Section: .. / 0802-advisories /
| /// File Name: |
MDVSA-2008-056.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability was found in the excel_read_HLINK function in the Microsoft Excel plugin in Gnumeric prior to version 1.8.1 that would allow for the execution of arbitrary code via a crafted XLS file containing XLS HLINK opcodes.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3628 | | Related CVE(s): | CVE-2008-0668 | | Last Modified: | Mar 3 14:34:10 2008 |
| MD5 Checksum: | 48441dc70983aa2af7d1f2f899351e60 |
|
| /// File Name: |
USN-582-1.txt |
Description:
|
Ubuntu Security Notice 582-1 - It was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type. If a user were to open a specially crafted email, an attacker could cause a denial of service via application crash or possibly execute arbitrary code as the user. Various flaws were discovered in Thunderbird and its JavaScript engine. By tricking a user into opening a malicious message, an attacker could execute arbitrary code with the user's privileges. Various flaws were discovered in the JavaScript engine. By tricking a user into opening a malicious message, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges. Gerry Eisenhaur discovered that the chrome URI scheme did not properly guard against directory traversal. Under certain circumstances, an attacker may be able to load files or steal session data. Ubuntu is not vulnerable in the default installation. Flaws were discovered in the BMP decoder. By tricking a user into opening a specially crafted BMP file, an attacker could obtain sensitive information.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 18598 | | Related CVE(s): | CVE-2008-0420, CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0304, CVE-2008-0418 | | Last Modified: | Mar 3 14:33:19 2008 |
| MD5 Checksum: | 34890bd0a0e9cf83e242f860168920b9 |
|
| /// File Name: |
iusa-canon.txt |
Description:
|
Certain Canon Multi Function Devices allow remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.
| | Author: | Nate Johnson | | File Size: | 3032 | | Related CVE(s): | CVE-2008-0303 | | Last Modified: | Mar 3 14:24:57 2008 |
| MD5 Checksum: | 056e6e1dd35f1d8b985326b0416c9b50 |
|
| /// File Name: |
MDVSA-2008-055.txt |
Description:
|
Mandriva Linux Security Advisory - Chris Evans found a buffer overflow condition in Ghostscript, which can lead to arbitrary code execution as the user running any application using it to process a maliciously crafted Postscript file.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 13100 | | Related CVE(s): | CVE-2008-0411 | | Last Modified: | Mar 3 14:20:41 2008 |
| MD5 Checksum: | 52ccd7ac9349294e22e4288af884a5a8 |
|
| /// File Name: |
beehive-hardcode.txt |
Description:
|
The Beehive/SendFile.NET Secure File Transfer appliance appears to have credentials hardcoded within the outboxWriteUnsent() function of the FTPThread.class file of SendFile.jar.
| | Author: | Brad Antoniewicz | | File Size: | 1344 | | Last Modified: | Mar 3 14:19:59 2008 |
| MD5 Checksum: | 704d2fd0218615186c6c97c7a8362b90 |
|
| /// File Name: |
ghostscript-overflow.txt |
Description:
|
Ghostscript versions 8.61 and below suffer from a stack-based buffer overflow in the zseticcspace() function in zicc.c.
| | Author: | Chris Evans | | Related Exploit: | ghostscript-poc.txt | | File Size: | 1231 | | Last Modified: | Mar 3 14:15:37 2008 |
| MD5 Checksum: | e8908af1dfabf34c4b2eab9ea0ace408 |
|
| /// File Name: |
sa29103.txt |
Description:
|
Secunia Security Advisory - Chris Evans has reported a vulnerability in Ghostscript, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29103/ | | File Size: | 2313 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | 46c0bacfff915718dd405c70fa1bebdc |
|
| /// File Name: |
sa29119.txt |
Description:
|
Secunia Security Advisory - nnposter has reported a vulnerability in Packeteer PacketShaper, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/29119/ | | File Size: | 2376 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | 5b16bf0b4032b1af8daee0a0df3c77a8 |
|
| /// File Name: |
sa29121.txt |
Description:
|
Secunia Security Advisory - nnposter has reported a vulnerability in Alkacon OpenCms, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/29121/ | | File Size: | 2284 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | fdb93856f0523eaa3c05e50391d75079 |
|
| /// File Name: |
sa29123.txt |
Description:
|
Secunia Security Advisory - Iron has discovered a vulnerability in eazyPortal, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/29123/ | | File Size: | 2359 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | cb47a98a621691a66331891baa424891 |
|
| /// File Name: |
sa29124.txt |
Description:
|
Secunia Security Advisory - Luigi Auriemma has discovered some vulnerabilities in Trend Micro OfficeScan, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29124/ | | File Size: | 2968 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | 4731232e550fa1cb161db161bc1ba1e1 |
|
| /// File Name: |
sa29125.txt |
Description:
|
Secunia Security Advisory - Steve Kemp has reported two security issues in XWine, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/29125/ | | File Size: | 2516 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | cb57c5d6be832700263402b35482de9c |
|
| /// File Name: |
sa29135.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for ghostscript. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29135/ | | File Size: | 11818 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | 1b5280a9bfacd390e7013cfcf2481cea |
|
| /// File Name: |
sa29139.txt |
Description:
|
Secunia Security Advisory - IBM has acknowledged some vulnerabilities in AIX, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/29139/ | | File Size: | 2689 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | 8b4cd5e73cb441579076bb9e98d67e46 |
|
| /// File Name: |
sa29144.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in Berkely Automounter Suite of Utilities (am-utils), which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/29144/ | | File Size: | 2404 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | b419e6cfec1d1aae18e33b54a495f0cf |
|
| /// File Name: |
sa29156.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/29156/ | | File Size: | 2431 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | 79f4023374bdb603cd7d05707f6fce78 |
|
| /// File Name: |
sa29158.txt |
Description:
|
Secunia Security Advisory - Julien Cayssol has reported some vulnerabilities in Centreon, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/29158/ | | File Size: | 2614 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | be1ea137282acb67747999af03262c7b |
|
| /// File Name: |
sa29175.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for pcre. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/29175/ | | File Size: | 2064 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | d0f17042d7e0287ee65af9cf363c6db6 |
|
| /// File Name: |
sa29176.txt |
Description:
|
Secunia Security Advisory - Some security issues have been reported in ViewVC, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/29176/ | | File Size: | 2309 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | 20d96e28d6144521207d72524269e837 |
|
| /// File Name: |
sa29177.txt |
Description:
|
Secunia Security Advisory - vijayv has reported a vulnerability in XRMS CRM, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/29177/ | | File Size: | 2226 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | d4c5c76acc5c8fd28338013da6cc5a9d |
|
| /// File Name: |
sa29185.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for imp. This fixes a security issue and a vulnerability, which can be exploited by malicious users to bypass certain security restrictions, and by malicious people to bypass certain security restrictions and manipulate data.
| | Homepage: | http://secunia.com/advisories/29185/ | | File Size: | 2374 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | 389f8bb9a06d98e690000228f15f66c9 |
|
| /// File Name: |
sa29186.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for horde. This fixes a security issue and a vulnerability, which can be exploited by malicious people to bypass certain security restrictions and manipulate data.
| | Homepage: | http://secunia.com/advisories/29186/ | | File Size: | 2316 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | 9d3f64b9744f1ec4564c7fccf6b3af57 |
|
| /// File Name: |
sa29187.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for am-utils. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/advisories/29187/ | | File Size: | 2039 | | Last Modified: | Mar 3 13:27:45 2008 |
| MD5 Checksum: | 37d0a8f82527222fb4e0ecb25137bed4 |
|
| /// File Name: |
MDVSA-2008-054.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability was discovered by Havoc Pennington in how the dbus-daemon applied its security policy. A user with the ability to connect to the dbus-daemon could possibly execute certain method calls that they should not normally have access to.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4980 | | Related CVE(s): | CVE-2008-0595 | | Last Modified: | Feb 28 19:22:55 2008 |
| MD5 Checksum: | 394afef1d0e71f4050d6ba10e9acccd4 |
|
| /// File Name: |
sa29112.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for ghostscript. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29112/ | | File Size: | 2598 | | Last Modified: | Feb 28 19:22:01 2008 |
| MD5 Checksum: | c9831d3ca5e48f9e880de84f0e748819 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
