Section: .. / 0710-advisories /
| /// File Name: |
MDKSA-2007-193.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in how OpenSSL performed Montgomery multiplications was discovered %that could allow a local attacker to reconstruct RSA private keys by examining another user's OpenSSL processes. Moritz Jodeit found that OpenSSL's SSL_get_shared_ciphers() function did not correctly check the size of the buffer it was writing to. As a result, a remote attacker could exploit this to write one NULL byte past the end of the application's cipher list buffer, which could possibly lead to a denial of service or the execution of arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7307 | | Related CVE(s): | CVE-2007-3108, CVE-2007-5135 | | Last Modified: | Oct 5 02:14:28 2007 |
| MD5 Checksum: | d2934c153f0679b7321b754ee6c07501 |
|
| /// File Name: |
glsa-200710-01.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200710-01 - A stack based buffer overflow has been discovered in the svcauth_gss_validate() function in file lib/rpc/svc_auth_gss.c when processing an overly long string in a RPC message. Versions less than 0.16 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3022 | | Related CVE(s): | CVE-2007-3999 | | Last Modified: | Oct 5 02:08:26 2007 |
| MD5 Checksum: | d265c9e196081c49e034c1b7570cbd8e |
|
| /// File Name: |
DDIVRT-2007-05.txt |
Description:
|
The NetSupport Manager client that listens on TCP port 5405 does not properly validate input supplied during the initial connection sequence. Specifically, during the configuration exchange part of the initial connection setup, the client does not appear to validate the supplied data which can result in a DoS of the NetSupport Manager Client. Remote code exploitation is also thought to be possible.
| | Homepage: | http://www.netsupportmanager.com/ | | File Size: | 1576 | | Last Modified: | Oct 5 02:07:56 2007 |
| MD5 Checksum: | ed61af9ea9612fc1c77af1eadba03aa3 |
|
| /// File Name: |
USN-523-1.txt |
Description:
|
Ubuntu Security Notice 523-1 - Multiple vulnerabilities were found in the image decoders of ImageMagick. If a user or automated system were tricked into processing a malicious DCM, DIB, XBM, XCF, or XWD image, a remote attacker could execute arbitrary code with user privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 15632 | | Related CVE(s): | CVE-2007-4985, CVE-2007-4986, CVE-2007-4987, CVE-2007-4988 | | Last Modified: | Oct 5 01:30:30 2007 |
| MD5 Checksum: | 86e6f3964a537e5b0f856c134bd48572 |
|
| /// File Name: |
sa26970.txt |
Description:
|
Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in Altnet Download Manager, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26970/ | | File Size: | 2483 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | e39f1a86b8a49d58dd0e636316447a75 |
|
| /// File Name: |
sa27005.txt |
Description:
|
Secunia Security Advisory - Trew has reported some vulnerabilities in BlackBoard Learning System, which can be exploited by malicious users to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/27005/ | | File Size: | 2651 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | dc615bf8fc36c72e465525e2f2cf8c10 |
|
| /// File Name: |
sa27009.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities have been reported in Sun Java JRE (Java Runtime Environment), which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27009/ | | File Size: | 4174 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | 16dc3f84d8583d96d4817ec55d5a732c |
|
| /// File Name: |
sa27012.txt |
Description:
|
Secunia Security Advisory - FreeBSD has issued an update for openssl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27012/ | | File Size: | 2569 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | 8792f5cf71cf8c96de79d78705ce2096 |
|
| /// File Name: |
sa27025.txt |
Description:
|
Secunia Security Advisory - K3ZZAP66345 has discovered a vulnerability in Segue CMS, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27025/ | | File Size: | 2542 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | 6cd347d47f9d113f908668a2392dff75 |
|
| /// File Name: |
sa27028.txt |
Description:
|
Secunia Security Advisory - InATeam has discovered two vulnerabilities in Zomplog, which can be exploited by malicious people to bypass certain security restrictions and to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27028/ | | File Size: | 2539 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | 9f33b3851c979bd6e25878753ab2a069 |
|
| /// File Name: |
sa27041.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in AppFuse, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/27041/ | | File Size: | 2322 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | af5d331cb3debe263565c06fc263937f |
|
| /// File Name: |
sa27046.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in GForge, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/27046/ | | File Size: | 2403 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | f786c5f872645212d31ae420d2374bb8 |
|
| /// File Name: |
sa27048.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for imagemagick. This fixes some vulnerabilities, which can be exploited by malicious people to conduct DoS (Denial of Service) attacks or compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27048/ | | File Size: | 15608 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | 52be894c8e4dc09361d3736a15398aab |
|
| /// File Name: |
sa27051.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for openssl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27051/ | | File Size: | 2155 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | ee4fc6ede0f622c9fd3a333b910af0b7 |
|
| /// File Name: |
sa27052.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for xorg-x11. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/27052/ | | File Size: | 2248 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | c5c7460e14c5915440cb5d47fcde9253 |
|
| /// File Name: |
sa27053.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for qt-x11-free. This fixes a vulnerability, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/27053/ | | File Size: | 2140 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | 08092c41ff97b41e841bbab597cd1cbd |
|
| /// File Name: |
sa27055.txt |
Description:
|
Secunia Security Advisory - David Kierznowski has reported a vulnerability in FeedBurner FeedSmith, which can be exploited by malicious people to conduct cross-site request forgery attacks.
| | Homepage: | http://secunia.com/advisories/27055/ | | File Size: | 2421 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | ce12f62aab6faacdc0c98bcb540c02db |
|
| /// File Name: |
sa27062.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for elinks. This fixes a weakness, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/27062/ | | File Size: | 2420 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | bcf47a3a809e7392a30c9d8ba1f3b088 |
|
| /// File Name: |
sa27064.txt |
Description:
|
Secunia Security Advisory - Chad Phillips has reported a vulnerability in the Project issue tracking module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/27064/ | | File Size: | 2667 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | ed1a8ad9e7780aaf2f3b06a5d8a778c2 |
|
| /// File Name: |
sa27065.txt |
Description:
|
Secunia Security Advisory - Gokhan has discovered a vulnerability in DRBGuestbook, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/27065/ | | File Size: | 2252 | | Last Modified: | Oct 5 01:20:47 2007 |
| MD5 Checksum: | 0bc64dfce5b7585631730bbfbcd615cf |
|
| /// File Name: |
sa27024.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious, local users to disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/27024/ | | File Size: | 2706 | | Last Modified: | Oct 3 20:36:25 2007 |
| MD5 Checksum: | 2d3bb95d37d50d5907fdb7663e047491 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
