Section: .. / 0703-advisories /
| /// File Name: |
sa24514.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for php4 and php5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24514/ | | File Size: | 47343 | | Last Modified: | Mar 17 03:22:27 2007 |
| MD5 Checksum: | 3ed60034e934925dc7b0929c40c6ad6c |
|
| /// File Name: |
dsa-1270-2.txt |
Description:
|
Debian Security Advisory 1270-2 - Several security related problems have been discovered in OpenOffice.org, the free office suite. iDefense reported several integer overflow bugs in libwpd, a library for handling WordPerfect documents that is included in OpenOffice.org. Attackers are able to exploit these with carefully crafted WordPerfect files that could cause an application linked with libwpd to crash or possibly execute arbitrary code. Next Generation Security discovered that the StarCalc parser in OpenOffice.org contains an easily exploitable stack overflow that could be used exploited by a specially crafted document to execute arbitrary code. It has been reported that OpenOffice.org does not escape shell meta characters and is hence vulnerable to execute arbitrary shell commands via a specially crafted document after the user clicked to a prepared link.
| | Homepage: | http://www.debian.org/security | | File Size: | 40801 | | Related CVE(s): | CVE-2007-0002, CVE-2007-0238, CVE-2007-0239 | | Last Modified: | Mar 29 09:00:58 2007 |
| MD5 Checksum: | b6ee02a59e56836dba49bc7eb9c15c96 |
|
| /// File Name: |
USN-444-1.txt |
Description:
|
Ubuntu Security Notice 444-1 - A stack overflow was discovered in OpenOffice.org's StarCalc parser. If a user were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges. A flaw was discovered in OpenOffice.org's link handling code. If a user were tricked into clicking a link in a specially crafted document, a remote attacker could execute arbitrary shell commands with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 38159 | | Related CVE(s): | CVE-2007-0238, CVE-2007-0239 | | Last Modified: | Mar 28 17:59:13 2007 |
| MD5 Checksum: | 1be71010f61bfd345340079bc13f3556 |
|
| /// File Name: |
sa24465.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for openoffice_org and libwpd. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24465/ | | File Size: | 36992 | | Last Modified: | Mar 22 02:31:03 2007 |
| MD5 Checksum: | 959a2e5dbcd8c9ff592b2a956be1d512 |
|
| /// File Name: |
sa24647.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24647/ | | File Size: | 35955 | | Last Modified: | Mar 28 17:52:50 2007 |
| MD5 Checksum: | c74b8d5869b4fef457b180a5502e0b2a |
|
| /// File Name: |
sa24421.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for php4. This fixes some vulnerabilities and a weakness, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/24421/ | | File Size: | 35610 | | Last Modified: | Mar 8 19:52:08 2007 |
| MD5 Checksum: | ecac43a1284a2a56eaca2d3675dfdab4 |
|
| /// File Name: |
dsa-1265-1.txt |
Description:
|
Debian Security Advisory 1265-1 - Several security related problems have been discovered in Mozilla and derived products. Several vulnerabilities in the layout engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary code. Several vulnerabilities in the JavaScript engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary code. A bug in the js_dtoa function allows remote attackers to cause a denial of service. "shutdown" discovered a vulnerability that allows remote attackers to gain privileges and install malicious code via the watch JavaScript function. Steven Michaud discovered a programming bug that allows remote attackers to cause a denial of service. "moz_bug_r_a4" reported that the src attribute of an IMG element could be used to inject JavaScript code. Georgi Guninski discovered several heap-based buffer overflows that allow remote attackers to execute arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 30065 | | Related CVE(s): | CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6505 | | Last Modified: | Mar 14 01:58:47 2007 |
| MD5 Checksum: | 31c02d881051dd8d672d1d21b05bdedd |
|
| /// File Name: |
MDKSA-2007-073.txt |
Description:
|
Mandriva Linux Security Advisory - Stack-based buffer overflow in the StarCalc parser in OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary code via a crafted document. OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 21570 | | Related CVE(s): | CVE-2007-0238, CVE-2007-0239 | | Last Modified: | Apr 2 23:43:55 2007 |
| MD5 Checksum: | cc4084a02836a4fc46679d725b688a54 |
|
| /// File Name: |
asterisk-dos.txt |
Description:
|
The Asterisk PBX is susceptible to a remote denial of service vulnerability via a specially crafted INVITE message. Affected versions include 1.2.14, 1.2.15, 1.2.16, 1.4.1, and possibly earlier versions.
| | Author: | Radu State, Humberto J. Abdelnur, Olivier Festor | | File Size: | 20694 | | Last Modified: | Mar 20 16:59:44 2007 |
| MD5 Checksum: | aca5dd7b214659a519b7584fe9303a83 |
|
| /// File Name: |
dsa-1268-1.txt |
Description:
|
Debian Security Advisory 1268-1 - iDefense reported several integer overflow bugs in libwpd, a library for handling WordPerfect documents. Attackers were able to exploit these with carefully crafted Word Perfect files that could cause an application linked with libwpd to crash or possibly execute arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 19974 | | Related CVE(s): | CVE-2007-0002 | | Last Modified: | Mar 20 16:17:55 2007 |
| MD5 Checksum: | cd81f0f25d6e0698ce913734b700463c |
|
| /// File Name: |
USN-443-1.txt |
Description:
|
Ubuntu Security Notice 443-1 - A flaw was discovered in how Firefox handled PASV FTP responses. If a user were tricked into visiting a malicious FTP server, a remote attacker could perform a port-scan of machines within the user's network, leading to private information disclosure.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 19630 | | Related CVE(s): | CVE-2007-1562 | | Last Modified: | Mar 28 17:58:20 2007 |
| MD5 Checksum: | 6523a4501b229f8942bc20bfbdcfda4b |
|
| /// File Name: |
sa24333.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24333/ | | File Size: | 19585 | | Last Modified: | Mar 6 00:12:53 2007 |
| MD5 Checksum: | 7790d75fa1c7987c3156f6aa76b57f71 |
|
| /// File Name: |
cisco-sa-20070228-nam.txt |
Description:
|
Cisco Security Advisory - Cisco Catalyst 6000, 6500 series and Cisco 7600 series that have a Network Analysis Module installed are vulnerable to an attack, which could allow an attacker to gain complete control of the system. Only Cisco Catalyst systems that have a NAM on them are affected. This vulnerability affects systems that run Internetwork Operating System (IOS) or Catalyst Operating System (CatOS).
| | Homepage: | http://www.cisco.com/ | | File Size: | 19056 | | Last Modified: | Mar 6 05:25:18 2007 |
| MD5 Checksum: | 44eeb78f88fddd0c6fe4d8626f26a436 |
|
| /// File Name: |
sa24569.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for MozillaThunderbird and seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24569/ | | File Size: | 18167 | | Last Modified: | Mar 20 16:05:29 2007 |
| MD5 Checksum: | ad870ab2067e1d8db3541cb04ef6d656 |
|
| /// File Name: |
cisco-sa-20070328-voip.txt |
Description:
|
Cisco Security Advisory - Cisco Unified CallManager (CUCM) and Cisco Unified Presence Server (CUPS) contain multiple vulnerabilities which may result in the failure of CUCM or CUPS functionality, resulting in a Denial of Service (DoS) condition. There are no workarounds for these vulnerabilities. Cisco has made free software available to address these vulnerabilities for affected customers.
| | Homepage: | http://www.cisco.com/ | | File Size: | 17281 | | Last Modified: | Mar 29 08:56:59 2007 |
| MD5 Checksum: | 1b50992d840f1049b2eaca81708c20ac |
|
| /// File Name: |
sa24343.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24343/ | | File Size: | 17109 | | Last Modified: | Mar 6 00:12:53 2007 |
| MD5 Checksum: | c08efaf51b0a157d58898c4728bd90e5 |
|
| /// File Name: |
dsa-1263-1.txt |
Description:
|
Debian Security Advisory 1263-1 - Several remote vulnerabilities have been discovered in in the Clam anti-virus toolkit, which may lead to denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 15695 | | Related CVE(s): | CVE-2007-0897, CVE-2007-0898 | | Last Modified: | Mar 9 01:25:28 2007 |
| MD5 Checksum: | dec08b49bd5e91f60e77ce77fe18358d |
|
| /// File Name: |
dsa-1270-1.txt |
Description:
|
Debian Security Advisory 1270-1 - iDefense reported several integer overflow bugs in libwpd, a library for handling WordPerfect documents that is included in OpenOffice.org. Attackers are able to exploit these with carefully crafted WordPerfect files that could cause an application linked with libwpd to crash or possibly execute arbitrary code. Next Generation Security discovered that the StarCalc parser in OpenOffice.org contains an easily exploitable stack overflow that could be used exploited by a specially crafted document to execute arbitrary code. It has been reported that OpenOffice.org does not escape shell meta characters and is hence vulnerable to execute arbitrary shell commands via a specially crafted document after the user clicked to a prepared link.
| | Homepage: | http://www.debian.org/security | | File Size: | 15242 | | Related CVE(s): | CVE-2007-0002, CVE-2007-0238, CVE-2007-0239 | | Last Modified: | Mar 21 04:10:19 2007 |
| MD5 Checksum: | 7eb058c1ee3247b7636d73e262340b08 |
|
| /// File Name: |
sa24425.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for clamav. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/24425/ | | File Size: | 14279 | | Last Modified: | Mar 8 01:54:52 2007 |
| MD5 Checksum: | 78ebd7d6aefd75e0caeda553f7db9e99 |
|
| /// File Name: |
sa24389.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24389/ | | File Size: | 14114 | | Last Modified: | Mar 8 01:54:52 2007 |
| MD5 Checksum: | 37dc2e316b50fbe36efbc8f9fca3f713 |
|
| /// File Name: |
sa24613.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for openoffice.org. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/24613/ | | File Size: | 13459 | | Last Modified: | Mar 22 02:31:03 2007 |
| MD5 Checksum: | e2b74809a9c27bc6d321bd9d7a5c1501 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
