified: | Nov 14 21:04:00 2007 |
| MD5 Checksum: | 2cba9c1bec091343d6db06947e1b965a |
|
| /// File Name: |
ligb-sql.txt |
Description:
|
LI-Guestbook version 1.2 suffers from a SQL injection vulnerability.
| | Homepage: | http://www.security-news.ws/ | | File Size: | 1021 | | Last Modified: | Nov 9 12:51:37 2007 |
| MD5 Checksum: | 9939a207569d147189b64af4061d1667 |
|
| /// File Name: |
live555x.txt |
Description:
|
LIVE555 Media Server versions 2007.11.01 and below suffer from a denial of service vulnerability due to a memory access violation.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | live555x.zip | | File Size: | 2251 | | Last Modified: | Nov 26 16:38:12 2007 |
| MD5 Checksum: | 3d16fc37149b52055a09781bc02e564a |
|
| /// File Name: |
MDKSA-2007-203.txt |
Description:
|
Mandriva Linux Security Advisory - Tavis Ormandy discovered a heap overflow flaw during video-to-video copy operations in the Cirrus VGA extension code that is used in Xen. A malicious local administrator of a guest domain could potentially trigger this flaw and execute arbitrary code outside of the domain. Tavis Ormandy also discovered insufficient input validation leading to a heap overflow in the NE2000 network driver in Xen. If the driver is in use, a malicious local administrator of a guest domain could potentially trigger this flaw and execute arbitrary code outside of the domain. Steve Kemp found that xen-utils used insecure temporary files within the xenmon tool that could allow local users to truncate arbitrary files. Joris van Rantwijk discovered a flaw in Pygrub, which is used as a boot loader for guest domains. A malicious local administrator of a guest domain could create a carefully-crafted grub.conf file which could trigger the execution of arbitrary code outside of that domain.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4426 | | Related CVE(s): | CVE-2007-4993, CVE-2007-3919, CVE-2007-1321, CVE-2007-5729, CVE-2007-5730, CVE-2007-1320 | | Last Modified: | Nov 1 19:26:48 2007 |
| MD5 Checksum: | ff8364f820413cda18b424722daf1611 |
|
| /// File Name: |
MDKSA-2007-204-1.txt |
Description:
|
Mandriva Linux Security Advisory - Alin Rad Pop of Secunia Research discovered a vulnerability in CUPS that can be exploited by malicious individuals to execute arbitrary code. This flaw is due to a boundary error when processing IPP (Internet Printing Protocol) tags. Due to incorrect build requirements/conflicts, the cups-config in Mandriva Linux 2008.0 was displaying the full CFLAGS and libs instead of just the libraries when 'cups-config --libs' was invoked. This update corrects the cups-config behaviour.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3468 | | Related CVE(s): | CVE-2007-4351 | | Last Modified: | Nov 12 23:38:36 2007 |
| MD5 Checksum: | 010e831f1ceb7b70422adc9007b89d76 |
|
| /// File Name: |
MDKSA-2007-204.txt |
Description:
|
Mandriva Linux Security Advisory - Alin Rad Pop of Secunia Research discovered a vulnerability in CUPS that can be exploited by malicious individuals to execute arbitrary code. This flaw is due to a boundary error when processing IPP (Internet Printing Protocol) tags.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8420 | | Related CVE(s): | CVE-2007-4351 | | Last Modified: | Nov 1 19:29:14 2007 |
| MD5 Checksum: | 44babeda85cd8ca51254fec4e4811a3f |
|
| /// File Name: |
MDKSA-2007-205.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in opal, the Open Phone Abstraction Library, was found in how it handles certain Session Initiation Protocol (SIP) packets. An attacker could use this vulnerability to crash an application linked to opal, such as Ekiga.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3157 | | Related CVE(s): | CVE-2007-4924 | | Last Modified: | Nov 2 19:27:28 2007 |
| MD5 Checksum: | 4639f4fdabf3a80a50297f7f85650727 |
|
| /// File Name: |
MDKSA-2007-206.txt |
Description:
|
Mandriva Linux Security Advisory - A memory management flaw was discovered in PWLib, that an attacker could use to crash an application linked with it, such as Ekiga.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6300 | | Related CVE(s): | CVE-2007-4897 | | Last Modified: | Nov 2 19:28:09 2007 |
| MD5 Checksum: | 9ce8be1563282a29693edb789a6c22a6 |
|
| /// File Name: |
MDKSA-2007-207.txt |
Description:
|
Mandriva Linux Security Advisory - Tavis Ormandy and Will Drewry discovered a flaw in Perl's regular expression engine. Specially crafted input to a regular expression can cause Perl to improperly allocate memory, resulting in the possible execution of arbitrary code with the permissions of the user running Perl.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8145 | | Related CVE(s): | CVE-2007-5116 | | Last Modified: | Nov 6 01:59:51 2007 |
| MD5 Checksum: | b70dba6f050f083bf9c03673493a9464 |
|
| /// File Name: |
MDKSA-2007-208.txt |
Description:
|
Mandriva Linux Security Advisory - A function in the JasPer JPEG-2000 library before 1.900 could allow a remote user-assisted attack to cause a crash and possibly corrupt the heap via malformed image files. Newer versions of ghostscript contain an embedded copy of libjasper and as such is vulnerable to this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4322 | | Related CVE(s): | CVE-2007-2721 | | Last Modified: | Nov 6 02:00:31 2007 |
| MD5 Checksum: | f489e3b14236946dd82d7120442763b2 |
|
| /// File Name: |
MDKSA-2007-209.txt |
Description:
|
Mandriva Linux Security Advisory - A function in the JasPer JPEG-2000 library before 1.900 could allow a remote user-assisted attack to cause a crash and possibly corrupt the heap via malformed image files. netpbm contains an embedded copy of libjasper and as such is vulnerable to this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6201 | | Related CVE(s): | CVE-2007-2721 | | Last Modified: | Nov 6 02:01:05 2007 |
| MD5 Checksum: | e093a85489abb706234d8bbb4f4dde59 |
|
| /// File Name: |
MDKSA-2007-210.txt |
Description:
|
Mandriva Linux Security Advisory - Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow. The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 9860 | | Related CVE(s): | CVE-2007-4568, CVE-2007-4990 | | Last Modified: | Nov 6 23:23:27 2007 |
| MD5 Checksum: | 03cfdc844269ee8302005df8fc4b54f0 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
