Section: .. / 0804-advisories /
| /// File Name: |
glsa-200804-26.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200804-26 - Openfire's connection manager in the file ConnectionManagerImpl.java cannot handle clients that fail to read messages, and has no limit on their session's send buffer. Versions less than 3.5.0 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2474 | | Related CVE(s): | CVE-2008-1728 | | Last Modified: | Apr 23 12:42:32 2008 |
| MD5 Checksum: | 418e35338a4169d1724c64bfebdbc461 |
|
| /// File Name: |
glsa-200804-27.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200804-27 - Nathan G. Grennan reported a boundary error in SILC Toolkit within the silc_fingerprint() function in the file lib/silcutil/silcutil.c when passing overly long data, resulting in a stack-based buffer overflow. Versions less than 1.1.7 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 4182 | | Related CVE(s): | CVE-2008-1227, CVE-2008-1429, CVE-2008-1552 | | Last Modified: | Apr 24 16:25:59 2008 |
| MD5 Checksum: | 22e5a4d1c293c8e431da1d01bd9d9ee2 |
|
| /// File Name: |
glsa-200804-28.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200804-28 - Because of sharing the same codebase, JRockit is affected by the vulnerabilities mentioned in GLSA 200804-20. Versions less than 1.5.0.14 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3029 | | Last Modified: | Apr 24 16:26:06 2008 |
| MD5 Checksum: | 8adfd9b3fcb5d2b592286e4eb4c68173 |
|
| /// File Name: |
glsa-200804-29.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200804-29 - Comix does not properly sanitize filenames containing shell metacharacters when they are passed to the rar, unrar, or jpegtran programs (CVE-2008-1568). Comix also creates directories with predictable names (CVE-2008-1796). Versions less than 3.6.4-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3382 | | Related CVE(s): | CVE-2008-1568, CVE-2008-1796 | | Last Modified: | Apr 25 20:03:20 2008 |
| MD5 Checksum: | 8ce89de703f5399b083a9db761aa6539 |
|
| /// File Name: |
glsa-200804-30.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200804-30 - Vulnerabilities have been reported in the processing of user-controlled data by start_kdeinit, which is setuid root by default. Versions less than 4.0 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2858 | | Related CVE(s): | CVE-2008-1671 | | Last Modified: | Apr 29 19:47:11 2008 |
| MD5 Checksum: | 7cb96af75e50047c4cb88e232efaed5a |
|
| /// File Name: |
greenbow-memory.txt |
Description:
|
TheGreenBow IPSec VPN client version 4.10.010 suffers from a vulnerability where login credentials are stored in the clear in memory.
| | Author: | Evilcry | | Homepage: | http://evilcry.altervista.org/ | | File Size: | 1694 | | Last Modified: | Apr 8 01:14:08 2008 |
| MD5 Checksum: | 4583049e2c02821e9106695dfd4bf778 |
|
| /// File Name: |
groupwise70-overflow.txt |
Description:
|
The mailto: functionality in GroupWise 7.0 appears susceptible to a buffer overflow vulnerability.
| | Author: | Juan Pablo Lopez Yacubian | | File Size: | 825 | | Last Modified: | Apr 28 18:31:09 2008 |
| MD5 Checksum: | 78933519c25a9a493cb8771ae024207e |
|
| /// File Name: |
gwh-csrf.txt |
Description:
|
It appears that Google Web History is susceptible to an attack along the lines of cross site request forgery.
| | Author: | Alexander Konovalenko | | File Size: | 1565 | | Last Modified: | Apr 21 16:13:03 2008 |
| MD5 Checksum: | e587fcdc388c939153ad9998c5f2f0e4 |
|
| /// File Name: |
ibmdb2-exec.txt |
Description:
|
Team SHATTER Security Advisory - IBM DB2 UDB suffers from an arbitrary code execution vulnerability in the ADMIN_SP_C/ADMIN_SP_C2 procedures.
| | Author: | Martin Rakhmanov | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2125 | | Last Modified: | Apr 18 14:41:46 2008 |
| MD5 Checksum: | de94e730f8daddae561a8998a10bbfd2 |
|
| /// File Name: |
ibmdb2-overwrite.txt |
Description:
|
Team SHATTER Security Advisory - IBM DB2 UDB suffers from an arbitrary file overwrite vulnerability in the SYSPROC.NNSTAT procedure.
| | Author: | Cesar Cerrudo | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2158 | | Last Modified: | Apr 18 14:39:56 2008 |
| MD5 Checksum: | c624ca8b2e7f283918eac4c013a73fbc |
|
| /// File Name: |
INFIGO-2008-04-08.txt |
Description:
|
INFIGO IS's security team has identified a critical remote buffer overflow vulnerability in the latest ICQ version (ICQ 6.0).
| | Author: | Leon Juranic | | Homepage: | http://www.infigo.hr/ | | File Size: | 4045 | | Last Modified: | Apr 16 17:52:46 2008 |
| MD5 Checksum: | c38cbe7ca06aa48e9bbb69dd2592ca5c |
|
| /// File Name: |
ioactive-python.txt |
Description:
|
PyString_FromStringAndSize() incorrectly validates input in Python version 2.5.2. Earlier versions may also be vulnerable.
| | Homepage: | http://www.ioactive.com/ | | File Size: | 3268 | | Last Modified: | Apr 11 18:03:41 2008 |
| MD5 Checksum: | ce5261f198566aad695698664c3d2744 |
|
| /// File Name: |
ioactive-zlib.txt |
Description:
|
The zlib extension module in Python version 2.5.2 contains a method for flushing decompression streams that takes an input parameter of how much data to flush. This parameter is a signed integer that is not verified for sanity and is thus potentially negative. When passed a negative value memory is misallocated and then the signed integer is converted to an unsigned integer resulting in buffer overflow.
| | Homepage: | http://www.ioactive.com/ | | File Size: | 6293 | | Last Modified: | Apr 10 17:14:52 2008 |
| MD5 Checksum: | ae7beb198b329c5c2cd1e3698c43348b |
|
| /// File Name: |
jar-dos.txt |
Description:
|
Team SHATTER Security Advisory - DB2 has multiple vulnerabilities which can lead to Denial of Service (DoS) attacks against the instance. When RECOVERJAR and REMOVE_JAR procedures are called with a specially crafted parameter the DB2 instance crashes. Any DB2 database user can exploit these vulnerabilities since PUBLIC permissions are granted to both procedures by default. The RECOVERJAR and REMOVE_JAR procedures are installed by default.
| | Author: | Ariel Sanchez | | Homepage: | http://www.appsecinc.com/ | | File Size: | 2322 | | Last Modified: | Apr 18 14:38:11 2008 |
| MD5 Checksum: | 08128a2265c7f303e00858a4bffc90af |
|
| /// File Name: |
ksesfilter.txt |
Description:
|
kses-based HTML filters for projects like WordPress, Moodle, Drupal, eGroupWare, Dokeos, PHP-Nuke, Geeklog, etc, have been found vulnerable to cross site scripting and code execution vulnerabilities.
| | Author: | Lukas Pilorz | | Homepage: | http://allegro.pl/ | | File Size: | 4498 | | Last Modified: | Apr 4 17:36:05 2008 |
| MD5 Checksum: | 84dffd73915467fb43f6eb8e2af5244f |
|
| /// File Name: |
MDVSA-2008-081.txt |
Description:
|
Mandriva Linux Security Advisory - A heap-based buffer overflow in CUPS 1.2.x and later was discovered by regenrecht of VeriSign iDenfense that could allow a remote attacker to execute arbitrary code via a crafted CGI search expression. A validation error in the Hp-GL/2 filter was also discovered. Finally, a vulnerability in how CUPS handled GIF files was found by Tomas Hoger of Red Hat, similar to previous issues corrected in PHP, gd, tk, netpbm, and SDL_image.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8797 | | Related CVE(s): | CVE-2008-0053, CVE-2008-0047, CVE-2008-1373 | | Last Modified: | Apr 3 01:41:48 2008 |
| MD5 Checksum: | 528584dba9753b6b54087d3eff95e9bd |
|
| /// File Name: |
MDVSA-2008-082.txt |
Description:
|
Mandriva Linux Security Advisory - Daniel Papasian discovered a stack-based buffer overflow in the apc_search_paths() function in APC that can be triggered when processing long filenames. A remote attacker could exploit this vulnerability to execute arbitrary code in PHP applications that pass user-controlled input to the include() function.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3292 | | Related CVE(s): | CVE-2008-1488 | | Last Modified: | Apr 10 16:54:53 2008 |
| MD5 Checksum: | 017ee8b5bcc26ebc0b84a1bfa1f756bb |
|
| /// File Name: |
MDVSA-2008-083.txt |
Description:
|
Mandriva Linux Security Advisory - Joe Nall reported a stack-based buffer overflow in Audit's log handling that could allow remote attackers to execute arbitrary code via a long command argument.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4780 | | Related CVE(s): | CVE-2008-1628 | | Last Modified: | Apr 10 17:15:22 2008 |
| MD5 Checksum: | b1861deefc509ff4b3368da7903d4b11 |
|
| /// File Name: |
MDVSA-2008-084.txt |
Description:
|
Mandriva Linux Security Advisory - Sebastian Krahmer of SUSE discovered that rsync could overflow when handling ACLs. An attacker could construct a malicious set of files that, when processed, could lead to arbitrary code execution or a crash.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4391 | | Related CVE(s): | CVE-2008-1720 | | Last Modified: | Apr 14 16:05:56 2008 |
| MD5 Checksum: | 2256326410ab661f147afb96ec79eaa8 |
|
| /// File Name: |
MDVSA-2008-085.txt |
Description:
|
Mandriva Linux Security Advisory - Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 9671 | | Related CVE(s): | CVE-2008-1721 | | Last Modified: | Apr 15 13:25:53 2008 |
| MD5 Checksum: | af82c8023779ea8404523f5ab5337b2a |
|
| /// File Name: |
MDVSA-2008-086.txt |
Description:
|
Mandriva Linux Security Advisory - The isdn_ioctl function in isdn_common.c in the Linux kernel prior to 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which trigger a buffer overflow. The do_corefump function in fs/exec.c in the Linux kernel prior to 2.6.24-rc3 did not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which could possibly allow local users to obtain sensitive information. The shmem_getpage function in mm/shmem.c in the Linux kernel versions 2.6.11 through 2.6.23 did not properly clear allocated memory in certain rare circumstances related to tmps, which could possibly allow local users to read sensitive kernel data or cause a crash.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5064 | | Related CVE(s): | CVE-2007-6151, CVE-2007-6417, CVE-2007-6206 | | Last Modified: | Apr 15 22:23:15 2008 |
| MD5 Checksum: | 3b12b60b85bd9e3f44e1959c914adee2 |
|
| /// File Name: |
MDVSA-2008-087.txt |
Description:
|
Mandriva Linux Security Advisory - A format string vulnerability in the grant helper, in PolicyKit 0.7 and earlier, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2904 | | Related CVE(s): | CVE-2008-1658 | | Last Modified: | Apr 17 12:55:58 2008 |
| MD5 Checksum: | 018352abb4873073e6efe935b5d5ed7a |
|
| /// File Name: |
MDVSA-2008-089.txt |
Description:
|
Mandriva Linux Security Advisory - Kees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3122 | | Related CVE(s): | CVE-2008-1693 | | Last Modified: | Apr 18 14:31:41 2008 |
| MD5 Checksum: | e99a3c71b13af72c3e05bd7db5c591d8 |
|
| /// File Name: |
MDVSA-2008-090.txt |
Description:
|
Mandriva Linux Security Advisory - A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or potentially execute arbitrary code if the malicious EMF image was added to a document or if a document containing such an EMF file was opened. A heap overflow was discovered in the OLE Structured Storage file parser, a format used by Microsoft Office documents. An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or potentially execute arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 12042 | | Related CVE(s): | CVE-2007-5746, CVE-2008-0320 | | Last Modified: | Apr 21 18:28:49 2008 |
| MD5 Checksum: | e7db4216804e0067e84bf3c32ba3e8ab |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
