Section: .. / 0705-advisories /
| /// File Name: |
sa24984.txt |
Description:
|
Secunia Security Advisory - John Martinelli has reported two vulnerabilities in Ripe Website Manager, which can be exploited by malicious people to conduct SQL injection attacks and cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/24984/ | | File Size: | 2584 | | Last Modified: | May 2 04:17:18 2007 |
| MD5 Checksum: | f3c99823a88b1d9bad4c70beaf26dd33 |
|
| /// File Name: |
ssh3291-offbyone.txt |
Description:
|
The sftp server in ssh-3.2.9.1 from ssh.com may suffer from a remote off by one vulnerability.
| | Author: | Kingcope | | File Size: | 2572 | | Last Modified: | May 15 08:46:56 2007 |
| MD5 Checksum: | b5a0ba67433630592a2dc97b44d37f01 |
|
| /// File Name: |
glsa-200705-14.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200705-14 - XScreenSaver incorrectly handles the results of the getpwuid() function in drivers/lock.c when using directory servers during a network outage. Versions less than 5.02 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2572 | | Related CVE(s): | CVE-2007-1859 | | Last Modified: | May 15 07:58:08 2007 |
| MD5 Checksum: | 1448bbd17400d09798d97fe1700775d2 |
|
| /// File Name: |
sa25222.txt |
Description:
|
Secunia Security Advisory - Silentz has discovered some vulnerabilities in TutorialCMS, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/25222/ | | File Size: | 2564 | | Last Modified: | May 11 02:35:58 2007 |
| MD5 Checksum: | 1aaa6f1ca92b49dcbf92d2254fcae8cb |
|
| /// File Name: |
sa25006.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Solaris, which can be exploited malicious, local users to disclose sensitive information, cause a DoS (Denial of Service), and gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/25006/ | | File Size: | 2563 | | Last Modified: | May 2 04:17:18 2007 |
| MD5 Checksum: | 0bb7cf450a18664f99c7aa9a58043ef2 |
|
| /// File Name: |
sa25147.txt |
Description:
|
Secunia Security Advisory - GolD_M has discovered some vulnerabilities in phpChess Community Edition, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/25147/ | | File Size: | 2558 | | Last Modified: | May 4 17:30:32 2007 |
| MD5 Checksum: | 4f4515f3857e2357e6fb499893294040 |
|
| /// File Name: |
sa25209.txt |
Description:
|
Secunia Security Advisory - shinnai has discovered a vulnerability in BarCodeWiz Barcode ActiveX control, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25209/ | | File Size: | 2548 | | Last Modified: | May 10 02:32:46 2007 |
| MD5 Checksum: | 43c83359ed9e6290fe764f039209fe02 |
|
| /// File Name: |
sa25272.txt |
Description:
|
Secunia Security Advisory - ThE TiGeR has discovered a vulnerability in the Media Gallery module for Geeklog, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/25272/ | | File Size: | 2545 | | Last Modified: | May 16 03:04:41 2007 |
| MD5 Checksum: | f32ba02a416a62d691b885bc42ee1270 |
|
| /// File Name: |
sa25156.txt |
Description:
|
Secunia Security Advisory - shinnai has discovered a vulnerability in HTTP File Upload ActiveX Control, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25156/ | | File Size: | 2542 | | Last Modified: | May 7 20:45:49 2007 |
| MD5 Checksum: | 9a499981460a6d5489d8a416ec861a9e |
|
| /// File Name: |
sa25075.txt |
Description:
|
Secunia Security Advisory - r0t has reported some vulnerabilities in FileRun, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/25075/ | | File Size: | 2542 | | Last Modified: | May 3 01:50:52 2007 |
| MD5 Checksum: | a53e9d2fc92580940531123611feaa62 |
|
| /// File Name: |
sa25204.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Novell NetMail, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/25204/ | | File Size: | 2541 | | Last Modified: | May 12 04:30:02 2007 |
| MD5 Checksum: | d5bcc14632d623e5279d0420729bb6dc |
|
| /// File Name: |
sa25008.txt |
Description:
|
Secunia Security Advisory - rgod has discovered two vulnerabilities in TCExam, which can be exploited by malicious people to conduct cross-site scripting attacks or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/25008/ | | File Size: | 2537 | | Last Modified: | May 2 04:17:18 2007 |
| MD5 Checksum: | 9a624315f9eec21c5a14e0f69b58faea |
|
| /// File Name: |
sa25048.txt |
Description:
|
Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Java System Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/25048/ | | File Size: | 2535 | | Last Modified: | May 2 04:17:18 2007 |
| MD5 Checksum: | eae67bef558381626eea54a5bd72f82a |
|
| /// File Name: |
sa25218.txt |
Description:
|
Secunia Security Advisory - Will Dormann has reported a vulnerability in RIM's TeamOn Import Object ActiveX control, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25218/ | | File Size: | 2526 | | Last Modified: | May 10 02:32:46 2007 |
| MD5 Checksum: | abb02d68c27a13fe658392cd766d6a29 |
|
| /// File Name: |
glsa-200705-02.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200705-02 - Greg MacManus of iDefense Labs has discovered an integer overflow in the function bdfReadCharacters() when parsing BDF fonts. Versions less than 2.1.10-r3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2524 | | Related CVE(s): | CVE-2007-1351 | | Last Modified: | May 3 09:01:09 2007 |
| MD5 Checksum: | 21246a9406bee2a81ac9dd336a6cb7c1 |
|
| /// File Name: |
sa25203.txt |
Description:
|
Secunia Security Advisory - shinnai has discovered a vulnerability in SmartCode VNC Manager, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25203/ | | File Size: | 2523 | | Last Modified: | May 10 02:32:46 2007 |
| MD5 Checksum: | 5eca4fbeadf8528c93f948c683bfdb4f |
|
| /// File Name: |
sa25020.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Groupmax Mobile Option, which can be exploited by malicious users to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/25020/ | | File Size: | 2517 | | Last Modified: | May 2 04:17:18 2007 |
| MD5 Checksum: | 6906772d8cd0563b1ce0c14d3541e483 |
|
| /// File Name: |
ZDI-07-033.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the LSA RPC interface. When parsing a request to LsarLookupSids/LsarLookupSids2, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2510 | | Related CVE(s): | CVE-2007-2446 | | Last Modified: | May 17 04:15:58 2007 |
| MD5 Checksum: | 35687f97d20fbe66af1e1da1c5b0e9ab |
|
| /// File Name: |
ZDI-07-029.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the LSA RPC interface. When parsing a request to LsarAddPrivilegesToAccount, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2508 | | Related CVE(s): | CVE-2007-2446 | | Last Modified: | May 17 04:08:01 2007 |
| MD5 Checksum: | ce96031b28a8ba05deb2c066745918c9 |
|
| /// File Name: |
sa25080.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/25080/ | | File Size: | 2505 | | Last Modified: | May 2 04:17:18 2007 |
| MD5 Checksum: | 98fef2354ca4e93b32c1cfabcf6983e9 |
|
| /// File Name: |
sa25258.txt |
Description:
|
Secunia Security Advisory - shinnai has discovered a vulnerability in PrecisionID Data Matrix ActiveX Barcode Control, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25258/ | | File Size: | 2499 | | Last Modified: | May 15 07:07:10 2007 |
| MD5 Checksum: | af638641b8e824e455a13fb77eede891 |
|
| /// File Name: |
ZDI-07-031.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the SPOOLSS RPC interface. When parsing a request to RFNPCNEX, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2495 | | Related CVE(s): | CVE-2007-2446 | | Last Modified: | May 17 04:14:52 2007 |
| MD5 Checksum: | f8dc71e8ab1c7c4c646b490428db484b |
|
| /// File Name: |
ZDI-07-032.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the SRVSVC RPC interface. When parsing a request to NetSetFileSecurity, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2493 | | Related CVE(s): | CVE-2007-2446 | | Last Modified: | May 17 04:15:26 2007 |
| MD5 Checksum: | f4fe06853dd941c84f9b054af34a737b |
|
| /// File Name: |
ZDI-07-030.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the DFS RPC interface. When parsing a request to DFSEnum, heap allocation is calculated based on user input. By specifying invalid values, heap blocks can be overwritten leading to remote code execution.
| | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2493 | | Related CVE(s): | CVE-2007-2446 | | Last Modified: | May 17 04:12:06 2007 |
| MD5 Checksum: | d549778dfbb738edf585c7b51106b601 |
|
| /// File Name: |
sa25154.txt |
Description:
|
Secunia Security Advisory - rgod has discovered a vulnerability in RunCMS, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/25154/ | | File Size: | 2492 | | Last Modified: | May 7 20:46:03 2007 |
| MD5 Checksum: | cca8dcc69461c9e74ecf3a51856d9d4c |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
