Section: .. / 0706-advisories /
| /// File Name: |
MDKSA-2007-117.txt |
Description:
|
Mandriva Linux Security Advisory - lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3503 | | Related CVE(s): | CVE-2007-2030 | | Last Modified: | Jun 7 02:42:12 2007 |
| MD5 Checksum: | 5b301778c715d84384ed44f8ff4f76a7 |
|
| /// File Name: |
MDKSA-2007-118.txt |
Description:
|
Mandriva Linux Security Advisory - An integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4460 | | Related CVE(s): | CVE-2007-2645 | | Last Modified: | Jun 10 20:29:11 2007 |
| MD5 Checksum: | 9946e9eb91dac34f27fc702ecae84120 |
|
| /// File Name: |
MDKSA-2007-121.txt |
Description:
|
Mandriva Linux Security Advisory - An integer overflow vulnerability was discovered in the way the FreeType font engine processed TTF files. If a user were to load a special font file with a program linked against freetype, it could cause the application to crash or possibly execute arbitrary code as the user running the program.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6302 | | Related CVE(s): | CVE-2007-2754 | | Last Modified: | Jun 14 01:01:55 2007 |
| MD5 Checksum: | 531c409c2a601e8e9693a3c8d625ca05 |
|
| /// File Name: |
MDKSA-2007-122.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in libgd2 was found by Xavier Roche where it would not correctly validate PNG callback results. If an application linked against libgd2 was tricked into processing a specially-crafted PNG file, it could cause a denial of service scenario via CPU resource consumption.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6165 | | Related CVE(s): | CVE-2007-2756 | | Last Modified: | Jun 14 01:02:56 2007 |
| MD5 Checksum: | e89299e4416279f2b4893e51810b958f |
|
| /// File Name: |
MDKSA-2007-123.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in libgd2 was found by Xavier Roche where it would not correctly validate PNG callback results. If an application linked against libgd2 was tricked into processing a specially-crafted PNG file, it could cause a denial of service scenario via CPU resource consumption. Libwmf uses an embedded copy of the gd source and may also be affected by this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5559 | | Related CVE(s): | CVE-2007-2756 | | Last Modified: | Jun 14 01:12:31 2007 |
| MD5 Checksum: | 64610f58ede948763eb5c90cb91a1571 |
|
| /// File Name: |
MDKSA-2007-124.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in libgd2 was found by Xavier Roche where it would not correctly validate PNG callback results. If an application linked against libgd2 was tricked into processing a specially-crafted PNG file, it could cause a denial of service scenario via CPU resource consumption. Tetex uses an embedded copy of the gd source and may also be affected by this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 10779 | | Related CVE(s): | CVE-2007-2756 | | Last Modified: | Jun 14 01:13:18 2007 |
| MD5 Checksum: | a087c34ebaa86347b374a97442437c85 |
|
| /// File Name: |
MDKSA-2007-125.txt |
Description:
|
Mandriva Linux Security Advisory - SpamAssassin 3.1.x, when running as root with unusual configuration options using vpopmail or virtual users, could allow local users to cause a denial of service (via corrupting arbitrary files) using a symlink attack on a file used by spamd.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5779 | | Related CVE(s): | CVE-2007-2873 | | Last Modified: | Jun 14 23:13:38 2007 |
| MD5 Checksum: | 28c7a96678bd21e0c6515908d42d8a19 |
|
| /// File Name: |
MDKSA-2007-127.txt |
Description:
|
Mandriva Linux Security Advisory - The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously-used data, which could be used to obtain potentially sensitive information by unauthorized users.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6416 | | Related CVE(s): | CVE-2007-1862 | | Last Modified: | Jun 21 14:39:43 2007 |
| MD5 Checksum: | a2d99b7c205baa5dde22550c005bc258 |
|
| /// File Name: |
MDKSA-2007-128.txt |
Description:
|
Mandriva Linux Security Advisory - Another integer overflow was found in the way libexif parses EXIF image tags. An individual who opened a carefully-crafted EXIF image file could cause the application linked against libexif to crash or possibly execute arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4757 | | Related CVE(s): | CVE-2007-4168 | | Last Modified: | Jun 21 14:47:59 2007 |
| MD5 Checksum: | 9f94bb3a1ce4d69a493e5abdb771f595 |
|
| /// File Name: |
MDKSA-2007-129.txt |
Description:
|
Mandriva Linux Security Advisory - A function in the JasPer JPEG-2000 library before 1.900 could allow a remote user-assisted attack to cause a crash and possibly corrupt the heap via malformed image files.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5087 | | Related CVE(s): | CVE-2007-2721 | | Last Modified: | Jun 21 14:48:31 2007 |
| MD5 Checksum: | 27478e8de46fe19cc20e9a1370670d80 |
|
| /// File Name: |
MDKSA-2007-130.txt |
Description:
|
Mandriva Linux Security Advisory - The Auth API in ProFTPD, when multiple simultaneous authentication modules are configured, did not require that the module that checks authentication is the same module that retrieves authentication data, which could possibly be used to allow remote attackers to bypass authentication. The updated packages have been patched to prevent this issue. As well, this update provides proper PAM configuration files for ProFTPD on Corporate Server 4 that had prevented any mod_auth_pam-based connections from succeeding authentication.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 15611 | | Related CVE(s): | CVE-2007-2165 | | Last Modified: | Jun 21 15:53:42 2007 |
| MD5 Checksum: | 826a791c6e040487d46c183cfbe3ad6c |
|
| /// File Name: |
MDKSA-2007-132.txt |
Description:
|
Mandriva Linux Security Advisory - The 802.11 network stack in MadWifi prior to 0.9.3.1 would allow remote attackers to cause a denial of service (system hang) via a crafted length field in nested 802.3 Ethernet frames in Fast Frame packets, which results in a NULL pointer dereference. The ath_beacon_config function in MadWifi prior to 0.9.3.1 would allow a remote attacker to cause a denial of service (system crash) via crafted beacon interval information when scanning for access points, which triggered a divide-by-zero error. An array index error in MadWifi prior to 0.9.3.1 would allow a local user to cause a denial of service (system crash) and possibly obtain kerenl memory contents, as well as possibly allowing for the execution of arbitrary code via a large negative array index value.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4763 | | Related CVE(s): | CVE-2007-2829, CVE-2007-2830, CVE-2007-2831 | | Last Modified: | Jun 26 16:01:21 2007 |
| MD5 Checksum: | b4e3166d8c902f2cb37ff36e742f985d |
|
| /// File Name: |
MDKSA-2007-133.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in emacs was discovered where it would crash when processing certain types of images.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6319 | | Related CVE(s): | CVE-2007-2833 | | Last Modified: | Jun 26 16:07:36 2007 |
| MD5 Checksum: | 40842a9a1632f2f9968084206cf41db0 |
|
| /// File Name: |
MDKSA-2007-134.txt |
Description:
|
Mandriva Linux Security Advisory - xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3165 | | Related CVE(s): | CVE-2007-2654 | | Last Modified: | Jun 26 16:44:28 2007 |
| MD5 Checksum: | 578426dbad18f764f6cd2fd8dd3f751d |
|
| /// File Name: |
MDKSA-2007-135.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple cross site scripting vulnerabilities were discovered in pam_login.cgi in webmin prior to version 1.350, which could allow a remote attacker to inject arbitrary web scripts or HTML.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3379 | | Related CVE(s): | CVE-2007-3156 | | Last Modified: | Jun 26 17:46:05 2007 |
| MD5 Checksum: | ca5a4ca83594aaf21023b540f65d8435 |
|
| /// File Name: |
MDKSA-2007-136.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in Evolution/evolution-data-server was found in how Evolution would process certain IMAP server messages. If a user were tricked into connecting to a malicious IMAP server, it was possible that arbitrary code could be executed with the privileges of the user using Evolution.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7916 | | Related CVE(s): | CVE-2007-3257 | | Last Modified: | Jun 29 00:32:08 2007 |
| MD5 Checksum: | 1e60143c69565aa376ab66084cf21edb |
|
| /// File Name: |
MDKSA-2007-137.txt |
Description:
|
Mandriva Linux Security Advisory - David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code. David Coffey also discovered an overflow flaw in the same RPC library. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code. Finally, a stack buffer overflow vulnerability was found in kadmind that allowed an unauthenticated user able to access kadmind the ability to trigger the vulnerability and possibly execute arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 9855 | | Related CVE(s): | CVE-2007-2442, CVE-2007-2443, CVE-2007-2798 | | Last Modified: | Jun 29 22:34:41 2007 |
| MD5 Checksum: | 2e1a3145902e2c36d59b1688739cdf10 |
|
| /// File Name: |
MITKRB5-SA-2007-005.txt |
Description:
|
MIT krb5 Security Advisory 2007-005 - The MIT krb5 Kerberos administration daemon (kadmind) is vulnerable to a stack buffer overflow.
| | Homepage: | http://web.mit.edu/ | | File Size: | 6437 | | Related CVE(s): | CVE-2007-2798 | | Last Modified: | Jun 29 00:04:13 2007 |
| MD5 Checksum: | 3b63b81d16f0b2afba7c8a2f903d53f7 |
|
| /// File Name: |
MS07-034.txt |
Description:
|
In Internet Explorer, using the mhtml: protocol handler and using Outlook Express's feature, arbitrary resources (such as HTML, image, application file and so on) can opened as MHTML formatted file and Content-Type: is disregarded.
| | Author: | Yosuke HASEGAWA | | File Size: | 4821 | | Related CVE(s): | CVE-2007-2225, CVE-2007-2227 | | Last Modified: | Jun 26 17:10:40 2007 |
| MD5 Checksum: | 168316744bd608455c87ac2a6ce49c80 |
|
| /// File Name: |
mtcookie-06_033.txt |
Description:
|
Movable Type stores the login and password hash of a given account in an issued cookie allowing for replay attacks.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 2184 | | Last Modified: | Jun 7 00:09:51 2007 |
| MD5 Checksum: | 4796a1ef69c9d45fbd0b4e5f7dd245ff |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
