Section: .. / 0710-advisories /
| /// File Name: |
sa27465.txt |
Description:
|
Secunia Security Advisory - IBM has acknowledged a vulnerability in AIX, which can be exploited by malicious people to poison the DNS cache.
| | Homepage: | http://secunia.com/advisories/27465/ | | File Size: | 2376 | | Last Modified: | Oct 31 20:05:32 2007 |
| MD5 Checksum: | d91d5280ee0ac96b679a902ed8c9584f |
|
| /// File Name: |
secunia-cups.txt |
Description:
|
Secunia Research has discovered a vulnerability in CUPS, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "ippReadIO()" function in cups/ipp.c when processing IPP (Internet Printing Protocol) tags.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4637 | | Related CVE(s): | CVE-2007-4351 | | Last Modified: | Oct 31 11:12:21 2007 |
| MD5 Checksum: | f050529925963e4d354c1ae9af386929 |
|
| /// File Name: |
secunia-ipswitch.txt |
Description:
|
Secunia Research has discovered a vulnerability in the IMail Client, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the IMail Client when processing emails containing multipart MIME data. Affected is the IMail Client 9.22 included with IPSwitch IMail Server 2006.22.
| | Homepage: | http://secunia.com/ | | File Size: | 4440 | | Related CVE(s): | CVE-2007-4345 | | Last Modified: | Oct 30 12:20:14 2007 |
| MD5 Checksum: | 2ecb467ba9ae08a8347f31a5fa740574 |
|
| /// File Name: |
secunia-irfanview.txt |
Description:
|
Secunia Research has discovered a vulnerability in IrfanView, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when importing palette files. Versions 3.99 and 4.00 are affected.
| | Author: | Stefan Cornelius | | Homepage: | http://secunia.com/ | | File Size: | 4293 | | Related CVE(s): | CVE-2007-4343 | | Last Modified: | Oct 16 18:49:59 2007 |
| MD5 Checksum: | 556f24b7270e9a35be04abafd96adea2 |
|
| /// File Name: |
secunia-mcafee.txt |
Description:
|
Secunia Research has discovered a vulnerability in McAfee E-Business Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow within the e-Business administration utility service when parsing authentication packets. Affected is McAfee E-Business Server for Linux version 8.1.1.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4802 | | Related CVE(s): | CVE-2007-2957 | | Last Modified: | Oct 31 11:11:02 2007 |
| MD5 Checksum: | 6dae62c7ecd1fa070332a3f1e761cc2d |
|
| /// File Name: |
secunia-tivoli.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in IBM Tivoli Storage Manager Client, which can be exploited by malicious people to conduct script insertion attacks. Certain input passed in HTTP requests to the CAD service is not properly sanitized before being logged. This can be exploited to insert arbitrary HTML and script code into dsmerror.log, which is executed in a user's browser session in context of the affected site when e.g. viewing the log file via the web-based interface using the "FILE" functionality of the CAD service.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4171 | | Related CVE(s): | CVE-2007-4348 | | Last Modified: | Oct 29 15:14:45 2007 |
| MD5 Checksum: | 920304c68e58b9f4ab930134dc9c2e2e |
|
| /// File Name: |
SSRT071298.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM) running httpd.tkd. The vulnerability could be exploited to allow remote unauthorized access to data.
| | Homepage: | http://www.hp.com/ | | File Size: | 11036 | | Related CVE(s): | CVE-2007-5413 | | Last Modified: | Oct 25 00:12:23 2007 |
| MD5 Checksum: | 2286f5205044f674877b5bb887703e00 |
|
| /// File Name: |
SSRT071436.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP Select Identity. The vulnerability could be exploited to allow remote unauthorized access.
| | Homepage: | http://www.hp.com/ | | File Size: | 5518 | | Last Modified: | Oct 12 00:40:08 2007 |
| MD5 Checksum: | 44d3955a018c0b8443bf3a069369e251 |
|
| /// File Name: |
SSRT071445-1.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) for Linux and Windows. These vulnerabilities could by exploited remotely to allow cross site scripting (XSS).
| | Homepage: | http://www.hp.com/ | | File Size: | 6621 | | Last Modified: | Oct 10 01:29:21 2007 |
| MD5 Checksum: | cebcd1fa13f99d2ce348b5e590b3dd57 |
|
| /// File Name: |
SSRT071445.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) for HP-UX. These vulnerabilities could by exploited remotely to allow cross site scripting (XSS).
| | Homepage: | http://www.hp.com/ | | File Size: | 6335 | | Last Modified: | Oct 10 01:28:12 2007 |
| MD5 Checksum: | 54c06269354825938acf38061e5a09a8 |
|
| /// File Name: |
SSRT071447.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified with Apache running on HP-UX. The vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) to execute arbitrary code.
| | Homepage: | http://www.hp.com/ | | File Size: | 7263 | | Related CVE(s): | CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386 | | Last Modified: | Oct 10 01:27:27 2007 |
| MD5 Checksum: | 8639b3ba8e68a74767d3c010df39b14a |
|
| /// File Name: |
SSRT071453.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX OpenSSL. The vulnerability could be exploited locally to create a Denial of Service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 7157 | | Last Modified: | Oct 16 18:55:10 2007 |
| MD5 Checksum: | 6768849d172273a7cd69131597362142 |
|
| /// File Name: |
SSRT071472.txt |
Description:
|
HP Security Bulletin - Potential vulnerabilities have been identified with HP Tru64 UNIX Running Apache Tomcat. The vulnerabilities could be exploited to allow remote unauthorized access or remote Denial of Service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 5518 | | Related CVE(s): | CVE-2007-3382, CVE-2007-3385, CVE-2007-3386 | | Last Modified: | Oct 16 18:54:32 2007 |
| MD5 Checksum: | fc1c776a1a098c3f9ac0ce54ed2e5e74 |
|
| /// File Name: |
SSRT071476.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX Apache version 2.0.59. The vulnerability could be exploited remotely to create a Denial of Service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 7395 | | Related CVE(s): | CVE-2007-3847, CVE-2007-3304 | | Last Modified: | Oct 12 00:41:53 2007 |
| MD5 Checksum: | ea06427b8f2fb4e3289e82c5f6ba3e3d |
|
| /// File Name: |
SSRT071480.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
| | Homepage: | http://www.hp.com/ | | File Size: | 9829 | | Last Modified: | Oct 16 18:55:41 2007 |
| MD5 Checksum: | d521c42c71203f3644b28cf8c28f63b5 |
|
| /// File Name: |
SYMSA-2007-010.txt |
Description:
|
Symantec Vulnerability Research SYMSA-2007-010 - A vulnerability has been discovered in the mechanism that Microsoft ActiveSync 4.x uses to obfuscate the password when it's sent over the USB network interface between the device and the host machine. This enables malicious software on the host to either impersonate a device in order to obtain the current password or, if in a position to sniff network traffic, obtain the password for trivial decoding.
| | Author: | Ollie Whitehouse | | Homepage: | http://www.symantec.com/research | | File Size: | 5788 | | Related CVE(s): | CVE-2007-5460 | | Last Modified: | Oct 15 19:12:46 2007 |
| MD5 Checksum: | 0d040e6887b4ff392302b0aef6cceca6 |
|
| /// File Name: |
SYMSA-2007-011.txt |
Description:
|
Symantec Vulnerability Research SYMSA-2007-011 - A vulnerability has been discovered in the SMS handler on Windows Mobile 2005 Pocket PC Phone edition which means the sender of the original SMS message can be masked from the recipient when sent a specifically crafted WAP PUSH message.
| | Author: | Ollie Whitehouse | | Homepage: | http://www.symantec.com/research | | File Size: | 6964 | | Related CVE(s): | CVE-2007-5493 | | Last Modified: | Oct 18 18:36:57 2007 |
| MD5 Checksum: | e24110e7aa7f663a5d2ed64308d72156 |
|
| /// File Name: |
SYMSA-2007-013.txt |
Description:
|
Symantec Vulnerability Research SYMSA-2007-013 - Lotus Notes and Domino are susceptible to a vulnerability in the IPC functionality between NLNOTEs and NTASKLDR.
| | Author: | Ollie Whitehouse | | Homepage: | http://www.symantec.com/research | | File Size: | 5186 | | Related CVE(s): | CVE-2007-5544 | | Last Modified: | Oct 23 17:43:21 2007 |
| MD5 Checksum: | 3f43cdf788c5557b9efd2190bc5342e3 |
|
| /// File Name: |
TA07-282A.txt |
Description:
|
Technical Cyber Security Alert TA07-282A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Outlook Express and Windows Mail, Microsoft Office, Microsoft Office for Mac, and Microsoft SharePoint. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4273 | | Last Modified: | Oct 10 02:17:08 2007 |
| MD5 Checksum: | 3aae2b7e9cc3444ce6193b3eefe8457c |
|
| /// File Name: |
TA07-290A.txt |
Description:
|
Technical Cyber Security Alert TA07-290A - Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 5966 | | Last Modified: | Oct 18 18:35:44 2007 |
| MD5 Checksum: | d5c97101601ad13ece13321675a9d954 |
|
| /// File Name: |
TA07-297A.txt |
Description:
|
Technical Cyber Security Alert TA07-297A - RealNetworks RealPlayer client for Microsoft Windows contains a stack buffer overflow in the playlist parameter passed to the client by an ActiveX control. This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code using a specially crafted web page or HTML email message.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 5603 | | Last Modified: | Oct 25 00:16:55 2007 |
| MD5 Checksum: | 71d1a302c9d89e721fd897151041c4f9 |
|
| /// File Name: |
TA07-297B.txt |
Description:
|
Technical Cyber Security Alert TA07-297B - Adobe has released updates for the Adobe Reader and Adobe Acrobat product families. The update addresses a URI handling vulnerability in Microsoft Windows XP and Server 2003 systems with Internet Explorer 7.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 4198 | | Last Modified: | Oct 25 00:18:19 2007 |
| MD5 Checksum: | 4fa2e40faf6c0e78aad5400850ba0c6d |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
