Section: .. / 0905-advisories /
| /// File Name: |
MDVSA-2009-112.txt |
Description:
|
Mandriva Linux Security Advisory 2009-112 - racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference. Updated packages are available that brings ipsec-tools to version 0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous bugfixes over the previous 0.7.1 version, and also corrects this issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been patched to address this issue. Additionally the flex package required for building ipsec-tools has been fixed due to ipsec-tools build problems and is also available with this update.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6544 | | Related CVE(s): | CVE-2009-1574 | | Last Modified: | May 14 01:17:21 2009 |
| MD5 Checksum: | a12e8708845d91a353053dd91dfea44c |
|
| /// File Name: |
MDVSA-2009-113.txt |
Description:
|
Mandriva Linux Security Advisory 2009-113 - Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c. The updated packages have been patched to prevent this.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 18834 | | Related CVE(s): | CVE-2009-0688 | | Last Modified: | May 18 21:42:15 2009 |
| MD5 Checksum: | 47ac7e3c6268fef5510d49b0d002c77c |
|
| /// File Name: |
MDVSA-2009-114.txt |
Description:
|
Mandriva Linux Security Advisory 2009-114 - Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates, related to the eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2) the NAT-Traversal (aka NAT-T) keepalive implementation, related to src/racoon/nattraversal.c. The updated packages have been patched to prevent this.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3537 | | Related CVE(s): | CVE-2009-1632 | | Last Modified: | May 18 21:45:57 2009 |
| MD5 Checksum: | da736088313f0604f4e8400f81f30df2 |
|
| /// File Name: |
MDVSA-2009-115.txt |
Description:
|
Mandriva Linux Security Advisory 2009-115 - Multiple vulnerabilities has been identified and corrected in phpMyAdmin. Multiple cross-site scripting (XSS) vulnerabilities in the export page (display_export.lib.php) in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pma_db_filename_template cookie. Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action. This update provides phpMyAdmin 2.11.9.5, which is not vulnerable to these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3204 | | Related CVE(s): | CVE-2009-1150, CVE-2009-1151 | | Last Modified: | May 18 21:46:49 2009 |
| MD5 Checksum: | 822f2c6a63fe620000ae85135af88f56 |
|
| /// File Name: |
MDVSA-2009-116.txt |
Description:
|
Mandriva Linux Security Advisory 2009-116 - lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a malformed DSA key that triggers a (1) free of an uninitialized pointer or (2) double free. lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote attackers to spoof signatures on certificates or have unspecified other impact by leveraging an invalid DSA key. gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup. The updated packages have been patched to prevent this.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6340 | | Related CVE(s): | CVE-2009-1415, CVE-2009-1416, CVE-2009-1417 | | Last Modified: | May 18 21:49:09 2009 |
| MD5 Checksum: | 4d2a1671b762f8f1aa2a6ad0b858ea0d |
|
| /// File Name: |
MDVSA-2009-117.txt |
Description:
|
Mandriva Linux Security Advisory 2009-117 - A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially-crafted request packet that could crash ntpd. The updated packages have been patched to prevent this.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5549 | | Related CVE(s): | CVE-2009-1252 | | Last Modified: | May 19 19:05:06 2009 |
| MD5 Checksum: | fda94d8fb3b0e087338f79bd5d4f9ba4 |
|
| /// File Name: |
MDVSA-2009-120.txt |
Description:
|
Mandriva Linux Security Advisory 2009-120 - Multiple security vulnerabilities has been identified and fixed in OpenSSL. The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of future epoch DTLS records that are buffered in a queue, aka DTLS record buffer limitation bug. Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka DTLS fragment handling memory leak. The updated packages have been patched to prevent this.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5616 | | Related CVE(s): | CVE-2009-1377, CVE-2009-1378 | | Last Modified: | May 21 19:46:48 2009 |
| MD5 Checksum: | 40411a2c25d7fd9f6200712d9f70d18c |
|
| /// File Name: |
MDVSA-2009-121.txt |
Description:
|
Mandriva Linux Security Advisory 2009-121 - Multiple security vulnerabilities has been identified and fixed in Little CMS. A memory leak flaw allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted image file. Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. Multiple stack-based buffer overflows allow remote attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel. A flaw in the transformations of monochrome profiles allows remote attackers to cause denial of service triggered by a NULL pointer dereference via a crafted image file. This update provides fixes for these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6914 | | Related CVE(s): | CVE-2009-0581, CVE-2009-0723, CVE-2009-0733, CVE-2009-0793 | | Last Modified: | May 21 19:47:59 2009 |
| MD5 Checksum: | 9aaa6e5338f13acaf3205e37a5a22ca6 |
|
| /// File Name: |
MDVSA-2009-122.txt |
Description:
|
Mandriva Linux Security Advisory 2009-122 - The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.19 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. The updated packages have been upgraded to the latest version of squirrelmail to prevent this.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 13235 | | Related CVE(s): | CVE-2009-1381 | | Last Modified: | May 24 10:27:38 2009 |
| MD5 Checksum: | ddbc13dbfcda67745ca153e312f27a0c |
|
| /// File Name: |
MDVSA-2009-123.txt |
Description:
|
Mandriva Linux Security Advisory 2009-123 - src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS#11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted. The updated packages fix the issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2976 | | Related CVE(s): | CVE-2009-1603 | | Last Modified: | May 27 18:53:37 2009 |
| MD5 Checksum: | 7b7e53e8636e5e793ec38d2f590cb7bf |
|
| /// File Name: |
netdecision-traversal.txt |
Description:
|
NetDecision TFTP Server version 4.2 suffers from a remote directory traversal vulnerability.
| | Author: | princeofnigeria | | File Size: | 2824 | | Last Modified: | May 19 18:37:15 2009 |
| MD5 Checksum: | a90e24194e7e61a22bc8cf03fcd677a2 |
|
| /// File Name: |
NETRAGARD-2009042.txt |
Description:
|
Netragard, L.L.C Advisory - The GoGo Inflight Internet service fails to encrypt wireless connections between users and the access point.
| | Author: | Adriel T. Desautels | | Homepage: | http://www.netragard.com/ | | File Size: | 5118 | | Last Modified: | May 6 23:56:35 2009 |
| MD5 Checksum: | 88e5aad645ef5a3e072f96ad92710f70 |
|
| /// File Name: |
oCERT-2009-004.txt |
Description:
|
AjaxTerm suffers from a session id collision vulnerability. Versions 0.10 and below are affected.
| | Author: | Andrea Barisani | | Homepage: | http://www.ocert.org/ | | File Size: | 2011 | | Last Modified: | May 11 13:59:57 2009 |
| MD5 Checksum: | 4c400d7be74a21f486f1d135f7d48311 |
|
| /// File Name: |
oCERT-2009-006.txt |
Description:
|
Android, an open source mobile phone platform, improperly checks developer certificates when installing packages that request the shared user identifier (uid) permission. Android versions greater and equal to 1.5 CRB17 and less than or equal to 1.5 CRB42 are affected.
| | Author: | Will Drewry | | Homepage: | http://www.ocert.org/ | | File Size: | 1463 | | Related CVE(s): | CVE-2009-1754 | | Last Modified: | May 25 11:41:53 2009 |
| MD5 Checksum: | 4dbaa2f5640fe4f326b34028b69909f5 |
|
| /// File Name: |
repurpose-attack.pdf |
Description:
|
This document discusses cookie hijacking in Google Docs through PDF repurposing attacks. This has since been fixed by Google.
| | Author: | Aditya K Sood | | Homepage: | http://www.secniche.org/ | | File Size: | 345188 | | Last Modified: | May 11 12:58:06 2009 |
| MD5 Checksum: | 6f3ea64aae2840c0c5478f706fc00349 |
|
| /// File Name: |
SA-20090525-0.txt |
Description:
|
SEC Consult Security Advisory 20090525-0 - The Nortel Contact Center Manager server version 6.0 suffers from an authentication bypass vulnerability.
| | Author: | Bernhard Mueller | | Homepage: | http://www.sec-consult.com | | File Size: | 3100 | | Last Modified: | May 26 23:03:13 2009 |
| MD5 Checksum: | 10787677a4020346866b695d84f0393f |
|
| /// File Name: |
sa32428.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft PowerPoint, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/ | | File Size: | 5253 | | Last Modified: | May 13 03:17:40 2009 |
| MD5 Checksum: | a08bc7ef07903d34ebc2cd78b74b02d2 |
|
| /// File Name: |
sa32473.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in Sun Solaris, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/ | | File Size: | 2671 | | Last Modified: | May 24 01:47:24 2009 |
| MD5 Checksum: | 370f34e9bad85d47894aa19e01b835a2 |
|
| /// File Name: |
sa32474.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Sun Java System Communications Express, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/ | | File Size: | 2572 | | Last Modified: | May 21 11:31:41 2009 |
| MD5 Checksum: | a48c02534dc727c7de938f10a0847c4c |
|
| /// File Name: |
sa32604.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in in IBM Tivoli Storage Manager (TSM), which can be exploited by malicious people to bypass certain security restrictions or compromise a vulnerable system.
| | Homepage: | http://secunia.com/ | | File Size: | 3924 | | Last Modified: | May 4 03:30:06 2009 |
| MD5 Checksum: | c623543c80fdd8ccfa2ccbceb166bf04 |
|
| /// File Name: |
sa34326.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Garmin Communicator Plug-In, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/ | | File Size: | 2436 | | Last Modified: | May 7 05:41:51 2009 |
| MD5 Checksum: | b38b86800621d7ed85a12a92080f3f17 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
