Section: .. / 0701-advisories /
| /// File Name: |
TA07-005A.txt |
Description:
|
Technical Cyber Security Alert TA07-005A - Apple QuickTime contains a buffer overflow in the handling of RTSP URLs. This can allow a remote attacker to execute arbitrary code on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3729 | | Related CVE(s): | CVE-2007-0015 | | Last Modified: | Jan 13 15:37:59 2007 |
| MD5 Checksum: | 41d2af62fb6d3fbc64c9094646af9019 |
|
| /// File Name: |
sa23781.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for fetchmail. This fixes a security issue, which can be exploited by malicious people to gain sensitive information.
| | Homepage: | http://secunia.com/advisories/23781/ | | File Size: | 3727 | | Last Modified: | Jan 18 03:44:32 2007 |
| MD5 Checksum: | d590014798b90593f8c141a36ad24617 |
|
| /// File Name: |
sa23887.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in the Project issue tracking module for Drupal, which can be exploited by malicious users to bypass certain security restrictions, disclose sensitive information, manipulate data, compromise vulnerable systems or conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/23887/ | | File Size: | 3708 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | 8d5ed2afab7b11d757b96cb5a4f2aa0c |
|
| /// File Name: |
CAID-34993.txt |
Description:
|
CA BrightStor ARCserve Backup for Laptops and Desktops contains multiple overflow conditions that can allow a remote attacker to cause a denial of service, or execute arbitrary code with local SYSTEM privileges on Windows.
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 3682 | | Related CVE(s): | CVE-2007-0449 | | Last Modified: | Jan 26 21:28:52 2007 |
| MD5 Checksum: | 778a6c8c49578990337d5114dc1d826f |
|
| /// File Name: |
sa23804.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for fetchmail. This fixes a vulnerability and a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and malicious people to gain knowledge of sensitive information.
| | Homepage: | http://secunia.com/advisories/23804/ | | File Size: | 3682 | | Last Modified: | Jan 18 03:44:32 2007 |
| MD5 Checksum: | 46b01e85359961307baa8f1740cb64ee |
|
| /// File Name: |
OpenPKG-SA-2007.001.txt |
Description:
|
OpenPKG Security Advisory - Three vulnerabilities have been identified and exploited in the network monitoring and graphing frontend Cacti, versions up to and including 0.8.6i. They can be exploited by malicious people to bypass certain security restrictions, manipulate data and compromise vulnerable systems.
| | Homepage: | http://www.openpkg.org/security/ | | File Size: | 3659 | | Last Modified: | Jan 1 22:24:23 2007 |
| MD5 Checksum: | 5bc18c5ade804565b19da52efea172eb |
|
| /// File Name: |
sa23707.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for krb5. This fixes two vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges, or by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23707/ | | File Size: | 3647 | | Last Modified: | Jan 10 13:19:08 2007 |
| MD5 Checksum: | 3ff3fb667b2aca63785abcf3a1913c7f |
|
| /// File Name: |
sa23844.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for poppler. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/23844/ | | File Size: | 3636 | | Last Modified: | Jan 19 19:09:28 2007 |
| MD5 Checksum: | 09d46d33b6803fa96793a7cdc11bb3eb |
|
| /// File Name: |
sa23867.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23867/ | | File Size: | 3626 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | 775be966398a7ceb32c005ca0a60487f |
|
| /// File Name: |
OpenPKG-SA-2007.003.txt |
Description:
|
OpenPKG Security Advisory - According to upstream vendor security advisories, two vulnerabilities exist in the content management system Drupal, versions up to and including 4.7.4.
| | Homepage: | http://openpkg.com/security/ | | File Size: | 3609 | | Last Modified: | Jan 13 15:40:20 2007 |
| MD5 Checksum: | 89dd66645e3cbda3108074c6a4ba7f09 |
|
| /// File Name: |
01.09.07-2.txt |
Description:
|
iDefense Security Advisory - Remote exploitation of an input validation error in Microsoft Corp.'s Excel spreadsheet application may allow the execution of arbitrary code. The vulnerability specifically exists in the handling of out of range values in the column field in several BIFF8 record types. By supplying an invalid Column field to one of these records, it is possible to cause the system to reference arbitrary memory. This can be exploited to gain control of the application. iDefense has confirmed the existence of this vulnerability in Microsoft Excel 2003 with all available service packs and security patches. Previous versions of Excel are also likely to be affected.
| | Author: | Greg MacManus | | Homepage: | http://www.idefense.com/ | | File Size: | 3592 | | Related CVE(s): | CVE-2007-0030 | | Last Modified: | Jan 13 18:12:43 2007 |
| MD5 Checksum: | c945d2c67565f2f00021d2ba7a2fb23b |
|
| /// File Name: |
sa23764.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Indexu, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/23764/ | | File Size: | 3589 | | Last Modified: | Jan 18 03:44:32 2007 |
| MD5 Checksum: | 7c7a6e330b322451aa9b8a0171416d26 |
|
| /// File Name: |
01.09.07-3.txt |
Description:
|
iDefense Security Advisory - Remote exploitation of an heap-based buffer overflow vulnerability in Microsoft Corp.'s Excel spreadsheet application format could allow an attacker to execute arbitrary code in the context of the user who started Excel. The vulnerability specifically exists in the handling of the PALETTE record in BIFF8 format spreadsheet files. By supplying a record with too many entries, an exploitable buffer overflow condition can occur. iDefense Labs have confirmed the existence of this vulnerability in Microsoft Excel 2003 with all service packs and security updates. Previous versions of Excel are also likely to be affected.
| | Author: | Greg MacManus | | Homepage: | http://www.idefense.com/ | | File Size: | 3556 | | Related CVE(s): | CVE-2007-0031 | | Last Modified: | Jan 13 18:13:22 2007 |
| MD5 Checksum: | b697242b10efb9f07727d46a7dc0e0ae |
|
| /// File Name: |
advisory_012007.140.txt |
Description:
|
Hardened PHP Project Security Advisory - WordPress versions 2.0.5 and below are susceptible to a cross site scripting vulnerability.
| | Author: | Stefan Esser | | Homepage: | http://www.hardened-php.net/ | | File Size: | 3554 | | Last Modified: | Jan 6 19:34:22 2007 |
| MD5 Checksum: | 70bfd73413a7698ef03e25ec68a65aee |
|
| /// File Name: |
MDKSA-2007-021.txt |
Description:
|
Mandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3552 | | Related CVE(s): | CVE-2007-0104 | | Last Modified: | Jan 19 22:41:23 2007 |
| MD5 Checksum: | 2d0f8533ae35bd43147f0bbb00709b06 |
|
| /// File Name: |
sa23984.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information, cause a DoS (Denial of Service), or gain escalated privileges; by malicious users to manipulate data, disclose sensitive information, or compromise a vulnerable system; and by malicious people to cause a DoS.
| | Homepage: | http://secunia.com/advisories/23984/ | | File Size: | 3530 | | Last Modified: | Jan 29 11:19:09 2007 |
| MD5 Checksum: | 23ba40d2856cb753b13e73c00476b68e |
|
| /// File Name: |
sa23706.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23706/ | | File Size: | 3509 | | Last Modified: | Jan 10 13:19:08 2007 |
| MD5 Checksum: | 271294e2f5eccf417485851e3e956e4f |
|
| /// File Name: |
sa23847.txt |
Description:
|
Secunia Security Advisory - Roni Bachar and Nir Goldshlager have reported a vulnerability in Check Point products, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/23847/ | | File Size: | 3505 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | 3d0a5feed4e5976fbee48827a8b1419b |
|
| /// File Name: |
sa23848.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for ed. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/23848/ | | File Size: | 3456 | | Last Modified: | Jan 19 19:09:28 2007 |
| MD5 Checksum: | c3b6a676c0c83f31d3ce74e0f1ce9aae |
|
| /// File Name: |
sa23629.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Cisco Secure ACS, which can be exploited by malicious users or people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/23629/ | | File Size: | 3443 | | Last Modified: | Jan 10 13:19:08 2007 |
| MD5 Checksum: | 471d2335fcb3fecc5a180ba68fc3a34b |
|
| /// File Name: |
sa23759.txt |
Description:
|
Secunia Security Advisory - Doron P and Eyal G have reported some vulnerabilities in Ezboxx Portal System, which can be exploited by malicious users to conduct cross-site scripting attacks and by malicious people to conduct cross-site scripting attacks and conduct SQL-injection attacks.
| | Homepage: | http://secunia.com/advisories/23759/ | | File Size: | 3397 | | Last Modified: | Jan 18 03:44:32 2007 |
| MD5 Checksum: | d8237523513c06144f95266670f8f8a5 |
|
| /// File Name: |
01.09.07-7.txt |
Description:
|
iDefense Security Advisory - Remote exploitation of an input validation vulnerability in Adobe Systems Inc.'s Macromedia ColdFusion MX 7 may allow an attacker to view file contents on the server. The vulnerability specifically exists in that URL encoded filenames will be decoded by the IIS process and then again by the ColdFusion process. By supplying a URL containing a double encoded null byte and an extension handled by ColdFusion, such as '.cfm', it is possible to view the contents of any file which is not interpreted by ColdFusion. iDefense has confirmed this vulnerability exists in Adobe Macromedia ColdFusion MX 7.0.2, with all available fixes, running on Microsoft IIS vulnerable.
| | Author: | Inge Henriksen | | Homepage: | http://www.idefense.com/ | | File Size: | 3388 | | Related CVE(s): | CVE-2006-5858 | | Last Modified: | Jan 13 18:25:20 2007 |
| MD5 Checksum: | fc089d0555031a2014f12186d0d2c577 |
|
| /// File Name: |
sa23889.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for squid. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/23889/ | | File Size: | 3374 | | Last Modified: | Jan 26 20:46:45 2007 |
| MD5 Checksum: | 53b369a3a31f52958caa7f97e5a2b196 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
