Section: .. / 0804-advisories /
| /// File Name: |
SSRT080048.txt |
Description:
|
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
| | Homepage: | http://www.hp.com/ | | File Size: | 10980 | | Last Modified: | Apr 17 13:01:33 2008 |
| MD5 Checksum: | 398f6b021079c9b1e4a851b6c27b2f22 |
|
| /// File Name: |
AST-2008-006.txt |
Description:
|
Asterisk Project Security Advisory - Javantea found multiple security issues in IAX2 including an incomplete 3-way handshake.
| | Author: | Javantea | | Homepage: | http://www.asterisk.org/security | | File Size: | 10837 | | Related CVE(s): | CVE-2008-1897 | | Last Modified: | Apr 22 21:41:02 2008 |
| MD5 Checksum: | 1784691eda57201cf6362b96624b5595 |
|
| /// File Name: |
msswi-blog.txt |
Description:
|
It appears that Microsoft may have incorrectly stated a few things regarding MS08-020 on their blog and are reluctant to fix it.
| | Author: | Amit Klein | | Homepage: | http://www.trusteer.com/ | | File Size: | 10370 | | Last Modified: | Apr 28 18:33:57 2008 |
| MD5 Checksum: | 5e1a39dbeaa19feb74181d88d9a056be |
|
| /// File Name: |
sa29889.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for python. This fixes some security issues, which can potentially be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29889/ | | File Size: | 9839 | | Last Modified: | Apr 28 10:37:56 2008 |
| MD5 Checksum: | ebf40a8cacce4ff173457dc6a7b1ac64 |
|
| /// File Name: |
dsa-1563-1.txt |
Description:
|
Debian Security Advisory 1563-1 - Joel R. Voss discovered that the IAX2 module of Asterisk, a free software PBX and telephony toolkit performs insufficient validation of IAX2 protocol messages, which may lead to denial of service.
| | Homepage: | http://www.debian.org/security | | File Size: | 9703 | | Related CVE(s): | CVE-2008-1897 | | Last Modified: | Apr 30 20:49:01 2008 |
| MD5 Checksum: | d3c0c0afebf4599c391e9e1d197a3ac5 |
|
| /// File Name: |
MDVSA-2008-085.txt |
Description:
|
Mandriva Linux Security Advisory - Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 9671 | | Related CVE(s): | CVE-2008-1721 | | Last Modified: | Apr 15 13:25:53 2008 |
| MD5 Checksum: | af82c8023779ea8404523f5ab5337b2a |
|
| /// File Name: |
glsa-200804-20.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200804-20 - Multiple vulnerabilities have been identified in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE). Versions less than 1.6.0.05 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 9092 | | Related CVE(s): | CVE-2007-2435, CVE-2007-2788, CVE-2007-2789, CVE-2007-3655, CVE-2007-5232, CVE-2007-5237, CVE-2007-5238, CVE-2007-5239, CVE-2007-5240, CVE-2007-5273, CVE-2007-5274, CVE-2007-5689, CVE-2008-0628, CVE-2008-0657, CVE-2008-1185, CVE-2008-1186, CVE-2008-1187, CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195, CVE-2008-1196 | | Last Modified: | Apr 18 14:14:48 2008 |
| MD5 Checksum: | 01e6a6b4b0d7ecdd0ebf50e52afe05db |
|
| /// File Name: |
MDVSA-2008-081.txt |
Description:
|
Mandriva Linux Security Advisory - A heap-based buffer overflow in CUPS 1.2.x and later was discovered by regenrecht of VeriSign iDenfense that could allow a remote attacker to execute arbitrary code via a crafted CGI search expression. A validation error in the Hp-GL/2 filter was also discovered. Finally, a vulnerability in how CUPS handled GIF files was found by Tomas Hoger of Red Hat, similar to previous issues corrected in PHP, gd, tk, netpbm, and SDL_image.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8797 | | Related CVE(s): | CVE-2008-0053, CVE-2008-0047, CVE-2008-1373 | | Last Modified: | Apr 3 01:41:48 2008 |
| MD5 Checksum: | 528584dba9753b6b54087d3eff95e9bd |
|
| /// File Name: |
dsa-1555-1.txt |
Description:
|
Debian Security Advisory 1555-1 - It was discovered that crashes in the Javascript engine of Iceweasel, an unbranded version of the Firefox browser could potentially lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 8704 | | Related CVE(s): | CVE-2008-1380 | | Last Modified: | Apr 23 14:45:31 2008 |
| MD5 Checksum: | 8ef01c81b61d199dcb53beb6c33149a3 |
|
| /// File Name: |
sa29911.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for iceweasel. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29911/ | | File Size: | 8614 | | Last Modified: | Apr 28 10:37:56 2008 |
| MD5 Checksum: | 36ec44c71070230a1c54c85c2e4ed053 |
|
| /// File Name: |
sa29616.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for iceweasel. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/29616/ | | File Size: | 8493 | | Last Modified: | Apr 1 01:48:19 2008 |
| MD5 Checksum: | 64f15eed9ee74f38516a7e719c90e80c |
|
| /// File Name: |
AKLINK-SA-2008-003.txt |
Description:
|
Windows Live Mail has a design flaw that allows outbound HTTP requests to be made via a simple preview of a mail that is S/MIME-signed.
| | Author: | Alexander Klink | | Homepage: | https://www.cynops.de/ | | File Size: | 8444 | | Last Modified: | Apr 1 22:28:49 2008 |
| MD5 Checksum: | aebe873d62162c203765c3b0fa9e8c94 |
|
| /// File Name: |
sa29659.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for cups. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/29659/ | | File Size: | 8422 | | Last Modified: | Apr 7 22:57:36 2008 |
| MD5 Checksum: | fab8387b0dfc31b6d0aa0a4f7e73ae9f |
|
| /// File Name: |
AKLINK-SA-2008-002.txt |
Description:
|
Microsoft Outlook has a design flaw that allows outbound HTTP requests to be made via a simple preview of a mail that is S/MIME-signed.
| | Author: | Alexander Klink | | Homepage: | https://www.cynops.de/ | | File Size: | 8413 | | Last Modified: | Apr 1 22:28:05 2008 |
| MD5 Checksum: | 909333355189bb942f90ebc1afc9cc71 |
|
| /// File Name: |
dsa-1533-2.txt |
Description:
|
Debian Security Advisory 1533-2 - Christian Schmid and Meder Kydyraliev (Google Security) discovered a number of vulnerabilities in exiftags, a utility for extracting EXIF metadata from JPEG images. This update merely adds the packages for Debian 3.1 sarge (oldstable) which were missing in the previous DSA.
| | Homepage: | http://www.debian.org/security | | File Size: | 8364 | | Related CVE(s): | CVE-2007-6354, CVE-2007-6355, CVE-2007-6356 | | Last Modified: | Apr 1 22:15:20 2008 |
| MD5 Checksum: | c0263d8a954340e247c814c20791301d |
|
| /// File Name: |
cadsm-activex.txt |
Description:
|
CA products that implement the DSM gui_cm_ctrls ActiveX control contain a vulnerability that can allow a remote attacker to cause a denial of service or execute arbitrary code. The vulnerability is due to insufficient verification of function arguments by the gui_cm_ctrls control. An attacker can execute arbitrary code under the context of the user running the web browser.
| | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 8206 | | Related CVE(s): | CVE-2008-1786 | | Last Modified: | Apr 16 18:07:18 2008 |
| MD5 Checksum: | 0459d642cca948564271c7536b495555 |
|
| /// File Name: |
sa29682.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for openldap2.3. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/29682/ | | File Size: | 8140 | | Last Modified: | Apr 10 10:08:38 2008 |
| MD5 Checksum: | c910084aba0856eddf8c8e6eb0bec303 |
|
| /// File Name: |
SSRT080000.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running WBEM Services. These vulnerabilities could be exploited remotely to execute arbitrary code or to gain extended privileges.
| | Homepage: | http://www.hp.com/ | | File Size: | 7962 | | Related CVE(s): | CVE-2007-5360, CVE-2008-0003 | | Last Modified: | Apr 30 20:46:10 2008 |
| MD5 Checksum: | e06432718809d3e5fcaa0f82bc13921f |
|
| /// File Name: |
dsa-1550-1.txt |
Description:
|
Debian Security Advisory 1550-1 - It was discovered that suphp, an Apache module to run PHP scripts with owner permissions handles symlinks insecurely, which may lead to privilege escalation by local users.
| | Homepage: | http://www.debian.org/security | | File Size: | 7859 | | Related CVE(s): | CVE-2008-1614 | | Last Modified: | Apr 17 18:18:54 2008 |
| MD5 Checksum: | bef82248dd7413e9a01bf8798566936a |
|
| /// File Name: |
SSRT080032.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with two types of optional HP USB Floppy Drive Keys intended for use with certain ProLiant servers. This vulnerability could cause a local 'W32.Fakerecy' or 'W32.SillyFDC' virus infection.
| | Homepage: | http://www.hp.com/ | | File Size: | 7738 | | Related CVE(s): | CVE-2008-0708 | | Last Modified: | Apr 4 20:04:09 2008 |
| MD5 Checksum: | 7b1841cbcc4388009f18f7070f89c880 |
|
| /// File Name: |
sa29872.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for suphp. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/29872/ | | File Size: | 7737 | | Last Modified: | Apr 28 10:37:56 2008 |
| MD5 Checksum: | 72bd127971545e1afe0c29b93998b4d4 |
|
| /// File Name: |
SSRT080031.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with the HPeDiag ActiveX control which is a component of HP Software Update running under windows. The vulnerability could be exploited to allow remote disclosure of information and execution of arbitrary code.
| | Homepage: | http://www.hp.com/ | | File Size: | 7674 | | Related CVE(s): | CVE-2008-0712 | | Last Modified: | Apr 24 16:49:38 2008 |
| MD5 Checksum: | 94d1e54ffae4bc8b8badbca2a431fe5f |
|
| /// File Name: |
CORE-2008-0314.txt |
Description:
|
Core Security Technologies Advisory - Orbit Downloader is vulnerable to a buffer overflow attack which can be exploited to execute arbitrary code. Versions 2.6.3 and 2.6.4 are verified vulnerable.
| | Author: | Diego Juarez | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 7486 | | Related CVE(s): | CVE-2008-1602 | | Last Modified: | Apr 4 18:03:17 2008 |
| MD5 Checksum: | 3cb9c129e128a6f459b5ce8739aaf7a1 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
