Section: .. / 0710-advisories /
| /// File Name: |
USN-501-2.txt |
Description:
|
Ubuntu Security Notice 501-2 - USN-501-1 fixed vulnerabilities in Jasper. This update provides the corresponding update for the Jasper internal to Ghostscript. It was discovered that Jasper did not correctly handle corrupted JPEG2000 images. By tricking a user into opening a specially crafted JPG, a remote attacker could cause the application using libjasper to crash, resulting in a denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 9150 | | Related CVE(s): | CVE-2007-2721 | | Last Modified: | Oct 22 23:54:11 2007 |
| MD5 Checksum: | bef4672949983b7fb996479d908d2631 |
|
| /// File Name: |
USN-534-1.txt |
Description:
|
Ubuntu Security Notice 534-1 - Andy Polyakov discovered that the DTLS implementation in OpenSSL was vulnerable. A remote attacker could send a specially crafted connection request to services using DTLS and execute arbitrary code with the service's privileges. There are no known Ubuntu applications that are currently using DTLS.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 16635 | | Related CVE(s): | CVE-2007-4995 | | Last Modified: | Oct 22 23:53:09 2007 |
| MD5 Checksum: | 3117c8dc3a3b0c45760d154d0cd66ccd |
|
| /// File Name: |
USN-533-1.txt |
Description:
|
Ubuntu Security Notice 533-1 - Ludwig Nussel discovered that mount and umount did not properly drop privileges when using helper programs. Local attackers may be able to bypass security restrictions and gain root privileges using programs such as mount.nfs or mount.cifs.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 12797 | | Related CVE(s): | CVE-2007-5191 | | Last Modified: | Oct 22 23:52:24 2007 |
| MD5 Checksum: | 43cdabef17197796a0e6ed65fa2805b4 |
|
| /// File Name: |
USN-532-1.txt |
Description:
|
Ubuntu Security Notice 532-1 - Nobuhiro Ban discovered that check_http in nagios-plugins did not properly sanitize its input when following redirection requests. A malicious remote web server could cause a denial of service or possibly execute arbitrary code as the user. Aravind Gottipati discovered that sslutils.c in nagios-plugins did not properly reset pointers to NULL. A malicious remote web server could cause a denial of service. Aravind Gottipati discovered that check_http in nagios-plugins did not properly calculate how much memory to reallocate when following redirection requests. A malicious remote web server could cause a denial of service.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4191 | | Related CVE(s): | CVE-2007-5198 | | Last Modified: | Oct 22 23:50:36 2007 |
| MD5 Checksum: | e91105e1fb6b720a07b26dddb3a591bf |
|
| /// File Name: |
USN-531-1.txt |
Description:
|
Ubuntu Security Notice 531-1 - Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not correctly handle certain client options. A remote attacker could send malicious DHCP replies to the server and execute arbitrary code.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 14112 | | Related CVE(s): | CVE-2007-5365 | | Last Modified: | Oct 22 23:49:49 2007 |
| MD5 Checksum: | f26d95797f689c3fc1c1129bfd38d570 |
|
| /// File Name: |
firefoxzaptel-dos.txt |
Description:
|
Firefox version 2.0.0.7 suffers from a remote denial of service vulnerability and Zaptel version 1.4.5.1 suffers from a local buffer overflow vulnerability.
| | Author: | Michal Bucko, Tomasz Polis | | Homepage: | http://www.eleytt.com/ | | File Size: | 4375 | | Last Modified: | Oct 22 23:19:33 2007 |
| MD5 Checksum: | a1b3c76dbcb4a803b71f3f3e10ad3237 |
|
| /// File Name: |
glsa-200710-22.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200710-22 - Stefan Monnier discovered that the tramp-make-tramp-temp-file() function creates temporary files in an insecure manner. Versions less than 2.1.10-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2748 | | Related CVE(s): | CVE-2007-5377 | | Last Modified: | Oct 22 23:03:32 2007 |
| MD5 Checksum: | f166958b9a4cde932253608d697b0550 |
|
| /// File Name: |
glsa-200710-21.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200710-21 - ShAnKaR reported that input passed to the f array parameter in tiki-graph_formula.php is not properly verified before being used to execute PHP functions. Versions less than 1.9.8.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2559 | | Related CVE(s): | CVE-2007-5423 | | Last Modified: | Oct 22 23:03:17 2007 |
| MD5 Checksum: | 162f2019a5b6dbf429d311822edf5d0e |
|
| /// File Name: |
sa27344.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for tikiwiki. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27344/ | | File Size: | 2022 | | Last Modified: | Oct 22 22:43:18 2007 |
| MD5 Checksum: | d885bafe93ed2f43a690dd05b99dc947 |
|
| /// File Name: |
sa27343.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for tramp. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/27343/ | | File Size: | 2046 | | Last Modified: | Oct 22 22:42:59 2007 |
| MD5 Checksum: | ab9353178f7d31dad621bc1f17c97376 |
|
| /// File Name: |
sa27298.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for Mozilla Firefox. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27298/ | | File Size: | 3255 | | Last Modified: | Oct 22 22:42:45 2007 |
| MD5 Checksum: | 9e82abe113b614b0c93ffda5998c0c2d |
|
| /// File Name: |
sa27329.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27329/ | | File Size: | 2764 | | Last Modified: | Oct 22 22:42:45 2007 |
| MD5 Checksum: | 42c68ef50c4c4923b815956b6330460d |
|
| /// File Name: |
sa27330.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for openssl. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27330/ | | File Size: | 2515 | | Last Modified: | Oct 22 22:42:45 2007 |
| MD5 Checksum: | 45736bbe9bea76fd1e14f6faaef0540c |
|
| /// File Name: |
sa27336.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xulrunner. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27336/ | | File Size: | 24016 | | Last Modified: | Oct 22 22:42:45 2007 |
| MD5 Checksum: | dcd6adbb11c5656e8f8f00be065d340a |
|
| /// File Name: |
sa27348.txt |
Description:
|
Secunia Security Advisory - InATeam has reported some vulnerabilities in Vanilla, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/27348/ | | File Size: | 2304 | | Last Modified: | Oct 22 22:42:45 2007 |
| MD5 Checksum: | 3515d40827f63df0ab92ec8123f8b702 |
|
| /// File Name: |
sa27327.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, conduct phishing attacks, manipulate certain data and compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27327/ | | File Size: | 3016 | | Last Modified: | Oct 22 18:55:04 2007 |
| MD5 Checksum: | b4a38ad0e551889558c06086552eabca |
|
| /// File Name: |
sa27271.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges, and by malicious people to conduct spoofing attacks, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27271/ | | File Size: | 3192 | | Last Modified: | Oct 22 18:54:34 2007 |
| MD5 Checksum: | f53b4d5547947e1d70d012f872311be7 |
|
| /// File Name: |
sa27276.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27276/ | | File Size: | 2768 | | Last Modified: | Oct 22 18:54:34 2007 |
| MD5 Checksum: | b42f5677985bda85e378f3a3f09a546c |
|
| /// File Name: |
sa27316.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Nagios, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/27316/ | | File Size: | 2250 | | Last Modified: | Oct 22 18:54:34 2007 |
| MD5 Checksum: | 6be63bec4ef78643d73ee90ba12a42a1 |
|
| /// File Name: |
sa27325.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27325/ | | File Size: | 2682 | | Last Modified: | Oct 22 18:54:34 2007 |
| MD5 Checksum: | 1f5cef876631fd9f8b9ffc400dd4c51d |
|
| /// File Name: |
sa27326.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for icedove. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27326/ | | File Size: | 15221 | | Last Modified: | Oct 22 18:54:34 2007 |
| MD5 Checksum: | 0c3bd2c1e7ad93a48b2ee13a8c16266d |
|
| /// File Name: |
sa27337.txt |
Description:
|
Secunia Security Advisory - Aria-Security has reported a vulnerability in ASP Site Search SearchSimon Lite, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/27337/ | | File Size: | 2318 | | Last Modified: | Oct 22 18:54:34 2007 |
| MD5 Checksum: | d5562cfa355d06dd70fe47d0f6558833 |
|
| /// File Name: |
sa27346.txt |
Description:
|
Secunia Security Advisory - Michael Brooks has reported some vulnerabilities in Simple Machines Forum, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/27346/ | | File Size: | 2427 | | Last Modified: | Oct 22 18:54:34 2007 |
| MD5 Checksum: | 8dfd1e4f44ac86cce4d71429c7dd906f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
