Section: .. / 0705-advisories /
| /// File Name: |
cabright-help.txt |
Description:
|
CA is aware that two functional exploit code samples were publicized on May 16, 2007. These two denial of service exploits are associated with vulnerabilities in CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe.
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 1715 | | Last Modified: | May 17 04:33:55 2007 |
| MD5 Checksum: | fb0c6a521acccd5bd50ad4e8d0b6006b |
|
| /// File Name: |
CAID-35330-35331.txt |
Description:
|
CA Anti-Virus for the Enterprise, CA Threat Manager, and CA Anti-Spyware contain multiple vulnerabilities that can allow an attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 4855 | | Related OSVDB(s): | 34585,34586 | | Related CVE(s): | CVE-2007-2522, CVE-2007-2523 | | Last Modified: | May 12 04:38:41 2007 |
| MD5 Checksum: | abb122f45d905c9827d43ba0d53a8675 |
|
| /// File Name: |
cisco-sa-20070502-asa.txt |
Description:
|
Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco Adaptive Security Appliance (ASA) and PIX security appliances. These vulnerabilities include two Lightweight Directory Access Protocol (LDAP) authentication bypass vulnerabilities and two denial of service (DoS) vulnerabilities.
| | Homepage: | http://www.cisco.com/ | | File Size: | 25655 | | Last Modified: | May 3 09:41:36 2007 |
| MD5 Checksum: | b1f9337bacb853a0e04956396719779d |
|
| /// File Name: |
cisco-sa-20070509-iosftp.txt |
Description:
|
Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco IOS File Transfer Protocol (FTP) Server feature. These vulnerabilities include Denial of Service, improper verification of user credentials and the ability to read or write any file in the device's filesystem, including the device's saved configuration, which may include passwords or other sensitive information.
| | Homepage: | http://www.cisco.com/ | | File Size: | 26707 | | Last Modified: | May 10 05:51:47 2007 |
| MD5 Checksum: | 791578dc6480cac0bd73f4d88fbef5d1 |
|
| /// File Name: |
cisco-sa-20070522-crypto.txt |
Description:
|
Cisco Security Advisory - A vulnerability has been discovered in a third party cryptographic library which is used by a number of Cisco products. This vulnerability may be triggered when a malformed Abstract Syntax Notation One (ASN.1) object is parsed. Due to the nature of the vulnerability it may be possible, in some cases, to trigger this vulnerability without a valid certificate or valid application-layer credentials (such as a valid username or password). Successful repeated exploitation of any of these vulnerabilities may lead to a sustained Denial-of-Service (DoS). However, vulnerabilities are not known to compromise either the confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow an attacker will not be able to decrypt any previously encrypted information.
| | Homepage: | http://www.cisco.com/ | | File Size: | 50903 | | Related CVE(s): | CVE-2006-3894 | | Last Modified: | May 23 07:09:57 2007 |
| MD5 Checksum: | 64938b2f1372fada115a7dd016695a2a |
|
| /// File Name: |
cisco-sa-20070522-SSL.txt |
Description:
|
Cisco Security Advisory - Cisco IOS device may crash while processing malformed Secure Sockets Layer (SSL) packets. In order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL protocol exchange with the vulnerable device. Successful repeated exploitation of any of these vulnerabilities may lead to a sustained Denial-of-Service (DoS). However, vulnerabilities are not known to compromise either the confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow an attacker will not be able to decrypt any previously encrypted information.
| | Homepage: | http://www.cisco.com/ | | File Size: | 53832 | | Last Modified: | May 23 07:12:02 2007 |
| MD5 Checksum: | 046365c9408891641728dd9d4ef424e7 |
|
| /// File Name: |
cmgs-plain.txt |
Description:
|
A serious security flaw is present in Credant Mobile Guardian Shield for Windows versions 5.2.1.105 and prior. Several instances of the users Windows Domain name, Domain username, and password are stored in plain text within the memory (RAM) of the mobile device. This risk is compounded by the fact that the Windows paging file is not encrypted per default settings. The unencrypted paging file would likely contain the plain text Windows Domain credentials as well.
| | Author: | Mike Iacovacci | | File Size: | 2725 | | Last Modified: | May 30 22:43:59 2007 |
| MD5 Checksum: | 639db5372851ab5e33bda00468c915c3 |
|
| /// File Name: |
communigate-xss.txt |
Description:
|
Stalker CommuniGate Pro versions 5.1.8 and below suffer from a persistent cross site scripting vulnerability.
| | Homepage: | http://www.scanit.be/ | | File Size: | 2178 | | Last Modified: | May 15 07:39:34 2007 |
| MD5 Checksum: | 07003fcdb462cabd39b3f44fc0aa0603 |
|
| /// File Name: |
deutsche-bypass.txt |
Description:
|
A design flaw exists in the login process of the web interface of the Speedport w700v DLS Router and Wireless LAN Access Point of Deutsche Telekom that might lead to unauthorized access.
| | Author: | Michael Domberg | | Homepage: | http://www.devtarget.org/ | | File Size: | 2926 | | Last Modified: | May 12 04:47:37 2007 |
| MD5 Checksum: | 45a74e9074dcea5abfb9316e246d30da |
|
| /// File Name: |
dsa-1281-2.txt |
Description:
|
Debian Security Advisory 1281-2 - On 25 April, the Debian Security Team released clamav 0.90.1-3etch1, an update to the Clam anti-virus toolkit, to address several vulnerabilities. Unfortunately, there was an error in the updated packages and CVE-2007-2029, a file descriptor leak in the PDF document handler, was not properly fixed in Debian 4.0 (etch) or the Debian testing distribution (lenny).
| | Homepage: | http://www.debian.org/security | | File Size: | 15916 | | Related CVE(s): | CVE-2007-2029 | | Last Modified: | May 23 06:31:15 2007 |
| MD5 Checksum: | 492588824ef5cc820221a67dde763282 |
|
| /// File Name: |
dsa-1287-1.txt |
Description:
|
Debian Security Advisory 1287-1 - Two vulnerabilities have been identified in the version of ldap-account-manager shipped with Debian 3.1 (sarge). An untrusted PATH vulnerability could allow a local attacker to execute arbitrary code with elevated privileges by providing a malicious rm executable and specifying a PATH environment variable referencing this executable. Improper escaping of HTML content could allow an attacker to execute a cross-site scripting attack (XSS) and execute arbitrary code in the victim's browser in the security context of the affected web site.
| | Homepage: | http://www.debian.org/security | | File Size: | 3378 | | Related CVE(s): | CVE-2006-7191, CVE-2007-1840 | | Last Modified: | May 8 11:02:29 2007 |
| MD5 Checksum: | 47c3422532d28391639acdfef89b5cf0 |
|
| /// File Name: |
dsa-1288-1.txt |
Description:
|
Debian Security Advisory 1288-1 - It was discovered that the PoPToP Point to Point Tunneling Server contains a programming error, which allows the tear-down of a PPTP connection through a malformed GRE packet, resulting in denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 6397 | | Related CVE(s): | CVE-2007-0244 | | Last Modified: | May 10 03:43:30 2007 |
| MD5 Checksum: | a14b7fc739049a2723d4bec220d3656e |
|
| /// File Name: |
dsa-1289-1.txt |
Description:
|
Debian Security Advisory 1289-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 37514 | | Related CVE(s): | CVE-2007-1496, CVE-2007-1497, CVE-2007-1861 | | Last Modified: | May 15 07:48:03 2007 |
| MD5 Checksum: | aa26a2d339a1d2e6a053d8edeb795ca5 |
|
| /// File Name: |
dsa-1290-1.txt |
Description:
|
Debian Security Advisory 1290-1 - It was discovered that the webmail package Squirrelmail performs insufficient sanitising inside the HTML filter, which allows the injection of arbitrary web script code during the display of HTML email messages.
| | Homepage: | http://www.debian.org/security | | File Size: | 3753 | | Related CVE(s): | CVE-2007-1262 | | Last Modified: | May 15 07:49:44 2007 |
| MD5 Checksum: | 380801c28dc6877788aa739cf229138e |
|
| /// File Name: |
dsa-1291-1.txt |
Description:
|
Debian Security Advisory 1291-1 - Several issues have been identified in Samba, the SMB/CIFS file and print server implementation for GNU/Linux. When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal security stack may result in a transition to the root user id rather than the non-root user. The user is then able to temporarily issue SMB/CIFS protocol operations as the root user. This window of opportunity may allow the attacker to establish addition means of gaining root access to the server. Various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data. Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution
| | Homepage: | http://www.debian.org/security | | File Size: | 19272 | | Related CVE(s): | CVE-2007-2444, CVE-2007-2446, CVE-2007-2447 | | Last Modified: | May 17 03:51:46 2007 |
| MD5 Checksum: | abe8236f5ffb6e401b46583bc92e37e5 |
|
| /// File Name: |
dsa-1291-2.txt |
Description:
|
Debian Security Advisory 1291-2 - Various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data. Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution.
| | Homepage: | http://www.debian.org/security | | File Size: | 24189 | | Related CVE(s): | CVE-2007-2446, CVE-2007-2447 | | Last Modified: | May 21 04:47:15 2007 |
| MD5 Checksum: | bd00f0426584818823ae786c91fe45a4 |
|
| /// File Name: |
dsa-1291-3.txt |
Description:
|
Debian Security Advisory 1291-3 - The security update for CVE-2007-2444 introduced a regression in the handling of the "force group" share parameter if the forced group is a local Unix group for domain member servers. This update fixes this regression.
| | Homepage: | http://www.debian.org/security | | File Size: | 21001 | | Related CVE(s): | CVE-2007-2444, CVE-2007-2446, CVE-2007-2447 | | Last Modified: | May 22 03:58:32 2007 |
| MD5 Checksum: | 1ff6e301b3553e7c9b79d510fead0938 |
|
| /// File Name: |
dsa-1292-1.txt |
Description:
|
Debian Security Advisory 1292-1 - Andreas Nolden discovered a bug in the UTF8 decoding routines in qt4-x11, a C++ GUI library framework, that could allow remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters.
| | Homepage: | http://www.debian.org/security | | File Size: | 17503 | | Related CVE(s): | CVE-2007-0242 | | Last Modified: | May 17 04:18:16 2007 |
| MD5 Checksum: | 12a7b7221ee6b51883cf8a3d510ec1d1 |
|
| /// File Name: |
dsa-1293-1.txt |
Description:
|
Debian Security Advisory 1293-1 - Paul Jakma discovered that specially crafted UPDATE messages can trigger an out of boundary read that can result in a system crash of quagga, the BGP/OSPF/RIP routing daemon.
| | Homepage: | http://www.debian.org/security | | File Size: | 7915 | | Related CVE(s): | CVE-2007-1995 | | Last Modified: | May 21 04:44:19 2007 |
| MD5 Checksum: | 02fe5b809432ed3d4b6d91c2d20229b5 |
|
| /// File Name: |
dsa-1295-1.txt |
Description:
|
Debian Security Advisory 1295-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 40480 | | Related CVE(s): | CVE-2007-2509, CVE-2007-2510 | | Last Modified: | May 22 03:40:08 2007 |
| MD5 Checksum: | 8571f744590f17fca69a2b36a006a226 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
