Section: .. / 0701-advisories /
| /// File Name: |
sa23910.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for vlc. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23910/ | | File Size: | 2125 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | 4f8ca055aefacd8c5354edc62d92f93b |
|
| /// File Name: |
sa23773.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for w3m. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/23773/ | | File Size: | 2124 | | Last Modified: | Jan 15 20:56:26 2007 |
| MD5 Checksum: | 13b0fb91552008a6c8892fce63f06989 |
|
| /// File Name: |
sa23876.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for poppler. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/23876/ | | File Size: | 2124 | | Last Modified: | Jan 23 22:46:18 2007 |
| MD5 Checksum: | 7e8904cc2fd5289cda24b73107138815 |
|
| /// File Name: |
sa23946.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for squid. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/23946/ | | File Size: | 2124 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | 2340d0bda7e103b2b99dbec5f64b6dfc |
|
| /// File Name: |
sa23935.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for gtk. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/23935/ | | File Size: | 2112 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | 5169311c28117a3d49f2e241d214b7c2 |
|
| /// File Name: |
DRUPAL-SA-2007-005.txt |
Description:
|
Drupal security advisory - Previews on comments were not passed through normal form validation routines, enabling users with the 'post comments' permission and access to more than one input filter to execute arbitrary code. Affected include Drupal 4.7.x versions before Drupal 4.7.6 and Drupal 5.x versions before Drupal 5.1.
| | Author: | Uwe Hermann | | Homepage: | http://drupal.org/security | | File Size: | 2063 | | Last Modified: | Jan 30 22:55:27 2007 |
| MD5 Checksum: | ed1adc7b529116a1736f9a8e799514d0 |
|
| /// File Name: |
remedy-enumerate.txt |
Description:
|
Remedy Action Request System 5.01.02 Patch 1267 suffers from a user enumeration flaw.
| | Author: | Davide Del Vecchio | | File Size: | 1985 | | Last Modified: | Jan 15 22:18:02 2007 |
| MD5 Checksum: | 128de2028e47400f8ccccb2a900abda6 |
|
| /// File Name: |
DRUPAL-SA-2007-002.txt |
Description:
|
Drupal security advisory - The way page caching was implemented allows a denial of service attack. An attacker has to have the ability to post content on the site. He or she would then be able to poison the page cache, so that it returns cached 404 page not found errors for existing pages. If the page cache is not enabled, your site is not vulnerable. The vulnerability only affects sites running on top of MySQL.
| | Author: | Uwe Hermann | | Homepage: | http://drupal.org/security | | File Size: | 1974 | | Last Modified: | Jan 6 19:33:00 2007 |
| MD5 Checksum: | 4ee5ccf0b9c894440a06c49e399edf6f |
|
| /// File Name: |
DRUPAL-SA-2007-001.txt |
Description:
|
Drupal security advisory - A few arguments passed via URLs are not properly sanitized before display. When an attacker is able to entice an administrator to follow a specially crafted link, arbitrary HTML and script code can be injected and executed in the victim's session. Such an attack may lead to administrator access if certain conditions are met.
| | Author: | Uwe Hermann | | Homepage: | http://drupal.org/security | | File Size: | 1914 | | Last Modified: | Jan 6 19:32:24 2007 |
| MD5 Checksum: | c63802f3ddcacfd814fb71e3b5b7048f |
|
| /// File Name: |
pre2007-00018659.txt |
Description:
|
Digital Armaments Pre-Advisory - A vulnerability exists in expand_stack() of the grsecurity patch. This vulnerability is only locally exploitable.
| | Homepage: | http://www.digitalarmaments.com/ | | File Size: | 1822 | | Last Modified: | Jan 13 19:30:12 2007 |
| MD5 Checksum: | 4d2bd1c0a9ca0e501dd9a20690d3ce25 |
|
| /// File Name: |
lds-18.txt |
Description:
|
A format string vulnerability has been discovered within BitDefender Client Professional Plus build 8.02.
| | Author: | Deral Heiland | | Homepage: | http://www.LayeredDefense.com | | File Size: | 1749 | | Last Modified: | Jan 19 22:51:24 2007 |
| MD5 Checksum: | 133280dc130ba6c0ed48e28b6f9afd8c |
|
| /// File Name: |
advisory-20070115-1.txt |
Description:
|
KDE Security Advisory - kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a vulnerability that can cause denial of service (infinite loop) via a PDF file that contains a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.
| | Homepage: | http://www.kde.org/ | | File Size: | 1623 | | Related CVE(s): | CVE-2007-0104 | | Last Modified: | Jan 19 19:34:01 2007 |
| MD5 Checksum: | 95c0d517b8844c6347f9d9e5a09bbab7 |
|
| /// File Name: |
earthlink-activex.txt |
Description:
|
Earthlink TotalAccess suffers from an unsafe method call that allows remote attackers to add entire individual e-mail addresses or entire domains to the spam whitelist.
| | Author: | Ethan Hunt | | File Size: | 1611 | | Last Modified: | Jan 26 22:32:09 2007 |
| MD5 Checksum: | d433f72d84e7c858ff023856ccf0ed0f |
|
| /// File Name: |
wbv265-sql.txt |
Description:
|
Website Baker version 2.6.5 suffers from a SQL injection flaw.
| | Author: | Rolf Huisman | | File Size: | 1563 | | Last Modified: | Jan 26 20:56:30 2007 |
| MD5 Checksum: | 7a7836c4083198eb731d162709a1deb0 |
|
| /// File Name: |
USN-398-3.txt |
Description:
|
Ubuntu Security Notice 398-3 - USN-398-1 fixed vulnerabilities in Firefox. Due to the updated version, a flaw was uncovered in the Firefox Themes bundle, which erroneously reported to be incompatible with the updated Firefox. This update fixes the problem. Various flaws have been reported in Firefox that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page containing JavaScript or SVG.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 1562 | | Related CVE(s): | CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6504, CVE-2006-6506, CVE-2006-6507 | | Last Modified: | Jan 5 02:33:57 2007 |
| MD5 Checksum: | c1a0488095d1b8b4ba2005f12142ee72 |
|
| /// File Name: |
sunbelt.txt |
Description:
|
The Sunbelt Kerio Personal Firewall versions 4.3.268 and below suffer from a DLL injection vulnerability.
| | Homepage: | http://www.matousec.com/ | | Related Exploit: | BTP00002P001SK.zip | | File Size: | 1472 | | Last Modified: | Jan 1 22:20:28 2007 |
| MD5 Checksum: | bac32757acafbef727cd4ad1324723d6 |
|
| /// File Name: |
yim-xss.txt |
Description:
|
Yahoo! Messenger versions 8.1.0.29 and below suffer from a javascript injection flaw.
| | Author: | Hai Nam Luke | | File Size: | 1469 | | Last Modified: | Jan 26 23:30:12 2007 |
| MD5 Checksum: | 27d35218f889720d1bc6ff53479c97f6 |
|
| /// File Name: |
packeteer-overflow.txt |
Description:
|
Packeteer PacketWise version 8.x suffers from a buffer overflow vulnerability.
| | Author: | kian.mohageri | | File Size: | 1222 | | Last Modified: | Jan 13 17:00:35 2007 |
| MD5 Checksum: | a4064b9a49e40719409775538d94e237 |
|
| /// File Name: |
advisory-20070109-1.txt |
Description:
|
KDE Security Advisory - On 2006-12-27, a proof of concept for arbitrary code execution in ksirc was published by Federico L. Bossi Bonin. The published exploit triggers an assertion in ksirc and results in a a NULL pointer dereference (crash) for non-debug builds.
| | Homepage: | http://www.kde.org/ | | File Size: | 1176 | | Related CVE(s): | CVE-2006-6811 | | Last Modified: | Jan 13 17:58:56 2007 |
| MD5 Checksum: | 73ea504d4316742e96a7fb34d2963443 |
|
| /// File Name: |
wp206-disclose.txt |
Description:
|
WordPress versions 2.1Alpha and 2.0.6 and below suffer from information disclosure flaws.
| | Author: | Xy7 | | File Size: | 1138 | | Last Modified: | Jan 13 19:46:03 2007 |
| MD5 Checksum: | cc236f8888abfb5c3e73eee74af3c454 |
|
| /// File Name: |
mythcontrol.txt |
Description:
|
MythControl versions 1.0 and below suffer from an arbitrary code execution vulnerability.
| | Author: | sapheal | | File Size: | 1133 | | Last Modified: | Jan 1 21:47:33 2007 |
| MD5 Checksum: | 1e8c174016c747373cae2b773afd06b8 |
|
| /// File Name: |
phpmm-xss.txt |
Description:
|
PHP Membership Manager version 1.5 suffers from a cross site scripting condition.
| | Author: | Doz | | Homepage: | http://www.hackerscenter.com/ | | File Size: | 1071 | | Last Modified: | Jan 26 23:31:04 2007 |
| MD5 Checksum: | b0f350e5e7c837064fc9a3c6078d436b |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
