Section: .. / 0711-advisories /
| /// File Name: |
sa27562.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for python. This fixes a security issue, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27562/ | | File Size: | 2311 | | Last Modified: | Nov 8 20:30:20 2007 |
| MD5 Checksum: | 591b8e9829810c3815809b6c449a36e1 |
|
| /// File Name: |
sa27586.txt |
Description:
|
Secunia Security Advisory - Steve Kemp has reported a security issue in GForge, which can be exploited by malicious, local users to truncate arbitrary files.
| | Homepage: | http://secunia.com/advisories/27586/ | | File Size: | 2430 | | Last Modified: | Nov 8 18:54:19 2007 |
| MD5 Checksum: | c56925e6264f1ffe040458921fb10a7f |
|
| /// File Name: |
dsa-1404-1.txt |
Description:
|
Debian Security Advisory 1404-1 - Nicklous Roberts discovered that the Reupload module of Gallery 2, a web based photo management application, allowed unauthorized users to edit Gallery's data file.
| | Homepage: | http://www.debian.org/security | | File Size: | 2966 | | Related CVE(s): | CVE-2007-4650 | | Last Modified: | Nov 8 18:54:11 2007 |
| MD5 Checksum: | ac44e6a1640b5db47bbd2560fb44b166 |
|
| /// File Name: |
dsa-1403-1.txt |
Description:
|
Debian Security Advisory 1403-1 - Omer Singer of the DigiTrust Group discovered several vulnerabilities in phpMyAdmin, an application to administrate MySQL over the WWW. phpMyAdmin allows a remote attacker to inject arbitrary web script or HTML in the context of a logged in user's session (cross site scripting). phpMyAdmin, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.
| | Homepage: | http://www.debian.org/security | | File Size: | 4128 | | Related CVE(s): | CVE-2007-5589, CVE-2007-5386 | | Last Modified: | Nov 8 18:53:22 2007 |
| MD5 Checksum: | ebef30c98719dfff911a0788284f0536 |
|
| /// File Name: |
MDKSA-2007-213.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered by Tavis Ormandy and Will Drewry in the way that pcre handled certain malformed regular expressions. If an application linked against pcre, such as Konqueror, parses a malicious regular expression, it could lead to the execution of arbitrary code as the user running the application.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3228 | | Related CVE(s): | CVE-2007-1660 | | Last Modified: | Nov 8 18:52:19 2007 |
| MD5 Checksum: | 419f8570df845774c467abb9c94a6f4d |
|
| /// File Name: |
MDKSA-2007-212.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered by Tavis Ormandy and Will Drewry in the way that pcre handled certain malformed regular expressions. If an application linked against pcre, such as Konqueror, parses a malicious regular expression, it could lead to the execution of arbitrary code as the user running the application.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3675 | | Related CVE(s): | CVE-2007-1659, CVE-2007-1660 | | Last Modified: | Nov 8 18:51:42 2007 |
| MD5 Checksum: | 4a10d480630399081cc9b29433fc4791 |
|
| /// File Name: |
AST-2007-024.txt |
Description:
|
Asterisk Project Security Advisory - This advisory is a response to a false security vulnerability published in several places on the Internet. Had Asterisk's developers been notified prior to its publication, there would be no need for this. There is a potential for a buffer overflow in the sethdlc application; however, running this application requires root access to the server, which means that exploiting this vulnerability gains the attacker no more advantage than what he already has. As such, this is a bug, not a security vulnerability.
| | Author: | Michal Bucko,Mark Michelson | | Homepage: | http://www.asterisk.org/security | | File Size: | 8005 | | Related CVE(s): | CVE-2007-5690 | | Last Modified: | Nov 8 18:48:00 2007 |
| MD5 Checksum: | 4e70e810f66fe1da827e00a4ea82b022 |
|
| /// File Name: |
SSRT071484.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified in the Aries PA-RISC emulation software running on HP-UX IA-64 platforms only. This vulnerability may allow local unauthorized access.
| | Homepage: | http://www.hp.com/ | | File Size: | 6167 | | Last Modified: | Nov 8 18:36:19 2007 |
| MD5 Checksum: | b37ed6fcf3812f73f0e2bf08547f9d5b |
|
| /// File Name: |
glsa-200711-13.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-13 - 3proxy contains a double free vulnerability in the ftpprchild() function, which frees param->hostname and calls the parsehostname() function, which in turn attempts to free param->hostname again. Versions less than 0.5.3j are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 2951 | | Related CVE(s): | CVE-2007-5622 | | Last Modified: | Nov 8 18:35:01 2007 |
| MD5 Checksum: | 4c693bb5c066662ed6e09a37b427b986 |
|
| /// File Name: |
glsa-200711-12.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-12 - Jan Oravec reported that the /usr/bin/tomboy script sets the LD_LIBRARY_PATH environment variable incorrectly, which might result in the current working directory (.) to be included when searching for dynamically linked libraries of the Mono Runtime application. Versions less than 0.8.1-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3045 | | Related CVE(s): | CVE-2005-4790 | | Last Modified: | Nov 8 18:33:42 2007 |
| MD5 Checksum: | 5960f033e452769b32ce449af3d5d7d3 |
|
| /// File Name: |
glsa-200711-11.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200711-11 - fabiodds reported a boundary checking error in the check_snmp plugin when processing SNMP GET replies that could lead to a stack-based buffer overflow. Nobuhiro Ban reported a boundary checking error in the redir() function of the check_http plugin when processing HTTP Location: header information which might lead to a buffer overflow. Versions less than 1.4.10-r1 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 3536 | | Related CVE(s): | CVE-2007-5198, CVE-2007-5623 | | Last Modified: | Nov 8 18:33:35 2007 |
| MD5 Checksum: | 59425702583a03eb898842fae835be14 |
|
| /// File Name: |
OpenPKG-SA-2007.023.txt |
Description:
|
OpenPKG Security Advisory - Will Drewry and Tavis Ormandy of the Google Security Team have discovered a UTF-8 related heap overflow in the regular expression compiler of the Perl programming language, probably allowing attackers to execute arbitrary code by compiling specially crafted regular expressions. The bug manifests in a possible buffer overflow in the polymorphic "opcode" support code, caused by ASCII regular expressions that really are Unicode regular expressions.
| | Homepage: | http://www.openpkg.com/security/ | | File Size: | 2667 | | Related CVE(s): | CVE-2007-5116 | | Last Modified: | Nov 8 18:30:15 2007 |
| MD5 Checksum: | 7d78792bfaaef1d474a80e73e2ac9b60 |
|
| /// File Name: |
sa26503.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in GNOME gpdf, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26503/ | | File Size: | 2213 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | 5785ffe34e05351180c18ca42d08fedb |
|
| /// File Name: |
sa27479.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27479/ | | File Size: | 22990 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | 7b6d1e7712949218bdbfee41b1f494bc |
|
| /// File Name: |
sa27504.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in PicoFlat CMS, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/27504/ | | File Size: | 2340 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | 6efc049a73e9db589891a6d2c243ed6d |
|
| /// File Name: |
sa27515.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27515/ | | File Size: | 2287 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | f02ec8610807e2a3c6a1ba16f4fcdca7 |
|
| /// File Name: |
sa27535.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in C++ Sockets Library, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27535/ | | File Size: | 2510 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | e1bf21e180843dc4de90f7ab779fe12e |
|
| /// File Name: |
sa27549.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for gforge. This fixes a security issue, which can be exploited by malicious, local users to truncate arbitrary files.
| | Homepage: | http://secunia.com/advisories/27549/ | | File Size: | 7591 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | 73bd8d79f3f3d14937430bea021e5133 |
|
| /// File Name: |
sa27554.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for pcre. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose sensitive information, or potentially compromise an application using the library.
| | Homepage: | http://secunia.com/advisories/27554/ | | File Size: | 2323 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | e441311fcd10dcc8bb4cf8eefcdf44a7 |
|
| /// File Name: |
sa27560.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for xfs. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/27560/ | | File Size: | 2548 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | 0ee6371d1726995f40abc8fea0d2e036 |
|
| /// File Name: |
sa27572.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in PEAR MDB2, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/27572/ | | File Size: | 2452 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | acb6a76dff6c428ab24abc6a02b4f838 |
|
| /// File Name: |
sa27574.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for xpdf. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27574/ | | File Size: | 2932 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | 1ed96b3cbf6dae55589e3a6a6f0f9d7d |
|
| /// File Name: |
sa27575.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for gpdf. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27575/ | | File Size: | 2317 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | 2e2d58f44b2c9e1ed78f670180fc1b02 |
|
| /// File Name: |
sa27577.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for cups. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27577/ | | File Size: | 2816 | | Last Modified: | Nov 8 18:19:25 2007 |
| MD5 Checksum: | c2206007e2182fddcea65e7dcf9b53ee |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
