.:[ packet storm ]:. - http://packetstormsecurity.org/

Section: .. / 0708-advisories /

Page 4 of 24
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 >> Files 75 - 100 of 581

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	FreeBSD-SA-07-06.tcpdump.txt
Description:	FreeBSD Security Advisory - By crafting malicious BGP packets, an attacker could exploit a vulnerability in tcpdump allowing them to execute code or crash the process.
Homepage:	http://security.freebsd.org/
File Size:	4183
Related CVE(s):	CVE-2007-3798
Last Modified:	Aug 8 07:00:58 2007
MD5 Checksum:	1bd850f1efce8de400f13f7c5649dc81

/// File Name:	FreeBSD-SA-07-07.bind.txt
Description:	FreeBSD Security Advisory - An attacker who can see the query id for some request(s) sent by named(8) is likely to be able to perform DNS cache poisoning by predicting the query id for other request(s).
Homepage:	http://security.freebsd.org/
File Size:	5024
Related CVE(s):	CVE-2007-2926
Last Modified:	Aug 8 07:01:53 2007
MD5 Checksum:	1899f894331dbbaf028a86edf33311ce

/// File Name:	glsa-200708-01.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-01 - Mark Hills discovered some errors when interacting with a browser for keystrokes handling (CVE-2007-2022). Stefano Di Paola and Giorgio Fedon from Minded Security discovered a boundary error when processing FLV files (CVE-2007-3456). An input validation error when processing HTTP referrers has also been reported (CVE-2007-3457). Versions less than 9.0.48.0 are affected.
Homepage:	http://security.gentoo.org
File Size:	3119
Related CVE(s):	CVE-2007-2022, CVE-2007-3456, CVE-2007-3457
Last Modified:	Aug 9 03:07:10 2007
MD5 Checksum:	6b10fe9e49a4c53d83799e0f5245363d

/// File Name:	glsa-200708-02.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-02 - Trixter Jack discovered an array indexing error in the get_intra_block() function in the file src/bitstream/mbcoding.c. The get_inter_block_h263() and get_inter_block_mpeg() functions in the same file were also reported as vulnerable. Versions less than 1.1.3 are affected.
Homepage:	http://security.gentoo.org
File Size:	2680
Related CVE(s):	CVE-2007-3329
Last Modified:	Aug 9 03:10:17 2007
MD5 Checksum:	a31ce67035a391f9b578a38adae7cd7d

/// File Name:	glsa-200708-03.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-03 - CPNI, CERT-FI, Tim Kientzle, and Colin Percival reported a buffer overflow (CVE-2007-3641), an infinite loop (CVE-2007-3644), and a NULL pointer dereference (CVE-2007-3645) within the processing of archives having corrupted PaX extension headers. Versions less than 2.2.4 are affected.
Homepage:	http://security.gentoo.org
File Size:	3100
Related CVE(s):	CVE-2007-3641, CVE-2007-3644, CVE-2007-3645
Last Modified:	Aug 9 03:10:38 2007
MD5 Checksum:	d6d4b9c9d764f998fdea5b893712f6b4

/// File Name:	glsa-200708-04.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-04 - Metaeye Security Group reported a NULL pointer dereference in ClamAV when processing RAR archives. Versions less than 0.91 are affected.
Homepage:	http://security.gentoo.org
File Size:	2379
Related CVE(s):	CVE-2007-3725
Last Modified:	Aug 10 05:13:29 2007
MD5 Checksum:	420ac6f0b636359d5a7c7936079d8419

/// File Name:	glsa-200708-05.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-05 - Xavier Roche discovered an infinite loop in the gdPngReadData() function when processing a truncated PNG file. An integer overflow has been discovered in the gdImageCreateTrueColor() function. An error has been discovered in the function gdImageCreateXbm() function. Unspecified vulnerabilities have been discovered in the GIF reader. An error has been discovered when processing a GIF image that has no global color map. An array index error has been discovered in the file gd_gif_in.c when processing images with an invalid color index. An error has been discovered in the imagearc() and imagefilledarc() functions when processing overly large angle values. A race condition has been discovered in the gdImageStringFTEx() function. Versions less than 2.0.35 are affected.
Homepage:	http://security.gentoo.org
File Size:	3843
Related CVE(s):	CVE-2007-2756, CVE-2007-3472, CVE-2007-3473, CVE-2007-3474, CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2007-3478
Last Modified:	Aug 10 05:16:58 2007
MD5 Checksum:	ef5b7a4d0bdacff83b141f10984ea08e

/// File Name:	glsa-200708-06.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-06 - hjp discovered an error when handling DNS query IDs which make them partially predictable. Steffen Ullrich discovered an error in the dn_expand() function which could lead to an endless loop. Versions less than 0.60 are affected.
Homepage:	http://security.gentoo.org
File Size:	2702
Related CVE(s):	CVE-2007-3377, CVE-2007-3409
Last Modified:	Aug 14 03:32:37 2007
MD5 Checksum:	d3cd689f865ff74af2e3ef5120ccc28b

/// File Name:	glsa-200708-07.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-07 - Lasse Karkkainen discovered that the function terminal_helper_execute() in file terminal-helper.c does not properly escape the URIs before processing. Versions less than 0.2.6_p25931 are affected.
Homepage:	http://security.gentoo.org
File Size:	2678
Related CVE(s):	CVE-2007-3770
Last Modified:	Aug 14 03:32:58 2007
MD5 Checksum:	8a06442279241f7b22bb7b0ca2368350

/// File Name:	glsa-200708-08.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-08 - The functions deletekey(), gpg_check_sign_pgp_mime() and gpg_recv_key() used in the SquirrelMail G/PGP encryption plugin do not properly escape user-supplied data. Versions less than 1.4.10a-r2 are affected.
Homepage:	http://security.gentoo.org
File Size:	3125
Related CVE(s):	CVE-2005-1924, CVE-2006-4169
Last Modified:	Aug 14 03:33:17 2007
MD5 Checksum:	1db27123a22496b63e2abbb26675a784

/// File Name:	glsa-200708-09.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-09 - Mozilla developers fixed several bugs, including an issue with modifying XPCNativeWrappers, a problem with event handlers executing elements outside of the document, and a cross-site scripting (XSS) vulnerability. They also fixed a problem with promiscuous IFRAME access and an XULRunner URL spoofing issue with the wyciwyg:// URI and HTTP 302 redirects. Denials of Service involving corrupted memory were fixed in the browser engine and the JavaScript engine. Finally, another XSS vulnerability caused by a regression in the CVE-2007-3089 patch was fixed. Versions less than 2.0.0.6 are affected.
Homepage:	http://security.gentoo.org/
File Size:	5968
Related CVE(s):	CVE-2007-3089, CVE-2007-3656, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738, CVE-2007-3844
Last Modified:	Aug 15 06:39:21 2007
MD5 Checksum:	644a817d047e617caf2ae4057ff42c67

/// File Name:	glsa-200708-10.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-10 - Dormando reported a vulnerability within the handling of password packets in the connection protocol. Andrei Elkin also found that the CREATE TABLE LIKE command didn't require SELECT privileges on the source table. Versions less than 5.0.44 are affected.
Homepage:	http://security.gentoo.org/
File Size:	2788
Related CVE(s):	CVE-2007-3780, CVE-2007-3781
Last Modified:	Aug 17 08:06:22 2007
MD5 Checksum:	ee0149052460245ae2cdba93d6f42499

/// File Name:	glsa-200708-11.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-11 - Stefan Esser discovered errors with evidence of memory corruption in the code parsing the headers. Several independent researchers also reported errors involving the handling of HTTP headers, the mod_auth and mod_scgi modules, and the limitation of active connections. Versions less than 1.4.16 are affected.
Homepage:	http://security.gentoo.org
File Size:	3153
Related CVE(s):	CVE-2007-3946, CVE-2007-3947, CVE-2007-3948, CVE-2007-3949, CVE-2007-3950
Last Modified:	Aug 17 08:06:36 2007
MD5 Checksum:	9bd27ce7a20101b5b936e1a7c226f9cb

/// File Name:	glsa-200708-12.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-12 - Wireshark doesn't properly handle chunked encoding in HTTP responses, iSeries capture files, certain types of DCP ETSI packets, and SSL or MMS packets. An off-by-one error has been discovered in the DHCP/BOOTP dissector when handling DHCP-over-DOCSIS packets. Versions less than 0.99.6 are affected.
Homepage:	http://security.gentoo.org/
File Size:	3313
Related CVE(s):	CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3393
Last Modified:	Aug 17 08:07:59 2007
MD5 Checksum:	cc88b54041517dcd6ccb51035dc695b2

/// File Name:	glsa-200708-13.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-13 - Amit Klein from Trusteer reported that the random number generator of ISC BIND leads, half the time, to predictable (1 chance to 8) query IDs in the resolver routine or in zone transfer queries. Additionally, the default configuration file has been strengthen with respect to the allow-recursion{} and the allow-query{} options. Versions less than 9.4.1_p1 are affected.
Homepage:	http://security.gentoo.org/
File Size:	3519
Related CVE(s):	CVE-2007-2925, CVE-2007-2926
Last Modified:	Aug 20 03:44:52 2007
MD5 Checksum:	cffd6d1ac35b3bf07e61abba385f8390

/// File Name:	glsa-200708-14.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-14 - Gregory Shikhman discovered that the default Gentoo setup of NVIDIA drivers creates the /dev/nvidia* with insecure file permissions. Versions less than 100.14.09 are affected.
Homepage:	http://security.gentoo.org
File Size:	2639
Related CVE(s):	CVE-2007-3532
Last Modified:	Aug 20 03:45:07 2007
MD5 Checksum:	f20cced36e21293cafa8e11dd3f11e89

/// File Name:	glsa-200708-15.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-15 - Apache mod_jk decodes the URL within Apache before passing them to Tomcat, which decodes them a second time. Versions less than 1.2.23 are affected.
Homepage:	http://security.gentoo.org
File Size:	2431
Related CVE(s):	CVE-2007-1860
Last Modified:	Aug 20 03:45:34 2007
MD5 Checksum:	5135360d85d7e6b7f56d63cc1919854f

/// File Name:	glsa-200708-16.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-16 - Tim Brown of Portcullis Computer Security Ltd and Dirk Mueller of KDE reported multiple format string errors in qWarning() calls in files qtextedit.cpp, qdatatable.cpp, qsqldatabase.cpp, qsqlindex.cpp, qsqlrecord.cpp, qglobal.cpp, and qsvgdevice.cpp. Versions less than 3.3.8-r3 are affected.
Homepage:	http://security.gentoo.org
File Size:	2638
Related CVE(s):	CVE-2007-3388
Last Modified:	Aug 24 03:27:38 2007
MD5 Checksum:	44e3de01d12520f59c6ed84624ce890e

/// File Name:	glsa-200708-17.txt
Description:	Gentoo Linux Security Advisory GLSA 200708-17 - An error known as a virtual function call on an invalid pointer has been discovered in the JavaScript engine. Furthermore, iDefense Labs reported that an already-freed pointer may be still used under unspecified circumstances in the BitTorrent support. At last, minor other errors have been discovered, relative to memory read protection (Opera Advisory 861) and URI displays. Versions less than 9.23 are affected.
Homepage:	http://security.gentoo.org/
File Size:	3493
Related CVE(s):	CVE-2007-3142, CVE-2007-3819, CVE-2007-3929, CVE-2007-4367
Last Modified:	Aug 24 03:28:38 2007
MD5 Checksum:	d8561958b8a8d45ae0895de9887829c7

/// File Name:	hispasec-unreal.txt
Description:	HISPASEC Security Advisory - X-Diesel Unreal Commander version 0.92 suffers from name spoofing and directory traversal vulnerabilities.
Author:	Gynvael Coldwind
Homepage:	http://blog.hispasec.com/lab/
File Size:	3239
Last Modified:	Aug 24 03:16:53 2007
MD5 Checksum:	a7b9943a9c61d14e729bad7f2035bcea

/// File Name:	HPSBMA02235.txt
Description:	HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Internet Service (OVIS) running Shared Trace Service on HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited to execute arbitrary code.
Homepage:	http://www.hp.com
File Size:	6650
Last Modified:	Aug 14 06:00:32 2007
MD5 Checksum:	51bc5f9d668bed43e2e0bfdf1adff919

/// File Name:	HPSBMA02237.txt
Description:	HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Performance Agent (OVPA) running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code.
Homepage:	http://www.hp.com
File Size:	6829
Last Modified:	Aug 14 06:01:47 2007
MD5 Checksum:	499d4cfe7e864bce4079df7a29f0db80

/// File Name:	HPSBMA02238.txt
Description:	HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Reporter running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code.
Homepage:	http://www.hp.com
File Size:	5515
Last Modified:	Aug 14 06:02:35 2007
MD5 Checksum:	ac288ad97d25f61b550dc2496729119a

/// File Name:	HPSBMA02239.txt
Description:	HP Security Bulletin - A potential security vulnerability has been identified in HP OpenView Operations (OVO) Agents running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code.
Homepage:	http://www.hp.com
File Size:	8732
Last Modified:	Aug 14 06:03:16 2007
MD5 Checksum:	c37e3ec73f9dbfb81720bb650d48b155

/// File Name:	HPSBMA02241.txt
Description:	HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Service Quality Manager (OV SQM) running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code.
Homepage:	http://www.hp.com
File Size:	6556
Last Modified:	Aug 14 06:03:54 2007
MD5 Checksum:	ceddbaa056765285681986b355c7775c

/// Last 10 Files

[ Last 20 | Last 50 | Last 100 ]

/// Last 10 Advisories

[ Last 20 | Last 50 | Last 100 ]

/// Last 10 Exploits

[ Last 20 | Last 50 | Last 100 ]

/// Last 10 Tools

[ Last 20 | Last 50 | Last 100 ]

/// Last 10 Misc

[ Last 20 | Last 50 | Last 100 ]