Section: .. / Last 100 Advisory Files /
| /// File Name: | scip-dreambox.txt | Description:
| An input validation error within the web interface of Dreambox model DM500C allows for a denial of service condition. | | Author: | Marc Ruef | | Homepage: | http://www.scip.ch/ | | File Size: | 4512 | | Last Modified: | Aug 29 12:06:16 2008 | | MD5 Checksum: | 249afecfcb2122f8d5df9de75eb67421 |
|
| /// File Name: | ZDI-08-054.txt | Description:
| A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of messaging applications that make use of the libpurple library. User interaction is not required to exploit this vulnerability. The specific flaw exists in the implementation of the MSN protocol, specifically the handling of SLP messages. The function msn_slplink_process_msg() fails to properly validate an offset value specified in the SLP packet. By providing a specific value, an attacker can overflow a heap buffer resulting in arbitrary code execution. | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3008 | | Related CVE(s): | CVE-2008-2927 | | Last Modified: | Aug 29 01:49:37 2008 | | MD5 Checksum: | d76ab9bcd5ffc3e70e7f81027f487560 |
|
| /// File Name: | MDVSA-2008-181.txt | Description:
| Mandriva Linux Security Advisory - Two denial of service vulnerabilities were discovered in the ipsec-tools racoon daemon, which could allow a remote attacker to cause it to consume all available memory. The updated packages have been patched to prevent these issues. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5730 | | Related CVE(s): | CVE-2008-3651, CVE-2008-3652 | | Last Modified: | Aug 29 01:48:08 2008 | | MD5 Checksum: | 2d7f6108eed9a9dc420bf8b8ca56cdb7 |
|
| /// File Name: | firefox301-exec.txt | Description:
| Firefox version 3.0.1 (final release) suffers from an unspecified remote code execution vulnerability. | | Author: | Beenu Arora | | Homepage: | http://www.beenuarora.com/ | | File Size: | 3979 | | Last Modified: | Aug 29 01:46:34 2008 | | MD5 Checksum: | e5305be99ab1f77ca6497f785fd1274e |
|
| /// File Name: | SSRT080118.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Apache. These vulnerabilities could be exploited remotely resulting in Cross Site Scripting (XSS) or Denial of Service (DoS). | | Homepage: | http://www.hp.com/ | | File Size: | 8622 | | Related CVE(s): | CVE-2007-4465, CVE-2008-2168, CVE-2008-2364 | | Last Modified: | Aug 29 01:14:23 2008 | | MD5 Checksum: | 50243815f59ecafcedf99163c1ad9ff7 |
|
| /// File Name: | USN-638-1.txt | Description:
| Ubuntu Security Notice 638-1 - Aaron Grattafiori discovered that the Gnome Help Viewer did not handle format strings correctly when displaying certain error messages. If a user were tricked into opening a specially crafted URI, a remote attacker could execute arbitrary code with user privileges. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 3742 | | Related CVE(s): | CVE-2008-3533 | | Last Modified: | Aug 27 18:03:15 2008 | | MD5 Checksum: | c3002bba563957c93b2edfad569c7c01 |
|
| /// File Name: | SSRT080106.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified in the HP Enterprise Discovery. The vulnerability could be exploited remotely by an authorized user to gain extended privileges. | | Homepage: | http://www.hp.com/ | | File Size: | 6719 | | Related CVE(s): | CVE-2008-3538 | | Last Modified: | Aug 27 17:57:18 2008 | | MD5 Checksum: | a84ae83f38e250d72f3b90696e44be96 |
|
| /// File Name: | PLSA-2008-31.txt | Description:
| Pardus Linux Security Advisory - A vulnerability has been reported in LibTIFF, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a user's system. | | Author: | Pardus Linux | | File Size: | 1689 | | Related CVE(s): | CVE-2008-2327 | | Last Modified: | Aug 27 11:26:44 2008 | | MD5 Checksum: | 89fde6963eee81805e587266f74bbffa |
|
| /// File Name: | MDVSA-2008-180-1.txt | Description:
| Mandriva Linux Security Advisory - Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding. The original fix used to correct this issue caused some applications that used the libxml2 library to crash. These new updated packages use a different fix that does not cause certain linked applications to crash as the old packages did. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7129 | | Related CVE(s): | CVE-2008-3281 | | Last Modified: | Aug 26 22:43:46 2008 | | MD5 Checksum: | cee89e63538737ae53aedf3ab3fd7410 |
|
| /// File Name: | dsa-1631-2.txt | Description:
| Debian Security Advisory 1631-2 - The previous security update of the libxml2 package introduced some problems with other packages, most notably with librsvg. This update corrects these problems whilst still fixing the reported security problem. | | Homepage: | http://www.debian.org/security | | File Size: | 13127 | | Related CVE(s): | CVE-2008-3281 | | Last Modified: | Aug 26 22:15:04 2008 | | MD5 Checksum: | f024501160502cc01f3a8a6951c7c361 |
|
| /// File Name: | dsa-1632-1.txt | Description:
| Debian Security Advisory 1632-1 - Drew Yao discovered that libTIFF, a library for handling the Tagged Image File Format, is vulnerable to a programming error allowing malformed tiff files to lead to a crash or execution of arbitrary code. | | Homepage: | http://www.debian.org/security | | File Size: | 11108 | | Related CVE(s): | CVE-2008-2327 | | Last Modified: | Aug 26 22:14:44 2008 | | MD5 Checksum: | 0e6569a1ce6eb08995b0101c1d463469 |
|
| /// File Name: | zoneminder-multi.txt | Description:
| ZoneMinder versions 1.23.3 and below suffer from command injection, SQL injection, and cross site scripting vulnerabilities. | | Author: | Filip Palian | | File Size: | 1273 | | Last Modified: | Aug 26 22:10:06 2008 | | MD5 Checksum: | d8bb2d877419e579e9d76b0f207b8425 |
|
| /// File Name: | USN-637-1.txt | Description:
| Ubuntu Security Notice 637-1 - It was discovered that there were multiple NULL-pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. The do_change_type routine did not correctly validation administrative users. A local attacker could exploit this to block mount points or cause private mounts to be shared, leading to denial of service or a possible loss of privacy. Tobias Klein discovered that the OSS interface through ALSA did not correctly validate the device number. A local attacker could exploit this to access sensitive kernel memory, leading to a denial of service or a loss of privacy. Zoltan Sogor discovered that new directory entries could be added to already deleted directories. A local attacker could exploit this, filling up available memory and disk space, leading to a denial of service. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 191184 | | Related CVE(s): | CVE-2008-2812, CVE-2008-2931, CVE-2008-3272, CVE-2008-3275 | | Last Modified: | Aug 26 21:53:24 2008 | | MD5 Checksum: | 4ff77f698b3af8e2303260d5110f0d63 |
|
| /// File Name: | secunia-calendarix.txt | Description:
| Secunia Research has discovered two vulnerabilities in Calendarix Basic, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "catsearch" parameter in cal_search.php and "catview" in cal_cat.php is not properly sanitized before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Calendarix Basic 0.8.20071118 is affected. | | Homepage: | http://secunia.com/ | | File Size: | 4530 | | Related CVE(s): | CVE-2008-2429 | | Last Modified: | Aug 25 20:30:10 2008 | | MD5 Checksum: | 25805f56ddb5ea080e60cc240a6e595d |
|
| /// File Name: | secunia-iprintget.txt | Description:
| Secunia Research has discovered a security issue in Novell iPrint Client, which can be exploited by malicious people to gain knowledge of potentially sensitive information. Novell iPrint Client 4.36 and Novell iPrint Client for Windows Vista 5.04 are affected. The insecurity lies in GetFileList(). | | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 5102 | | Related CVE(s): | CVE-2008-2432 | | Last Modified: | Aug 25 20:28:38 2008 | | MD5 Checksum: | fdd4e1fe471d8f8909683736fc941234 |
|
| /// File Name: | secunia-iprint.txt | Description:
| Secunia Research has discovered multiple vulnerabilities in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system. These include boundary errors and buffer overflow issues. Novell iPrint Client 4.36 is affected. | | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 7131 | | Related CVE(s): | CVE-2008-2431 | | Last Modified: | Aug 25 20:27:09 2008 | | MD5 Checksum: | 40a0bbe6cee53536da934ab4a38a4cb8 |
|
| /// File Name: | PLSA-2008-30.txt | Description:
| Pardus Linux Security Advisory - Insufficient sanitization can lead to Vim executing arbitrary commands when performing keyword or tag lookup. | | Author: | Pardus Linux | | File Size: | 1298 | | Last Modified: | Aug 25 20:17:20 2008 | | MD5 Checksum: | bba89f851911b3ef0f74460ddb4d69a5 |
|
| /// File Name: | PLSA-2008-29.txt | Description:
| Pardus Linux Security Advisory - Multiple vulnerabilities have discovered by g_ which potentially can be exploited by malicious people to compromise a user's system. | | Author: | Pardus Linux | | File Size: | 1886 | | Related CVE(s): | CVE-2008-3732 | | Last Modified: | Aug 25 20:16:33 2008 | | MD5 Checksum: | 353baefe1e7409fab29c0abd9c5f7291 |
|
| /// File Name: | PLSA-2008-28.txt | Description:
| Pardus Linux Security Advisory - A vulnerability has been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service). | | Author: | Pardus Linux | | File Size: | 1723 | | Related CVE(s): | CVE-2008-3281 | | Last Modified: | Aug 25 20:15:56 2008 | | MD5 Checksum: | b5d695d395d852aa764c49dbd945acc7 |
|
| /// File Name: | IVIZ-08-009.txt | Description:
| The password checking routine of Grub fails to sanitize the BIOS keyboard buffer before AND after reading passwords. | | Author: | Jonathan Brossard | | Homepage: | http://www.ivizsecurity.com/ | | File Size: | 2867 | | Last Modified: | Aug 25 20:09:38 2008 | | MD5 Checksum: | 19fafe4333b13d89b153a4c1a3b7a16c |
|
| /// File Name: | IVIZ-08-008.txt | Description:
| The password checking routine of LILO fails to sanitize the BIOS keyboard buffer before AND after reading passwords. | | Author: | Jonathan Brossard | | Homepage: | http://www.ivizsecurity.com/ | | File Size: | 3085 | | Last Modified: | Aug 25 20:09:14 2008 | | MD5 Checksum: | b6128bc94dc690994313103896500060 |
|
| /// File Name: | IVIZ-08-007.txt | Description:
| The password checking routine of DriveCrypt fails to sanitize the BIOS keyboard buffer before AND after reading passwords. | | Author: | Jonathan Brossard | | Homepage: | http://www.ivizsecurity.com/ | | File Size: | 2987 | | Last Modified: | Aug 25 20:08:51 2008 | | MD5 Checksum: | f5e88134d2c118dc27e0b5de40760281 |
|
| /// File Name: | IVIZ-08-006.txt | Description:
| The password checking routine of DiskCryptor fails to sanitize the BIOS keyboard buffer before AND after reading passwords. | | Author: | Jonathan Brossard | | Homepage: | http://www.ivizsecurity.com/ | | File Size: | 2724 | | Last Modified: | Aug 25 20:08:18 2008 | | MD5 Checksum: | 28d14d2910f59a1abffea61e693b4bc3 |
|
| /// File Name: | IVIZ-08-005.txt | Description:
| The password checking routine of the IBM Lenovo BIOS firmware fails to sanitize the BIOS keyboard buffer after reading user input, resulting in plain text password leakage to local users. | | Author: | Jonathan Brossard | | Homepage: | http://www.ivizsecurity.com/ | | File Size: | 2773 | | Last Modified: | Aug 25 20:07:50 2008 | | MD5 Checksum: | 9372ec1711b09a008c09f97aaad48fc9 |
|
| /// File Name: | IVIZ-08-004.txt | Description:
| The password checking routine of Intel BIOS firmware fails to sanitize the BIOS keyboard buffer after reading user input, resulting in plain text password leakage to local users. | | Author: | Jonathan Brossard | | Homepage: | http://www.ivizsecurity.com/ | | File Size: | 2989 | | Last Modified: | Aug 25 20:07:01 2008 | | MD5 Checksum: | fb13f9752e6c436b4d7a1e7c99a21fa2 |
|
| /// File Name: | IVIZ-08-003.txt | Description:
| The password checking routine of TrueCrypt fails to sanitize the BIOS keyboard buffer before AND after reading passwords. | | Author: | Jonathan Brossard | | Homepage: | http://www.ivizsecurity.com/ | | File Size: | 3030 | | Last Modified: | Aug 25 20:06:19 2008 | | MD5 Checksum: | 986464ca4ad63ebdd6c33978f68b69c6 |
|
| /// File Name: | IVIZ-08-002.txt | Description:
| The password checking routine of Hewlett-Packard 68DTT version F.0D (11/22/2005) fails to sanitize the BIOS keyboard buffer after reading user input, resulting in plain text password leakage to local users. | | Author: | Jonathan Brossard | | Homepage: | http://www.ivizsecurity.com/ | | File Size: | 2938 | | Last Modified: | Aug 25 20:05:45 2008 | | MD5 Checksum: | 7ed6e522d2b2d1576d1001319e9ae443 |
|
| /// File Name: | IVIZ-08-001.txt | Description:
| The password checking routine of Microsoft Bitlocker fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users. | | Author: | Jonathan Brossard | | Homepage: | http://www.ivizsecurity.com/ | | File Size: | 2797 | | Last Modified: | Aug 25 20:05:07 2008 | | MD5 Checksum: | 08bf0022caed32290893bce4e558fee6 |
|
| /// File Name: | dsa-1631-1.txt | Description:
| Debian Security Advisory 1631-1 - Andreas Solberg discovered that libxml2, the GNOME XML library, could be forced to recursively evaluate entities, until available CPU & memory resources were exhausted. | | Homepage: | http://www.debian.org/security | | File Size: | 11181 | | Related CVE(s): | CVE-2008-3281 | | Last Modified: | Aug 22 18:15:36 2008 | | MD5 Checksum: | 4e11a0bf3ea05140834d932f3231418d |
|
| /// File Name: | oCERT-2008-008.txt | Description:
| The xine free multimedia player suffers from a number of vulnerabilities ranging in severity. The worst of these vulnerabilities results in arbitrary code execution and the least, in unexpected process termination. xine-lib versions 1.1.14 and below are affected. | | Author: | Will Drewry | | Homepage: | http://ocert.org/ | | File Size: | 2650 | | Last Modified: | Aug 22 18:13:15 2008 | | MD5 Checksum: | 030d4b684f35e92aea985834e35cd251 |
|
| /// File Name: | PR08-20.txt | Description:
| Microsoft ASP.NET ValidateRequest filters can be bypassed allowing for cross site scripting and HTML injection attacks. | | Homepage: | http://www.procheckup.com/ | | File Size: | 3862 | | Last Modified: | Aug 22 17:59:39 2008 | | MD5 Checksum: | 55f98a75179a16092e86c4dbcd9340b2 |
|
| /// File Name: | secunia-trendmicro.txt | Description:
| Secunia Research has discovered a vulnerability in certain Trend Micro products, which can be exploited by malicious people to bypass authentication. The vulnerability is caused by insufficient entropy being used to create a random session token for identifying an authenticated manager using the web management console. The entropy in the session token comes solely from the system time when the real manager logs in with a granularity of one second. This can be exploited to impersonate a currently logged on manager by brute forcing the authentication token. Successful exploitation further allows execution of arbitrary code via manipulation of the configuration. | | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4926 | | Related CVE(s): | CVE-2008-2433 | | Last Modified: | Aug 22 17:55:38 2008 | | MD5 Checksum: | b5bcc9775cd18024e81e9933c9fa97da |
|
| /// File Name: | MDVSA-2008-180.txt | Description:
| Mandriva Linux Security Advisory - Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding. The updated packages have been patched to prevent this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7142 | | Related CVE(s): | CVE-2008-3281 | | Last Modified: | Aug 21 20:37:14 2008 | | MD5 Checksum: | d020ce82b78a55691be3b77a8258749f |
|
| /// File Name: | MDVSA-2008-179.txt | Description:
| Mandriva Linux Security Advisory - An input validation flaw was found in X.org's MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory, resulting in the disclosure of sensitive data of other users of the X.org server. Multiple integer overflows were found in X.org's Render extension. A malicious authorized client could exploit these issues to cause a denial of service (crash) or possibly execute arbitrary code with root privileges on the X.org server. The Metisse program is likewise affected by these issues; the updated packages have been patched to prevent them. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5189 | | Related CVE(s): | CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362 | | Last Modified: | Aug 21 20:36:27 2008 | | MD5 Checksum: | 7fa23a387b9a6aa48f33a17134658e9b |
|
| /// File Name: | MDVSA-2008-178.txt | Description:
| Mandriva Linux Security Advisory - Alin Rad Pop found an array index vulnerability in the SDP parser of xine-lib. If a user or automated system were tricked into opening a malicious RTSP stream, a remote attacker could possibly execute arbitrary code with the privileges of the user using the program. The ASF demuxer in xine-lib did not properly check the length of ASF headers. If a user was tricked into opening a crafted ASF file, a remote attacker could possibly cause a denial of service or execute arbitrary code with the privileges of the user using the program. The Matroska demuxer in xine-lib did not properly verify frame sizes, which could possibly lead to the execution of arbitrary code if a user opened a crafted ASF file. Luigi Auriemma found multiple integer overflows in xine-lib. If a user was tricked into opening a crafted FLV, MOV, RM, MVE, MKV, or CAK file, a remote attacker could possibly execute arbitrary code with the privileges of the user using the program. Guido Landi found A stack-based buffer overflow in xine-lib that could allow a remote attacker to cause a denial of service (crash) and potentially execute arbitrary code via a long NSF title. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5942 | | Related CVE(s): | CVE-2008-0073, CVE-2008-1110, CVE-2008-1161, CVE-2008-1482, CVE-2008-1878 | | Last Modified: | Aug 21 20:36:00 2008 | | MD5 Checksum: | f81b67007a37ee028b814f93f17b95cb |
|
| /// File Name: | glsa-200804-22-03.txt | Description:
| Gentoo Linux Security Advisory [UPDATE] GLSA 200804-22:03 - Amit Klein of Trusteer reported that insufficient randomness is used to calculate the TRXID values and the UDP source port numbers (CVE-2008-1637). Thomas Biege of SUSE pointed out that a prior fix to resolve this issue was incomplete, as it did not always enable the stronger random number generator for source port selection (CVE-2008-3217). Versions less than 3.1.6 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2870 | | Related CVE(s): | CVE-2008-1637, CVE-2008-3217 | | Last Modified: | Aug 21 20:28:39 2008 | | MD5 Checksum: | ebb72f271795a16c7a89e0cc3a25ae70 |
|
| /// File Name: | MDVSA-2008-177.txt | Description:
| Mandriva Linux Security Advisory - Guido Landi found a stack-based buffer overflow in xine-lib that could allow a remote attacker to cause a denial of service (crash) and potentially execute arbitrary code via a long NSF title. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5130 | | Related CVE(s): | CVE-2008-1878 | | Last Modified: | Aug 21 00:46:04 2008 | | MD5 Checksum: | be91fa3452d00d25310bbe167ebe5038 |
|
| /// File Name: | MDVSA-2008-176.txt | Description:
| Mandriva Linux Security Advisory - A stack-based buffer overflow was found in mtr prior to version 0.73 that allowed remote attackers to execute arbitrary code via a crafted DNS PTR record, when called with the --split option. The updated packages provide mtr 0.73 which corrects this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2757 | | Related CVE(s): | CVE-2008-2357 | | Last Modified: | Aug 21 00:45:02 2008 | | MD5 Checksum: | 0ea1927644dee386902a2c15ae603cee |
|
| /// File Name: | MDVSA-2008-175.txt | Description:
| Mandriva Linux Security Advisory - A format string vulnerability was discovered in yelp after version 2.19.90 and before 2.24 that could allow remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command-line or via URI helpers in Firefox, Evolution, or possibly other programs. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3047 | | Related CVE(s): | CVE-2008-3533 | | Last Modified: | Aug 21 00:44:43 2008 | | MD5 Checksum: | 68a89521e8a4ebd2c2bd15623294278c |
|
| /// File Name: | CORE-2008-0813.txt | Description:
| Core Security Technologies Advisory - vBulletin versions 3.7.2 Patch Level 1 and 3.6.10 Patch Level 3 suffer from a cross site scripting vulnerability. | | Author: | Federico Muttis | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 8589 | | Last Modified: | Aug 21 00:35:17 2008 | | MD5 Checksum: | 762ace67edbf513d11ef873fdb4e0b14 |
|
| /// File Name: | USN-636-1.txt | Description:
| Ubuntu Security Notice 636-1 - Sebastian Krahmer discovered that Postfix was not correctly handling mailbox ownership when dealing with Linux's implementation of hardlinking to symlinks. In certain mail spool configurations, a local attacker could exploit this to append data to arbitrary files as the root user. The default Ubuntu configuration was not vulnerable. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 21465 | | Related CVE(s): | CVE-2008-2936 | | Last Modified: | Aug 20 02:46:11 2008 | | MD5 Checksum: | cce112ac7583d275595f69c51a839d9d |
|
| /// File Name: | MDVSA-2008-173.txt | Description:
| Mandriva Linux Security Advisory - Kees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened. This vulnerability also affected older versions of kpdf, so the updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8914 | | Related CVE(s): | CVE-2008-1693 | | Last Modified: | Aug 20 02:43:36 2008 | | MD5 Checksum: | a4ecb934a32e106110b9ab5649af376c |
|
| /// File Name: | SSRT080117-2.txt | Description:
| HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin. | | Homepage: | http://www.hp.com/ | | File Size: | 12417 | | Related CVE(s): | CVE-2008-2463, CVE-2008-2244, CVE-2008-3003, CVE-2008-3004, CVE-2008-3005, CVE-2008-3006, CVE-2008-3018, CVE-2008-3019, CVE-2008-3020, CVE-2008-3021, CVE-2008-3460, CVE-2008-2254, CVE-2008-2255, CVE-2008-2256, CVE-2008-2257, CVE-2008-2258, CVE-2008-2259, CVE-2008-2245, CVE-2008-2246, CVE-2008-1448, CVE-2008-1456, CVE-2008-1457, CVE-2008-0082, CVE-2008-0120, CVE-2008-0121, CVE-2008-1455 | | Last Modified: | Aug 20 02:06:05 2008 | | MD5 Checksum: | eff92d137ada0a63b95a01b33d2c7643 |
|
| /// File Name: | dsa-1629-2.txt | Description:
| Debian Security Advisory 1629-2 - Due to a version numbering problem, the Postfix update for DSA 1629 was not installable on the i386 (Intel ia32) architecture. This update increases the version number to make it installable on i386 as well. | | Homepage: | http://www.debian.org/security | | File Size: | 10095 | | Related CVE(s): | CVE-2008-2936 | | Last Modified: | Aug 20 01:57:28 2008 | | MD5 Checksum: | d5905b0f7ab31785748e93c41a799586 |
|
| /// File Name: | SSRT080039-2.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified with HP System Management Homepage (SMH) for Linux and Windows. This vulnerability could by exploited remotely to allow cross site scripting (XSS). | | Homepage: | http://www.hp.com/ | | File Size: | 6382 | | Related CVE(s): | CVE-2008-1663 | | Last Modified: | Aug 18 20:05:07 2008 | | MD5 Checksum: | 532beb0aee3e979142e353425bdaf021 |
|
| /// File Name: | dsa-1629-1.txt | Description:
| Debian Security Advisory 1629-1 - Sebastian Krahmer discovered that Postfix, a mail transfer agent, incorrectly checks the ownership of a mailbox. In some configurations, this allows for appending data to arbitrary files as root. | | Homepage: | http://www.debian.org/security | | File Size: | 13634 | | Related CVE(s): | CVE-2008-2936 | | Last Modified: | Aug 18 19:15:23 2008 | | MD5 Checksum: | 5a5029498e47c3b0c8f6caa98004975c |
|
| /// File Name: | PLSA-2008-25.txt | Description:
| Pardus Linux Security Advisory - Sebastian Krahmer has reported some security issues in Postfix, which can be exploited by malicious, local users to disclose potentially sensitive information and perform certain actions with escalated privileges. | | Author: | Pardus Linux | | File Size: | 2262 | | Related CVE(s): | CVE-2008-2936, CVE-2008-2937 | | Last Modified: | Aug 15 20:40:40 2008 | | MD5 Checksum: | e57d0cc8a2f7fccc61fb079bf6de7bda |
|
| /// File Name: | MDVSA-2008-172.txt | Description:
| Mandriva Linux Security Advisory - A flaw in Amarok prior to 1.4.10 would allow local users to overwrite arbitrary files via a symlink attack on a temporary file that Amarok created with a predictable name. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5625 | | Related CVE(s): | CVE-2008-3699 | | Last Modified: | Aug 15 20:39:23 2008 | | MD5 Checksum: | 35b9f3396f2f1dad47d3cfe0d6aee45f |
|
| /// File Name: | MDVSA-2008-171.txt | Description:
| Mandriva Linux Security Advisory - Sebastian Krahmer of the SUSE Security Team discovered a flaw in the way Postfix dereferenced symbolic links. If a local user had write access to a mail spool directory without a root mailbox file, it could be possible for them to append arbitrary data to files that root had write permissions to. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8984 | | Related CVE(s): | CVE-2008-2936 | | Last Modified: | Aug 15 20:39:05 2008 | | MD5 Checksum: | 48044f8eb8d0f450a53f132789027535 |
|
| /// File Name: | PLSA-2008-24.txt | Description:
| Pardus Linux Security Advisory - A security issue has been reported in Amarok, which can be exploited by malicious, local users to perform certain actions with escalated privileges. | | Author: | Pardus Linux | | File Size: | 1930 | | Related CVE(s): | CVE-2008-3699 | | Last Modified: | Aug 15 18:41:56 2008 | | MD5 Checksum: | fc8bca31f37dffda0b3a0d3f2f9656f1 |
|
| /// File Name: | cisco-sa-20080814-webex.txt | Description:
| Cisco Security Advisory - An ActiveX control (atucfobj.dll) that is used by the Cisco WebEx Meeting Manager contains a buffer overflow vulnerability that may result in a denial of service or remote code execution. The WebEx Meeting Manager is a client-side program that is provided by the Cisco WebEx meeting service. The Cisco WebEx meeting service automatically downloads, installs, and configures Meeting Manager the first time a user begins or joins a meeting. When users connect to the WebEx meeting service, the WebEx Meeting Manager is automatically upgraded to the latest version. There is a manual workaround available for users who are not able to connect to the WebEx meeting service. | | Homepage: | http://www.cisco.com/ | | File Size: | 14028 | | Related CVE(s): | CVE-2008-2737 | | Last Modified: | Aug 15 18:40:39 2008 | | MD5 Checksum: | b37ad9f1f0ade1da7287081770808eb6 |
|
| /// File Name: | glsa-200808-12.txt | Description:
| Gentoo Linux Security Advisory GLSA 200808-12 - Sebastian Krahmer of SuSE has found that Postfix allows to deliver mail to root-owned symlinks in an insecure manner under certain conditions. Normally, Postfix does not deliver mail to symlinks, except to root-owned symlinks, for compatibility with the systems using symlinks in /dev like Solaris. Furthermore, some systems like Linux allow to hardlink a symlink, while the POSIX.1-2001 standard requires that the symlink is followed. Depending on the write permissions and the delivery agent being used, this can lead to an arbitrary local file overwriting vulnerability (CVE-2008-2936). Furthermore, the Postfix delivery agent does not properly verify the ownership of a mailbox before delivering mail (CVE-2008-2937). Versions less than 2.5.3-r1 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 5453 | | Related CVE(s): | CVE-2008-2936, CVE-2008-2937 | | Last Modified: | Aug 14 20:12:35 2008 | | MD5 Checksum: | 3d10d7b22f9734485a3dd000961d1cf5 |
|
| /// File Name: | SYM08-015.txt | Description:
| Symantec Security Advisory - It is possible to circumvent the security patch that resolved a previously identified authentication bypass, remote code execution vulnerability in the Veritas Storage Foundation for Windows version 5.0 Volume Manager Scheduler Service. Successful exploitation could result in potential compromise of the targeted system. | | Homepage: | http://www.symantec.com/ | | File Size: | 5627 | | Last Modified: | Aug 14 20:07:58 2008 | | MD5 Checksum: | ec41ee8b4de02919527d674e1245726a |
|
| /// File Name: | ZDI-08-053.txt | Description:
| A vulnerability allows an attacker to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation. User interaction is not required to exploit this vulnerability. Authentication is not required to exploit this vulnerability. The specific flaw exists in the functionality exposed by the Storage Foundation for Windows Scheduler Service, VxSchedService.exe, which listens by default on TCP port 4888. The management console allows NULL NTLMSSP authentication thereby enabling a remote attacker to add, modify, or delete snapshots schedules and consequently run arbitrary code under the context of the SYSTEM user. | | Author: | Tenable Network Security | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3128 | | Last Modified: | Aug 14 20:05:49 2008 | | MD5 Checksum: | 95e5d86646e2ad48b9ff8481f0549ee9 |
|
| /// File Name: | ZDI-08-052.txt | Description:
| A vulnerability allows remote attackers to deny services on vulnerable installations of OpenLDAP. Authentication is not required to exploit this vulnerability. The specific flaw exists in the decoding of ASN.1 BER network datagrams. When the size of a BerElement is specified incorrectly, the application will trigger an assert(), leading to abnormal program termination. | | Author: | Oscar Mira-Sanchez | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3289 | | Related CVE(s): | CVE-2008-2952 | | Last Modified: | Aug 14 20:04:56 2008 | | MD5 Checksum: | c4b36d8934d8c8254cbb4f7fa85d22ad |
|
| /// File Name: | SUSE-SA-2008-041.txt | Description:
| SUSE Security Announcement - The SuSE Security-Team has found two critical issues in the code for openwsman. Two remote buffer overflows while decoding the HTTP basic authentication header exist and a possible SSL session replay attack affecting the client exists. | | Homepage: | http://www.suse.com | | File Size: | 12823 | | Related CVE(s): | CVE-2008-2234, CVE-2008-2233 | | Last Modified: | Aug 14 20:01:50 2008 | | MD5 Checksum: | a5c9b5a5bfbfb5a476e0fa336417c841 |
|
| /// File Name: | SUSE-SA-2008-040.txt | Description:
| SUSE Security Announcement - During a source code audit the SuSE Security-Team discovered a local privilege escalation bug as well as a mailbox ownership problem in postfix. The first bug allowed local users to execute arbitrary commands as root while the second one allowed local users to read other users mail. | | Homepage: | http://www.suse.com | | File Size: | 14399 | | Related CVE(s): | CVE-2008-2936, CVE-2008-2937 | | Last Modified: | Aug 14 19:55:59 2008 | | MD5 Checksum: | eaa21077f3779185d042f06a508f9688 |
|
| /// File Name: | postfix-ruhroh.txt | Description:
| Postfix on modern Solaris and Linux filesystems can be leveraged for privilege escalation via hardlinks. | | Author: | Wietse Venema | | File Size: | 10869 | | Last Modified: | Aug 14 19:55:00 2008 | | MD5 Checksum: | 02e30f6b6b0cba8ce26d00032feeeb2b |
|
| /// File Name: | MDVSA-2008-170.txt | Description:
| Mandriva Linux Security Advisory - Thomas Pollet discovered an integer overflow vulnerability in the PNG image handling filter in CUPS. This could allow a malicious user to execute arbitrary code with the privileges of the user running CUPS, or cause a denial of service by sending a specially crafted PNG image to the print server. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8933 | | Related CVE(s): | CVE-2008-1722 | | Last Modified: | Aug 14 01:58:26 2008 | | MD5 Checksum: | 660f4d454552514f438069932300c0cf |
|
| /// File Name: | MDVSA-2008-169.txt | Description:
| Mandriva Linux Security Advisory - Marc Schoenefeld of the Red Hat Security Response Team discovered a vulnerability in the hplip alert-mailing functionality that could allow a local attacker to elevate their privileges by using specially-crafted packets to trigger alert mails that are sent by the root account. Another vulnerability was discovered by Marc Schoenefeld in the hpssd message parser that could allow a local attacker to stop the hpssd process by sending specially-crafted packets, causing a denial of service. The updated packages have been patched to correct these issues. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 9181 | | Related CVE(s): | CVE-2008-2940, CVE-2008-2941 | | Last Modified: | Aug 14 01:56:53 2008 | | MD5 Checksum: | 148dd1fdcbb7b4f86162eb048226603f |
|
| /// File Name: | MDVSA-2008-168.txt | Description:
| Mandriva Linux Security Advisory - A vulnerability was found in the OCSP search functionality in stunnel that could allow a remote attacker to use a revoked certificate that would be successfully authenticated by stunnel. This flaw only concerns users who have enabled OCSP validation in stunnel. The updated packages have been patched to correct this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4735 | | Related CVE(s): | CVE-2008-2420 | | Last Modified: | Aug 14 01:56:21 2008 | | MD5 Checksum: | c99af4bde004b58dcbe22defa64c8221 |
|
| /// File Name: | msm-remote.txt | Description:
| A remote illegal access vulnerability exists in Microsoft Windows Live Messenger. A vicious attacker can control the Live Messenger via constructing a malicious web page. | | Author: | cocoruder | | Homepage: | http://ruder.cdut.net/ | | File Size: | 2079 | | Related CVE(s): | CVE-2008-0082 | | Last Modified: | Aug 14 01:56:09 2008 | | MD5 Checksum: | 893382da2903619e476e93b9b7952707 |
|
| /// File Name: | CORE-2008-0103.txt | Description:
| Core Security Technologies Advisory - A zone elevation vulnerability has been discovered in Internet Explorer versions 5 through 7 under Windows 2000, 2003, and XP. It also affects Windows Vista on IE 7 when protected mode is turned off. | | Author: | Jorge Luis Alvarez Medina | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 27082 | | Related CVE(s): | CVE-2008-1448 | | Last Modified: | Aug 13 19:27:23 2008 | | MD5 Checksum: | 7bcec620f32e9905726c1a58cd81f323 |
|
| /// File Name: | 08.12.08-7.txt | Description:
| iDefense Security Advisory 08.12.08 - Remote exploitation of a heap-based buffer overflow vulnerability in multiple versions of Microsoft Corp.'s Windows operating system allows an attacker to execute arbitrary code with the privileges of the current user. This vulnerability specifically exists in the InternalOpenColorProfile function in mscms.dll. When a malformed parameter is supplied, a heap-based buffer overflow can occur, resulting in an exploitable condition. iDefense has confirmed the existence of this vulnerability in the following Microsoft products: Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. | | Author: | Jun Mao | | Homepage: | http://www.idefense.com/ | | File Size: | 4803 | | Related CVE(s): | CVE-2008-2245 | | Last Modified: | Aug 13 02:21:21 2008 | | MD5 Checksum: | e4b2909ae010ac48512a585ecf2f6bb0 |
|
| /// File Name: | 08.12.08-6.txt | Description:
| iDefense Security Advisory 08.12.08 - Remote exploitation of an invalid array indexing vulnerability in Microsoft Corp.'s Excel could allows attackers to execute arbitrary code with the privileges of the current user. This issue exists in the handling of "FORMAT" records within an Excel spreadsheet (XLS). By crafting a spreadsheet with an out-of-bounds array index, attackers are able to cause Excel to write a byte to arbitrary locations in stack memory. iDefense has confirmed the existence of this vulnerability with Office 2000 SP-3 fully patched as of March 2008. Other versions may also be affected. | | Homepage: | http://www.idefense.com/ | | File Size: | 3825 | | Related CVE(s): | CVE-2008-3005 | | Last Modified: | Aug 13 02:19:10 2008 | | MD5 Checksum: | 8722104d70c635fcf1baff7c2c01cc3d |
|
| /// File Name: | 08.12.08-5.txt | Description:
| iDefense Security Advisory 08.12.08 - Remote exploitation of an invalid array indexing vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This issue exists in the handling of "AxesSet" records within a chart embedded in a spreadsheet. This record is typically used for setting the location and size of a set of axes on a chart. This particular record type is not included in Microsoft's official documentation for the Excel file format. However, the freely available source code for OpenOffice implements this record type. When processing this record, Excel does not validate a value that is used as an index into the array of chart axes. By crafting an Excel spreadsheet (XLS) that contains an out-of-bounds array value, an attacker can cause memory corruption. This leads to a potentially exploitable condition. iDefense has confirmed the existence of this vulnerability with Office 2000 SP-3 fully patched as of March 2008. Other versions may also be affected. | | Homepage: | http://www.idefense.com/ | | File Size: | 4263 | | Related CVE(s): | CVE-2008-3004 | | Last Modified: | Aug 13 02:18:19 2008 | | MD5 Checksum: | fd66d4fe0e4b8bda0129a57258ab261d |
|
| /// File Name: | 08.12.08-4.txt | Description:
| iDefense Security Advisory 08.12.08 - Remote exploitation of an integer overflow vulnerability in Microsoft Corp.'s PowerPoint Viewer 2003 could allow an attacker to execute arbitrary code in the context of the user running the application. This vulnerability specifically exists when handling CString objects embedded in a PowerPoint presentation file. An issue in this object results in a very small amount of buffer being allocated while a very large amount of data is copied into it. This leads to an exploitable heap-based buffer overflow. iDefense has confirmed that pptview.exe file version 11.0.5703.0 and file version 11.0.6566.0, as included in Microsoft Office 2003 SP2, are vulnerable. Other versions are also likely to be affected. | | Author: | Ruben Santamarta | | Homepage: | http://www.idefense.com/ | | File Size: | 3716 | | Related CVE(s): | CVE-2008-0120 | | Last Modified: | Aug 13 02:16:33 2008 | | MD5 Checksum: | 396ecf4f3a5c65f6dd3bccd2fad6f1ef |
|
| /// File Name: | 08.12.08-3.txt | Description:
| iDefense Security Advisory 08.12.08 - Remote exploitation of an out of boundary array index vulnerability in Microsoft Corp.'s PowerPoint Viewer 2003 could allow an attacker to execute arbitrary code in the context of the user running the application. This vulnerability specifically exists in PowerPoint Viewer 2003 when handling certain records in a PowerPoint presentation file. In some circumstances, an array index can be directly controlled by data from within the PowerPoint presentation file. Thus, a function pointer can be directly controlled by the attacker and leveraged for arbitrary code execution. iDefense has confirmed that pptview.exe file version 11.0.5703.0 is vulnerable. Previous versions are also likely to be affected. | | Author: | Ruben Santamarta | | Homepage: | http://www.idefense.com/ | | File Size: | 3904 | | Related CVE(s): | CVE-2008-0121 | | Last Modified: | Aug 13 02:15:45 2008 | | MD5 Checksum: | 2678fdce1c494b2f84914fc23378da20 |
|
| /// File Name: | 08.12.08-2.txt | Description:
| iDefense Security Advisory 08.12.08 - Remote exploitation of a buffer overflow vulnerability in Microsoft Corp.'s Office filter for WordPerfect Graphics Files, could allow an attacker to execute arbitrary code with the privileges of the victim. This vulnerability specifically lies within the "WPGIMP32.FLT" module. A heap overflow can occur when processing a malformed Wordperfect Graphics (WPG) file. By corrupting heap memory, it is possible to execute arbitrary code. iDefense has confirmed this vulnerability in the following versions of Microsoft Office; Office XP SP3, Office 2003 SP2, Office 97. Other versions may also be affected. | | Author: | Damian Put | | Homepage: | http://www.idefense.com/ | | File Size: | 3946 | | Related CVE(s): | CVE-2008-3460 | | Last Modified: | Aug 13 02:13:59 2008 | | MD5 Checksum: | 73fc127e380cf480fb78edda5252dd91 |
|
| /// File Name: | 08.12.08-1.txt | Description:
| iDefense Security Advisory 08.12.08 - Remote exploitation of a heap buffer overflow vulnerability in the "BMPIMP32.FLT" filter module, as distributed with Microsoft Office, allows attackers to execute arbitrary code. The vulnerability specifically exists in the handling of Windows Bitmap (BMP) image files with malformed headers. By specifying a very large number of colors in the header, it is possible to cause controllable heap corruption, which can be leveraged to execute arbitrary code. iDefense confirmed that the "BMPIMP32.FLT" module installed with Microsoft Office XP SP3, including all patches as of May 24, 2006, is vulnerable. Other versions may also be vulnerable. | | Homepage: | http://www.idefense.com/ | | File Size: | 4216 | | Related CVE(s): | CVE-2008-3020 | | Last Modified: | Aug 13 02:09:58 2008 | | MD5 Checksum: | 69ad5b955ac8bff0b5f1a10806009492 |
|
| /// File Name: | ZDI-08-051.txt | Description:
| A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of document objects. When an object is appended in a specific order and particular functions are performed on these objects memory corruption occurs. Successful exploitation leads to remote compromise of the affected system under the credentials of the currently logged in user. | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3215 | | Related CVE(s): | CVE-2008-2258 | | Last Modified: | Aug 13 02:06:43 2008 | | MD5 Checksum: | 92b4db3d7e7da409de10fa99687ee417 |
|
| /// File Name: | ZDI-08-050.txt | Description:
| A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of document objects. When an object is appended in a specific order, memory corruption occurs. Successful exploitation leads to remote compromise of the affected system under the credentials of the currently logged in user. | | Author: | Sam Thomas | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3195 | | Related CVE(s): | CVE-2008-2257 | | Last Modified: | Aug 13 02:05:43 2008 | | MD5 Checksum: | 1e767b4d0710b6c931e46b42a3154c5f |
|
| /// File Name: | ZDI-08-049.txt | Description:
| A potential vulnerability exists in the Microsoft Office Suite. The issue is a result of insufficient bounds checking on the content of PICT files embedded into documents. Successful exploitation of this issue enables an attacker to remotely execute arbitrary code on a target system. User interaction would be required, as an attacker would have to convince the target user to open a malformed file. One of the filter DLLs for processing image files in Microsoft Office suffers from a potentially-exploitable memory corruption condition when processing .PICT images. An invalid value in the bits_per_pixel field (offset 0x257) causes heap corruption. Different values of this field result in distinctly different types of corruption. Internally, the issue was only reproducible when the malformed image was directly inserted into an Office document by the target user. | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3817 | | Related CVE(s): | CVE-2008-3021 | | Last Modified: | Aug 13 02:01:58 2008 | | MD5 Checksum: | 95a2365a606823614531bdc803a5d3ab |
|
| /// File Name: | ZDI-08-048.txt | Description:
| A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by Microsoft Excel. During the processing of a malformed Country (0x8c) record, user-supplied data may be used in a memory copy operation resulting in memory corruption. If successfully exploited remote control of the |
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
