Section: .. / 0805-advisories /
| /// File Name: |
sa30349.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in IBM AIX, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/30349/ | | File Size: | 3567 | | Last Modified: | May 27 16:29:09 2008 |
| MD5 Checksum: | 7c0b56b818f7f6656303f4d1f4088b2a |
|
| /// File Name: |
sa30133.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Java System Web Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/30133/ | | File Size: | 3555 | | Last Modified: | May 8 13:30:50 2008 |
| MD5 Checksum: | 58e28bc0a6d2f40dff95bf5aa4c0018e |
|
| /// File Name: |
sa30377.txt |
Description:
|
Secunia Security Advisory - Digital Security Research Group have discovered some vulnerabilities in Quate CMS, which can be exploited by malicious users to disclose and manipulate sensitive information, and by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/30377/ | | File Size: | 3542 | | Last Modified: | May 27 16:29:09 2008 |
| MD5 Checksum: | 20703a1ca68c80d0cee2b1a35efb203d |
|
| /// File Name: |
webmodz.txt |
Description:
|
WebMod versions 0.48 and below suffer from directory traversal, buffer overflow, and disclosure vulnerabilities.
| | Author: | Luigi Auriemma | | Homepage: | http://aluigi.org/ | | Related Exploit: | webmodz.zip | | File Size: | 3516 | | Last Modified: | May 5 14:03:20 2008 |
| MD5 Checksum: | 446b41bca98f6c09f4273b89e3ff5922 |
|
| /// File Name: |
ZDI-08-029.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trillian. User interaction is required to exploit this vulnerability in that the target must open a malicious image file. The specific flaws exists during the parsing of messages with overly long attribute values within the FONT tag. The value for any attribute is copied into a stack based buffer via sprintf() which can result in a buffer overrun and can be subsequently leveraged to execute arbitrary code under the privileges of the logged in user. Exploitation may occur over the AIM network or via direct connections.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3493 | | Last Modified: | May 22 02:13:17 2008 |
| MD5 Checksum: | acedf3440ee07207f3cf3241bc0588a4 |
|
| /// File Name: |
bugzilla-multi.txt |
Description:
|
Bugzilla Security Advisory - Bugzilla version 3.1.3 suffers from an unauthorized bug change vulnerability. Versions 2.17.2 and higher suffer from a cross site scripting vulnerability. Versions 2.23.4 and higher suffer from an account impersonation vulnerability.
| | Author: | Frederic Buclin, Max Kanat-Alexander, Bradley Baetz, Loren Butler, Marc Schumann | | Homepage: | http://www.bugzilla.org/ | | File Size: | 3485 | | Last Modified: | May 6 18:53:45 2008 |
| MD5 Checksum: | 13db085e595afc0bfe20386178dd1ece |
|
| /// File Name: |
05.07.08-2.txt |
Description:
|
iDefense Security Advisory 05.07.08 - Remote exploitation of a BSS overflow vulnerability in rdesktop, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged-in user. The vulnerability exists within the code responsible for reading in an RDP redirect request. This request is used to redirect an RDP connection from one server to another. When parsing the redirect request, the rdesktop client reads several 32-bit integers from the request packet. These integers are then used to control the number of bytes read into statically allocated buffers. This results in several buffers located in the BSS section being overflowed, which can lead to the execution of arbitrary code. iDefense confirmed the existence of this vulnerability in rdesktop version 1.5.0. Previous versions may also be affected.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3480 | | Related CVE(s): | CVE-2008-1802 | | Last Modified: | May 7 20:42:49 2008 |
| MD5 Checksum: | dcb778aa36d5093d53a1522ad73f6ceb |
|
| /// File Name: |
sa30422.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/30422/ | | File Size: | 3447 | | Last Modified: | May 29 19:19:06 2008 |
| MD5 Checksum: | edba758a5045f1a9118d0aeaea590b64 |
|
| /// File Name: |
sa30231.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for ssl-cert. This fixes a security issue, which can lead to weak cryptographic key material.
| | Homepage: | http://secunia.com/advisories/30231/ | | File Size: | 3443 | | Last Modified: | May 15 00:56:37 2008 |
| MD5 Checksum: | 9ee8976bce7cb70a639ab4f9c8e51523 |
|
| /// File Name: |
ZDI-08-027.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates ARCserve Backup. Authentication is not required exploit this vulnerability. The specific flaw exists within the caloggerd log daemon during the processing of log messages that contain directory traversal modifiers. A lack of sanity checking on the provided path allows attackers to append arbitrary data to a file of their choosing and can easily result in a full system compromise.
| | Author: | Damian Put | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3422 | | Related CVE(s): | CVE-2008-2241 | | Last Modified: | May 19 21:38:49 2008 |
| MD5 Checksum: | f899af6260049b65f2a53fb1994143bd |
|
| /// File Name: |
05.07.08-3.txt |
Description:
|
iDefense Security Advisory 05.07.08 - Remote exploitation of an integer signedness vulnerability in rdesktop, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged-in user. The vulnerability exists within the code responsible for reallocating dynamic buffers. The rdesktop xrealloc() function uses a signed comparison to determine if the requested allocation size is less than 1. When this occurs, the function will incorrectly set the allocation size to be 1. This results in an improperly sized heap buffer being allocated, which can later be overflowed. iDefense confirmed the existence of this vulnerability in rdesktop version 1.5.0. Previous versions may also be affected.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3416 | | Related CVE(s): | CVE-2008-1803 | | Last Modified: | May 7 20:43:37 2008 |
| MD5 Checksum: | c3320ef9f586bf2a8eadea9bdb952524 |
|
| /// File Name: |
sa30238.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Cisco Unified Communications Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/30238/ | | File Size: | 3394 | | Last Modified: | May 15 18:28:59 2008 |
| MD5 Checksum: | 337026f528be99f1879c45b6acd58f7a |
|
| /// File Name: |
05.07.08-1.txt |
Description:
|
iDefense Security Advisory 05.07.08 - Remote exploitation of an integer underflow vulnerability in rdesktop, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged-in user. The vulnerability exists within the code responsible for reading in an RDP request. When reading a request, a 16-bit integer value that represents the number of bytes that follow is taken from the packet. This value is then decremented by 4, and used to calculate how many bytes to read into a heap buffer. The subtraction operation can underflow, which will then lead to the heap buffer being overflowed. iDefense confirmed the existence of this vulnerability in rdesktop version 1.5.0. Previous versions may also be affected.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3393 | | Related CVE(s): | CVE-2008-1801 | | Last Modified: | May 7 20:42:04 2008 |
| MD5 Checksum: | c018aff3b2b98000cb2a48058984a14d |
|
| /// File Name: |
ZDI-08-031.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the header parsing code for the msn protocol. When processing the X-MMS-IM-FORMAT header, certain attributes are copied into a buffer located on the stack without any length verification which can eventually lead to code execution with the privileges of the user that is running the application.
| | Author: | tw33k, n8 | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3381 | | Last Modified: | May 22 02:15:37 2008 |
| MD5 Checksum: | e1a0e2ccc6f70c902a6c430d0627f65b |
|
| /// File Name: |
ZDI-08-028.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Sametime. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of long URLs in the Community Services Multiplexer (StMux.exe) listening on TCP port 1533. A specially crafted URL can be passed into a vulnerable sscanf() function that will result in a stack overflow resulting in the ability to execute arbitrary code.
| | Author: | Manuel Santamarina Suarez | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3377 | | Last Modified: | May 22 02:12:01 2008 |
| MD5 Checksum: | 404cd26da5a98fbf55a71c9a209da6f4 |
|
| /// File Name: |
ZDI-08-026.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of CA BrightStor ARCserve Backup for Linux. User interaction is not required to exploit this vulnerability. The specific flaw exists due to improper bounds checking in the xdr_rwsstring() library function. By sending a long parameter into a daemon using this function to process strings, a stack based buffer overflow occurs, leading to execution of arbitrary code.
| | Author: | Damian Put | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3359 | | Related CVE(s): | CVE-2008-2242 | | Last Modified: | May 19 21:37:57 2008 |
| MD5 Checksum: | 7c46da1a5c684af64366f73a09e2c1a4 |
|
| /// File Name: |
ZDI-08-025.txt |
Description:
|
A vulnerability allows attackers to remotely obtain domain credentials on vulnerable installations of Symantec Altiris Deployment Solution. User interaction is not required to exploit this vulnerability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the axengine.exe service listening by default on TCP port 402. The service allows a remote client to request encrypted domain credentials without authentication. The encryption lacks a salt allowing an attacker with a local installation of Altiris Deployment Solution to easily decrypt the credentials.
| | Author: | Brett Moore | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3354 | | Last Modified: | May 15 18:28:51 2008 |
| MD5 Checksum: | 42547c174484950e72118580181d31aa |
|
| /// File Name: |
05.27.08-1.txt |
Description:
|
iDefense Security Advisory 05.27.08 - Remote exploitation of multiple stack based buffer overflow vulnerabilities in EMC Corp.'s AlphaStor could allow an attacker to execute arbitrary code with SYSTEM privileges. AlphaStor consists of multiple applications, one of which is the Server Agent. The Server Agent is one of the core components of AlphaStor, and is used to initiate disk management requests. The Agent consists of several processes, one of which is the AlphaStor Command Line Interface process. This process listens on TCP port 41025, and is prone to multiple stack based buffer overflow vulnerabilities. iDefense has confirmed the existence of these vulnerabilities in AlphaStor version 3.1 SP1 for Windows. Previous versions, as well as versions for other platforms, may also be affected.
| | Author: | Stephen Fewer, Sean Larsson | | Homepage: | http://www.idefense.com/ | | File Size: | 3349 | | Related CVE(s): | CVE-2008-2158 | | Last Modified: | May 27 19:42:17 2008 |
| MD5 Checksum: | f0e331dc95a7505a4903764fd5697dca |
|
| /// File Name: |
ZDI-08-030.txt |
Description:
|
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within XML parsing in talk.dll. When processing certain malformed attributes within an 'IMG' tags, it is possible to overwrite past an allocated heap chunk which can eventually lead to code execution under the context of the currently user.
| | Author: | tw33k, n8 | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3331 | | Last Modified: | May 22 02:14:45 2008 |
| MD5 Checksum: | 25afc9de4474dcedeebaad3ec2342f88 |
|
| /// File Name: |
glsa-200805-12.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200805-12 - Stefan Cornelius (Secunia Research) reported a boundary error within the imb_loadhdr() function in in the file source/blender/imbuf/intern/radiance_hdr.c when processing RGBE images (CVE-2008-1102). Multiple vulnerabilities involving insecure usage of temporary files have also been reported (CVE-2008-1103). Versions less than 2.43-r2 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3313 | | Related CVE(s): | CVE-2008-1102, CVE-2008-1103 | | Last Modified: | May 12 18:26:58 2008 |
| MD5 Checksum: | 448f5fac796df4e8c92d9693409be43e |
|
| /// File Name: |
sa30271.txt |
Description:
|
Secunia Security Advisory - A vulnerability and a weakness have been reported in Citrix Presentation Server, which can be exploited by malicious users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/30271/ | | File Size: | 3298 | | Last Modified: | May 19 14:31:39 2008 |
| MD5 Checksum: | b207dbb025582496a327585b148d50eb |
|
| /// File Name: |
TA08-150A.txt |
Description:
|
Technical Cyber Security Alert TA08-150A - Apple has released Security Update 2008-003 and OS X version 10.5.3 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3282 | | Last Modified: | May 29 19:21:11 2008 |
| MD5 Checksum: | 45f28ce6b9a1d606c770a82e23858c8c |
|
| /// File Name: |
sa30381.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Sun Java System Web Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/30381/ | | File Size: | 3281 | | Last Modified: | May 27 16:29:09 2008 |
| MD5 Checksum: | debae9a00c8480ba83aa97781d176d12 |
|
| /// File Name: |
ZDI-08-024.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Symantec Altiris Deployment Solution. User interaction is not required to exploit this vulnerability. The specific flaw exists within the axengine.exe process listening by default on TCP port 402. A lack of proper sanitation while parsing requests allows for a remote attacker to inject arbitrary SQL statements into the database. Exploitation of this vulnerability can result in arbitrary code execution under the context of the SYSTEM user.
| | Author: | Brett Moore | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3270 | | Last Modified: | May 15 18:26:12 2008 |
| MD5 Checksum: | de3d63236f721885f9df12222483b76e |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
