Section: .. / 0712-advisories /
| /// File Name: |
SSRT061261.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to execute arbitrary code with the permissions of the NNM server.
| | Homepage: | http://www.hp.com/ | | File Size: | 7681 | | Related CVE(s): | CVE-2007-6204 | | Last Modified: | Dec 7 13:08:15 2007 |
| MD5 Checksum: | 85e069e026e75fadfb5da36308648a58 |
|
| /// File Name: |
SSRT071333.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running rpc.yppasswdd. The vulnerability could be exploited remotely to create a denial of service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 6606 | | Related CVE(s): | CVE-2007-6419 | | Last Modified: | Dec 20 16:25:51 2007 |
| MD5 Checksum: | 702d19ba1b6eac8371807d6d1f2aa2ff |
|
| /// File Name: |
SSRT071451.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX applications running DCE such as Software Distributor (SD). The vulnerability could be exploited remotely to create a denial of service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 6638 | | Related CVE(s): | CVE-2007-6195 | | Last Modified: | Dec 13 17:56:41 2007 |
| MD5 Checksum: | c5fdc8116ee8af5a63f95b835d6af576 |
|
| /// File Name: |
SSRT071452.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with the HP Tru64 UNIX Operating System running FFM (File-on-File Mounting File System). The vulnerability could be exploited by a local, authorized user to cause a Denial of Service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 6359 | | Last Modified: | Dec 20 16:26:26 2007 |
| MD5 Checksum: | 113c47e2d29c865a681e44eff840de47 |
|
| /// File Name: |
SSRT071494.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP Select Identity. The vulnerability could be exploited remotely to gain unauthorized access.
| | Homepage: | http://www.hp.com/ | | File Size: | 5418 | | Related CVE(s): | CVE-2007-6194 | | Last Modified: | Dec 5 23:12:40 2007 |
| MD5 Checksum: | d13bdc793452435d6d81aa0d4d33f6e3 |
|
| /// File Name: |
SSRT071502.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with the HP Quick Launch Button (QLB) software running on Windows. The vulnerability could be exploited remotely to execute arbitrary code or to gain privileged access.
| | Homepage: | http://www.hp.com/ | | File Size: | 6734 | | Related CVE(s): | CVE-2007-6331, CVE-2007-6332, CVE-2007-6333 | | Last Modified: | Dec 17 20:24:27 2007 |
| MD5 Checksum: | 80ea31203b6b91cb16508db40df1656d |
|
| /// File Name: |
SSRT071504.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running OpenSSL. The vulnerability could be exploited remotely to execute arbitrary code.
| | Homepage: | http://www.hp.com/ | | File Size: | 7176 | | Related CVE(s): | CVE-2007-4995 | | Last Modified: | Dec 13 17:57:13 2007 |
| MD5 Checksum: | f7c42212c5895b6e0c7827b3cf5fe9f5 |
|
| /// File Name: |
SSRT071506.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
| | Homepage: | http://www.hp.com/ | | File Size: | 10217 | | Last Modified: | Dec 18 19:49:42 2007 |
| MD5 Checksum: | ec540f39ed29c2d99cd206fe55621a3c |
|
| /// File Name: |
SSRT071508.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP Software Update running on Windows. The vulnerability could exploited remotely to execute arbitrary code or gain privileged access.
| | Homepage: | http://www.hp.com/ | | File Size: | 6119 | | Related CVE(s): | CVE-2007-6506 | | Last Modified: | Dec 24 14:53:06 2007 |
| MD5 Checksum: | 2aabb7206f69f5ba539b12ed6732a4bf |
|
| /// File Name: |
SUSE-SA-2007-065.txt |
Description:
|
SUSE Security Announcement - Secunia Research has reported a bug in function reply_netbios_packet() that allowed remote attackers to execute arbitrary code by sending specially crafted WINS "Name Registration" requests followed by a WINS "Name Query" request packet. The exploitable code in samba can only be reached if the option "wins support" was enabled. Another bug reported by Secunia Research affected the processing of GETDC mailslot request in nmbd. This error can also be exploited remotely to execute arbitrary code, but only if samba was configured as Primary or Backup Domain Controller.
| | Homepage: | http://www.suse.com | | File Size: | 39102 | | Related CVE(s): | CVE-2007-4572, CVE-2007-5398 | | Last Modified: | Dec 7 12:50:19 2007 |
| MD5 Checksum: | bf30e29987d3f708bc1c72c9e184b784 |
|
| /// File Name: |
SUSE-SA-2007-068.txt |
Description:
|
SUSE Security Announcement - The Samba suite is an open-source implementation of the SMB protocol. This update of samba fixes a buffer overflow in function send_mailslot() that allows remote attackers to overwrite the stack with 0 (via memset(3)) by sending specially crafted SAMLOGON packets.
| | Homepage: | http://www.suse.com | | File Size: | 38640 | | Related CVE(s): | CVE-2007-6015 | | Last Modified: | Dec 12 14:21:14 2007 |
| MD5 Checksum: | 82308caf56f9dc3eeeb3831af2756513 |
|
| /// File Name: |
TA07-345A.txt |
Description:
|
Technical Cyber Security Alert TA07-345A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary commands.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3511 | | Last Modified: | Dec 11 23:21:47 2007 |
| MD5 Checksum: | 0f1d3965bbb2e88d1b17e41da33d7deb |
|
| /// File Name: |
TA07-352A.txt |
Description:
|
Technical Cyber Security Alert TA07-352A - Apple has released Security Update 2007-009 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, surreptitiously initiate a video conference, or cause a denial of service.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3529 | | Last Modified: | Dec 19 19:43:04 2007 |
| MD5 Checksum: | 52f701e59f72437dd4248cc3806d126b |
|
| /// File Name: |
TA07-355A.txt |
Description:
|
Technical Cyber Security Alert TA07-355A - Adobe has released Security bulletin APSB07-20 to address multiple vulnerabilities affecting Adobe Flash Player. Attackers could exploit these vulnerabilities to execute arbitrary code, perform DNS rebinding and cross-site scripting attacks, conduct port scans, or cause a denial of service.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3662 | | Related CVE(s): | CVE-2007-4324 | | Last Modified: | Dec 24 14:48:38 2007 |
| MD5 Checksum: | 61df0f87d13a920e2aabb547a985ad50 |
|
| /// File Name: |
tikiwikicms-xss.txt |
Description:
|
Tikiwiki CMS version 1.9.8.3 suffers from a cross site scripting vulnerability.
| | Author: | H-Security Labs | | Homepage: | http://h-labs.org/ | | File Size: | 2199 | | Last Modified: | Dec 24 18:57:13 2007 |
| MD5 Checksum: | f522cdaed92eebabcaa2574c25f382d6 |
|
| /// File Name: |
tk53-clamav.txt |
Description:
|
TK53 Advisory 2 - Multiple vulnerabilities exist in ClamAV version 0.92 including a race condition and bypass flaws.
| | Author: | Roflek, Lolek | | File Size: | 7766 | | Last Modified: | Dec 31 16:26:46 2007 |
| MD5 Checksum: | e18caa0c092d7067ea71b97be00c10c7 |
|
| /// File Name: |
TPTI-07-21.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
| | Author: | Aaron Portnay | | Homepage: | http://www.tippingpoint.com/ | | File Size: | 1645 | | Related CVE(s): | CVE-2007-6242 | | Last Modified: | Dec 19 21:09:06 2007 |
| MD5 Checksum: | 471b8be534d4bd287dd4dc8a2886b641 |
|
| /// File Name: |
twit-eval.txt |
Description:
|
The Twitgit and Twitterlex widgets are susceptible to an insecure use of eval().
| | Author: | Thomas Roessler | | File Size: | 1540 | | Last Modified: | Dec 5 22:51:05 2007 |
| MD5 Checksum: | b593c71934e7794aae60a7dd4124ecc0 |
|
| /// File Name: |
uber-upload.txt |
Description:
|
Uber Uploader versions 5.3.6 and below suffer from a remote file upload vulnerability.
| | Author: | JosS | | Homepage: | http://www.spanish-hackers.com/ | | File Size: | 1732 | | Last Modified: | Dec 17 21:18:28 2007 |
| MD5 Checksum: | 23779cbba8bb1a5097810d8a1b0a4136 |
|
| /// File Name: |
USN-546-2.txt |
Description:
|
Ubuntu Security Notice 546-2 - USN-546-1 fixed vulnerabilities in Firefox. The upstream update included a faulty patch which caused the drawImage method of the canvas element to fail.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 21728 | | Related CVE(s): | CVE-2007-5947, CVE-2007-5959, CVE-2007-5960 | | Last Modified: | Dec 5 23:24:18 2007 |
| MD5 Checksum: | 13b757256e5685b4c55ffd9bb75d453e |
|
| /// File Name: |
USN-549-2.txt |
Description:
|
Ubuntu Security Notice 549-2 - USN-549-1 fixed vulnerabilities in PHP. However, some upstream changes were incomplete, which caused crashes in certain situations with Ubuntu 7.10.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 16308 | | Related CVE(s): | CVE-2007-1285, CVE-2007-2872, CVE-2007-3799, CVE-2007-3998, CVE-2007-4657, CVE-2007-4658, CVE-2007-4660, CVE-2007-4661, CVE-2007-4662, CVE-2007-4670, CVE-2007-5898, CVE-2007-5899 | | Last Modified: | Dec 4 00:32:01 2007 |
| MD5 Checksum: | 883dbe5e47179ed899e41fa2ee7f295e |
|
| /// File Name: |
USN-550-1.txt |
Description:
|
Ubuntu Security Notice 550-1 - Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 16053 | | Related CVE(s): | CVE-2007-5503 | | Last Modified: | Dec 4 00:33:23 2007 |
| MD5 Checksum: | 5975ff335956b85fe3c414e8ffa19e1b |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
