Section: .. / 0701-advisories /
| /// File Name: |
sa23979.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Sun Java System Access Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/23979/ | | File Size: | 3344 | | Last Modified: | Jan 30 22:46:19 2007 |
| MD5 Checksum: | 37247f78537f6e826facb6a136435985 |
|
| /// File Name: |
sa23980.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Movable Type, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/23980/ | | File Size: | 2707 | | Last Modified: | Jan 29 11:19:09 2007 |
| MD5 Checksum: | 53a0082692f5c5d59299ec190c4e7a8b |
|
| /// File Name: |
sa23981.txt |
Description:
|
Secunia Security Advisory - Lucas Bartholemy has reported a vulnerability in WebGUI, which can be exploited by malicious users to delete assets.
| | Homepage: | http://secunia.com/advisories/23981/ | | File Size: | 2367 | | Last Modified: | Jan 29 11:19:09 2007 |
| MD5 Checksum: | 3ed765516b394aac51ae4e7120bb0f13 |
|
| /// File Name: |
sa23984.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information, cause a DoS (Denial of Service), or gain escalated privileges; by malicious users to manipulate data, disclose sensitive information, or compromise a vulnerable system; and by malicious people to cause a DoS.
| | Homepage: | http://secunia.com/advisories/23984/ | | File Size: | 3530 | | Last Modified: | Jan 29 11:19:09 2007 |
| MD5 Checksum: | 23ba40d2856cb753b13e73c00476b68e |
|
| /// File Name: |
sa23990.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in vbDrupal, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23990/ | | File Size: | 2162 | | Last Modified: | Jan 30 22:46:19 2007 |
| MD5 Checksum: | 82b11721831bdb8d313db483fd5673ee |
|
| /// File Name: |
sa23991.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged a vulnerability and a security issue in Avaya CMS / IR, which can be exploited by malicious, local users to disclose sensitive information or potentially gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/23991/ | | File Size: | 2660 | | Last Modified: | Jan 30 22:46:19 2007 |
| MD5 Checksum: | 7ff8bb668475ac79007578209d8fa809 |
|
| /// File Name: |
sa23992.txt |
Description:
|
Secunia Security Advisory - DeltahackingTEAM has discovered a vulnerability in phpIndexPage, which can be exploited by malicious people to compromise vulnerable systems.
| | Homepage: | http://secunia.com/advisories/23992/ | | File Size: | 2465 | | Last Modified: | Jan 30 22:46:19 2007 |
| MD5 Checksum: | 1512746090ae5cdf1f511b88b38ee148 |
|
| /// File Name: |
sa23993.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in NX Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/23993/ | | File Size: | 2403 | | Last Modified: | Jan 30 22:46:19 2007 |
| MD5 Checksum: | cc4949e46cd23403439a7f429939eff2 |
|
| /// File Name: |
secunia-nctaudio.txt |
Description:
|
Secunia Research has discovered a vulnerability in Sienzo Digital Music Mentor, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the NCTAudioFile2.AudioFile ActiveX control when handling the "SetFormatLikeSample()" method. This can be exploited to cause a stack-based buffer overflow by passing an overly long string (about 4124 bytes) as argument to the affected method. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4412 | | Related CVE(s): | CVE-2007-0018 | | Last Modified: | Jan 26 21:27:54 2007 |
| MD5 Checksum: | 653733f576a247106884021025e51381 |
|
| /// File Name: |
secunia-nctsoft.txt |
Description:
|
Secunia Research has discovered a vulnerability in NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll) when handling the "SetFormatLikeSample()" method. This can be exploited to cause a stack-based buffer overflow by passing an overly long string (about 4124 bytes) as argument to the affected method. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website.
| | Homepage: | http://secunia.com/ | | File Size: | 5145 | | Related CVE(s): | CVE-2007-0018 | | Last Modified: | Jan 26 21:26:46 2007 |
| MD5 Checksum: | b0b414036a232efdde1d0233ff38d46b |
|
| /// File Name: |
SSRT051035.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to execute arbitrary code with the permissions of the NNM server.
| | Homepage: | http://www.hp.com | | File Size: | 8806 | | Last Modified: | Jan 13 19:17:45 2007 |
| MD5 Checksum: | ca129eb7ebc519763716216fdaa717dd |
|
| /// File Name: |
SSRT061174.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to gain read access to files with the permissions of the NNM server.
| | Homepage: | http://www.hp.com | | File Size: | 8764 | | Last Modified: | Jan 13 19:17:06 2007 |
| MD5 Checksum: | fb3bd40d6459644be8382ac5de991065 |
|
| /// File Name: |
SSRT061289.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running IPFilter in combination with PHNE_34474. The vulnerability could be exploited by a remote unauthorized user to create a Denial of Service (DoS).
| | Homepage: | http://www.hp.com | | File Size: | 7175 | | Last Modified: | Jan 19 20:53:03 2007 |
| MD5 Checksum: | da0124f2df8de6870a87d0ad1b624e30 |
|
| /// File Name: |
SSRT071290.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with HP Jetdirect running ftp. The vulnerability could be exploited remotely to create a Denial of Service (DoS).
| | Homepage: | http://www.hp.com | | File Size: | 6137 | | Last Modified: | Jan 19 22:33:53 2007 |
| MD5 Checksum: | fed8320e215d7d4653023b9dc47b7404 |
|
| /// File Name: |
SSRT071296.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
| | Homepage: | http://www.hp.com | | File Size: | 9212 | | Last Modified: | Jan 19 20:53:35 2007 |
| MD5 Checksum: | dd704151be6181f79c1886b413b915c5 |
|
| /// File Name: |
sunbelt.txt |
Description:
|
The Sunbelt Kerio Personal Firewall versions 4.3.268 and below suffer from a DLL injection vulnerability.
| | Homepage: | http://www.matousec.com/ | | Related Exploit: | BTP00002P001SK.zip | | File Size: | 1472 | | Last Modified: | Jan 1 22:20:28 2007 |
| MD5 Checksum: | bac32757acafbef727cd4ad1324723d6 |
|
| /// File Name: |
SUSE-SA-2007-012.txt |
Description:
|
SUSE Security Announcement - This update fixes a remotely exploitable denial-of-service bug in squid that can be triggered by using special ftp:// URLs. Additionally the 10.2 package needed a fix for another DoS bug and for max_user_ip handling in ntlm_auth.
| | Homepage: | http://www.suse.com | | File Size: | 15758 | | Related CVE(s): | CVE-2007-0247, CVE-2007-0248 | | Last Modified: | Jan 24 01:43:50 2007 |
| MD5 Checksum: | 1a75a6823f4c2dac88eca047c2e5e9a3 |
|
| /// File Name: |
SUSE-SA-2007-013.txt |
Description:
|
SUSE Security Announcement - This update fixes several format string bugs that can be exploited remotely with user-assistance to execute arbitrary code. Since SUSE Linux version 10.1 format string bugs are not exploitable anymore.
| | Homepage: | http://www.suse.com | | File Size: | 17564 | | Related CVE(s): | CVE-2007-0017 | | Last Modified: | Jan 26 21:01:11 2007 |
| MD5 Checksum: | 61793c69535f7c4dfdcc2f5623e2654a |
|
| /// File Name: |
TA07-005A.txt |
Description:
|
Technical Cyber Security Alert TA07-005A - Apple QuickTime contains a buffer overflow in the handling of RTSP URLs. This can allow a remote attacker to execute arbitrary code on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3729 | | Related CVE(s): | CVE-2007-0015 | | Last Modified: | Jan 13 15:37:59 2007 |
| MD5 Checksum: | 41d2af62fb6d3fbc64c9094646af9019 |
|
| /// File Name: |
TA07-009A.txt |
Description:
|
Technical Cyber Security Alert - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Internet Explorer, Outlook, and Excel. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4157 | | Last Modified: | Jan 13 18:17:33 2007 |
| MD5 Checksum: | 80a44df90c7f0dae8971e98d4d49358c |
|
| /// File Name: |
TA07-009B.txt |
Description:
|
Technical Cyber Security Alert - The MIT Kerberos administration daemon contains two vulnerabilities that may allow a remote, unauthenticated attacker to execute arbitrary code.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4050 | | Last Modified: | Jan 13 18:21:07 2007 |
| MD5 Checksum: | fa3a69c24bdb412856f954e599c156ce |
|
| /// File Name: |
TA07-017A.txt |
Description:
|
Technical Cyber Security Alert TA07-017A - Oracle has released patches to address numerous vulnerabilities in different Oracle products. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 7135 | | Last Modified: | Jan 19 20:25:41 2007 |
| MD5 Checksum: | 328f37f91a4a0f569310a812317ad0c3 |
|
| /// File Name: |
TA07-023A.txt |
Description:
|
Technical Cyber Security Alert TA07-022A - The Sun Java Runtime Environment contains multiple vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4699 | | Related CVE(s): | CVE-2007-0243, CVE-2006-6745, CVE-2006-6731 | | Last Modified: | Jan 24 01:02:53 2007 |
| MD5 Checksum: | df63bd7196a34eb64e46552e6a6e821f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
