Section: .. / 0807-advisories /
| /// File Name: |
sa31028.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to conduct cross-site scripting, cross-site request forgery, session fixation, SQL injection, and script insertion attacks.
| | Homepage: | http://secunia.com/advisories/31028/ | | File Size: | 3824 | | Last Modified: | Jul 10 18:39:19 2008 |
| MD5 Checksum: | 9a22c95e6c5f08065c23aca61a8c8462 |
|
| /// File Name: |
sa31030.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Infoblox NIOS, which can be exploited by malicious people to poison the DNS cache.
| | Homepage: | http://secunia.com/advisories/31030/ | | File Size: | 1988 | | Last Modified: | Jul 10 18:39:19 2008 |
| MD5 Checksum: | b1c6318f25d50ac2c4a9575f73b7ce37 |
|
| /// File Name: |
sa31031.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Nixu Secure Name Server, which can be exploited by malicious people to poison the DNS cache.
| | Homepage: | http://secunia.com/advisories/31031/ | | File Size: | 1931 | | Last Modified: | Jul 10 18:39:19 2008 |
| MD5 Checksum: | e9175af2da259aa0539f842754094f0a |
|
| /// File Name: |
sa31037.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in some Sophos products, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/31037/ | | File Size: | 2480 | | Last Modified: | Jul 10 18:39:19 2008 |
| MD5 Checksum: | 6f6d77a2353ff2e4f2f5a7fae3c4704a |
|
| /// File Name: |
glsa-200807-07.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200807-07 - Multiple integer overflow and buffer overflow vulnerabilities have been discovered in the X.Org X server as shipped by NX and NX Node (GLSA 200806-07). Versions less than 3.2.0-r3 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3115 | | Last Modified: | Jul 10 04:16:59 2008 |
| MD5 Checksum: | 1bb2bf12af83d9a3c428c184c6408092 |
|
| /// File Name: |
glsa-200807-05.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200807-05 - Sean Larsson (iDefense Labs) reported an integer overflow in the function rtl_allocateMemory() in the file sal/rtl/source/alloc_global.c. Versions less than 2.4.1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3619 | | Related CVE(s): | CVE-2008-2152 | | Last Modified: | Jul 10 04:15:57 2008 |
| MD5 Checksum: | aaeba71107fa187514c6444c192de812 |
|
| /// File Name: |
dsa-1606-1.txt |
Description:
|
Debian Security Advisory 1606-1 - It was discovered that poppler, a PDF rendering library, did not properly handle embedded fonts in PDF files, allowing attackers to execute arbitrary code via a crafted font object.
| | Homepage: | http://www.debian.org/security | | File Size: | 14402 | | Related CVE(s): | CVE-2008-1693 | | Last Modified: | Jul 10 04:15:47 2008 |
| MD5 Checksum: | 8e803d53553829c84b5d56c5b03e1971 |
|
| /// File Name: |
sa31035.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for poppler. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/31035/ | | File Size: | 13716 | | Last Modified: | Jul 10 04:14:36 2008 |
| MD5 Checksum: | cd4d7921a56ef9526b760a0f22eef3a9 |
|
| /// File Name: |
zonealarm-uhoh.txt |
Description:
|
Apparently, the latest auto update patch KB951748 (for all versions of Windows) cuts connectivity for all users with ZoneAlarm set to 'high' security for the internet zone.
| | File Size: | 1065 | | Last Modified: | Jul 10 04:08:07 2008 |
| MD5 Checksum: | aeb2ff17743d1b83e29b6d8826c314d6 |
|
| /// File Name: |
ISVA-080709.1.txt |
Description:
|
Insomnia Security Vulnerability Advisory - Microsoft SQL Server contains a buffer overflow that can be reached by causing the server to attempt a database restore from a corrupt back file.
| | Author: | Brett Moore | | Homepage: | http://www.insomniasec.com/ | | File Size: | 6547 | | Last Modified: | Jul 10 04:05:47 2008 |
| MD5 Checksum: | dec075832fea7950517fec9d1cce7d25 |
|
| /// File Name: |
MDVSA-2008-142.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access arbitrary files via (1).%5c (encoded backslash) sequences or (2) filenames that match patterns in the :NondisclosureName option. Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than CVE-2008-2662, CVE-2008-2664, and CVE-2008-2725. The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2725. Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the REALLOC_N variant, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2664. Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the beg + rlen issue. Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. The updated packages have been patched to fix these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5909 | | Related CVE(s): | CVE-2008-1145, CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-2376 | | Last Modified: | Jul 10 03:31:23 2008 |
| MD5 Checksum: | 431a5039a98cb36d9c29c48aa4a0df90 |
|
| /// File Name: |
MDVSA-2008-141.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access arbitrary files via (1).%5c (encoded backslash) sequences or (2) filenames that match patterns in the :NondisclosureName option. Directory traversal vulnerability in WEBrick in Ruby 1.9.0 and earlier, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3). (dot), (4) %2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality and the :DocumentRoot option. Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption. Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors. The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca. Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the REALLOC_N variant. Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the beg + rlen issue. Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. The updated packages have been patched to fix these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7979 | | Related CVE(s): | CVE-2008-1145, CVE-2008-1891, CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-2376 | | Last Modified: | Jul 10 03:30:46 2008 |
| MD5 Checksum: | 7162bbbcc833489062e4d2f8cf677f2d |
|
| /// File Name: |
MDVSA-2008-140.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.9.0 and earlier, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3). (dot), (4) %2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality and the :DocumentRoot option. Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption. Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors. The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca. Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the REALLOC_N variant. Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the beg + rlen issue. Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. The updated packages have been patched to fix these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5655 | | Related CVE(s): | CVE-2008-1891, CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-2376 | | Last Modified: | Jul 10 03:30:00 2008 |
| MD5 Checksum: | 4839f1ecf4734d39ecd607d5c3efece0 |
|
| /// File Name: |
MDVSA-2008-139.txt |
Description:
|
Mandriva Linux Security Advisory - A weakness was found in the DNS protocol by Dan Kaminsky. A remote attacker could exploit this weakness to spoof DNS entries and poison DNS caches. This could be used to misdirect users and services; i.e. for web and email traffic. This update provides the latest stable BIND releases for all platforms except Corporate Server/Desktop 3.0 and MNF2, which have been patched to correct the issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6567 | | Related CVE(s): | CVE-2008-1447 | | Last Modified: | Jul 10 03:29:30 2008 |
| MD5 Checksum: | 068f6b35f288b7b0a32d2ff9a1aa0e78 |
|
| /// File Name: |
MDVSA-2008-138.txt |
Description:
|
Mandriva Linux Security Advisory - Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. The updated packages have been patched to fix the issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 16501 | | Related CVE(s): | CVE-2008-2152 | | Last Modified: | Jul 10 03:28:57 2008 |
| MD5 Checksum: | 27d4518b612e829b08e04d5dd6ea8a98 |
|
| /// File Name: |
MDVSA-2008-137.txt |
Description:
|
Mandriva Linux Security Advisory - Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. Also, according to bug #38874 decimal numbers on Hebrew documents would appear as Arabic characters. Another issue (#39799) is with (Tools -> Options -> OpenOffice.org Writer -> General). Even setting to centimeters on (Indent & Spacing) option it shows as characters (ch) on (Indents & Spacing) configuration on the menu: (Format -> Paragraph -> Indents & Spacing). Moreover, a document holding Notes edited on Microsoft Office would not show when opened with OpenOffice. These and a number of other OpenOffice.org issues were fixed by the new version provided in this update.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 24382 | | Related CVE(s): | CVE-2008-2152 | | Last Modified: | Jul 10 03:28:18 2008 |
| MD5 Checksum: | f17aca78aecb606c95e50310dcb0558d |
|
| /// File Name: |
MDVSA-2008-136.txt |
Description:
|
Mandriva Linux Security Advisory - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.15.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 61180 | | Related CVE(s): | CVE-2008-2798, CVE-2008-2799, CVE-2008-2800, CVE-2008-2801, CVE-2008-2802, CVE-2008-2803, CVE-2008-2805, CVE-2008-2807, CVE-2008-2808, CVE-2008-2809, CVE-2008-2811 | | Last Modified: | Jul 10 03:28:03 2008 |
| MD5 Checksum: | b8a1a03baf75c001f0003e3d76454e50 |
|
| /// File Name: |
07.08.08-1.txt |
Description:
|
iDefense Security Advisory 07.08.08 - Remote exploitation of an integer underflow vulnerability within Microsoft Corp.'s SQL Server could allow a remote attacker to execute arbitrary code with the privileges of the SQL Server. The vulnerability exists within the code responsible for parsing a stored backup file. A 32-bit integer value, representing the size of a record, is taken from the file and used to calculate the number of bytes to read into a heap buffer. This calculation can underflow, which leads to insufficient memory being allocated. The buffer is subsequently overfilled leading to an exploitable condition. iDefense confirmed the existence of this vulnerability in Microsoft SQL Server 2005 Service Pack 2 Hot Fix 4. Additional tests against SQL Server 2005 without any updates suggest it is also vulnerable. Previous versions are also suspected to be vulnerable.
| | Author: | Brett Moore | | Homepage: | http://www.idefense.com/ | | File Size: | 3784 | | Related CVE(s): | CVE-2008-0107, CVE-2008-0106, CVE-2008-0086 | | Last Modified: | Jul 10 03:13:55 2008 |
| MD5 Checksum: | 8b9cc4e45c191c51974cb00c251a4d03 |
|
| /// File Name: |
USN-622-1.txt |
Description:
|
Ubuntu Security Notice 622-1 - Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Bind. A remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 34364 | | Related CVE(s): | CVE-2008-1447 | | Last Modified: | Jul 10 03:10:37 2008 |
| MD5 Checksum: | 63f40ff34a0a2df44dceb9b2d0f175c8 |
|
| /// File Name: |
TA08-190B.txt |
Description:
|
Technical Cyber Security Alert TA08-190B - DNS cache poisoning (sometimes referred to as cache pollution) is an attack technique that allows an attacker to introduce forged DNS information into the cache of a caching nameserver. The general concept has been known for some time, and a number of inherent deficiencies in the DNS protocol and defects in common DNS implementations that facilitate DNS cache poisoning have previously been identified and described in public literature. Examples of these vulnerabilities can be found in Vulnerability Note VU#800113. Recent research into these and other related vulnerabilities has produced extremely effective exploitation methods to achieve cache poisoning. Tools and techniques have been developed that can reliably poison a domain of the attacker's choosing on most current implementations. As a result, the consensus of DNS software implementers is to implement source port randomization in their resolvers as a mitigation.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 7440 | | Related CVE(s): | CVE-2008-1447 | | Last Modified: | Jul 10 03:07:50 2008 |
| MD5 Checksum: | 280e54bdd87e40bf8146839d400f8dc5 |
|
| /// File Name: |
TA08-190A.txt |
Description:
|
Technical Cyber Security Alert TA08-190A - Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Windows Server, Microsoft SQL Server, and Microsoft Outlook Web Access as part of the Microsoft Security Bulletin Summary for July 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code.
| | Homepage: | http://www.us-cert.gov/ | | File Size: | 3542 | | Last Modified: | Jul 10 03:06:51 2008 |
| MD5 Checksum: | 95faf0d502f2d691be13dd41e0cfd3ab |
|
| /// File Name: |
sa30984.txt |
Description:
|
Secunia Security Advisory - t0pP8uZz has reported a vulnerability in Real Estate Script, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/30984/ | | File Size: | 2225 | | Last Modified: | Jul 10 02:29:42 2008 |
| MD5 Checksum: | 94c1f8bd66a50b1f3a5446db5da583e2 |
|
| /// File Name: |
sa30985.txt |
Description:
|
Secunia Security Advisory - t0pP8uZz has reported a vulnerability in Hotel Script, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/30985/ | | File Size: | 2162 | | Last Modified: | Jul 10 02:29:42 2008 |
| MD5 Checksum: | 1f2ded6bc29fc16387e49b8b47588676 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
