Section: .. / 0906-advisories /
| /// File Name: |
HPSBMA02433-SSRT090084.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP Discovery and Dependency Mapping Inventory (DDMI) running on Windows. The vulnerability could be exploited remotely to gain unauthorized access to DDMI agents.
| | Homepage: | http://www.hp.com/ | | File Size: | 6016 | | Related CVE(s): | CVE-2009-1419 | | Last Modified: | Jun 8 13:25:37 2009 |
| MD5 Checksum: | f90cfcd37975f12ef601ba6e90388e5f |
|
| /// File Name: |
HPSBUX02435-SSRT090059.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) and bypass security restrictions.
| | Homepage: | http://www.hp.com/ | | File Size: | 8719 | | Related CVE(s): | CVE-2009-0590, CVE-2009-0591, CVE-2009-0789 | | Last Modified: | Jun 11 15:52:00 2009 |
| MD5 Checksum: | e63ec8ee2f58d8bc94333dc6f8b82168 |
|
| /// File Name: |
IVIZ-09-004.txt |
Description:
|
CA ARCserver Backup r12 SP1 suffers from a denial of service vulnerability when a crafted RPC packet is sent to the Message engine service listening on the 6503/TCP port.
| | Author: | Nibin Varghese | | Homepage: | http://www.ivizsecurity.com/ | | File Size: | 1895 | | Last Modified: | Jun 16 12:52:47 2009 |
| MD5 Checksum: | 149fc4446d17f7316c15878ad24ed7cb |
|
| /// File Name: |
MDVSA-2009-124.txt |
Description:
|
Mandriva Linux Security Advisory 2009-124 - Multiple vulnerabilities has been found and corrected in apache including a memory leak in libssl, a cross site scripting vulnerability in proxy_ftp.c, and a local privilege escalation issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 21395 | | Related CVE(s): | CVE-2008-1678, CVE-2008-2939, CVE-2009-1195 | | Last Modified: | Jun 2 16:11:04 2009 |
| MD5 Checksum: | 3fb50aef7544989c3dda8f72236b9005 |
|
| /// File Name: |
MDVSA-2009-125.txt |
Description:
|
Mandriva Linux Security Advisory 2009-125 - Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets. This update provides Wireshark 1.0.8, which is not vulnerable to this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8125 | | Related CVE(s): | CVE-2009-1829 | | Last Modified: | Jun 2 16:12:43 2009 |
| MD5 Checksum: | 9ef9e10714d51b9ff0f7469cdd56035e |
|
| /// File Name: |
MDVSA-2009-126.txt |
Description:
|
Mandriva Linux Security Advisory 2009-126 - mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3642 | | Related CVE(s): | CVE-2009-1789 | | Last Modified: | Jun 3 00:02:22 2009 |
| MD5 Checksum: | 52e1dc03bfd25a34b12a02c86ad97554 |
|
| /// File Name: |
MDVSA-2009-127.txt |
Description:
|
Mandriva Linux Security Advisory 2009-127 - It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3283 | | Related CVE(s): | CVE-2008-2927 | | Last Modified: | Jun 4 19:35:42 2009 |
| MD5 Checksum: | 2f082ae5ab1887602aa6e9fbcef49b16 |
|
| /// File Name: |
MDVSA-2009-128.txt |
Description:
|
Mandriva Linux Security Advisory 2009-128 - Multiple security vulnerabilities have been identified and fixed in libmodplug. These range from integer to buffer overflows. The updated packages have been patched to prevent this.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4299 | | Related CVE(s): | CVE-2009-1438, CVE-2009-1513 | | Last Modified: | Jun 4 19:40:03 2009 |
| MD5 Checksum: | aa8063eb4f67477b828a59ef5555d7f6 |
|
| /// File Name: |
MDVSA-2009-129.txt |
Description:
|
Mandriva Linux Security Advisory 2009-129 - Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary code via a crafted compound document file, as demonstrated by a.msi,.doc, or.mpp file. NOTE: some of these details are obtained from third party information. This update provides file-5.03, which is not vulnerable to this, and other unspecified issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3305 | | Related CVE(s): | CVE-2009-1515 | | Last Modified: | Jun 5 16:22:02 2009 |
| MD5 Checksum: | 44d1f963a3878281ef1da4acbd03f66d |
|
| /// File Name: |
MDVSA-2009-130.txt |
Description:
|
Mandriva Linux Security Advisory 2009-130 - Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 9077 | | Related CVE(s): | CVE-2009-1932 | | Last Modified: | Jun 8 13:27:07 2009 |
| MD5 Checksum: | 2c838382e0b24ed83d2a88807388088f |
|
| /// File Name: |
MDVSA-2009-131-1.txt |
Description:
|
Mandriva Linux Security Advisory 2009-131-1 - Multiple security vulnerabilities including off-by-one and denial of service issues have been identified and fixed in apr-util. Fixed packages for CS3 and MNF2 was missing with the last update.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8276 | | Related CVE(s): | CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 | | Last Modified: | Jun 8 13:29:55 2009 |
| MD5 Checksum: | 1e22a517b8ce2bbcfc6e49e5898c2fcd |
|
| /// File Name: |
MDVSA-2009-132.txt |
Description:
|
Mandriva Linux Security Advisory 2009-132 - Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value. Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value. This update provides fixes for these vulnerabilities.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7848 | | Related CVE(s): | CVE-2009-1788, CVE-2009-1791 | | Last Modified: | Jun 8 13:31:04 2009 |
| MD5 Checksum: | 54e2a825e98ba351caf5eabe97163770 |
|
| /// File Name: |
MDVSA-2009-133.txt |
Description:
|
Mandriva Linux Security Advisory 2009-133 - Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow. This update provides fixes for this vulnerability.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5134 | | Related CVE(s): | CVE-2009-1959 | | Last Modified: | Jun 16 11:19:58 2009 |
| MD5 Checksum: | f1c33003cf3ed9c3eda7d886da21d626 |
|
| /// File Name: |
MDVSA-2009-134.txt |
Description:
|
Mandriva Linux Security Advisory 2009-134 - Security vulnerabilities have been discovered and corrected in Mozilla Firefox 3.x. These range from race conditions to various denial of service issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 45920 | | Related CVE(s): | CVE-2009-1392, CVE-2009-1832, CVE-2009-1833, CVE-2009-1834, CVE-2009-1835, CVE-2009-1836, CVE-2009-1837, CVE-2009-1838, CVE-2009-1839, CVE-2009-1840, CVE-2009-1841, CVE-2009-2043, CVE-2009-2044, CVE-2009-2061, CVE-2009-2065 | | Last Modified: | Jun 17 18:53:14 2009 |
| MD5 Checksum: | 59827c06acbe521f9116c8b263e644c5 |
|
| /// File Name: |
MDVSA-2009-137.txt |
Description:
|
Mandriva Linux Security Advisory 2009-137 - Multiple security vulnerabilities has been identified and fixed in Little cms library embedded in OpenJDK. This update provides fixes for these issues. java-1.6.0-openjdk requires rhino packages and these has been further updated.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 10020 | | Related CVE(s): | CVE-2009-0581, CVE-2009-0723, CVE-2009-0733, CVE-2009-0793, CVE-2006-2426, CVE-2009-0794, CVE-2009-1093, CVE-2009-1094, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1101, CVE-2009-1102 | | Last Modified: | Jun 19 19:10:10 2009 |
| MD5 Checksum: | b6b5e212fef3d3352bd09addd0fc3370 |
|
| /// File Name: |
MDVSA-2009-138.txt |
Description:
|
Mandriva Linux Security Advisory 2009-138 - Multiple security vulnerabilities have been identified and fixed in tomcat5. These problems range from cross site scripting to directory traversal issues. The updated packages have been patched to prevent this. Additionally, Apache Tomcat has been upgraded to the latest 5.5.27 version for 2009.0.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 9739 | | Related CVE(s): | CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783 | | Last Modified: | Jun 22 23:25:29 2009 |
| MD5 Checksum: | eb749c054c40c8d36705f2fe8e09b456 |
|
| /// File Name: |
MDVSA-2009-139.txt |
Description:
|
Mandriva Linux Security Advisory 2009-139 - A security vulnerability has been identified and corrected in libtorrent-rasterbar. Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative pathname in a Multiple File Mode list element in a .torrent file. The updated packages have been patched to prevent this.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3094 | | Related CVE(s): | CVE-2009-1760 | | Last Modified: | Jun 24 20:02:55 2009 |
| MD5 Checksum: | 5db665e946e8c67a045240074a9fa3de |
|
| /// File Name: |
MDVSA-2009-140.txt |
Description:
|
Mandriva Linux Security Advisory 2009-140 - Multiple security vulnerabilities have been identified and fixed in gaim. These include integer and buffer overflows.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3977 | | Related CVE(s): | CVE-2009-1373, CVE-2009-1376 | | Last Modified: | Jun 25 19:56:02 2009 |
| MD5 Checksum: | c5c23d7d3507364b21b0daece3caf8fc |
|
| /// File Name: |
MDVSA-2009-141.txt |
Description:
|
Mandriva Linux Security Advisory 2009-141 - A number of security vulnerabilities have been discovered for Mozilla Thunderbird version 2.0.0.21. This update provides the latest Thunderbird to correct these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 54906 | | Related CVE(s): | CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-2210, CVE-2009-1392, CVE-2009-1832, CVE-2009-1833, CVE-2009-1838, CVE-2009-1836, CVE-2009-1840, CVE-2009-1841 | | Last Modified: | Jun 26 15:05:46 2009 |
| MD5 Checksum: | 50c4e6527786e1a60c143285b6d81223 |
|
| /// File Name: |
MDVSA-2009-143.txt |
Description:
|
Mandriva Linux Security Advisory 2009-143 - Multiple security vulnerabilities has been identified and fixed in netpbm. The updated packages have been patched to prevent this.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3611 | | Related CVE(s): | CVE-2008-3520, CVE-2008-3522 | | Last Modified: | Jun 26 18:54:00 2009 |
| MD5 Checksum: | 7bd323f53587c335fd03b3adfee2cf59 |
|
| /// File Name: |
MDVSA-2009-144.txt |
Description:
|
Mandriva Linux Security Advisory 2009-144 - Multiple security vulnerabilities has been identified and fixed in ghostscript. This update makes ghostscript link against the shared system jasper library which makes it easier to address presumptive future security issues in the jasper library.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8818 | | Related CVE(s): | CVE-2008-3520, CVE-2008-3522 | | Last Modified: | Jun 29 13:21:07 2009 |
| MD5 Checksum: | 9194265d630966382fc5f98826af6196 |
|
| /// File Name: |
MDVSA-2009-145.txt |
Description:
|
Mandriva Linux Security Advisory 2009-145 - A vulnerability has been found and corrected in PHP. The updated packages have been patched to correct these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 40438 | | Last Modified: | Jun 29 17:56:32 2009 |
| MD5 Checksum: | 7d45ecb326b5fddd44bc3ce23c2b7988 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
