Section: .. / 0707-advisories /
| /// File Name: |
sa26072.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, conduct spoofing and cross-site scripting attacks, or potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26072/ | | File Size: | 23150 | | Last Modified: | Jul 21 04:11:22 2007 |
| MD5 Checksum: | 615d78f1d2db367c9ef7a6121d38b12e |
|
| /// File Name: |
sa26148.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
| | Homepage: | http://secunia.com/advisories/26148/ | | File Size: | 22809 | | Last Modified: | Jul 27 05:17:23 2007 |
| MD5 Checksum: | 1334f509bb00811e309d6c4c188db7e0 |
|
| /// File Name: |
dsa-1341-1.txt |
Description:
|
Debian Security Advisory 1341-1 - Amit Klein discovered that the BIND name server generates predictable DNS query IDs, which may lead to cache poisoning attacks.
| | Homepage: | http://www.debian.org/security | | File Size: | 18635 | | Related CVE(s): | CVE-2007-2926 | | Last Modified: | Jul 26 07:27:24 2007 |
| MD5 Checksum: | efc71ffb570f59153afced8b0976b744 |
|
| /// File Name: |
cisco-sa-20070724-arp.txt |
Description:
|
Cisco Security Advisory - Cisco Wireless LAN Controllers (WLC) contain multiple vulnerabilities in the handling of Address Resolution Protocol (ARP) packets that could result in a denial of service (DoS) in certain environments.
| | Homepage: | http://www.cisco.com/ | | File Size: | 18281 | | Last Modified: | Jul 25 06:09:56 2007 |
| MD5 Checksum: | 410864d31569a8f43549ea0e6021d88e |
|
| /// File Name: |
cisco-sa-20070711-cucm.txt |
Description:
|
Cisco Security Advisory - Cisco Unified Communications Manager (CUCM), formerly CallManager, contains two overflow vulnerabilities that could allow a remote, unauthenticated user to cause a denial of service (DoS) condition or execute arbitrary code.
| | Homepage: | http://www.cisco.com/ | | File Size: | 17475 | | Last Modified: | Jul 12 04:03:08 2007 |
| MD5 Checksum: | 412f91f1831d634ce385a7976970fba2 |
|
| /// File Name: |
USN-480-1.txt |
Description:
|
Ubuntu Security Notice 480-1 - Stefan Cornelius discovered that Gimp could miscalculate the size of heap buffers when processing PSD images. By tricking a user into opening a specially crafted PSD file with Gimp, an attacker could exploit this to execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 17030 | | Related CVE(s): | CVE-2007-2949 | | Last Modified: | Jul 7 06:27:09 2007 |
| MD5 Checksum: | 6b8210814ba11fb5b90ee0da69eb476e |
|
| /// File Name: |
sa25949.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for gimp. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25949/ | | File Size: | 16746 | | Last Modified: | Jul 6 04:01:35 2007 |
| MD5 Checksum: | 2032a787777a0465dee609733605809f |
|
| /// File Name: |
USN-489-2.txt |
Description:
|
Ubuntu Security Notice 489-2 - USN-489-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding fixes for the redhat cluster suite kernel sources. A flaw was discovered in the cluster manager. A remote attacker could connect to the DLM port and block further DLM operations.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 16619 | | Related CVE(s): | CVE-2007-3380 | | Last Modified: | Jul 20 08:23:59 2007 |
| MD5 Checksum: | fa2d1e36c3decb09b0108ca5b75c592a |
|
| /// File Name: |
MDKSA-2007-138.txt |
Description:
|
Mandriva Linux Security Advisory - An issue with the interaction between the Flash Player and the Konqueror web browser was discovered, which could lead to key presses leaking to the Flash Player instead of to the browser. This only affects users who have actually installed the Adobe Flash Player plugin.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 16384 | | Related CVE(s): | CVE-2007-2022 | | Last Modified: | Jul 7 05:30:15 2007 |
| MD5 Checksum: | 2bd85b9779dd1c6fc1e7330b9c850df8 |
|
| /// File Name: |
cisco-sa-20070711-voip.txt |
Description:
|
Cisco Security Advisory - Cisco Unified Communications Manager (CUCM), formerly CallManager, and Cisco Unified Presence Server (CUPS) contain two vulnerabilities that could allow an unauthorized administrator to activate and terminate CUCM / CUPS system services and access SNMP configuration information. This may respectively result in a denial of service (DoS) condition affecting CUCM/CUPS cluster systems and the disclosure of sensitive SNMP details, including community strings.
| | Homepage: | http://www.cisco.com/ | | File Size: | 16279 | | Last Modified: | Jul 12 04:03:48 2007 |
| MD5 Checksum: | ff511a349e03d39603d84611dd04fb3b |
|
| /// File Name: |
cisco-sa-20070718-waas.txt |
Description:
|
Cisco Security Advisory - The Cisco Wide Area Application Services (WAAS) software contains a denial of service (DoS) vulnerability that may cause some devices that run WAAS software (WAE appliance and NM-WAE-502 module) to stop processing all types of traffic, including data traffic and management traffic.
| | Homepage: | http://www.cisco.com/ | | File Size: | 16056 | | Last Modified: | Jul 19 05:12:28 2007 |
| MD5 Checksum: | 28afe455034b3a7f7e2f312140d97afb |
|
| /// File Name: |
dsa-1326-1.txt |
Description:
|
Debian Security Advisory 1326-1 - Steve Kemp from the Debian Security Audit project discovered that fireflier-server, an interactive firewall rule creation tool, uses temporary files in an unsafe manner which may be exploited to remove arbitrary files from the local system.
| | Homepage: | http://www.debian.org/security | | File Size: | 16049 | | Related CVE(s): | CVE-2007-2837 | | Last Modified: | Jul 1 23:08:31 2007 |
| MD5 Checksum: | 042fd10a27232d409a6bae3fd18d9030 |
|
| /// File Name: |
USN-481-1.txt |
Description:
|
Ubuntu Security Notice 481-1 - Multiple vulnerabilities were found in ImageMagick's handling of DCM and WXD image files. By tricking a user into processing a specially crafted image with an application that uses imagemagick, an attacker could execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 15633 | | Related CVE(s): | CVE-2007-1667, CVE-2007-1797 | | Last Modified: | Jul 11 09:07:00 2007 |
| MD5 Checksum: | 095128437acef8fc0977a7ab0e8f6c21 |
|
| /// File Name: |
sa25992.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for imagemagick. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/25992/ | | File Size: | 15616 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 718eca5c71323d5ec931990ef2650a9e |
|
| /// File Name: |
MDKSA-2007-140.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability was discovered in the the Apache mod_status module that could lead to a cross-site scripting attack on sites where the server-status page was publically accessible and ExtendedStatus was enabled. A vulnerability was found in the Apache mod_cache module that could cause the httpd server child process to crash if it was sent a carefully crafted request. This could lead to a denial of service if using a threaded MPM. The Apache server also did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the server could manipulate the scoreboard and cause arbitrary processes to be terminated.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 15408 | | Related CVE(s): | CVE-2006-5752, CVE-2007-1863, CVE-2007-3304 | | Last Modified: | Jul 7 06:29:41 2007 |
| MD5 Checksum: | 322cb36012270200b88f81b6f2d54abb |
|
| /// File Name: |
sa26159.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for iceape. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing and cross-site scripting attacks, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26159/ | | File Size: | 15015 | | Last Modified: | Jul 25 03:41:12 2007 |
| MD5 Checksum: | 127590c650d34ce1e6243cbbc05dfecc |
|
| /// File Name: |
sa25913.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for fireflier-server. This fixes a security issue, which can be exploited by malicious, local users to delete arbitrary files.
| | Homepage: | http://secunia.com/advisories/25913/ | | File Size: | 14954 | | Last Modified: | Jul 3 01:11:38 2007 |
| MD5 Checksum: | 7670b9f7dc5176aa9dd5785d1535523d |
|
| /// File Name: |
USN-484-1.txt |
Description:
|
Ubuntu Security Notice 484-1 - It was discovered that the GnuTLS certificate verification methods implemented in Curl did not check for expiration and activation dates. When performing validations, tools using libcurl3-gnutls would incorrectly allow connections to sites using expired certificates.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 14903 | | Related CVE(s): | CVE-2007-3564 | | Last Modified: | Jul 18 06:10:08 2007 |
| MD5 Checksum: | 2a3136b383d581b9ea3888a39dbd7f77 |
|
| /// File Name: |
sa25880.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for evolution. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/25880/ | | File Size: | 14814 | | Last Modified: | Jul 3 01:11:38 2007 |
| MD5 Checksum: | a1b736a352e3e6d8039cbb348d7cf5a6 |
|
| /// File Name: |
sa26108.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for curl. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/26108/ | | File Size: | 14746 | | Last Modified: | Jul 19 04:44:59 2007 |
| MD5 Checksum: | 38f68c6c2281511f82d9abf60e9224a8 |
|
| /// File Name: |
sa26119.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for IBM Java JRE/SDK and Sun Java JRE/SDK. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, gain escalated privileges, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26119/ | | File Size: | 14518 | | Last Modified: | Jul 20 07:47:25 2007 |
| MD5 Checksum: | ddbfa3fb496016a6ea412e29c2e3ecbf |
|
| /// File Name: |
dsa-1340-1.txt |
Description:
|
Debian Security Advisory 1340-1 - A NULL pointer dereference has been discovered in the RAR VM of Clam Antivirus (ClamAV) which allows user-assisted remote attackers to cause a denial of service via a specially crafted RAR archives.
| | Homepage: | http://www.debian.org/security | | File Size: | 13824 | | Related CVE(s): | CVE-2007-3725 | | Last Modified: | Jul 25 05:31:27 2007 |
| MD5 Checksum: | e0c3edcb3cea73262ca76bffee550402 |
|
| /// File Name: |
sa26164.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/26164/ | | File Size: | 12881 | | Last Modified: | Jul 25 03:41:12 2007 |
| MD5 Checksum: | e1cabebe1a66b0812db6c03811645056 |
|
| /// File Name: |
ASA-2007-018.txt |
Description:
|
Asterisk Project Security Advisory - The IAX2 channel driver in Asterisk is vulnerable to a denial of service attack when configured to allow unauthenticated calls.
| | Author: | Russell Bryant | | Homepage: | http://www.asterisk.org/security | | File Size: | 12583 | | Last Modified: | Jul 31 08:10:18 2007 |
| MD5 Checksum: | f10161aaa11ac16f83b440be2b06f0c7 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
