Section: .. / 0804-advisories /
| /// File Name: |
SSRT080026.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified with HP Select Identity software. The vulnerabilities could be exploited by an authenticated user to gain unauthorized access to other user accounts.
| | Homepage: | http://www.hp.com/ | | File Size: | 7313 | | Related CVE(s): | CVE-2008-0709 | | Last Modified: | Apr 3 01:06:37 2008 |
| MD5 Checksum: | e80411e7253ce945ff5e2ca6230942bd |
|
| /// File Name: |
dsa-1537-1.txt |
Description:
|
Debian Security Advisory 1537-1 - Alin Rad Pop (Secunia) discovered a number of vulnerabilities in xpdf, a set of tools for display and conversion of Portable Document Format (PDF) files.
| | Homepage: | http://www.debian.org/security | | File Size: | 7172 | | Related CVE(s): | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 | | Last Modified: | Apr 4 17:36:47 2008 |
| MD5 Checksum: | d48aae6288a7f069b72300c4ff33fcda |
|
| /// File Name: |
dsa-1546-1.txt |
Description:
|
Debian Security Advisory 1546-1 - Thilo Pfennig and Morten Welinder discovered several integer overflow weaknesses in Gnumeric, a GNOME spreadsheet application. These vulnerabilities could result in the execution of arbitrary code through the opening of a maliciously crafted Excel spreadsheet.
| | Homepage: | http://www.debian.org/security | | File Size: | 7163 | | Related CVE(s): | CVE-2008-0668 | | Last Modified: | Apr 11 14:43:54 2008 |
| MD5 Checksum: | 62211853fd243d4e4c877338d31b6896 |
|
| /// File Name: |
SSRT080018.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP Storage Essentials Software. The vulnerability could be exploited remotely to gain unauthorized access to data.
| | Homepage: | http://www.hp.com/ | | File Size: | 7086 | | Related CVE(s): | CVE-2006-5750 | | Last Modified: | Apr 8 22:51:21 2008 |
| MD5 Checksum: | 75c3fdaf6cfffba07de1fa7af61a616f |
|
| /// File Name: |
sa29702.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gnumeric. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29702/ | | File Size: | 7017 | | Last Modified: | Apr 15 13:23:16 2008 |
| MD5 Checksum: | abeb43f23e703faa86565361dd55ebf5 |
|
| /// File Name: |
SSRT080006.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified in PostgreSQL versions 8.2.4 and earlier running on HP Internet Express for Tru64 UNIX. The vulnerabilities could be exploited to execute arbitrary code, elevation of privilege, or cause a Denial of Service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 6953 | | Related CVE(s): | CVE-2007-3278, CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601 | | Last Modified: | Apr 3 01:07:41 2008 |
| MD5 Checksum: | 6dd7bac8e9064b173aa9ca45a9fdc5fa |
|
| /// File Name: |
SSRT071455.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified in the embedded management console in certain HP Integrity Servers iLO-2 Management Processors (iLO-2 MP). The vulnerability could be remotely exploited to cause a Denial of Service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 6725 | | Related CVE(s): | CVE-2008-0711 | | Last Modified: | Apr 8 22:48:05 2008 |
| MD5 Checksum: | 29707edfb5a756fe04a2e9c07b304c30 |
|
| /// File Name: |
AKLINK-SA-2008-004.txt |
Description:
|
Microsoft Office 2007 has a design flaw that allows outbound HTTP requests to be made when a document is opened that has a digital signature.
| | Author: | Alexander Klink | | Homepage: | https://www.cynops.de/ | | File Size: | 6602 | | Last Modified: | Apr 1 22:29:37 2008 |
| MD5 Checksum: | 9b1190af4261a5b7d8ef496435f47b40 |
|
| /// File Name: |
dsa-1548-1.txt |
Description:
|
Debian Security Advisory 1548-1 - Kees Cook discovered a vulnerability in xpdf, set set of tools for display and conversion of Portable Document Format (PDF) files.
| | Homepage: | http://www.debian.org/security | | File Size: | 6400 | | Related CVE(s): | CVE-2008-1693 | | Last Modified: | Apr 17 18:17:03 2008 |
| MD5 Checksum: | 29c28e6cbf2659b22b137b48473c334b |
|
| /// File Name: |
MDVSA-2008-092.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library. The speex plugin in the gstreamer-plugins-good package is similarly affected by this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6372 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | Apr 29 20:24:03 2008 |
| MD5 Checksum: | a7927b2bc291db5b5346c884eaa8ee12 |
|
| /// File Name: |
MDVSA-2008-094.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6360 | | Related CVE(s): | CVE-2008-1686 | | Last Modified: | Apr 29 20:25:28 2008 |
| MD5 Checksum: | c3058a0c68a5329507b9199eb2357374 |
|
| /// File Name: |
ioactive-zlib.txt |
Description:
|
The zlib extension module in Python version 2.5.2 contains a method for flushing decompression streams that takes an input parameter of how much data to flush. This parameter is a signed integer that is not verified for sanity and is thus potentially negative. When passed a negative value memory is misallocated and then the signed integer is converted to an unsigned integer resulting in buffer overflow.
| | Homepage: | http://www.ioactive.com/ | | File Size: | 6293 | | Last Modified: | Apr 10 17:14:52 2008 |
| MD5 Checksum: | ae7beb198b329c5c2cd1e3698c43348b |
|
| /// File Name: |
sa29604.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xpdf. This fixes some vulnerabilities, which can be exploited by malicious people to compromse a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29604/ | | File Size: | 6227 | | Last Modified: | Apr 4 18:56:42 2008 |
| MD5 Checksum: | 37502967b0486304b7fb04ee6fff41e7 |
|
| /// File Name: |
USN-588-2.txt |
Description:
|
Ubuntu Security Notice 588-2 - USN-588-1 fixed vulnerabilities in MySQL. In fixing CVE-2007-2692 for Ubuntu 6.06, additional improvements were made to make privilege checks more restrictive. As a result, an upstream bug was exposed which could cause operations on tables or views in a different database to fail. This update fixes the problem.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 6200 | | Related CVE(s): | CVE-2007-2692, CVE-2006-7232, CVE-2007-6303, CVE-2008-0226, CVE-2008-0227 | | Last Modified: | Apr 3 01:44:58 2008 |
| MD5 Checksum: | 0e465a8d84fe8c332aef57d16bde0de9 |
|
| /// File Name: |
sa29891.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, to cause a DoS (Denial of Service), or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29891/ | | File Size: | 6197 | | Last Modified: | Apr 28 10:37:56 2008 |
| MD5 Checksum: | 238fe027a299b03d49c4a574469feb4a |
|
| /// File Name: |
sa29885.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xpdf. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29885/ | | File Size: | 6084 | | Last Modified: | Apr 28 10:37:56 2008 |
| MD5 Checksum: | 0f501ccbc8773c60fa1321a47980dd0a |
|
| /// File Name: |
FreeBSD-SA-08-05.openssh.txt |
Description:
|
FreeBSD Security Advisory - OpenSSH has a X11-forwarding privilege escalation issue. When logging in via SSH with X11-forwarding enabled, sshd(8) fails to correctly handle the case where it fails to bind to an IPv4 port but successfully binds to an IPv6 port. In this case, applications which use X11 will connect to the IPv4 port, even though it had not been bound by sshd(8) and is therefore not being securely forwarded.
| | Homepage: | http://security.freebsd.org/ | | File Size: | 5931 | | Related CVE(s): | CVE-2008-1483 | | Last Modified: | Apr 17 12:54:59 2008 |
| MD5 Checksum: | f72e2f658b80a6129b0b66d7c1896f52 |
|
| /// File Name: |
dsa-1561-1.txt |
Description:
|
Debian Security Advisory 1561-1 - Christian Herzog discovered that within the Linux Terminal Server Project, it was possible to connect to X on any LTSP client from any host on the network, making client windows and keystrokes visible to that host.
| | Homepage: | http://www.debian.org/security | | File Size: | 5747 | | Related CVE(s): | CVE-2008-1293 | | Last Modified: | Apr 28 11:08:15 2008 |
| MD5 Checksum: | bc32356163c95e7e7e2543dfa9e798b9 |
|
| /// File Name: |
sa28209.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28209/ | | File Size: | 5568 | | Last Modified: | Apr 8 22:22:39 2008 |
| MD5 Checksum: | daee12fef5dbebb1de40e54a4e182ebd |
|
| /// File Name: |
sa29959.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for ldm. This fixes a security issue, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/29959/ | | File Size: | 5486 | | Last Modified: | Apr 29 19:20:27 2008 |
| MD5 Checksum: | 7e3baa1921d29ce1ce69b2416262857b |
|
| /// File Name: |
sa29645.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for MozillaFirefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29645/ | | File Size: | 5471 | | Last Modified: | Apr 4 16:56:23 2008 |
| MD5 Checksum: | 8771fe54bf6031bb32b1517aefc4b98b |
|
| /// File Name: |
secunia-symanapplix.txt |
Description:
|
Secunia Research has discovered some vulnerabilities Symantec Mail Security, which can be exploited by malicious people to compromise a vulnerable system when scanning Applix documents. A couple of boundary errors and an unsafe call may allow for arbitrary code execution. A logic error may cause a denial of service condition.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 5312 | | Related CVE(s): | CVE-2007-5405, CVE-2007-5406 | | Last Modified: | Apr 14 17:41:27 2008 |
| MD5 Checksum: | 26481917edf681de247a0112ffd45302 |
|
| /// File Name: |
sa29829.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported for various Oracle products. Some vulnerabilities have unknown impacts while others can be exploited by malicious users to bypass certain security restrictions, conduct SQL injection attacks, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29829/ | | File Size: | 5303 | | Last Modified: | Apr 16 17:41:11 2008 |
| MD5 Checksum: | b8cd33ef86351c7b632f595747903373 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
