Section: .. / 0707-advisories /
| /// File Name: |
encase-broken.txt |
Description:
|
Encase version 5.0 suffers from a vulnerability in the file parsing engine.
| | Homepage: | http://www.breakpointsecurity.net/ | | File Size: | 1343 | | Last Modified: | Jul 28 04:22:49 2007 |
| MD5 Checksum: | 46a92cd482e5b7b137ab999631da874b |
|
| /// File Name: |
eticket1511-xss.txt |
Description:
|
eTicket version 1.5.1.1 suffers from multiple cross site scripting vulnerabilities.
| | Author: | Attila Gerendi | | File Size: | 2537 | | Last Modified: | Jul 3 01:37:13 2007 |
| MD5 Checksum: | 4fc533c3667cc35c39ff502c5d0e278e |
|
| /// File Name: |
exlibris-xss.txt |
Description:
|
Multiple versions of the ExLibris Aleph and Metalib products are vulnerable to simple cross site scripting vulnerabilities.
| | Author: | Matthew Cook | | Homepage: | http://escarpment.net/ | | File Size: | 2075 | | Last Modified: | Jul 17 09:34:34 2007 |
| MD5 Checksum: | 0c219ccffc36d17ffe623b2a33f23ccc |
|
| /// File Name: |
FreeBSD-SA-07-05.libarchive.txt |
Description:
|
FreeBSD Security Advisory - Several problems have been found in the libarchive code used to parse the tar and pax interchange formats. These include entering an infinite loop if an archive prematurely ends within a pax extension header or if certain types of corruption occur in pax extension headers, dereferencing a NULL pointer if an archive prematurely ends within a tar header immediately following a pax extension header or if certain other types of corruption occur in pax extension headers, and miscomputing the length of a buffer resulting in a buffer overflow if yet another type of corruption occurs in a pax extension header.
| | Homepage: | http://security.freebsd.org/ | | File Size: | 5653 | | Related CVE(s): | CVE-2007-3641, CVE-2007-3644, CVE-2007-3645 | | Last Modified: | Jul 13 03:40:27 2007 |
| MD5 Checksum: | ccfe3e5ce2b9a60cc760a202eb9b789a |
|
| /// File Name: |
freedomain-sql.txt |
Description:
|
FreeDomain.co.nr Clone suffers from a SQL injection vulnerability.
| | Author: | Kw3rLn | | Homepage: | http://rst-crew.net/ | | File Size: | 486 | | Last Modified: | Jul 3 02:51:52 2007 |
| MD5 Checksum: | 90fd929019175514f70f18d2b0321132 |
|
| /// File Name: |
glsa-200707-01.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-01 - Cody Pierce from TippingPoint DVLabs has discovered a buffer overflow when processing connect requests with an overly large p_cnct_count value. Versions less than 2.0.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2581 | | Related CVE(s): | CVE-2007-3181 | | Last Modified: | Jul 3 01:12:42 2007 |
| MD5 Checksum: | 8628d04073e673f5898c6540f81d1fb2 |
|
| /// File Name: |
glsa-200707-02.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-02 - John Heasman of NGSSoftware has discovered a heap-based buffer overflow when parsing the prdata tag in RTF files where the first token is smaller than the second one (CVE-2007-0245). Additionally, the OpenOffice binary program is shipped with a version of FreeType that contains an integer signedness error in the n_points variable in file truetype/ttgload.c, which was covered by GLSA 200705-22 (CVE-2007-2754). Versions less than 2.2.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3582 | | Related CVE(s): | CVE-2007-0245, CVE-2007-2754 | | Last Modified: | Jul 3 01:13:16 2007 |
| MD5 Checksum: | 039aac205f958932d3e5426c0060d9c3 |
|
| /// File Name: |
glsa-200707-03.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-03 - The imap_rescan() function of the file camel-imap-folder.c does not properly sanitize the SEQUENCE response sent by an IMAP server before being used to index arrays. Versions less than 1.8.3-r5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2736 | | Related CVE(s): | CVE-2007-3257 | | Last Modified: | Jul 3 01:13:47 2007 |
| MD5 Checksum: | 07ccd44fc4ac88311def3d9431d2cb24 |
|
| /// File Name: |
glsa-200707-04.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-04 - Tavis Ormandy of the Gentoo Linux Security Team discovered a flaw in the handling of the hardware capabilities mask by the dynamic loader. If a mask is specified with a high population count, an integer overflow could occur when allocating memory. Versions less than 2.5-r4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3109 | | Related CVE(s): | CVE-2007-3508 | | Last Modified: | Jul 7 05:30:23 2007 |
| MD5 Checksum: | 7d6c7a49e7674eff3a04695d06ac04e4 |
|
| /// File Name: |
glsa-200707-05.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-05 - The pam_login.cgi file does not properly sanitize user input before sending it back as output to the user. Versions less than 1.350 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3158 | | Related CVE(s): | CVE-2007-3156 | | Last Modified: | Jul 7 07:30:42 2007 |
| MD5 Checksum: | a589727b4c50c052cc5333cb350daab0 |
|
| /// File Name: |
glsa-200707-06.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-06 - XnView is vulnerable to a stack-based buffer overflow while processing an XPM file with an overly long section string (greater than 1024 bytes). Versions less than 1.70 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3170 | | Related CVE(s): | CVE-2007-2194 | | Last Modified: | Jul 12 04:09:00 2007 |
| MD5 Checksum: | 5f162b42e05cbaae3228336635705b67 |
|
| /// File Name: |
glsa-200707-07.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-07 - Secunia Research discovered several boundary errors in the functions cddb_query_parse(), cddb_parse_matches_list() and cddb_read_parse(), each allowing for a stack-based buffer overflow. Versions less than 1.0.20070622 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 2694 | | Related CVE(s): | CVE-2007-2948 | | Last Modified: | Jul 25 06:46:19 2007 |
| MD5 Checksum: | 58f4ae93faca1230cdc806422c250b56 |
|
| /// File Name: |
glsa-200707-08.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-08 - Tavis Ormandy of the Gentoo Linux Security Team discovered that NVClock makes usage of an insecure temporary file in the /tmp directory. Versions less than 0.7-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2501 | | Related CVE(s): | CVE-2007-3531 | | Last Modified: | Jul 25 06:46:50 2007 |
| MD5 Checksum: | 72eb1e09e9af884741c4657afe5eaf6f |
|
| /// File Name: |
glsa-200707-09.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-09 - Sean Larsson from iDefense Labs discovered multiple integer overflows in various GIMP plugins (CVE-2006-4519). Stefan Cornelius from Secunia Research discovered an integer overflow in the seek_to_and_unpack_pixeldata() function when processing PSD files (CVE-2007-2949). Versions less than 2.2.16 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2730 | | Related CVE(s): | CVE-2006-4519, CVE-2007-2949 | | Last Modified: | Jul 26 07:07:28 2007 |
| MD5 Checksum: | 30ae1eb6ab33f6e71b8347c5fad8ce5e |
|
| /// File Name: |
glsa-200707-10.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-10 - Konstantine Shirow reported a vulnerability in default Gentoo configurations of Festival. The daemon is configured to run with root privileges and to listen on localhost, without requiring a password. Versions less than 1.95_beta-r4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2464 | | Last Modified: | Jul 26 07:08:07 2007 |
| MD5 Checksum: | 5138dd1f8ce79e1e0c72c770f0c1dcf2 |
|
| /// File Name: |
glsa-200707-11.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-11 - kadmind is affected by multiple vulnerabilities in the RPC library shipped with MIT Kerberos 5. It fails to properly handle zero-length RPC credentials (CVE-2007-2442) and the RPC library can write past the end of the stack buffer (CVE-2007-2443). Furthermore kadmind fails to do proper bounds checking (CVE-2007-2798). Versions less than 1.5.2-r3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2914 | | Related CVE(s): | CVE-2007-2442, CVE-2007-2443, CVE-2007-2798 | | Last Modified: | Jul 26 07:08:23 2007 |
| MD5 Checksum: | 7927176b970a80f882fa74621e25724c |
|
| /// File Name: |
glsa-200707-12.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-12 - David Thiel from iSEC Partners Inc. discovered format string errors in various plugins when parsing data. The affected plugins include Vorbis, Theora, CDDA and SAP. Versions less than 0.8.6c are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2609 | | Related CVE(s): | CVE-2007-3316 | | Last Modified: | Jul 31 07:11:55 2007 |
| MD5 Checksum: | 1e7a2848a581129128432616d7b887fc |
|
| /// File Name: |
glsa-200707-13.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-13 - A vulnerability has been discovered in Fail2ban when parsing log files. Versions less than 0.8.0-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2457 | | Last Modified: | Jul 31 07:12:42 2007 |
| MD5 Checksum: | e034057bb09ddf0d761efb27dc37dad0 |
|
| /// File Name: |
glsa-200707-14.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200707-14 - mu-b from Digital Labs discovered that the return value of a snprintf() call is not properly checked before being used. This could lead to an integer overflow. Versions less than 3.9.5-r3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2618 | | Related CVE(s): | CVE-2007-3798 | | Last Modified: | Jul 31 07:13:36 2007 |
| MD5 Checksum: | c0978bd26a6994bc80e14e36548af670 |
|
| /// File Name: |
heise-lotus.txt |
Description:
|
A debug function in versions 5 and above of Lotus Notes can be used to write a file containing the new password in plain text when a user password is changed.
| | Author: | Juergen Schmidt | | Homepage: | http://www.heise-security.co.uk/ | | File Size: | 2129 | | Last Modified: | Jul 20 08:43:41 2007 |
| MD5 Checksum: | 85742875ca20f3e82e3dea11989bb6b1 |
|
| /// File Name: |
homestay-xss.txt |
Description:
|
There is a cross site scripting vulnerability in HomestayFinder's Dictionary.aspx script which is responsible for mirroring the content of Wikipedia.
| | Author: | Susam Pal | | Homepage: | http://susam.in/ | | File Size: | 1046 | | Last Modified: | Jul 11 11:04:30 2007 |
| MD5 Checksum: | 40f59e1bd0d95cad11c1deace7149165 |
|
| /// File Name: |
ie-entrap.txt |
Description:
|
It appears that Microsoft Internet Explorer suffers from a browser entrapment vulnerability in document.open() calls.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/ | | File Size: | 1638 | | Last Modified: | Jul 17 09:22:12 2007 |
| MD5 Checksum: | a8e4a0a8e6bbda99cf4f77e69923c24c |
|
| /// File Name: |
ie-protocol.txt |
Description:
|
There is a URL protocol handler command injection vulnerability in Internet Explorer for Windows that allows you to execute shell commands with arbitrary arguments. This vulnerability can be triggered without user interaction simply by visiting a webpage.
| | Author: | Thor Larholm | | File Size: | 763 | | Last Modified: | Jul 11 09:01:53 2007 |
| MD5 Checksum: | 8beffac1da7c49ef8f8355f2635237ae |
|
| /// File Name: |
ledgersmb-bypass.txt |
Description:
|
LedgerSMB versions 1.2.0 through 1.2.6 suffer from an authentication bypass.
| | Author: | Chris Travers | | File Size: | 1775 | | Last Modified: | Jul 19 05:09:41 2007 |
| MD5 Checksum: | da593cf217e1cd7ff7d1ecd11e8c035a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
