Section: .. / 0707-advisories /
| /// File Name: |
sa26114.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported for various Oracle products. Some of these have unknown impacts, while others can be exploited to bypass certain security restrictions and conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/26114/ | | File Size: | 4357 | | Last Modified: | Jul 19 04:44:59 2007 |
| MD5 Checksum: | fd282142ff5812e5008a1428ae2bd84c |
|
| /// File Name: |
n.runs-SA-2007.019.txt |
Description:
|
Panda Antivirus suffers from a buffer overflow vulnerability when parsing .EXE files.
| | Author: | Sergio Alvarez | | Homepage: | http://www.nruns.com/ | | File Size: | 4339 | | Last Modified: | Jul 23 06:05:10 2007 |
| MD5 Checksum: | 86013db58c55550dc8f1820ff870690a |
|
| /// File Name: |
TS-2007-001-0.txt |
Description:
|
Template Security has discovered a serious denial of service vulnerability in the BlueCat Networks Adonis DNS/DHCP Appliance. When XHA is configured to place two Adonis servers in an active-passive pair to provide high availability, a remote attacker can transmit a single UDP datagram to crash the heartbeat control process. This can be used for example to create an active/active condition in the cluster pair.
| | Author: | forloop, defaultroute | | File Size: | 4319 | | Last Modified: | Jul 31 08:03:54 2007 |
| MD5 Checksum: | 93327c040982d60f65ac09b19795f2e6 |
|
| /// File Name: |
ZDI-07-044.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of BakBone NetVault Reporter. User interaction is not required to exploit this vulnerability. BakBone NetVault Reporter version 3.5 prior to Update4 is susceptible.
| | Author: | Tenable Network Security | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 4275 | | Related CVE(s): | CVE-2007-3911 | | Last Modified: | Jul 26 07:26:04 2007 |
| MD5 Checksum: | 51d457a83d1c128abf33d53e47450e09 |
|
| /// File Name: |
sa25914.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gsambad. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/25914/ | | File Size: | 4272 | | Last Modified: | Jul 3 01:11:38 2007 |
| MD5 Checksum: | cc8aa069e423eaecaa2dab6418e658c9 |
|
| /// File Name: |
sa26143.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities and a security issue have been reported in Citrix Access Gateway, which can be exploited by malicious people to disclose sensitive information, conduct cross-site request forgery attacks, or to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26143/ | | File Size: | 4257 | | Last Modified: | Jul 21 04:11:22 2007 |
| MD5 Checksum: | e0af09b2ffe490459d07c2fb517b5b40 |
|
| /// File Name: |
sa25995.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25995/ | | File Size: | 4246 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | cb760173688a95f0c5c0e806debab95c |
|
| /// File Name: |
dsa-1329-1.txt |
Description:
|
Debian Security Advisory 1329-1 - Steve Kemp from the Debian Security Audit project discovered that gfax, a GHOME frontend for fax programs, uses temporary files in an unsafe manner which may be exploited to execute arbitrary commands with the privileges of the root user.
| | Homepage: | http://www.debian.org/security | | File Size: | 4244 | | Related CVE(s): | CVE-2007-2839 | | Last Modified: | Jul 7 07:30:34 2007 |
| MD5 Checksum: | 158302df130286d8ef486084f519bdd0 |
|
| /// File Name: |
TA07-191A.txt |
Description:
|
Technical Cyber Security Alert TA07-191A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Excel, Publisher, .NET Framework, Internet Information Services, and Windows Vista Firewall. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4213 | | Last Modified: | Jul 11 10:49:24 2007 |
| MD5 Checksum: | 3ba69b3268d35605b44ae45334dbd5d9 |
|
| /// File Name: |
07.18.07-1.txt |
Description:
|
iDefense Security Advisory 07.18.07 - Exploitation of an input validation vulnerability in Microsoft Corp.'s DirectX library could allow an attacker to execute arbitrary code in the context of the current user. The vulnerability specifically exists in the way RLE compressed Targa format image files are opened. The Targa format allows multiple color depths and image storage options, depths and image storage options, and includes the ability to use run-length encoding (RLE), compression on the image data. This is a compression method which finds a 'run' of the pixels the same color and instead of storing the value multiple times, encodes the number of times to repeat one value. For example, instead of storing 'AAAAAAAA', it may encode that into 'store "A" 8 times'. The buffer allocated for the image data is based on the width, height and color depth stored in the image, but when decoding this type of file, no checks against writing past the end of the buffer are performed. If the encoding specifies more data than has been allocated, a controlled heap overflow can occur. iDefense has confirmed that libraries in Microsoft's DirectX SDK (February 2006) are vulnerable, as are the DirectX End User Runtimes (February 2006). It is suspected that previous versions are also affected, including the DirectX 9.0c End User Runtimes.
| | Author: | Ruben Santamarta | | Homepage: | http://www.idefense.com/ | | File Size: | 4179 | | Related CVE(s): | CVE-2006-4183 | | Last Modified: | Jul 19 05:26:22 2007 |
| MD5 Checksum: | 90bae1472730b5cdfd52dc955a5da8ea |
|
| /// File Name: |
TA07-192A.txt |
Description:
|
Technical Cyber Security Alert TA07-192A - There are critical vulnerabilities in Adobe Flash player and related software. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4175 | | Last Modified: | Jul 12 04:09:46 2007 |
| MD5 Checksum: | 2849962a8d6cbd7e802dea568dc4d748 |
|
| /// File Name: |
SYMSA-2007-006.txt |
Description:
|
Symantec Vulnerability Research SYMSA-2007-006 - The Citrix Access Gateway suffers from a vulnerability where any executable module can be downloaded and executed.
| | Author: | Michael White | | Homepage: | http://www.symantec.com/research | | File Size: | 4147 | | Related CVE(s): | CVE-2007-3679 | | Last Modified: | Jul 21 04:16:01 2007 |
| MD5 Checksum: | 04e13641bf63fe30023d44e24e9ff7eb |
|
| /// File Name: |
07.11.07-3.txt |
Description:
|
iDefense Security Advisory 07.11.07 - Remote exploitation of a command injection vulnerability in the G/PGP Encryption Plugin for The SquirrelMail Project Team's SquirrelMail webmail package allows attackers to execute arbitrary commands with the privileges of the underlying web server. The deleteKey() functionality is affected. iDefense has confirmed the existence of this vulnerability in the latest version of the G/PGP Encryption Plugin for SquirrelMail, version 2.1. Furthermore, this vulnerability has been confirmed to exist as early as version 2.0. Other versions may be affected.
| | Homepage: | http://www.idefense.com/ | | File Size: | 4131 | | Related CVE(s): | CVE-2005-1924 | | Last Modified: | Jul 12 04:16:02 2007 |
| MD5 Checksum: | a3ae17003817196eef6b310ecb3a4e2c |
|
| /// File Name: |
USN-483-1.txt |
Description:
|
Ubuntu Security Notice 483-1 - Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers. This could allow remote attackers to carry out DNS spoofing, leading to possible man-in-the-middle attacks. Steffen Ullrich discovered that the Net::DNS Perl module did not correctly detect recursive compressed responses. A remote attacker could send a specially crafted packet, causing applications using Net::DNS to crash or monopolize CPU resources, leading to a denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4124 | | Related CVE(s): | CVE-2007-3377, CVE-2007-3409 | | Last Modified: | Jul 14 01:19:24 2007 |
| MD5 Checksum: | 1ee28020e77f1222473434a7acd3442a |
|
| /// File Name: |
07.11.07-5.txt |
Description:
|
iDefense Security Advisory 07.11.07 - Remote exploitation of a command injection vulnerability in the G/PGP Encryption Plugin for The SquirrelMail Project Team's SquirrelMail webmail package allows attackers to execute arbitrary commands with the privileges of the underlying web server. The gpg_recv_key() function is affected. iDefense has confirmed the existence of this vulnerability in the latest version of the G/PGP Encryption Plugin for SquirrelMail, version 2.1. Furthermore, this vulnerability has been confirmed to exist as early as version 2.0. Other versions may be affected.
| | Homepage: | http://www.idefense.com/ | | File Size: | 4123 | | Related CVE(s): | CVE-2005-1924 | | Last Modified: | Jul 12 04:18:10 2007 |
| MD5 Checksum: | 85ec03ca46e9372ff23ffb76b3929be5 |
|
| /// File Name: |
t1lib.txt |
Description:
|
T1Lib suffers from a buffer overflow vulnerability.
| | Author: | Hamid Ebadi | | Homepage: | http://www.bugtraq.ir/ | | File Size: | 4065 | | Last Modified: | Jul 28 04:32:50 2007 |
| MD5 Checksum: | f8dce01a5f9bfff8cd3dc692a044e4c0 |
|
| /// File Name: |
sa26083.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities and security issues, which can be exploited by malicious, local users to cause a DoS (Denial of Service), by malicious users to perform certain actions with escalated privileges and to compromise a vulnerable system, and by malicious people to cause a DoS, to gain knowledge of potentially sensitive information, and to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26083/ | | File Size: | 4055 | | Last Modified: | Jul 21 04:11:22 2007 |
| MD5 Checksum: | 831e5d17d7b1390c7ea0f699213497a6 |
|
| /// File Name: |
sitescape-xss.txt |
Description:
|
SiteScape Forum versions below 7.3 suffer form a cross site scripting vulnerability.
| | Author: | Marc Ruef | | Homepage: | http://www.scip.ch/ | | File Size: | 4040 | | Last Modified: | Jul 17 08:26:40 2007 |
| MD5 Checksum: | 8f91255d47204d82c9642d4331c95b49 |
|
| /// File Name: |
07.11.07-4.txt |
Description:
|
iDefense Security Advisory 07.11.07 - Remote exploitation of a command injection vulnerability in the G/PGP Encryption Plugin for The SquirrelMail Project Team's SquirrelMail webmail package allows attackers to execute arbitrary commands with the privileges of the underlying web server. The gpg_check_sign_pgp_mime() function is affected. iDefense has confirmed the existence of this vulnerability in version 2.0 of the G/PGP Encryption Plugin for SquirrelMail. It is suspected that earlier versions of the plug-in are also affected.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3997 | | Last Modified: | Jul 12 04:16:48 2007 |
| MD5 Checksum: | 8e44a3d654e323aa396d2fdf8751771e |
|
| /// File Name: |
MDKSA-2007-146.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw was discovered in the perl Net::DNS module in the way it generated the ID field in a DNS query. Because it is so predictable, a remote attacker could exploit this to return invalid DNS data. A denial of service vulnerability was found in how Net::DNS parsed certain DNS requests. A malformed response to a DNS request could cause the application using Net::DNS to crash or stop responding.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3978 | | Related CVE(s): | CVE-2007-3377, CVE-2007-3409 | | Last Modified: | Jul 13 23:55:31 2007 |
| MD5 Checksum: | 858a1ffee7d19abb06a54ea28e358ddb |
|
| /// File Name: |
07.16.07-1.txt |
Description:
|
iDefense Security Advisory 07.16.07 - Remote exploitation of a stack-based buffer overflow vulnerability in Trend Micro Inc.'s OfficeScan for Windows could allow attackers to execute arbitrary code with the privileges of the IIS Web User. The OfficeScan installation includes a series of CGI executables that are used for configuration through the Web interface. A shared library, CGIOCommon.dll, is used by many of these binaries to access environment variables passed to them from the parent IIS process. If a malicious Web request is made for a vulnerable binary, including an overly long session cookie, a stack-based Unicode buffer overflow will occur. iDefense has confirmed this vulnerability in OfficeScan 7.3 with all current patches applied. Testing has shown that this attack can be conducted by requesting multiple CGI binaries that make use of the shared library. Other versions are suspected to be vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3954 | | Related CVE(s): | CVE-2007-3454 | | Last Modified: | Jul 17 09:48:27 2007 |
| MD5 Checksum: | 690a05b37c2cbeba9b270c6c3cc72693 |
|
| /// File Name: |
avg-kernel.txt |
Description:
|
The AVG Antivirus core kernel mode service driver (avg7core.sys) provides functionality that under a default install allows an unprivileged user to write arbitrary data to arbitrary addresses. This issue has been verified as affecting AVG Free 7.5.446 and AVG Antivirus 7.5.448. The version of avg7core.sys in question is 7.5.0.444.
| | Author: | Jonathan Lindsay | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 3946 | | Last Modified: | Jul 12 03:32:19 2007 |
| MD5 Checksum: | 0c71d2c4e264c9ccdca1526d60432760 |
|
| /// File Name: |
rt-sa-2007-006.txt |
Description:
|
ActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a design flaw where it performs client side content filtering to restrict javascript insertion.
| | Homepage: | http://www.redteam-pentesting.de/ | | File Size: | 3872 | | Related CVE(s): | CVE-2007-3017 | | Last Modified: | Jul 14 00:22:13 2007 |
| MD5 Checksum: | 0ddb4bcd94e3a0f8bea6da9f484240bc |
|
| /// File Name: |
sa25967.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gfax. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/25967/ | | File Size: | 3826 | | Last Modified: | Jul 7 06:48:57 2007 |
| MD5 Checksum: | a3a6305148d4eaedf09f521e1a051dee |
|
| /// File Name: |
TA07-199A.txt |
Description:
|
Technical Cyber Security Alert TA07-199A - The Mozilla web browser and derived products contain several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3826 | | Last Modified: | Jul 19 05:23:56 2007 |
| MD5 Checksum: | 2901de1606f0f2ca8aa29e8e289c4b59 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
