Section: .. / 0710-advisories /
| /// File Name: |
dsa-1385-1.txt |
Description:
|
Debian Security Advisory 1385-1 Sean Larsson discovered that two code paths inside the X Font Server handle integer values insecurely, which may lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 160468 | | Related CVE(s): | CVE-2007-4568 | | Last Modified: | Oct 11 00:14:40 2007 |
| MD5 Checksum: | 8b40c5f4eb1b84db7866ac70b44eb4e8 |
|
| /// File Name: |
sa27168.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xfs. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/27168/ | | File Size: | 93492 | | Last Modified: | Oct 10 22:52:18 2007 |
| MD5 Checksum: | 436822e5a6af30a448bac1e2c621ec90 |
|
| /// File Name: |
MDKSA-2007-202.txt |
Description:
|
Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.8.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 55387 | | Related CVE(s): | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-4841, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340 | | Last Modified: | Oct 23 19:20:30 2007 |
| MD5 Checksum: | e332e9bdd340b8956054f070addf1ba0 |
|
| /// File Name: |
USN-524-1.txt |
Description:
|
Ubuntu Security Notice 524-1 - An integer overflow was discovered in the TIFF handling code in OpenOffice. If a user were tricked into loading a malicious TIFF image, a remote attacker could execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 50658 | | Related CVE(s): | CVE-2007-2834 | | Last Modified: | Oct 5 02:16:27 2007 |
| MD5 Checksum: | fe45d75534ce9b14eaebf33976068f43 |
|
| /// File Name: |
sa27077.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for openoffice.org. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27077/ | | File Size: | 48237 | | Last Modified: | Oct 5 21:33:17 2007 |
| MD5 Checksum: | f605d68b1012651e85e2eefdee2db563 |
|
| /// File Name: |
dsa-1381-2.txt |
Description:
|
Debian Security Advisory 1381-2 - Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. This is an update to DSA-1381-1 which included only amd64 binaries for linux-2.6. Builds for all other architectures are now available, as well as rebuilds of ancillary packages that make use of the included linux source.
| | Homepage: | http://www.debian.org/security | | File Size: | 38855 | | Related CVE(s): | CVE-2006-5755, CVE-2007-4133, CVE-2007-4573, CVE-2007-5093 | | Last Modified: | Oct 12 21:36:36 2007 |
| MD5 Checksum: | ca85f0d74f6a9ab241328ff4acc9f934 |
|
| /// File Name: |
USN-535-1.txt |
Description:
|
Ubuntu Security Notice 535-1 - A large amount of flaws related to Firefox have been fixed under Ubuntu. These include forced upload and javascript insertion vulnerabilities.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 29953 | | Related CVE(s): | CVE-2006-2894, CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-5334, CVE-2007-5335, CVE-2007-5336, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340 | | Last Modified: | Oct 23 14:16:38 2007 |
| MD5 Checksum: | 74505701d22543c4da59630624735bbb |
|
| /// File Name: |
sa27335.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for firefox. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27335/ | | File Size: | 27611 | | Last Modified: | Oct 23 19:22:54 2007 |
| MD5 Checksum: | b1dfa14d1728a0abf5b163eb25b6f392 |
|
| /// File Name: |
sa27227.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potential sensitive information, gain escalated privileges, and cause a DoS (Denial of Service) and by malicious people to cause a DoS.
| | Homepage: | http://secunia.com/advisories/27227/ | | File Size: | 26895 | | Last Modified: | Oct 16 00:22:55 2007 |
| MD5 Checksum: | 814ec6783120f04ddb81ddaf481fbf4a |
|
| /// File Name: |
sa27228.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for XOrg. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/27228/ | | File Size: | 26006 | | Last Modified: | Oct 15 16:43:14 2007 |
| MD5 Checksum: | 91a42077edbf8cf0a08b67497aa0d320 |
|
| /// File Name: |
sa27336.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for xulrunner. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27336/ | | File Size: | 24016 | | Last Modified: | Oct 22 22:42:45 2007 |
| MD5 Checksum: | dcd6adbb11c5656e8f8f00be065d340a |
|
| /// File Name: |
sa27087.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for openoffice.org. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27087/ | | File Size: | 23705 | | Last Modified: | Oct 5 21:33:17 2007 |
| MD5 Checksum: | 199dda33b0fb9e0cddcc2ca49e19e4ce |
|
| /// File Name: |
cisco-sa-20071017-fwsm.txt |
Description:
|
Cisco Security Advisory - Two crafted packet vulnerabilities exist in the Cisco Firewall Services Module (FWSM) that may result in a reload of the FWSM. These vulnerabilities can be triggered during the processing of HTTPS requests, or during the processing of Media Gateway Control Protocol (MGCP) packets. A third vulnerability may cause access control list (ACL) entries to not be evaluated after the access list has been manipulated.
| | Homepage: | http://www.cisco.com/ | | File Size: | 23416 | | Last Modified: | Oct 18 18:32:46 2007 |
| MD5 Checksum: | ee86a4edae50825cdb3ae77457a4bd1c |
|
| /// File Name: |
cisco-sa-20071017-asa.txt |
Description:
|
Cisco Security Advisory - Two crafted packet vulnerabilities exist in the Cisco PIX 500 Series Security Appliance (PIX) and the Cisco 5500 Series Adaptive Security Appliance (ASA) that may result in a reload of the device. These vulnerabilities are triggered during processing of Media Gateway Control Protocol (MGCP) packets, or during processing of Transport Layer Security (TLS) traffic that terminates on the PIX or ASA security appliance.
| | Homepage: | http://www.cisco.com/ | | File Size: | 22757 | | Last Modified: | Oct 18 18:33:22 2007 |
| MD5 Checksum: | e4ff59388364c154911f65adff3df622 |
|
| /// File Name: |
dsa-1379-1.txt |
Description:
|
Debian Security Advisory 1379-1 - An off-by-one error has been identified in the SSL_get_shared_ciphers() routine in the libssl library from OpenSSL, an implementation of Secure Socket Layer cryptographic libraries and utilities. This error could allow an attacker to crash an application making use of OpenSSL's libssl library, or potentially execute arbitrary code in the security context of the user running such an application.
| | Homepage: | http://www.debian.org/security | | File Size: | 20892 | | Related CVE(s): | CVE-2007-5135 | | Last Modified: | Oct 2 20:21:25 2007 |
| MD5 Checksum: | 3f5aa96b7fa0f56cd5a7c9bd5759073e |
|
| /// File Name: |
sa27414.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for MozillaFirefox, mozilla, and seamonkey. This fixes a weakness and some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, bypass certain security restrictions, manipulate certain data, and compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27414/ | | File Size: | 20053 | | Last Modified: | Oct 29 11:03:58 2007 |
| MD5 Checksum: | eb13cc172af7f7fccc2436171576219e |
|
| /// File Name: |
sa27031.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for openssl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27031/ | | File Size: | 19491 | | Last Modified: | Oct 3 19:13:39 2007 |
| MD5 Checksum: | 9e5337c2739fc3a55fd7b939345bc46f |
|
| /// File Name: |
sa27383.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for mozilla-thunderbird. This fixes a weakness and some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, manipulate certain data, expose sensitive information, or compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27383/ | | File Size: | 17092 | | Last Modified: | Oct 24 23:40:24 2007 |
| MD5 Checksum: | 0593c439f04ce5221cae9da25a4df3ce |
|
| /// File Name: |
dsa-1388-1.txt |
Description:
|
Debian Security Advisory 1388-1 - It was discovered that dhcp, a DHCP server for automatic IP address assignment, didn't correctly allocate space for network replies. This could potentially allow a malicious DHCP client to execute arbitrary code upon the DHCP server.
| | Homepage: | http://www.debian.org/security | | File Size: | 16986 | | Related CVE(s): | CVE-2007-5365 | | Last Modified: | Oct 18 18:37:54 2007 |
| MD5 Checksum: | 9d2033eca1d5196eddf26e6f4fb6ffec |
|
| /// File Name: |
dsa-1386-2.txt |
Description:
|
Debian Security Advisory 1386-2 - A problem has been discovered in the processing of chat messages. Overly long messages are truncated by the server to a fixed length, without paying attention to the multibyte characters. This leads to invalid UTF-8 on clients and causes an uncaught exception. Note that both wesnoth and the wesnoth server are affected. Note: This advisory only updates the MD5 sums for the stable distribution.
| | Homepage: | http://www.debian.org/security | | File Size: | 16911 | | Related CVE(s): | CVE-2007-3917 | | Last Modified: | Oct 15 19:14:25 2007 |
| MD5 Checksum: | 7affc2ab988b403b63251d891eec59f9 |
|
| /// File Name: |
dsa-1386-1.txt |
Description:
|
Debian Security Advisory 1386-1 - A problem has been discovered in the processing of chat messages. Overly long messages are truncated by the server to a fixed length, without paying attention to the multibyte characters. This leads to invalid UTF-8 on clients and causes an uncaught exception. Note that both wesnoth and the wesnoth server are affected.
| | Homepage: | http://www.debian.org/security | | File Size: | 16769 | | Related CVE(s): | CVE-2007-3917 | | Last Modified: | Oct 15 19:13:35 2007 |
| MD5 Checksum: | f05967000506df7b75f26358bfa790a9 |
|
| /// File Name: |
USN-534-1.txt |
Description:
|
Ubuntu Security Notice 534-1 - Andy Polyakov discovered that the DTLS implementation in OpenSSL was vulnerable. A remote attacker could send a specially crafted connection request to services using DTLS and execute arbitrary code with the service's privileges. There are no known Ubuntu applications that are currently using DTLS.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 16635 | | Related CVE(s): | CVE-2007-4995 | | Last Modified: | Oct 22 23:53:09 2007 |
| MD5 Checksum: | 3117c8dc3a3b0c45760d154d0cd66ccd |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
