Section: .. / 0801-advisories /
| /// File Name: |
sa28333.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/28333/ | | File Size: | 10026 | | Last Modified: | Jan 9 01:44:12 2008 |
| MD5 Checksum: | 04f2a476ce703aa9eb30cf9bab308720 |
|
| /// File Name: |
homehub-upnp.txt |
Description:
|
Information on pwning the BT Home Hub regarding the exploitation of IGDs remotely via UPnP.
| | Author: | pagvac | | Homepage: | http://www.gnucitizen.org/ | | File Size: | 9940 | | Last Modified: | Jan 10 17:57:43 2008 |
| MD5 Checksum: | b881d12f8b72ceedb666cfb0b156a716 |
|
| /// File Name: |
dsa-1449-1.txt |
Description:
|
Debian Security Advisory 1449-1 - It was discovered that loop-aes-utils, tools for mounting and manipulating filesystems, didn't drop privileged users and groups in the correct order in the mount and umount commands. This could potentially allow a local user to gain additional privileges.
| | Homepage: | http://www.debian.org/security | | File Size: | 9717 | | Related CVE(s): | CVE-2007-5191 | | Last Modified: | Jan 5 19:15:25 2008 |
| MD5 Checksum: | b9555a32859ef7f171d1e26868c1dd25 |
|
| /// File Name: |
sa28587.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for clamav. This fixes some vulnerabilities, where one vulnerability has an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28587/ | | File Size: | 9710 | | Last Modified: | Jan 23 22:55:21 2008 |
| MD5 Checksum: | d11db020353cc07c75d0f804beb64b96 |
|
| /// File Name: |
dsa-1457-1.txt |
Description:
|
Debian Security Advisory 1457-1 - It was discovered that Dovecot, a POP3 and IMAP server, only when used with LDAP authentication and a base that contains variables, could allow a user to log in to the account of another user with the same password.
| | Homepage: | http://www.debian.org/security | | File Size: | 9314 | | Related CVE(s): | CVE-2007-6598 | | Last Modified: | Jan 10 03:56:56 2008 |
| MD5 Checksum: | 4ebef8ae0a51ae1198b6ccd0c34bb63a |
|
| /// File Name: |
AST-2008-001.txt |
Description:
|
Asterisk Project Security Advisory - The handling of the BYE with Also transfer method was broken during the development of Asterisk 1.4. If a transfer attempt is made using this method the system will immediately crash upon handling the BYE message due to trying to copy data into a NULL pointer.
| | Author: | Joshua Colp | | Homepage: | http://www.asterisk.org/security | | File Size: | 9190 | | Last Modified: | Jan 2 17:55:27 2008 |
| MD5 Checksum: | f650cdc7e34b6e2ec797a8d92bb23acd |
|
| /// File Name: |
sa28404.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for dovecot. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/28404/ | | File Size: | 8877 | | Last Modified: | Jan 10 17:33:57 2008 |
| MD5 Checksum: | 1af355c951f6cb045ef2b57f7b6dd0c1 |
|
| /// File Name: |
dsa-1462-1.txt |
Description:
|
Debian Security Advisory 1462-1 - Kees Cook discovered that the hpssd tool of the HP Linux Printing and Imaging System (HPLIP) performs insufficient input sanitising of shell meta characters, which may result in local privilege escalation to the hplip user.
| | Homepage: | http://www.debian.org/security | | File Size: | 8747 | | Related CVE(s): | CVE-2007-5208 | | Last Modified: | Jan 14 17:11:40 2008 |
| MD5 Checksum: | 1910044ec3c90d531908d5056eb88251 |
|
| /// File Name: |
sa28441.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for cups. This fixes some vulnerabilities, which can be exploited by malicious users or malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28441/ | | File Size: | 8684 | | Last Modified: | Jan 11 20:30:53 2008 |
| MD5 Checksum: | b49c11b91b9b5a586263cad5a5021c6b |
|
| /// File Name: |
SSRT080003.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
| | Homepage: | http://www.hp.com/ | | File Size: | 8640 | | Last Modified: | Jan 15 15:28:02 2008 |
| MD5 Checksum: | 2f1efcbc5e0c2efedcdf04ce79756373 |
|
| /// File Name: |
dsa-1473-1.txt |
Description:
|
Debian Security Advisory 1473-1 - Joachim Breitner discovered that Subversion support in scponly is inherently insecure, allowing execution of arbitrary commands. Further investigation showed that rsync and Unison support suffer from similar issues. In addition, it was discovered that it was possible to invoke with scp with certain options that may lead to execution of arbitrary commands.
| | Homepage: | http://www.debian.org/security | | File Size: | 8365 | | Related CVE(s): | CVE-2007-6350, CVE-2007-6415 | | Last Modified: | Jan 21 21:53:18 2008 |
| MD5 Checksum: | ae621c9d27cd2c653fdf2d7e090d9c5c |
|
| /// File Name: |
dsa-1474-1.txt |
Description:
|
Debian Security Advisory 1474-1 - Meder Kydyraliev discovered an integer overflow in the thumbnail handling of libexif, the EXIF/IPTC metadata manipulation library, which could result in the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 8360 | | Related CVE(s): | CVE-2007-6353 | | Last Modified: | Jan 24 00:19:45 2008 |
| MD5 Checksum: | 5c9d4faa07dd7534e4fb1bc754522876 |
|
| /// File Name: |
sa28453.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for hplib. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28453/ | | File Size: | 8290 | | Last Modified: | Jan 14 21:34:58 2008 |
| MD5 Checksum: | 0509e0560bb0e3f094128afad6b7fb9e |
|
| /// File Name: |
sa28377.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for libarchive. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/28377/ | | File Size: | 8161 | | Last Modified: | Jan 10 03:17:01 2008 |
| MD5 Checksum: | 9c02e9c3e086cb1135a2688ecafb3b72 |
|
| /// File Name: |
dsa-1459-1.txt |
Description:
|
Debian Security Advisory 1459-1 - It was discovered that Gforge, a collaborative development tool, did not properly sanitise some CGI parameters, allowing SQL injection in scripts related to RSS exports.
| | Homepage: | http://www.debian.org/security | | File Size: | 8144 | | Related CVE(s): | CVE-2008-0173 | | Last Modified: | Jan 14 14:10:05 2008 |
| MD5 Checksum: | 8d1500e18a1360c8c533fe09d99b9de7 |
|
| /// File Name: |
sa28592.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for xorg-x11-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/28592/ | | File Size: | 8086 | | Last Modified: | Jan 23 22:55:21 2008 |
| MD5 Checksum: | 33bad63fcfc2c3a241c626d71b91c152 |
|
| /// File Name: |
dsa-1448-1.txt |
Description:
|
Debian Security Advisory 1448-1 - It was discovered that eggdrop, an advanced IRC robot, was vulnerable to a buffer overflow which could result in a remote user executing arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 7993 | | Related CVE(s): | CVE-2007-2807 | | Last Modified: | Jan 5 19:12:01 2008 |
| MD5 Checksum: | 0637d6fa895dbbdf779e2ab4334177fc |
|
| /// File Name: |
sa28265.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for libsndfile. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/28265/ | | File Size: | 7993 | | Last Modified: | Jan 3 13:16:15 2008 |
| MD5 Checksum: | 3e4e331656b375dec118da41bfac606e |
|
| /// File Name: |
sa28627.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for xorg-x11-server. This fixes a security issue, which can be exploited by malicious people with physical access to a system to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/28627/ | | File Size: | 7985 | | Last Modified: | Jan 25 18:58:49 2008 |
| MD5 Checksum: | d81f063c6d457ed2f52b20bcf93c20f7 |
|
| /// File Name: |
sa28610.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for exiv2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/28610/ | | File Size: | 7764 | | Last Modified: | Jan 25 02:43:48 2008 |
| MD5 Checksum: | 1e20d1bb9a1d86bb4d38049aa33d0881 |
|
| /// File Name: |
MDVSA-2008-013.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple integer overflows were found in python's imageop module. If an application written in python used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the python interpreter.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7738 | | Related CVE(s): | CVE-2007-4965 | | Last Modified: | Jan 14 18:00:35 2008 |
| MD5 Checksum: | b5e65cb8e1d0632cc910452e440a7501 |
|
| /// File Name: |
MDVSA-2008-015.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw found in the mod_imagemap module could lead to a cross-site scripting attack on sites where mod_imagemap was enabled and an imagemap file was publicly available. A flaw found in the mod_status module could lead to a cross-site scripting attack on sites where mod_status was enabled and the status pages were publicly available. A flaw found in the mod_proxy_ftp module could lead to a cross-site scripting attack against web browsers which do not correctly derive the response character set following the rules in RFC 2616, on sites where the mod_proxy_ftp module was enabled.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7692 | | Related CVE(s): | CVE-2007-5000, CVE-2007-6388, CVE-2008-0005 | | Last Modified: | Jan 17 00:57:19 2008 |
| MD5 Checksum: | 0ed94da5fcca6e6eb55a8fe34371b8b5 |
|
| /// File Name: |
sa28347.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for eggdrop. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28347/ | | File Size: | 7691 | | Last Modified: | Jan 8 11:51:15 2008 |
| MD5 Checksum: | f54cf64ee0c44d94135bde51b55be3c2 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
