Section: .. / 0805-advisories /
| /// File Name: |
USN-612-7.txt |
Description:
|
Ubuntu Security Notice 612-7 - USN-612-2 introduced protections for OpenSSH, related to the OpenSSL vulnerabilities addressed by USN-612-1. This update provides the corresponding updates for OpenSSH in Ubuntu 6.06 LTS. While the OpenSSL in Ubuntu 6.06 is not vulnerable, this update will block weak keys generated on systems that may have been affected themselves. A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH, OpenVPN and SSL certificates.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5554 | | Related CVE(s): | CVE-2008-0166 | | Last Modified: | May 20 10:17:08 2008 |
| MD5 Checksum: | a6547a41f905e6a3fd2d547f9767ba3e |
|
| /// File Name: |
USN-612-8.txt |
Description:
|
Ubuntu Security Notice 612-8 - USN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by introducing openssl-blacklist to aid in detecting vulnerable private keys. This update enhances the openssl-vulnkey tool to check X.509 certificates as well, and provides the corresponding update for Ubuntu 6.06. While the OpenSSL in Ubuntu 6.06 was not vulnerable, openssl-blacklist is now provided for Ubuntu 6.06 for checking certificates and keys that may have been imported on these systems.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 5131 | | Last Modified: | May 22 01:20:51 2008 |
| MD5 Checksum: | 37ef9f46cc632ccce7d565ff3e6f5c06 |
|
| /// File Name: |
USN-613-1.txt |
Description:
|
Ubuntu Security Notice 613-1 - Multiple flaws were discovered in the connection handling of GnuTLS. A remote attacker could exploit this to crash applications linked against GnuTLS, or possibly execute arbitrary code with permissions of the application's user.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 17480 | | Related CVE(s): | CVE-2008-1948, CVE-2008-1949, CVE-2008-1950 | | Last Modified: | May 22 01:19:15 2008 |
| MD5 Checksum: | 5eb5dfc7220077777e0867309e7ee3c9 |
|
| /// File Name: |
VMSA-2008-0008.txt |
Description:
|
VMware Security Advisory - Several critical security vulnerabilities have been addressed in the newest releases of VMware's hosted product line. VMware Workstation versions 6.0.3 and earlier, VMware Player versions 2.0.3 and earlier, VMware ACE versions 2.0.3 and earlier, and VMware Fusion versions 1.1.1 and earlier are affected.
| | Homepage: | http://www.vmware.com/ | | File Size: | 8582 | | Related CVE(s): | CVE-2008-2098, CVE-2008-2099 | | Last Modified: | May 31 15:21:44 2008 |
| MD5 Checksum: | 8ab3145bcbd39538f9eda637f8802930 |
|
| /// File Name: |
webmodz.txt |
Description:
|
WebMod versions 0.48 and below suffer from directory traversal, buffer overflow, and disclosure vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | webmodz.zip | | File Size: | 3516 | | Last Modified: | May 5 14:03:20 2008 |
| MD5 Checksum: | 446b41bca98f6c09f4273b89e3ff5922 |
|
| /// File Name: |
ZDI-08-023.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, open a malicious email, or open a malicious file. The specific flaw exists when parsing malformed RTF documents. When processing a combination of RTF tags a heap overflow occurs. Successful exploitation can lead to remote compromise of a system under the credentials of the currently logged in user.
| | Author: | wushi | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3266 | | Related CVE(s): | CVE-2008-1091 | | Last Modified: | May 13 15:38:28 2008 |
| MD5 Checksum: | 3a4c70d8165cb815e52e832667c68280 |
|
| /// File Name: |
ZDI-08-024.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Symantec Altiris Deployment Solution. User interaction is not required to exploit this vulnerability. The specific flaw exists within the axengine.exe process listening by default on TCP port 402. A lack of proper sanitation while parsing requests allows for a remote attacker to inject arbitrary SQL statements into the database. Exploitation of this vulnerability can result in arbitrary code execution under the context of the SYSTEM user.
| | Author: | Brett Moore | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3270 | | Last Modified: | May 15 18:26:12 2008 |
| MD5 Checksum: | de3d63236f721885f9df12222483b76e |
|
| /// File Name: |
ZDI-08-025.txt |
Description:
|
A vulnerability allows attackers to remotely obtain domain credentials on vulnerable installations of Symantec Altiris Deployment Solution. User interaction is not required to exploit this vulnerability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the axengine.exe service listening by default on TCP port 402. The service allows a remote client to request encrypted domain credentials without authentication. The encryption lacks a salt allowing an attacker with a local installation of Altiris Deployment Solution to easily decrypt the credentials.
| | Author: | Brett Moore | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3354 | | Last Modified: | May 15 18:28:51 2008 |
| MD5 Checksum: | 42547c174484950e72118580181d31aa |
|
| /// File Name: |
ZDI-08-026.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of CA BrightStor ARCserve Backup for Linux. User interaction is not required to exploit this vulnerability. The specific flaw exists due to improper bounds checking in the xdr_rwsstring() library function. By sending a long parameter into a daemon using this function to process strings, a stack based buffer overflow occurs, leading to execution of arbitrary code.
| | Author: | Damian Put | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3359 | | Related CVE(s): | CVE-2008-2242 | | Last Modified: | May 19 21:37:57 2008 |
| MD5 Checksum: | 7c46da1a5c684af64366f73a09e2c1a4 |
|
| /// File Name: |
ZDI-08-027.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates ARCserve Backup. Authentication is not required exploit this vulnerability. The specific flaw exists within the caloggerd log daemon during the processing of log messages that contain directory traversal modifiers. A lack of sanity checking on the provided path allows attackers to append arbitrary data to a file of their choosing and can easily result in a full system compromise.
| | Author: | Damian Put | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3422 | | Related CVE(s): | CVE-2008-2241 | | Last Modified: | May 19 21:38:49 2008 |
| MD5 Checksum: | f899af6260049b65f2a53fb1994143bd |
|
| /// File Name: |
ZDI-08-028.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Sametime. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of long URLs in the Community Services Multiplexer (StMux.exe) listening on TCP port 1533. A specially crafted URL can be passed into a vulnerable sscanf() function that will result in a stack overflow resulting in the ability to execute arbitrary code.
| | Author: | Manuel Santamarina Suarez | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3377 | | Last Modified: | May 22 02:12:01 2008 |
| MD5 Checksum: | 404cd26da5a98fbf55a71c9a209da6f4 |
|
| /// File Name: |
ZDI-08-029.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trillian. User interaction is required to exploit this vulnerability in that the target must open a malicious image file. The specific flaws exists during the parsing of messages with overly long attribute values within the FONT tag. The value for any attribute is copied into a stack based buffer via sprintf() which can result in a buffer overrun and can be subsequently leveraged to execute arbitrary code under the privileges of the logged in user. Exploitation may occur over the AIM network or via direct connections.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3493 | | Last Modified: | May 22 02:13:17 2008 |
| MD5 Checksum: | acedf3440ee07207f3cf3241bc0588a4 |
|
| /// File Name: |
ZDI-08-030.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within XML parsing in talk.dll. When processing certain malformed attributes within an 'IMG' tags, it is possible to overwrite past an allocated heap chunk which can eventually lead to code execution under the context of the currently user.
| | Author: | tw33k, n8 | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3331 | | Last Modified: | May 22 02:14:45 2008 |
| MD5 Checksum: | 25afc9de4474dcedeebaad3ec2342f88 |
|
| /// File Name: |
ZDI-08-031.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the header parsing code for the msn protocol. When processing the X-MMS-IM-FORMAT header, certain attributes are copied into a buffer located on the stack without any length verification which can eventually lead to code execution with the privileges of the user that is running the application.
| | Author: | tw33k, n8 | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3381 | | Last Modified: | May 22 02:15:37 2008 |
| MD5 Checksum: | e1a0e2ccc6f70c902a6c430d0627f65b |
|
| /// File Name: |
ZDI-08-033.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable Motorola RAZR firmware based cell phones. User interaction is required to exploit this vulnerability in that the target must accept a malicious image sent via MMS. The specific flaw exists in the JPEG thumbprint component of the EXIF parser. A corrupt JPEG received via MMS can cause a memory corruption which can be leveraged to execute arbitrary code on the affected device.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3211 | | Last Modified: | May 27 19:45:22 2008 |
| MD5 Checksum: | 127b1780fcc83af434196ea8d141b60e |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
