Section: .. / 0909-advisories /
| /// File Name: |
AST-2009-006.txt |
Description:
|
Asterisk Project Security Advisory - The IAX2 protocol uses a call number to associate messages with the call that they belong to. However, the protocol defines the call number field in messages as a fixed size 15 bit field. So, if all call numbers are in use, no additional sessions can be handled. A call number gets created at the start of an IAX2 message exchange. So, an attacker can send a large number of messages and consume the call number space. The attack is also possible using spoofed source IP addresses as no handshake is required before a call number is assigned.
| | Author: | Russell Bryant | | Homepage: | http://www.asterisk.org/security | | File Size: | 12046 | | Related CVE(s): | CVE-2009-2346 | | Last Modified: | Sep 3 21:28:46 2009 |
| MD5 Checksum: | 0912cf05493bc73748727f4d8ca64471 |
|
| /// File Name: |
BMSA-2009-06.txt |
Description:
|
BKAV eOffice version 5.1.5 suffers from a remote code execution vulnerability.
| | Author: | Nam Nguyen | | Homepage: | http://www.bluemoon.com.vn/ | | File Size: | 3772 | | Last Modified: | Sep 1 23:49:28 2009 |
| MD5 Checksum: | e4ddeae4656b7e481893bd55bb4c0701 |
|
| /// File Name: |
cisco-sa-20090908-tcp24.txt |
Description:
|
Cisco Security Advisory - Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state, possibly indefinitely. If enough TCP connections are forced into a long-lived or indefinite state, resources on a system under attack may be consumed, preventing new TCP connections from being accepted. In some cases, a system reboot may be necessary to recover normal system operation. To exploit these vulnerabilities, an attacker must be able to complete a TCP three-way handshake with a vulnerable system. In addition to these vulnerabilities, Cisco Nexus 5000 devices contain a TCP DoS vulnerability that may result in a system crash. This additional vulnerability was found as a result of testing the TCP state manipulation vulnerabilities.
| | Homepage: | http://www.cisco.com/ | | File Size: | 138097 | | Related CVE(s): | CVE-2009-0627, CVE-2009-4609 | | Last Modified: | Sep 10 13:21:37 2009 |
| MD5 Checksum: | f2b79aa2212a70402fc65d8dc3df7b76 |
|
| /// File Name: |
cisco-sa-20090923-acl.txt |
Description:
|
Cisco Security Advisory - A vulnerability exists in Cisco IOS? software where an unauthenticated attacker could bypass access control policies when the Object Groups for Access Control Lists (ACLs) feature is used. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability other than disabling the Object Groups for ACLs feature.
| | Homepage: | http://www.cisco.com/ | | File Size: | 24116 | | Related CVE(s): | CVE-2009-2862 | | Last Modified: | Sep 23 22:37:43 2009 |
| MD5 Checksum: | a6471a122d25084a019a9c0a450278c9 |
|
| /// File Name: |
cisco-sa-20090923-auth-proxy.txt |
Description:
|
Cisco Security Advisory - Cisco IOS Software configured with Authentication Proxy for HTTP(S), Web Authentication or the consent feature, contains a vulnerability that may allow an unauthenticated session to bypass the authentication proxy server or bypass the consent webpage.
| | Homepage: | http://www.cisco.com/ | | File Size: | 105826 | | Related CVE(s): | CVE-2009-2863 | | Last Modified: | Sep 23 22:52:55 2009 |
| MD5 Checksum: | 12f37f98e5b0e23dbdcbe2d9ba816064 |
|
| /// File Name: |
cisco-sa-20090923-cm.txt |
Description:
|
Cisco Security Advisory - Cisco Unified Communications Manager, which was formerly Cisco Unified CallManager, contains a denial of service (DoS) vulnerability in the Session Initiation Protocol (SIP) service. An exploit of this vulnerability may cause an interruption in voice services.
| | Homepage: | http://www.cisco.com/ | | File Size: | 15749 | | Related CVE(s): | CVE-2009-2864 | | Last Modified: | Sep 23 22:36:06 2009 |
| MD5 Checksum: | 74ff7b52a1bbfb15fa2b5de150aca7b3 |
|
| /// File Name: |
cisco-sa-20090923-cme.txt |
Description:
|
Cisco Security Advisory - Cisco IOS devices that are configured for Cisco Unified Communications Manager Express (CME) and the Extension Mobility feature are vulnerable to a buffer overflow vulnerability. Successful exploitation of this vulnerability may result in the execution of arbitrary code or a Denial of Service (DoS) condition on an affected device.
| | Homepage: | http://www.cisco.com/ | | File Size: | 26705 | | Related CVE(s): | CVE-2009-2865 | | Last Modified: | Sep 23 22:39:07 2009 |
| MD5 Checksum: | c2c0477e5d0a50d4f8fc69fdfa1776d2 |
|
| /// File Name: |
cisco-sa-20090923-h323.txt |
Description:
|
Cisco Security Advisory - The H.323 implementation in Cisco IOS Software contains a vulnerability that can be exploited remotely to cause a device that is running Cisco IOS Software to reload. Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate the vulnerability apart from disabling H.323 if the device that is running Cisco IOS Software does not need to run H.323 for VoIP services.
| | Homepage: | http://www.cisco.com/ | | File Size: | 72188 | | Related CVE(s): | CVE-2009-2866 | | Last Modified: | Sep 23 22:40:55 2009 |
| MD5 Checksum: | c60cb3f5d46ac4dceef5dd19ee0fbe29 |
|
| /// File Name: |
cisco-sa-20090923-ios-fw.txt |
Description:
|
Cisco Security Advisory - Cisco IOS devices that are configured with Cisco IOS Zone-Based Policy Firewall Session Initiation Protocol (SIP) inspection are vulnerable to denial of service (DoS) attacks when processing a specific SIP transit packet. Exploitation of the vulnerability could result in a reload of the affected device.
| | Homepage: | http://www.cisco.com/ | | File Size: | 26393 | | Related CVE(s): | CVE-2009-2867 | | Last Modified: | Sep 23 22:44:26 2009 |
| MD5 Checksum: | 2fe423d4a3e9623da89038678a8e5f90 |
|
| /// File Name: |
cisco-sa-20090923-ipsec.txt |
Description:
|
Cisco Security Advisory - Cisco IOS devices that are configured for Internet Key Exchange (IKE) protocol and certificate based authentication are vulnerable to a resource exhaustion attack. Successful exploitation of this vulnerability may result in the allocation of all available Phase 1 security associations (SA) and prevent the establishment of new IPsec sessions.
| | Homepage: | http://www.cisco.com/ | | File Size: | 63990 | | Related CVE(s): | CVE-2009-2868 | | Last Modified: | Sep 23 22:50:08 2009 |
| MD5 Checksum: | 1e4aabba158cd2ef65f765bfa05e7403 |
|
| /// File Name: |
cisco-sa-20090923-ntp.txt |
Description:
|
Cisco Security Advisory - Cisco IOS Software with support for Network Time Protocol (NTP) version (v4) contains a vulnerability processing specific NTP packets that will result in a reload of the device. This results in a remote denial of service (DoS) condition on the affected device.
| | Homepage: | http://www.cisco.com/ | | File Size: | 32627 | | Related CVE(s): | CVE-2009-2869 | | Last Modified: | Sep 23 22:46:30 2009 |
| MD5 Checksum: | 96184d88f46f5db1b147d911f6f08695 |
|
| /// File Name: |
cisco-sa-20090923-sip.txt |
Description:
|
Cisco Security Advisory - A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that could allow an unauthenticated attacker to cause a denial of service (DoS) condition on an affected device when the Cisco Unified Border Element feature is enabled.
| | Homepage: | http://www.cisco.com/ | | File Size: | 45855 | | Related CVE(s): | CVE-2009-2870 | | Last Modified: | Sep 23 22:48:31 2009 |
| MD5 Checksum: | f5885d08fc873727da117ebb0adee11c |
|
| /// File Name: |
cisco-sa-20090923-tls.txt |
Description:
|
Cisco Security Advisory - Cisco IOS Software contains a vulnerability that could allow an attacker to cause a Cisco IOS device to reload by remotely sending a crafted encryption packet.
| | Homepage: | http://www.cisco.com/ | | File Size: | 48196 | | Related CVE(s): | CVE-2009-2871 | | Last Modified: | Sep 23 22:51:22 2009 |
| MD5 Checksum: | 3d4c0ba0520e1ad4cd9052dcf18e209a |
|
| /// File Name: |
cisco-sa-20090923-tunnels.txt |
Description:
|
Cisco Security Advisory - Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding.
| | Homepage: | http://www.cisco.com/ | | File Size: | 130890 | | Related CVE(s): | CVE-2009-2872, CVE-2009-2873 | | Last Modified: | Sep 23 22:54:23 2009 |
| MD5 Checksum: | ae2299499b8831dcb8f916ec1be6d191 |
|
| /// File Name: |
ciscoace-disclose.txt |
Description:
|
Cisco ACE XML Gateway versions 6.0 and below suffer from an internal IP address disclosure.
| | Author: | nitr0us | | File Size: | 9950 | | Last Modified: | Sep 25 22:13:09 2009 |
| MD5 Checksum: | e649f032dcfa6e9238f4338cebbed7fc |
|
| /// File Name: |
CVE-2009-1926_MS09-048.txt |
Description:
|
The TCP/IP-Stack of the Microsoft Windows XP/Vista Operating System is vulnerable to a remote resource exhaustion vulnerability. By taking advantage of this vulnerability, an attacker can cause a connection's Transmission Control Block (TCB) to remain in memory for an indefinite amount of time without the need for the attacker to further maintain the connection's activity.
| | Author: | Fabian Yamaguchi | | Homepage: | http://www.recurity-labs.com/ | | File Size: | 6826 | | Related CVE(s): | CVE-2009-1926 | | Last Modified: | Sep 10 15:37:05 2009 |
| MD5 Checksum: | a6db4b7c9fc168d5c98697fc58b7a950 |
|
| /// File Name: |
drupalbiblio-xss.txt |
Description:
|
The Drupal Bibliography module suffers from a cross site scripting vulnerability.
| | Author: | Black Packeteer | | File Size: | 687 | | Last Modified: | Sep 25 22:17:06 2009 |
| MD5 Checksum: | 3d486ace9a1432f07697d7b6fed03925 |
|
| /// File Name: |
dsa-1875-1.txt |
Description:
|
Debian Security Advisory 1875-1 - Josh Triplett discovered that the blacklist for potentially harmful TeX code of the teximg module of the Ikiwiki wiki compiler was incomplete, resulting in information disclosure.
| | Homepage: | http://www.debian.org/security | | File Size: | 2800 | | Related CVE(s): | CVE-2009-2944 | | Last Modified: | Sep 1 16:51:50 2009 |
| MD5 Checksum: | b4c53a1a69e06231bea1759690c491d0 |
|
| /// File Name: |
dsa-1877-1.txt |
Description:
|
Debian Security Advisory 1877-1 - In MySQL 4.0.0 through 5.0.83, multiple format string vulnerabilities in the dispatch_command() function in libmysqld/sql_parse.cc in mysqld allow remote authenticated users to cause a denial of service (daemon crash) and potentially the execution of arbitrary code via format string specifiers in a database name in a COM_CREATE_DB or COM_DROP_DB request.
| | Homepage: | http://www.debian.org/security | | File Size: | 21785 | | Related CVE(s): | CVE-2009-2446 | | Last Modified: | Sep 2 22:18:15 2009 |
| MD5 Checksum: | 873a47b09680e2a19114208c1aabc81d |
|
| /// File Name: |
dsa-1878-1.txt |
Description:
|
Debian Security Advisory 1878-1 - Raphael Geissert discovered that uscan, a program to check for availability of new source code versions which is part of the devscripts package, runs Perl code downloaded from potentially untrusted sources to implement its URL and version mangling functionality. This update addresses this issue by reimplementing the relevant Perl operators without relying on the Perl interpreter, trying to preserve backwards compatibility as much as possible.
| | Homepage: | http://www.debian.org/security | | File Size: | 7999 | | Related CVE(s): | CVE-2009-2946 | | Last Modified: | Sep 2 22:20:40 2009 |
| MD5 Checksum: | 1b27c41bc3131b0a7fdce32ed5dd7d45 |
|
| /// File Name: |
dsa-1878-2.txt |
Description:
|
Debian Security Advisory 1878-2 - Raphael Geissert discovered that uscan, a program to check for availability of new source code versions which is part of the devscripts package, runs Perl code downloaded from potentially untrusted sources to implement its URL and version mangling functionality. This update corrects regressions introduced by the devscripts security update, DSA-1878-1.
| | Homepage: | http://www.debian.org/security | | File Size: | 8123 | | Related CVE(s): | CVE-2009-2946 | | Last Modified: | Sep 11 17:50:02 2009 |
| MD5 Checksum: | 5ec96b664432122f4fff644b954ff3de |
|
| /// File Name: |
dsa-1879-1.txt |
Description:
|
Debian Security Advisory 1879-1 - Several vulnerabilities have been discovered in the software suite for the SILC protocol, a network protocol designed to provide end-to-end security for conferencing services.
| | Homepage: | http://www.debian.org/security | | File Size: | 14351 | | Related CVE(s): | CVE-2008-7159, CVE-2008-7160, CVE-2009-3051 | | Last Modified: | Sep 4 14:49:24 2009 |
| MD5 Checksum: | c3cd55a231279ef355dab6a2c67c556a |
|
| /// File Name: |
dsa-1881-1.txt |
Description:
|
Debian Security Advisory 1881-1 - It was discovered that the SIEVE component of cyrus-imapd, a highly scalable enterprise mail system, is vulnerable to a buffer overflow when processing SIEVE scripts. Due to incorrect use of the sizeof() operator an attacker is able to pass a negative length to snprintf() calls resulting in large positive values due to integer conversion. This causes a buffer overflow which can be used to elevate privileges to the cyrus system user. An attacker who is able to install SIEVE scripts executed by the server is therefore able to read and modify arbitrary email messages on the system.
| | Homepage: | http://www.debian.org/security | | File Size: | 36310 | | Last Modified: | Sep 7 13:27:26 2009 |
| MD5 Checksum: | 7d12070049cdacd89ac6cff57694ffd4 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
