Section: .. / 0807-advisories /
| /// File Name: |
dsa-1540-3.txt |
Description:
|
Debian Security Advisory 1540-3 - This update fixes a regression in lighttpd introduced in DSA-1540, causing SSL failures.
| | Homepage: | http://www.debian.org/security | | File Size: | 14614 | | Related CVE(s): | CVE-2008-1531 | | Last Modified: | Jul 23 19:48:43 2008 |
| MD5 Checksum: | cccf48a06495b899a26c83ab12130eb3 |
|
| /// File Name: |
USN-628-1.txt |
Description:
|
Ubuntu Security Notice 628-1 - Over a dozen vulnerabilities in php5 have been addressed in Ubuntu.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 62408 | | Related CVE(s): | CVE-2007-4782, CVE-2007-4850, CVE-2007-5898, CVE-2007-5899, CVE-2008-0599, CVE-2008-1384, CVE-2008-2050, CVE-2008-2051, CVE-2008-2107, CVE-2008-2108, CVE-2008-2371, CVE-2008-2829 | | Last Modified: | Jul 23 19:47:53 2008 |
| MD5 Checksum: | 6cd6d0407e8f8ffd96589e18817d582e |
|
| /// File Name: |
vimfiletype-exec.txt |
Description:
|
This advisory discusses the filetype.vim vulnerability in Vim version 7.2b.10 that allows for arbitrary code execution and also notes that the Vim patch 7.1.300 did not fix the vulnerability.
| | Author: | Jan Minar | | File Size: | 6106 | | Last Modified: | Jul 23 19:46:43 2008 |
| MD5 Checksum: | 525775816c2441f36c404a28644bb87a |
|
| /// File Name: |
AST-2008-011.txt |
Description:
|
Asterisk Project Security Advisory - An attacker may request an Asterisk server to send part of a firmware image. However, as this firmware download protocol does not initiate a handshake, the source address may be spoofed. Therefore, an IAX2 FWDOWNL request for a firmware file may consume as little as 40 bytes, yet produces a 1040 byte response. Coupled with multiple geographically diverse Asterisk servers, an attacker may flood an victim site with unwanted firmware packets.
| | Author: | Tilghman Lesher | | Homepage: | http://www.asterisk.org/security | | File Size: | 10634 | | Related CVE(s): | CVE-2008-3264 | | Last Modified: | Jul 23 19:43:03 2008 |
| MD5 Checksum: | 2185fd4b6b919de751e6fe7c8aab32a1 |
|
| /// File Name: |
AST-2008-010.txt |
Description:
|
Asterisk Project Security Advisory - By flooding an Asterisk server with IAX2 'POKE' requests, an attacker may eat up all call numbers associated with the IAX2 protocol on an Asterisk server and prevent other IAX2 calls from getting through. Due to the nature of the protocol, IAX2 POKE calls will expect an ACK packet in response to the PONG packet sent in response to the POKE. While waiting for this ACK packet, this dialog consumes an IAX2 call number, as the ACK packet must contain the same call number as was allocated and sent in the PONG.
| | Author: | Jeremy McNamara | | Homepage: | http://www.asterisk.org/security | | File Size: | 10633 | | Related CVE(s): | CVE-2008-3263 | | Last Modified: | Jul 23 19:41:47 2008 |
| MD5 Checksum: | c3e6feb71c399d84d8dc74877ffc992c |
|
| /// File Name: |
MDVSA-2008-154.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in xemacs was found where an attacker could provide a group of files containing local variable definitions and arbitrary Lisp code to be executed when one of the provided files is opened by xemacs. The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3385 | | Related CVE(s): | CVE-2008-2142 | | Last Modified: | Jul 23 19:39:45 2008 |
| MD5 Checksum: | 02de82850dc988def1ef4ff9e0c8f68e |
|
| /// File Name: |
MDVSA-2008-153.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability in emacs was found where an attacker could provide a group of files containing local variable definitions and arbitrary Lisp code to be executed when one of the provided files is opened by emacs. The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8619 | | Related CVE(s): | CVE-2008-2142 | | Last Modified: | Jul 23 19:26:54 2008 |
| MD5 Checksum: | 317520423f82ed3a15b919a528d64ba9 |
|
| /// File Name: |
MDVSA-2008-152.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability was found in Wireshark, that could cause it to crash while processing malicious packets. This update provides Wireshark 1.0.2, which is not vulnerable to that.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7468 | | Related CVE(s): | CVE-2008-3145 | | Last Modified: | Jul 23 19:26:33 2008 |
| MD5 Checksum: | 9deb077f278a874b21006d319120b3bb |
|
| /// File Name: |
PR08-15.txt |
Description:
|
Moodle version 1.6.5 is vulnerable to web root disclosure issues.
| | Homepage: | http://www.procheckup.com/ | | File Size: | 2320 | | Last Modified: | Jul 23 19:19:09 2008 |
| MD5 Checksum: | 476269f39413dda45632d4b71746ac13 |
|
| /// File Name: |
CS-2008-2.txt |
Description:
|
SocialEngine versions below 2.83 suffer from an input validation vulnerability that allows for client take over.
| | Author: | Tim Loshak | | File Size: | 1341 | | Last Modified: | Jul 23 19:16:38 2008 |
| MD5 Checksum: | cd06e8756e37818b845ccfa76907f968 |
|
| /// File Name: |
FGA-2008-16-3.txt |
Description:
|
EMC Dantz Retrospect 7 Backup Server version 7.5.508 suffers from a weak password hash arithmetic vulnerability in the authentication module.
| | Author: | Zhenhua Liu | | Homepage: | http://www.fortinet.com/ | | File Size: | 2366 | | Last Modified: | Jul 23 19:08:16 2008 |
| MD5 Checksum: | 0e4381d6c4e9206769d3e16fded8c491 |
|
| /// File Name: |
sa31128.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been discovered in Apple Safari, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/31128/ | | File Size: | 2369 | | Last Modified: | Jul 23 18:36:39 2008 |
| MD5 Checksum: | 204aeb98e3ff9c6b2fbd8daec382c2dc |
|
| /// File Name: |
sa31161.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been discovered in YouTube Blog, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, disclose sensitive information, and compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/31161/ | | File Size: | 3134 | | Last Modified: | Jul 23 18:36:39 2008 |
| MD5 Checksum: | 3166ecf3acf6b51b41eb40664e27e5a8 |
|
| /// File Name: |
sa31171.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for mantis. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and malicious people to conduct cross-site scripting and request forgery attacks.
| | Homepage: | http://secunia.com/advisories/31171/ | | File Size: | 2202 | | Last Modified: | Jul 23 18:36:39 2008 |
| MD5 Checksum: | 10c9fcebe90651c8533c11d3b00c9ce0 |
|
| /// File Name: |
sa31187.txt |
Description:
|
Secunia Security Advisory - DreamTurk has reported a vulnerability in Pre Survey Poll, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/31187/ | | File Size: | 2088 | | Last Modified: | Jul 23 18:36:39 2008 |
| MD5 Checksum: | a7bef904906657637d31fc608595a035 |
|
| /// File Name: |
sa31188.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in the Forum plugin for Geeklog, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/31188/ | | File Size: | 2195 | | Last Modified: | Jul 23 18:36:39 2008 |
| MD5 Checksum: | 9bc8952218434a4bec3531bb255970f3 |
|
| /// File Name: |
sa31196.txt |
Description:
|
Secunia Security Advisory - ProCheckUp Ltd have reported two vulnerabilities in Moodle, which can be exploited by malicious users to conduct script insertion attacks, and by malicious people to conduct cross-site request forgery attacks.
| | Homepage: | http://secunia.com/advisories/31196/ | | File Size: | 3170 | | Last Modified: | Jul 23 18:36:39 2008 |
| MD5 Checksum: | 800388b0d38846f51e2a248bbdbe615e |
|
| /// File Name: |
sa31197.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in dnsmasq, which can be exploited by malicious people to cause a DoS (Denial of Service) and poison the DNS cache.
| | Homepage: | http://secunia.com/advisories/31197/ | | File Size: | 2755 | | Last Modified: | Jul 23 18:36:39 2008 |
| MD5 Checksum: | 8c2dbb8f32deb68e35a0f3c0cee19f8b |
|
| /// File Name: |
sa31199.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for dnsmasq. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
| | Homepage: | http://secunia.com/advisories/31199/ | | File Size: | 3469 | | Last Modified: | Jul 23 18:36:39 2008 |
| MD5 Checksum: | 61e308b22be78bd18b163e948544b204 |
|
| /// File Name: |
sa31201.txt |
Description:
|
Secunia Security Advisory - Digital Security Research Group have reported some vulnerabilities in Claroline, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/31201/ | | File Size: | 2876 | | Last Modified: | Jul 23 18:36:39 2008 |
| MD5 Checksum: | 532c4070327e6496da63edd38f3190c6 |
|
| /// File Name: |
sa31202.txt |
Description:
|
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges, and malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/31202/ | | File Size: | 5351 | | Last Modified: | Jul 23 18:36:39 2008 |
| MD5 Checksum: | d05d79168a10c1c78c8587026fcbaf07 |
|
| /// File Name: |
sa31204.txt |
Description:
|
Secunia Security Advisory - An updated version of IPCop has been released, which fixes some vulnerabilities in bzip2, dnsmasq, and snort, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and poison the DNS cache.
| | Homepage: | http://secunia.com/advisories/31204/ | | File Size: | 2168 | | Last Modified: | Jul 23 18:36:39 2008 |
| MD5 Checksum: | 36ecba9564e0bc19807ca00273aa2505 |
|
| /// File Name: |
sa31150.txt |
Description:
|
Secunia Security Advisory - Digital Security Research Group have discovered a vulnerability in Interact, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/31150/ | | File Size: | 2326 | | Last Modified: | Jul 22 22:07:19 2008 |
| MD5 Checksum: | 062c554500bd85a998db1d4421e7a100 |
|
| /// File Name: |
sa31156.txt |
Description:
|
Secunia Security Advisory - Cr@zy_King has reported a vulnerability in ShopCartDX, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/31156/ | | File Size: | 2084 | | Last Modified: | Jul 22 22:07:19 2008 |
| MD5 Checksum: | c695667ef2c4bcd939a653a173fc3d01 |
|
| /// File Name: |
sa31164.txt |
Description:
|
Secunia Security Advisory - Mr.SQL has reported a vulnerability in MojoJobs, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/31164/ | | File Size: | 2065 | | Last Modified: | Jul 22 22:07:19 2008 |
| MD5 Checksum: | f469022843c52e6f7315cb37f46dcf4a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
