Section: .. / 0701-advisories /
| /// File Name: |
oracle-4.txt |
Description:
|
The Oracle Database Server provides the DBMS_REPCAT_UNTRUSTED package that can be used to administer a replicated environment. This package contains the procedure UNREGISTER_SNAPSHOT which is vulnerable to buffer overflow attacks.
| | Homepage: | http://www.appsecinc.com/ | | File Size: | 2327 | | Last Modified: | Jan 26 22:00:24 2007 |
| MD5 Checksum: | 7f7dbe72bc9222e1c0d5fe5efdc4ffd7 |
|
| /// File Name: |
oracle-3.txt |
Description:
|
The Oracle Database Server provides the MDSYS.MD package that is used in the Oracle Spatial component. These packages contain many public procedures that are vulnerable to buffer overflow and denial of service attacks.
| | Homepage: | http://www.appsecinc.com/ | | File Size: | 2338 | | Last Modified: | Jan 26 21:59:59 2007 |
| MD5 Checksum: | 9f64e41f2ecd5b7b793a8920c01ba5dd |
|
| /// File Name: |
oracle-2.txt |
Description:
|
The Oracle Database Server provides the DBMS_LOGMNR package that contains procedures used to initialize the LogMiner tool. This package contains the procedure ADD_LOGFILE which is vulnerable to buffer overflow attacks.
| | Homepage: | http://www.appsecinc.com/ | | File Size: | 2315 | | Last Modified: | Jan 26 21:59:31 2007 |
| MD5 Checksum: | eea0706ed5c842c047b120a62eb8c46d |
|
| /// File Name: |
oracle-1.txt |
Description:
|
The Oracle Database Server provides the DBMS_DRS package that includes procedures used in Oracle Data Guard. This package contains the function GET_PROPERTY which is vulnerable to buffer overflow attacks.
| | Homepage: | http://www.appsecinc.com/ | | File Size: | 2303 | | Last Modified: | Jan 26 21:59:05 2007 |
| MD5 Checksum: | 1844076621023b56b018cd7fbd2f0068 |
|
| /// File Name: |
4tphi-sa-20070111-communityserver.t..> |
Description:
|
The Telligent Community Server versions 2.1 and below suffer from a remote denial of service condition.
| | Author: | Blake Matheny | | File Size: | 2773 | | Last Modified: | Jan 26 21:57:26 2007 |
| MD5 Checksum: | e009707e3d4cbcbed0dfda7184e1eb7a |
|
| /// File Name: |
4tphi-sa-20070111-wordpress.txt |
Description:
|
WordPress suffers from a resource consumption issue.
| | Author: | Blake Matheny | | File Size: | 4515 | | Last Modified: | Jan 26 21:56:22 2007 |
| MD5 Checksum: | bc79ffa791e8305720d65671b89461dc |
|
| /// File Name: |
4tphi-sa-20070111-pingback.txt |
Description:
|
The pingback specification suffers from a weakness.
| | Author: | Blake Matheny | | File Size: | 4575 | | Last Modified: | Jan 26 21:55:07 2007 |
| MD5 Checksum: | 37a2fb39bde3c981a1a74ef0d7f341ad |
|
| /// File Name: |
ZDI-07-006.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of Citrix Presentation Server, Metaframe Presentation Server or MetaFrame XP. Authentication is not required to exploit this vulnerability.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2926 | | Related CVE(s): | CVE-2007-0444 | | Last Modified: | Jan 26 21:34:15 2007 |
| MD5 Checksum: | e9efacaacf35961b818bbb09ab39a5c1 |
|
| /// File Name: |
glsa-200701-21.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200701-21 - The Kerberos administration daemon, and possibly other applications using the GSS-API or RPC libraries, could potentially call a function pointer in a freed heap buffer, or attempt to free an uninitialized pointer. Versions less than 1.5.2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2691 | | Last Modified: | Jan 26 21:33:21 2007 |
| MD5 Checksum: | 416aaab898c19734ca136b7c4382147e |
|
| /// File Name: |
cisco-sa-20070124-crafted-ip-option..> |
Description:
|
Cisco Security Advisory - Cisco routers and switches running Cisco IOS\256 or Cisco IOS XR software may be vulnerable to a remotely exploitable crafted IP option Denial of Service (DoS) attack. Exploitation of the vulnerability may potentially allow for arbitrary code execution. The vulnerability may be exploited after processing an Internet Control Message Protocol (ICMP) packet, Protocol Independent Multicast version 2 (PIMv2) packet, Pragmatic General Multicast (PGM) packet, or URL Rendezvous Directory (URD) packet containing a specific crafted IP option in the packet's IP header. No other IP protocols are affected by this issue.
| | Homepage: | http://www.cisco.com/ | | File Size: | 71315 | | Last Modified: | Jan 26 21:31:45 2007 |
| MD5 Checksum: | 577fd50627b0f80c7885e9f61dbd8439 |
|
| /// File Name: |
cisco-sa-20070124-IOS-IPv6.txt |
Description:
|
Cisco Security Advisory - Processing a specially crafted IPv6 Type 0 Routing header can crash a device running Cisco IOS software. This vulnerability does not affect IPv6 Type 2 Routing header which is used in mobile IPv6. IPv6 is not enabled by default in Cisco IOS.
| | Homepage: | http://www.cisco.com/ | | File Size: | 62324 | | Last Modified: | Jan 26 21:31:00 2007 |
| MD5 Checksum: | dcea7c1cf3bf61e222409a766a302c5f |
|
| /// File Name: |
cisco-sa-20070124-crafted-tcp.txt |
Description:
|
Cisco Security Advisory - The Cisco IOS Transmission Control Protocol (TCP) listener in certain versions of Cisco IOS software is vulnerable to a remotely-exploitable memory leak that may lead to a denial of service condition. This vulnerability only applies to traffic destined to the Cisco IOS device. Traffic transiting the Cisco IOS device will not trigger this vulnerability.
| | Homepage: | http://www.cisco.com/ | | File Size: | 63855 | | Last Modified: | Jan 26 21:29:42 2007 |
| MD5 Checksum: | 37c32831dda7d34aac95c6c587bb9175 |
|
| /// File Name: |
CAID-34993.txt |
Description:
|
CA BrightStor ARCserve Backup for Laptops and Desktops contains multiple overflow conditions that can allow a remote attacker to cause a denial of service, or execute arbitrary code with local SYSTEM privileges on Windows.
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 3682 | | Related CVE(s): | CVE-2007-0449 | | Last Modified: | Jan 26 21:28:52 2007 |
| MD5 Checksum: | 778a6c8c49578990337d5114dc1d826f |
|
| /// File Name: |
secunia-nctaudio.txt |
Description:
|
Secunia Research has discovered a vulnerability in Sienzo Digital Music Mentor, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the NCTAudioFile2.AudioFile ActiveX control when handling the "SetFormatLikeSample()" method. This can be exploited to cause a stack-based buffer overflow by passing an overly long string (about 4124 bytes) as argument to the affected method. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4412 | | Related CVE(s): | CVE-2007-0018 | | Last Modified: | Jan 26 21:27:54 2007 |
| MD5 Checksum: | 653733f576a247106884021025e51381 |
|
| /// File Name: |
secunia-nctsoft.txt |
Description:
|
Secunia Research has discovered a vulnerability in NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll) when handling the "SetFormatLikeSample()" method. This can be exploited to cause a stack-based buffer overflow by passing an overly long string (about 4124 bytes) as argument to the affected method. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website.
| | Homepage: | http://secunia.com/ | | File Size: | 5145 | | Related CVE(s): | CVE-2007-0018 | | Last Modified: | Jan 26 21:26:46 2007 |
| MD5 Checksum: | b0b414036a232efdde1d0233ff38d46b |
|
| /// File Name: |
SUSE-SA-2007-013.txt |
Description:
|
SUSE Security Announcement - This update fixes several format string bugs that can be exploited remotely with user-assistance to execute arbitrary code. Since SUSE Linux version 10.1 format string bugs are not exploitable anymore.
| | Homepage: | http://www.suse.com | | File Size: | 17564 | | Related CVE(s): | CVE-2007-0017 | | Last Modified: | Jan 26 21:01:11 2007 |
| MD5 Checksum: | 61793c69535f7c4dfdcc2f5623e2654a |
|
| /// File Name: |
wbv265-sql.txt |
Description:
|
Website Baker version 2.6.5 suffers from a SQL injection flaw.
| | Author: | Rolf Huisman | | File Size: | 1563 | | Last Modified: | Jan 26 20:56:30 2007 |
| MD5 Checksum: | 7a7836c4083198eb731d162709a1deb0 |
|
| /// File Name: |
sa23475.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23475/ | | File Size: | 2863 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | e9b8deecdc4a630af6e125d593d608a6 |
|
| /// File Name: |
sa23493.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Aurora Media Workshop, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23493/ | | File Size: | 2357 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | 83005ac3c1bcb4b5f631d5a169d7b07b |
|
| /// File Name: |
sa23511.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in various J. Hepple products, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23511/ | | File Size: | 3005 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | 48a14a4c2e00a56ccb69b6abdaf36a96 |
|
| /// File Name: |
sa23530.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in iMesh, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23530/ | | File Size: | 2314 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | 3d44bec95cee687d7229ee8357885b8b |
|
| /// File Name: |
sa23532.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in two Quikscribe products, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23532/ | | File Size: | 2458 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | ac7356e6437c472ca03d83de3f225193 |
|
| /// File Name: |
sa23534.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in various R.M. de Boer Software products, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23534/ | | File Size: | 2390 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | c0c32eb7ee91767f922f3bc7ee23cbb4 |
|
| /// File Name: |
sa23535.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in CDBurnerXP Pro, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23535/ | | File Size: | 2389 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | 9d4679b5ada6cee0fe4618aa8609c57c |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
