Section: .. / 0709-advisories /
| /// File Name: |
MDKSA-2007-172.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in ClamAV was discovered that could allow remote attackers to cause a denial of service via a crafted RTF file or a crafted HTML document with a data: URI, both of which trigger a NULL dereference. A vulnerability in clamav-milter, when run in black hole mode, could allow remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8592 | | Related CVE(s): | CVE-2007-4510, CVE-2007-4560 | | Last Modified: | Sep 1 00:12:44 2007 |
| MD5 Checksum: | 5baa7733b5f353200db8197ea2a8057c |
|
| /// File Name: |
MDKSA-2007-173.txt |
Description:
|
Mandriva Linux Security Advisory - Dmitry V. Levin discovered a path traversal flaw in how GNU tar extracted archives. A malicious user could create a tar archive that could write to arbitrary fiels that the user running tar has write access to.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3165 | | Related CVE(s): | CVE-2007-4131 | | Last Modified: | Sep 5 20:45:46 2007 |
| MD5 Checksum: | b1c97696d0322c5ee0e1ee840f83df6d |
|
| /// File Name: |
MDKSA-2007-174-1.txt |
Description:
|
Mandriva Linux Security Advisory - A stack buffer overflow vulnerability was discovered in the RPC library used by Kerberos' kadmind program by Tenable Network Security. A remote unauthenticated user who could access kadmind would be able to trigger the flaw and cause it to crash. This issue is only applicable to Kerberos 1.4 and higher. Garrett Wollman found an uninitialized pointer vulnerability in kadmind which a remote unauthenticated attacker able to access kadmind could exploit to cause kadmind to crash. This issue is only applicable to Kerberos 1.5 and higher. The MIT Kerberos Team found a problem with the originally published patch for CVE-2007-3999. A remote unauthenticated attacker able to access kadmind could trigger this flaw and cause kadmind to crash.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7955 | | Related CVE(s): | CVE-2007-3999, CVE-2007-4000, CVE-2007-4743 | | Last Modified: | Sep 7 20:31:01 2007 |
| MD5 Checksum: | 8773009e8da0941e727991ff9a74c6e8 |
|
| /// File Name: |
MDKSA-2007-174.txt |
Description:
|
Mandriva Linux Security Advisory - A stack buffer overflow vulnerability was discovered in the RPC library used by Kerberos' kadmind program by Tenable Network Security. A remote unauthenticated user who could access kadmind would be able to trigger the flaw and cause it to crash. This issue is only applicable to Kerberos 1.4 and higher. Garrett Wollman found an uninitialized pointer vulnerability in kadmind which a remote unauthenticated attacker able to access kadmind could exploit to cause kadmind to crash. This issue is only applicable to Kerberos 1.5 and higher.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7677 | | Related CVE(s): | CVE-2007-3999, CVE-2007-4000 | | Last Modified: | Sep 7 03:10:16 2007 |
| MD5 Checksum: | ed25422ca73141a520a9ab37659008d4 |
|
| /// File Name: |
MDKSA-2007-175.txt |
Description:
|
Mandriva Linux Security Advisory - A stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop 1.6.18, and possibly earlier, allows user-assisted, malicious remote IRC servers to execute arbitrary code via a long private message.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3170 | | Related CVE(s): | CVE-2007-2807 | | Last Modified: | Sep 7 03:11:24 2007 |
| MD5 Checksum: | 3687e9f27fa10ac57e1f8b1947384053 |
|
| /// File Name: |
MDKSA-2007-176.txt |
Description:
|
Mandriva Linux Security Advisory - konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 20650 | | Related CVE(s): | CVE-2007-3820, CVE-2007-4224, CVE-2007-4225 | | Last Modified: | Sep 7 03:13:18 2007 |
| MD5 Checksum: | 8845b54a33c277e691a99e611d053b84 |
|
| /// File Name: |
MDKSA-2007-177.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability was found in MySQL's authentication protocol, making it possible for a remote unauthenticated attacker to send a specially crafted authentication request to the MySQL server causing it to crash. Another flaw was discovered in MySQL that allowed remote authenticated users to gain update privileges for a table in another database via a view that refers to the external table.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 10090 | | Related CVE(s): | CVE-2007-3780, CVE-2007-3782 | | Last Modified: | Sep 7 03:14:37 2007 |
| MD5 Checksum: | bca4ce77541163f6924dfe742318bcab |
|
| /// File Name: |
MDKSA-2007-178.txt |
Description:
|
Mandriva Linux Security Advisory - Aaron Plattner discovered a buffer overflow in the Composite extension of the X.org X server, which if exploited could lead to local privilege escalation.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 10324 | | Related CVE(s): | CVE-2007-4730 | | Last Modified: | Sep 12 20:03:20 2007 |
| MD5 Checksum: | 63aca371dacd039c77c8df380386599d |
|
| /// File Name: |
MDKSA-2007-179.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in fetchmail was found where it could crash when attempting to deliver an internal warning or error message through an untrusted or compromised SMTP server, leading to a denial of service.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5194 | | Related CVE(s): | CVE-2007-4565 | | Last Modified: | Sep 12 20:05:19 2007 |
| MD5 Checksum: | 96905b8705f41005048ac2d65bc323c7 |
|
| /// File Name: |
MDKSA-2007-180.txt |
Description:
|
Mandriva Linux Security Advisory - A programming error was found in id3lib by Nikolaus Schulz that could lead to a denial of service through symlink attacks.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4487 | | Related CVE(s): | CVE-2007-4460 | | Last Modified: | Sep 12 20:08:11 2007 |
| MD5 Checksum: | e2687789d2ce3d50a122a3574dfa582e |
|
| /// File Name: |
MDKSA-2007-181.txt |
Description:
|
Mandriva Linux Security Advisory - A stack buffer overflow vulnerability was discovered in the RPCSEC_GSS RPC library by Tenable Network Security that could potentially allow for the execution of arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4439 | | Related CVE(s): | CVE-2007-3999 | | Last Modified: | Sep 13 19:55:57 2007 |
| MD5 Checksum: | 5c5b29687a1001a54fa198b3a7b485cd |
|
| /// File Name: |
MDKSA-2007-182.txt |
Description:
|
Mandriva Linux Security Advisory - The bgpd daemon in Quagga prior to 0.99.9 allowed remote BGP peers to cause a denial of service crash via a malformed OPEN message or COMMUNITY attribute.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3062 | | Related CVE(s): | CVE-2007-4826 | | Last Modified: | Sep 13 19:56:50 2007 |
| MD5 Checksum: | c308df31515a0832e9d45b36f5bab5a9 |
|
| /// File Name: |
MDKSA-2007-183.txt |
Description:
|
Mandriva Linux Security Advisory - A buffer overflow was found in how Qt expanded malformed Unicode strings. If an application linked against Qt parsed a malicious Unicode string, it could lead to a denial of service or potentially allow for the execution of arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 22618 | | Related CVE(s): | CVE-2007-4137 | | Last Modified: | Sep 18 11:01:30 2007 |
| MD5 Checksum: | 60270093f0eb4e64c8b5dd737cef32d4 |
|
| /// File Name: |
MDKSA-2007-184.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in Cacti 0.8.6i and earlier versions allows remote authenticated users to cause a denial of service (CPU consumption) via large values of the graph_start, graph_end, graph_height, or graph_width parameters.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2671 | | Related CVE(s): | CVE-2007-3112, CVE-2007-3113 | | Last Modified: | Sep 18 13:05:22 2007 |
| MD5 Checksum: | 0f0c19ef7eefa86febcaa0e3c7da90ac |
|
| /// File Name: |
MDKSA-2007-185.txt |
Description:
|
Mandriva Linux Security Advisory - The Avahi daemon in 0.6.20 and previous allows attackers to cause a denial of service via empty TXT data over D-Bus, which triggers an assert error.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 10933 | | Related CVE(s): | CVE-2007-3372 | | Last Modified: | Sep 18 13:06:16 2007 |
| MD5 Checksum: | f55b8b65bf1d9bb5a32742e3cae9706d |
|
| /// File Name: |
MDKSA-2007-186.txt |
Description:
|
Mandriva Linux Security Advisory - An integer overflow in the TIFF parser in OpenOffice.org prior to version 2.3 allows remote attackers to execute arbitrary code via a TIFF file with crafted values which triggers the allocation of an incorrect amount of memory which results in a heap-based buffer overflow.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 26317 | | Related CVE(s): | CVE-2007-2834 | | Last Modified: | Sep 20 22:32:49 2007 |
| MD5 Checksum: | 48daad3abb75727188499460fc4fd7d1 |
|
| /// File Name: |
MDKSA-2007-187.txt |
Description:
|
Mandriva Linux Security Advisory - Numerous vulnerabilities were discovered in the PHP scripting language that are corrected with this update. Not just a couple, not a few, but many.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 16451 | | Related CVE(s): | CVE-2007-1375, CVE-2007-1399, CVE-2007-1900, CVE-2007-2727, CVE-2007-2728, CVE-2007-2748, CVE-2007-2756, CVE-2007-2872, CVE-2007-3799, CVE-2007-3996, CVE-2007-3998, CVE-2007-4658, CVE-2007-4670 | | Last Modified: | Sep 24 23:41:53 2007 |
| MD5 Checksum: | b96e8da2cd6e8f174d150d88670ccbcd |
|
| /// File Name: |
MDKSA-2007-188.txt |
Description:
|
Mandriva Linux Security Advisory - PostgreSQL 8.1 and probably later and earlier versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1. PostgreSQL 8.1 and probably later and earlier versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and execute functions, as demonstrated by functions that perform local brute-force password guessing attacks, which may evade intrusion detection. The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system function in libc.so.6 to gain shell access.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 15576 | | Related CVE(s): | CVE-2007-3280, CVE-2007-3278, CVE-2007-3279 | | Last Modified: | Sep 25 22:09:37 2007 |
| MD5 Checksum: | 2e812643b0f00032f1b34401724f05be |
|
| /// File Name: |
MDKSA-2007-189.txt |
Description:
|
Mandriva Linux Security Advisory - A buffer overflow vulnerability was discovered in t1lib due to improper bounds checking. An attacker could send specially crafted input to an application linked against t1lib which could lead to a denial of service or the execution of arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6570 | | Related CVE(s): | CVE-2007-4033 | | Last Modified: | Sep 27 21:30:57 2007 |
| MD5 Checksum: | d75f1fdc0c361fc7740e1dcd2cf00fde |
|
| /// File Name: |
MDKSA-2007-190.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability was discovered in KDM by Kees Huijgen where under certain circumstances and in particular configurations, KDM could be tricked into allowing users to login without a password.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 12317 | | Related CVE(s): | CVE-2007-4569 | | Last Modified: | Sep 30 01:45:50 2007 |
| MD5 Checksum: | 9be7857e3066a43ebdd940e6aa5d3048 |
|
| /// File Name: |
MITKRB5-SA-2007-006-2.txt |
Description:
|
MIT krb5 Security Advisory 2007-006 - The MIT krb5 Kerberos administration daemon (kadmind) is vulnerable to a stack buffer overflow in the RPCSEC_GSS authentication flavor of the RPC library. Third-party applications using the RPC library provided with MIT krb5 may also be affected. Updated version of the original advisory with a fixed patch.
| | Homepage: | http://web.mit.edu/ | | File Size: | 9649 | | Related CVE(s): | CVE-2007-3999, CVE-2007-4000 | | Last Modified: | Sep 5 20:45:05 2007 |
| MD5 Checksum: | 61e5eaf8a33e3ef3a5081600ecb969c1 |
|
| /// File Name: |
MITKRB5-SA-2007-006.txt |
Description:
|
MIT krb5 Security Advisory 2007-006 - The MIT krb5 Kerberos administration daemon (kadmind) is vulnerable to a stack buffer overflow in the RPCSEC_GSS authentication flavor of the RPC library. Third-party applications using the RPC library provided with MIT krb5 may also be affected.
| | Homepage: | http://web.mit.edu/ | | File Size: | 8189 | | Related CVE(s): | CVE-2007-3999, CVE-2007-4000 | | Last Modified: | Sep 5 01:23:09 2007 |
| MD5 Checksum: | bdc679b4808a226efcec0f8b21d9cb2c |
|
| /// File Name: |
MU-200709-01.txt |
Description:
|
Quagga bgpd version 0.99.8 suffers from a remote denial of service vulnerability.
| | Author: | Mu Security research team | | Homepage: | http://labs.musecurity.com/ | | File Size: | 2253 | | Last Modified: | Sep 13 19:44:37 2007 |
| MD5 Checksum: | a319cbd21adec54f9c75a8e96582f85d |
|
| /// File Name: |
MU-200709-02.txt |
Description:
|
There are multiple vulnerabilities where a maliciously-crafted packet can crash Dibbler version 0.6.0. These include packets with options with large lengths (memory allocation failure via integer overflow), invalid lengths (buffer overread), and malformed IA_NA options in a REBIND message (null pointer dereference).
| | Author: | Mu Security research team | | Homepage: | http://labs.musecurity.com/ | | File Size: | 5448 | | Last Modified: | Sep 19 12:01:59 2007 |
| MD5 Checksum: | a589e3d7ea9856fb5a6c6a83328f9b87 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
