.:[ packet storm ]:.
                             
paranoia is a friend like no other
paranoia is a friend like no other

 Section:  .. / 0709-advisories  /

Page 3 of 20
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 >> Files 50 - 75 of 493
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: EEYE-ARCserve.txt
Description:
 eEye Digital Security has discovered multiple vulnerabilities within CA ARCserve for Laptops & Desktops (L&D), an enterprise-level backup software suite designed for workstations. The vulnerabilities can be utilized by an attacker to execute arbitrary code on a remote system anonymously over TCP/1900.
Author:Matt Oh, Andre Derek Protas, Yuji Ukai
Homepage:http://www.eeye.com/
File Size:8030
Last Modified:Sep 24 23:39:26 2007
MD5 Checksum:1c7505578b435c40f52cd57bf47ea93a

 ///  File Name: filefind-heap.txt
Description:
 The FileFind class from the MFC Library suffers from a heap overflow vulnerability.
Author:Jonathan Sarba
Homepage:http://goodfellas.shellcode.com.ar/
File Size:5053
Last Modified:Sep 18 12:19:20 2007
MD5 Checksum:11414be3b524e7bd11b6a8ab39e0f0e0

 ///  File Name: FSC20070911-11.txt
Description:
 The Microsoft Agent ActiveX control contains a buffer overflow vulnerability that allows remote attackers to inject and execute arbitrary code with the privileges of the currently logged in user. Version 2.0.0.3425 is affected.
Homepage:http://www.assurent.com/
File Size:2770
Related CVE(s):CVE-2007-3040
Last Modified:Sep 11 19:00:50 2007
MD5 Checksum:57f6fb249e756ac2c58f1f34da916834

 ///  File Name: glsa-200709-01.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-01 - A stack buffer overflow (CVE-2007-3999) has been reported in svcauth_gss_validate() of the RPC library of kadmind. Another vulnerability (CVE-2007-4000) has been found in kadm5_modify_policy_internal(), which does not check the return values of krb5_db_get_policy() correctly. Versions less than 1.5.3-r1 are affected.
Homepage:http://security.gentoo.org
File Size:3069
Related CVE(s):CVE-2007-3999, CVE-2007-4000
Last Modified:Sep 11 19:05:49 2007
MD5 Checksum:343e130f02e93ca37f6d1a2dae4542ba

 ///  File Name: glsa-200709-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-02 - Stefan Cornelius from Secunia Research discovered that the parseIrcUrl() function in file src/kvirc/kernel/kvi_ircurl.cpp does not properly sanitise parts of the URI when building the command for KVIrc's internal script system. Versions less than 3.2.6_pre20070714 are affected.
Homepage:http://security.gentoo.org
File Size:2732
Related CVE(s):CVE-2007-2951
Last Modified:Sep 13 19:57:06 2007
MD5 Checksum:74078640356c4b531bf3656f782a6104

 ///  File Name: glsa-200709-03.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-03 - Chris Rohlf discovered several boundary errors in the httplib_parse_sc_header() function when processing HTTP headers. Versions less than 1.62.2 are affected.
Homepage:http://security.gentoo.org
File Size:2571
Related CVE(s):CVE-2007-4337
Last Modified:Sep 13 19:57:33 2007
MD5 Checksum:513cbd455646249f59bb3f021dc71502

 ///  File Name: glsa-200709-04.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-04 - The po4a development team reported a race condition in the gettextize() function when creating the file /tmp/gettextization.failed.po. Versions less than 0.32-r1 are affected.
Homepage:http://security.gentoo.org
File Size:2460
Related CVE(s):CVE-2007-4462
Last Modified:Sep 13 19:57:55 2007
MD5 Checksum:babda9a758ceed84bc0ff45b19a8fe8c

 ///  File Name: glsa-200709-05.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-05 - A stack-based buffer overflow vulnerability has been reported in the SmilTimeValue::parseWallClockValue() function in smlprstime.cpp when handling HH:mm:ss.f type time formats. Versions less than 10.0.9 are affected.
Homepage:http://security.gentoo.org
File Size:2620
Related CVE(s):CVE-2007-3410
Last Modified:Sep 18 12:48:12 2007
MD5 Checksum:006b95c37eb346ac8c4b912186ca80cb

 ///  File Name: glsa-200709-06.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-06 - A possible buffer overflow vulnerability has been reported in the local__vcentry_parse_value() function in vorbiscomment.c. Versions less than 0.0.11 are affected.
Homepage:http://security.gentoo.org
File Size:2528
Related CVE(s):CVE-2007-3507
Last Modified:Sep 18 12:48:35 2007
MD5 Checksum:906931f7dc1c0d5c115f5685598e7795

 ///  File Name: glsa-200709-07.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-07 - Bow Sineath discovered a boundary error in the file mod/server.mod/servrmsg.c when processing overly long private messages sent by an IRC server. Versions less than 1.6.18-r2 are affected.
Homepage:http://security.gentoo.org
File Size:2479
Related CVE(s):CVE-2007-2807
Last Modified:Sep 18 12:48:58 2007
MD5 Checksum:b05791b7f2bb6d580ea3247dcb7b221b

 ///  File Name: glsa-200709-08.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-08 - Nikolaus Schulz discovered that the function RenderV2ToFile() in file src/tag_file.cpp creates temporary files in an insecure manner. Versions less than 3.8.3-r6 are affected.
Homepage:http://security.gentoo.org
File Size:2544
Related CVE(s):CVE-2007-4460
Last Modified:Sep 18 12:49:24 2007
MD5 Checksum:989932cfe161d914361d763d6f684b08

 ///  File Name: glsa-200709-09.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-09 - Dmitry V. Levin discovered a directory traversal vulnerability in the contains_dot_dot() function in file src/names.c. Versions less than 1.18-r2 are affected.
Homepage:http://security.gentoo.org
File Size:2565
Related CVE(s):CVE-2007-4131
Last Modified:Sep 18 12:49:39 2007
MD5 Checksum:e19d36ce1632e0cbea1e116fb15b76cf

 ///  File Name: glsa-200709-10.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-10 - The PhpWiki development team reported an authentication error within the file lib/WikiUser/LDAP.php when binding to an LDAP server with an empty password. Versions less than 1.3.14 are affected.
Homepage:http://security.gentoo.org
File Size:2593
Related CVE(s):CVE-2007-3193
Last Modified:Sep 18 22:43:16 2007
MD5 Checksum:c607367dfbb3f4b282cb0aee96f51133

 ///  File Name: glsa-200709-11.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-11 - The result of a g_strsplit() call is incorrectly parsed in the files daemon/gdm.c, daemon/gdmconfig.c, gui/gdmconfig.c and gui/gdmflexiserver.c, allowing for a null pointer dereference. Versions less than 2.18.4 are affected.
Homepage:http://security.gentoo.org
File Size:2628
Related CVE(s):CVE-2007-3381
Last Modified:Sep 18 22:43:36 2007
MD5 Checksum:f49b07b518d79683f8a918ecf59251fa

 ///  File Name: glsa-200709-12.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-12 - Poppler and Xpdf are vulnerable to an integer overflow in the StreamPredictor::StreamPredictor function, and a stack overflow in the StreamPredictor::getNextLine function. The original vulnerability was discovered by Maurycy Prodeus. Note: Gentoo's version of Xpdf is patched to use the Poppler library, so the update to Poppler will also fix Xpdf. Versions less than 0.5.4-r2 are affected.
Homepage:http://security.gentoo.org
File Size:2854
Related CVE(s):CVE-2007-3387
Last Modified:Sep 20 05:04:00 2007
MD5 Checksum:4ba5f6def2b0f95aee10b243b6c4f937

 ///  File Name: glsa-200709-13.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-13 - Sebastian Krahmer from the SUSE Security Team discovered two off-by-one errors in the function f_name() in file sender.c when processing overly long directory names. rsync versions less than 2.6.9-r3 are affected.
Homepage:http://security.gentoo.org/
File Size:2573
Related CVE(s):CVE-2007-4091
Last Modified:Sep 20 22:34:32 2007
MD5 Checksum:11ac5927f30b552c160eb3c0df196fef

 ///  File Name: glsa-200709-14.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-14 - Nikolaos Rangos discovered a vulnerability in ClamAV which exists because the recipient address extracted from email messages is not properly sanitized before being used in a call to popen() when executing sendmail (CVE-2007-4560). Also, NULL-pointer dereference errors exist within the cli_scanrtf() function in libclamav/rtf.c and Stefanos Stamatis discovered a NULL-pointer dereference vulnerability within the cli_html_normalise() function in libclamav/htmlnorm.c (CVE-2007-4510). Versions less than 0.91.2 are affected.
Homepage:http://security.gentoo.org
File Size:3638
Related CVE(s):CVE-2007-4510, CVE-2007-4560
Last Modified:Sep 20 22:34:41 2007
MD5 Checksum:f544e7d1cbe8beca74ac314d37e1c77a

 ///  File Name: glsa-200709-15.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-15 - An integer overflow vulnerability exists in the embedded ICC profile image parser (CVE-2007-2788), an unspecified vulnerability exists in the font parsing implementation (CVE-2007-4381), and an error exists when processing XSLT stylesheets contained in XSLT Transforms in XML signatures (CVE-2007-3716), among other vulnerabilities. Versions less than 1.5.0.11_p1 are affected.
Homepage:http://security.gentoo.org
File Size:3929
Related CVE(s):CVE-2007-2788, CVE-2007-2789, CVE-2007-3004, CVE-2007-3005, CVE-2007-3503, CVE-2007-3698, CVE-2007-3716, CVE-2007-3922, CVE-2007-4381
Last Modified:Sep 24 23:57:51 2007
MD5 Checksum:a7467985a4a61638b6b3ec74dac18f63

 ///  File Name: glsa-200709-16.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-16 - Mattias Bengtsson and Philip Olausson have discovered a buffer overflow vulnerability in the function fcgi_env_add() in the file mod_fastcgi.c when processing overly long HTTP headers. Versions less than 1.4.18 are affected.
Homepage:http://security.gentoo.org
File Size:2969
Related CVE(s):CVE-2007-4727
Last Modified:Sep 27 21:35:09 2007
MD5 Checksum:af386920d4c2d8806df005d9b44aca48

 ///  File Name: glsa-200709-17.txt
Description:
 Gentoo Linux Security Advisory GLSA 200709-17 - Mark Richters discovered a buffer overflow in the open_sty() function in file mkind.c. Other vulnerabilities have also been discovered in the same file but might not be exploitable. Tetex also includes vulnerable code from GD library (GLSA 200708-05), and from Xpdf. Versions less than 3.0_p1-r4 are affected.
Homepage:http://security.gentoo.org/
File Size:2991
Related CVE(s):CVE-2007-0650, CVE-2007-3387
Last Modified:Sep 27 21:34:55 2007
MD5 Checksum:1d4c037ac593b7240f5499f7f6cdf85b

 ///  File Name: googleurchin-xss.txt
Description:
 There is a trivially exploitable cross site scripting vulnerability on Google Urchin Web Analytics 5's login page. The vulnerability has been tested on versions 5.6.00r2, 5.7.01, 5.7.02 and 5.7.03 (latest). Previous versions are most likely affected as well.
Author:pagvac
File Size:794
Last Modified:Sep 25 00:06:14 2007
MD5 Checksum:787e264d6b1e657a3f34181cf856f8d5

 ///  File Name: hpqutil-heap.txt
Description:
 ActiveX hpqutil!ListFiles suffers from a heap overflow in hpqutil.dll. This dll is included in HP Photo and Imaging Gallery version 1.1 and HP All-In-One Series Web Release.
Author:Brian Mariani, Jonathan Sarba
Homepage:http://goodfellas.shellcode.com.ar/
File Size:4774
Last Modified:Sep 18 12:31:11 2007
MD5 Checksum:8b1ed4cdf6a8a84b667b24d69ef91ee3

 ///  File Name: imageop-overflow.txt
Description:
 The imageop.c module for Python contains a heap overflow.
Author:Slythers Bro
File Size:1916
Last Modified:Sep 18 12:46:57 2007
MD5 Checksum:20405fb18b2ae01e14541fbf6be0af7a

 ///  File Name: linuxkernel-validation.txt
Description:
 Insufficient validation of the general-purpose register in IA32 system call emulation code may lead to local system compromise on x86_64 platform for Linux kernels in the 2.4 and 2.6 series.
Author:Wojciech Purczynski
File Size:2766
Last Modified:Sep 24 23:59:47 2007
MD5 Checksum:e8d9d1cded501fd645ff74c4967aac9f

 ///  File Name: marshal-tar.txt
Description:
 Marshal MailMarshal suffers from a tar unpacking vulnerability. Versions 6.2.1.3253 and below are affected.
Author:Sebastian Vandersee
Homepage:http://www.rt-solutions.de/
File Size:1189
Last Modified:Sep 5 00:30:00 2007
MD5 Checksum:27812e392d232a5bb6d0d85dee82e9f0
 

 ///  Last 10 Files
  1. :· glsa-200812-07.txt
  2. :· glsa-200812-06.txt
  3. :· glsa-200812-05.txt
  4. :· glsa-200812-04.txt
  5. :· glsa-200812-03.txt
  6. :· glsa-200812-02.txt
  7. :· glsa-200812-01.txt
  8. :· USN-683-1.txt
  9. :· dsa-1676-1.txt
  10. :· pacpoll-disclose.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· glsa-200812-07.txt
  2. :· glsa-200812-06.txt
  3. :· glsa-200812-05.txt
  4. :· glsa-200812-04.txt
  5. :· glsa-200812-03.txt
  6. :· glsa-200812-02.txt
  7. :· glsa-200812-01.txt
  8. :· USN-683-1.txt
  9. :· dsa-1676-1.txt
  10. :· USN-682-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· pacpoll-disclose.txt
  2. :· BMSA-2008-09.txt
  3. :· webhub-bypass.txt
  4. :· infinite-bypass.txt
  5. :· bcoos1013-sql.txt
  6. :· preonline-cmsqlxss.txt
  7. :· preclass-sqlxss.txt
  8. :· aspportal-disclose.txt
  9. :· preshoppingmall-cmsqlxss.txt
  10. :· ezpoll-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· vncrush.txt
  2. :· rshatter.txt
  3. :· Exomind-v0.2.tar.gz
  4. :· clamav-0.94.2.tar.gz
  5. :· cadfile.zip
  6. :· anehta-v0.6.0fixed2.zip
  7. :· tagfuzz.txt
  8. :· BrowserRider.20081124.tar.bz2
  9. :· mp3nema-v0_2.tar.gz
  10. :· squid-nufw-helper-1.1.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· sqlinj-insouts.txt
  2. :· format-string-linux.txt
  3. :· frame-pointer-overwrite-linux.txt
  4. :· iptablesf.txt
  5. :· nufw-2.2.19.tar.gz
  6. :· frhack2009-cfp.txt
  7. :· oracle-forensics-scns.pdf
  8. :· cansecwest-2009.txt
  9. :· A5.1.zip
  10. :· a51-php.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice