Section: .. / 0801-advisories /
| /// File Name: |
dsa-1475-1.txt |
Description:
|
Debian Security Advisory 1475-1 - Jose Ramon Palanco discovered th a cross site scripting vulnerability in GForge, a collaborative development tool, allows remote attackers to inject arbitrary web script or HTML in the context of a logged in user's session.
| | Homepage: | http://www.debian.org/security | | File Size: | 5321 | | Related CVE(s): | CVE-2007-0176 | | Last Modified: | Jan 27 22:02:52 2008 |
| MD5 Checksum: | 5154f4b406cba7657846a829fa882a0f |
|
| /// File Name: |
glsa-200801-14.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200801-14 - The /usr/bin/blam script sets the LD_LIBRARY_PATH environment variable incorrectly, which might result in the current working directory (.) being included when searching for dynamically linked libraries of the Mono Runtime application. Versions less than 1.8.4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2691 | | Related CVE(s): | CVE-2005-4790 | | Last Modified: | Jan 27 22:00:45 2008 |
| MD5 Checksum: | cb1fe56737775e672c4939c2171655c0 |
|
| /// File Name: |
glsa-200801-13-02.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200801-13:02 - The IRC_PART() function in the file irc-channel.c does not properly check the number of parameters, referencing an invalid pointer if no channel is supplied. Versions less than 0.10.4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2463 | | Related CVE(s): | CVE-2008-0285 | | Last Modified: | Jan 27 22:00:21 2008 |
| MD5 Checksum: | 758ec244e172e362d03c4518ac61d8fb |
|
| /// File Name: |
glsa-200801-12.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200801-12 - Luigi Auriemma reported that xine-lib does not properly check boundaries when processing SDP attributes of RTSP streams, leading to heap-based buffer overflows. Versions less than 1.1.9.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2695 | | Related CVE(s): | CVE-2008-0225, CVE-2008-0238 | | Last Modified: | Jan 27 21:59:58 2008 |
| MD5 Checksum: | ddae71eec629db2527290e569fec514a |
|
| /// File Name: |
glsa-200801-11.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200801-11 - CherryPy does not sanitize the session id, provided as a cookie value, in the FileSession._get_file_path() function before using it as part of the file name. Versions less than 3.0.2-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2969 | | Related CVE(s): | CVE-2008-0252 | | Last Modified: | Jan 27 21:59:39 2008 |
| MD5 Checksum: | bab49fc0b73c1600d9469fc44cecd4da |
|
| /// File Name: |
sa28621.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS / IR, which can be exploited by malicious, local users to cause a DoS (Denial of Service), or to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28621/ | | File Size: | 2367 | | Last Modified: | Jan 27 21:57:53 2008 |
| MD5 Checksum: | 7bfaf629f8e73c38c4f50a4184f04363 |
|
| /// File Name: |
sa28648.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in multiple Avaya products, which potentially can be exploited by malicious people to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/28648/ | | File Size: | 2550 | | Last Modified: | Jan 27 21:57:53 2008 |
| MD5 Checksum: | 8b34852adbf98c714e15be4af70da8f0 |
|
| /// File Name: |
sa28630.txt |
Description:
|
Secunia Security Advisory - NBBN has discovered a vulnerability in phpBB, which can be exploited by malicious people to conduct cross-site request forgery attacks.
| | Homepage: | http://secunia.com/advisories/28630/ | | File Size: | 2238 | | Last Modified: | Jan 27 21:57:18 2008 |
| MD5 Checksum: | 89bf4e813ba0a7e057d6db9d436c039e |
|
| /// File Name: |
sa28634.txt |
Description:
|
Secunia Security Advisory - NBBN has reported a vulnerability in Woltlab Burning Board, which can be exploited by malicious people to conduct cross-site request forgery attacks.
| | Homepage: | http://secunia.com/advisories/28634/ | | File Size: | 2430 | | Last Modified: | Jan 27 21:56:12 2008 |
| MD5 Checksum: | dbabddd8b835754772b4ab5463a1b734 |
|
| /// File Name: |
sa28644.txt |
Description:
|
Secunia Security Advisory - rgod has discovered a weakness in ImageShack Toolbar, which can be exploited by malicious people to potentially disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/28644/ | | File Size: | 2548 | | Last Modified: | Jan 27 21:56:12 2008 |
| MD5 Checksum: | 8de7a0425be8a5e7f495e64316dc39b4 |
|
| /// File Name: |
MDVSA-2008-027.txt |
Description:
|
Mandriva Linux Security Advisory - A programming flaw was found in Pulseaudio versions older than 0.9.9, by which a local user can gain root access, if pulseaudio is installed as a setuid to root binary, which is the recommended configuration.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4115 | | Related CVE(s): | CVE-2008-0008 | | Last Modified: | Jan 25 19:21:24 2008 |
| MD5 Checksum: | 8909b5c5d3679c095cddeb45e29c6a08 |
|
| /// File Name: |
MDVSA-2008-026.txt |
Description:
|
Mandriva Linux Security Advisory - Will Drewry reported multiple flaws in how libicu processed certain malformed regular expressions. If an application linked against libicu, such as OpenOffice.org, processed a carefully-crafted regular expression, it could potentially cause the execution of arbitrary code with the privileges of the user running the application.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3045 | | Related CVE(s): | CVE-2007-4770, CVE-2007-4771 | | Last Modified: | Jan 25 19:20:50 2008 |
| MD5 Checksum: | 480ce9401b03aa8a2e001186d385295d |
|
| /// File Name: |
sa28641.txt |
Description:
|
Secunia Security Advisory - 0in has discovered a vulnerability in Tiger Php News System, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/28641/ | | File Size: | 2389 | | Last Modified: | Jan 25 19:17:02 2008 |
| MD5 Checksum: | 975b5f11ee6d7f182278a18c8266db98 |
|
| /// File Name: |
sa28647.txt |
Description:
|
Secunia Security Advisory - Elazar Broad has discovered a vulnerability in Move Networks Upgrade Manager, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28647/ | | File Size: | 2456 | | Last Modified: | Jan 25 19:17:02 2008 |
| MD5 Checksum: | 8cb01b18485bb6aa83f23a53493970bf |
|
| /// File Name: |
proficy-harvest.txt |
Description:
|
Proficy Information Portal version 2.6 passes a user's password base64 encoded on the wire, allowing for it to be easily intercepted and decoded.
| | Author: | Eyal Udassin | | Homepage: | http://www.c4-security.com/ | | File Size: | 1595 | | Related CVE(s): | CVE-2008-0174 | | Last Modified: | Jan 25 19:14:33 2008 |
| MD5 Checksum: | 74d3e66416dad59621861f8f10521ac8 |
|
| /// File Name: |
proficy-upload.txt |
Description:
|
Proficy Information Portal version 2.6 has a flaw that allows an authenticated attacker the ability to upload arbitrary code on the server.
| | Author: | Eyal Udassin | | Homepage: | http://www.c4-security.com/ | | File Size: | 1876 | | Related CVE(s): | CVE-2008-0175 | | Last Modified: | Jan 25 19:12:46 2008 |
| MD5 Checksum: | 951bc80e0fa631556e175dfc730d384a |
|
| /// File Name: |
sa28429.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for bind and bind-utils. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28429/ | | File Size: | 2159 | | Last Modified: | Jan 25 18:58:49 2008 |
| MD5 Checksum: | ac562d8e4b7bbcec89b09ab35f90ee3b |
|
| /// File Name: |
sa28575.txt |
Description:
|
Secunia Security Advisory - Will Drewry has reported some vulnerabilities in International Components for Unicode, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/28575/ | | File Size: | 2773 | | Last Modified: | Jan 25 18:58:49 2008 |
| MD5 Checksum: | ed1ffff0af491fb58a9aae6933620f36 |
|
| /// File Name: |
sa28584.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for x11-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28584/ | | File Size: | 5765 | | Last Modified: | Jan 25 18:58:49 2008 |
| MD5 Checksum: | 11389e0e54e470e010b86a147dbeeb74 |
|
| /// File Name: |
sa28585.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for hsqldb. This fixes a vulnerability, which has unknown impacts.
| | Homepage: | http://secunia.com/advisories/28585/ | | File Size: | 5562 | | Last Modified: | Jan 25 18:58:49 2008 |
| MD5 Checksum: | 4ef462f7b27f41fa591dc8805384eec1 |
|
| /// File Name: |
sa28611.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for CherryPy. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security settings.
| | Homepage: | http://secunia.com/advisories/28611/ | | File Size: | 2042 | | Last Modified: | Jan 25 18:58:49 2008 |
| MD5 Checksum: | 18f68c1a6e5aa9d6f1d158dbdd66b849 |
|
| /// File Name: |
sa28615.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for icu. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/28615/ | | File Size: | 2290 | | Last Modified: | Jan 25 18:58:49 2008 |
| MD5 Checksum: | 0f9b32294188160a9c30a86a7eda6bd7 |
|
| /// File Name: |
sa28623.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for pulseaudio. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/28623/ | | File Size: | 12496 | | Last Modified: | Jan 25 18:58:49 2008 |
| MD5 Checksum: | 34aa8d1c3a04a023517fcec79c178990 |
|
| /// File Name: |
sa28627.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for xorg-x11-server. This fixes a security issue, which can be exploited by malicious people with physical access to a system to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/28627/ | | File Size: | 7985 | | Last Modified: | Jan 25 18:58:49 2008 |
| MD5 Checksum: | d81f063c6d457ed2f52b20bcf93c20f7 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
