Section: .. / Last 100 Advisory Files /
| /// File Name: | USN-913-1.txt | Description:
| Ubuntu Security Notice 913-1 - It was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. It was discovered that libpng did not properly handle certain excessively compressed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 17736 | | Related CVE(s): | CVE-2009-2042, CVE-2010-0205 | | Last Modified: | Mar 16 20:04:21 2010 | | MD5 Checksum: | e34dd3abb0e2d79fb917042a37af2af6 |
|
| /// File Name: | CORE-2009-0803.txt | Description:
| Core Security Technologies Advisory - A vulnerability found in the memory management of the Virtual Machine Monitor makes memory pages mapped above the 2GB available with read or read/write access to user-space programs running in a Guest operating system. | | Author: | Core Security Technologies,Diego Juarez,Nicolas A. Economou | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 36508 | | Last Modified: | Mar 16 19:53:29 2010 | | MD5 Checksum: | 936c26e59571a54c68f677c92c973253 |
|
| /// File Name: | USN-912-1.txt | Description:
| Ubuntu Security Notice 912-1 - It was discovered that Audio File Library contained a heap-based buffer overflow. If a user or automated system processed a crafted WAV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. The default compiler options for Ubuntu should reduce this vulnerability to a denial of service. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 15508 | | Related CVE(s): | CVE-2008-5824 | | Last Modified: | Mar 16 19:47:32 2010 | | MD5 Checksum: | cea5bb89800954462cbfdec1bfb278eb |
|
| /// File Name: | ZDI-10-032.txt | Description:
| Zero Day Initiative Advisory 10-032 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP MaxDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the serv.exe process which listens by default on TCP port 7210. The process trusts a value from a handshake packet and uses it as a length when copying data to the stack. If provided a malicious value and packet data, this can be leveraged to execute arbitrary code under the context of the SYSTEM user. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2648 | | Last Modified: | Mar 16 19:47:16 2010 | | MD5 Checksum: | e2375d89695fe12b1a00cc15adebefb0 |
|
| /// File Name: | ZDI-10-031.txt | Description:
| Zero Day Initiative Advisory 10-031 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable software utilizing Apple's WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to a failure to unregister a callback pointer during the destruction of a particular type of element when embedded inside a 'blink' container. The application dereferences the original resource which can can be leveraged by an attacker to execute arbitrary code under the context of the current user. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2910 | | Last Modified: | Mar 16 19:40:43 2010 | | MD5 Checksum: | 43ec94b162ba7d2b0766fafde3e3e294 |
|
| /// File Name: | dsa-2017-1.txt | Description:
| Debian Linux Security Advisory 2017-1 - Dan Rosenberg discovered that the PulseAudio sound server creates a temporary directory with a predictable name. This allows a local attacker to create a Denial of Service condition or possibly disclose sensitive information to unprivileged users. | | Author: | Debian | | Homepage: | http://www.debian.org/security | | File Size: | 59070 | | Related CVE(s): | CVE-2009-1299 | | Last Modified: | Mar 16 19:28:16 2010 | | MD5 Checksum: | c7940506ee2f24afcaa65332c6a54d6b |
|
| /// File Name: | ZDI-10-030.txt | Description:
| Zero Day Initiative Advisory 10-030 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari and other WebKit based browsers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of the run-in value for display CSS styles. A specially crafted web page can cause a use after free() condition in WebKit's WebCore::RenderBlock() method. This can be further leveraged by attackers to execute arbitrary code under the context of the current user. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2745 | | Last Modified: | Mar 16 19:23:46 2010 | | MD5 Checksum: | 01f4bf61bb7cbb5256b0ad70e2ff46d0 |
|
| /// File Name: | ZDI-10-029.txt | Description:
| Zero Day Initiative Advisory 10-029 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the WebCore's HTMLObjectElement::renderFallBackContent() method. By rewriting an HTML element via the document's innerHTML() method a memory corruption occurs resulting from a call-after-free. This can be leveraged to execute arbitrary code under the context of the current user. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2730 | | Related CVE(s): | CVE-2010-0050 | | Last Modified: | Mar 15 22:50:04 2010 | | MD5 Checksum: | 8ead72db8cf3df3d033a75fb0998dc6b |
|
| /// File Name: | dsa-2016-1.txt | Description:
| Debian Linux Security Advisory 2016-1 - Several vulnerabilities (SA-CORE-2010-001) have been discovered in drupal6, a fully-featured content management framework. | | Author: | Debian | | Homepage: | http://www.debian.org/security | | File Size: | 3982 | | Last Modified: | Mar 15 16:45:07 2010 | | MD5 Checksum: | 3afeca7667d6b60d40cd47e65bce1805 |
|
| /// File Name: | vupensafari-overflow.txt | Description:
| VUPEN Vulnerability Research Team discovered a vulnerability in Apple Safari. The flaw is caused by an integer overflow error in ColorSync when processing certain images with an embedded color profile, which could be exploited by attackers to potentially execute arbitrary code via a specially crafted web page. Versions prior to 4.0.5 are vulnerable. | | Author: | Sebastien Renaud | | Homepage: | http://www.vupen.com/ | | File Size: | 2475 | | Related CVE(s): | CVE-2010-0040 | | Last Modified: | Mar 12 18:05:36 2010 | | MD5 Checksum: | c8de629e8f529ce136e1977f175da33a |
|
| /// File Name: | USN-911-1.txt | Description:
| Ubuntu Security Notice 911-1 - It was discovered that several wiki actions and preference settings in MoinMoin were not protected from cross-site request forgery (CSRF). If an authenticated user were tricked into visiting a malicious website while logged into MoinMoin, a remote attacker could change the user's configuration or wiki content. It was discovered that MoinMoin did not properly sanitize its input when processing user preferences. An attacker could enter malicious content which when viewed by a user, could render in unexpected ways. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 5379 | | Related CVE(s): | CVE-2010-0668, CVE-2010-0669, CVE-2010-0717 | | Last Modified: | Mar 12 10:11:56 2010 | | MD5 Checksum: | 179c22aa8c5455e7896bd8ece2c0d474 |
|
| /// File Name: | dsa-2012-1.txt | Description:
| Debian Linux Security Advisory 2012-1 - Two vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. | | Author: | Debian | | Homepage: | http://www.debian.org/security | | File Size: | 35839 | | Related CVE(s): | CVE-2009-3725, CVE-2010-0622 | | Last Modified: | Mar 12 10:11:41 2010 | | MD5 Checksum: | d0826d7ce79b6e7442876c9a86165d73 |
|
| /// File Name: | 03.11.10-1.txt | Description:
| iDefense Security Advisory 03.11.10 - Remote exploitation of a memory corruption vulnerability in WebKit, as included with multiple vendors' browsers, could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when a certain property of an HTML element is reset via JavaScript code. When this occurs, a C++ object is incorrectly accessed after it has been freed. This results in an attacker controlled value being used as a C++ VTABLE, which leads to the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Google Chrome 3.0.195.38 and Safari 4.0.4. Previous versions are suspected to be vulnerable. A full list of affected Apple products can be found in Security Advisory APPLE-SA-2010-03-11-1 Safari 4.0.5. | | Author: | iDefense Labs,wushi | | Homepage: | http://www.idefense.com/ | | File Size: | 4088 | | Related CVE(s): | CVE-2010-0040 | | Last Modified: | Mar 11 20:21:21 2010 | | MD5 Checksum: | eff6f9943174490b261bb46a955f26ee |
|
| /// File Name: | dsa-2013-1.txt | Description:
| Debian Linux Security Advisory 2013-1 - Nahuel Grisolia discovered two vulnerabilities in Egroupware, a web-based may lead to the execution of arbitrary commands and a cross-site scripting vulnerability was discovered in the login page. | | Author: | Debian | | Homepage: | http://www.debian.org/security | | File Size: | 7435 | | Last Modified: | Mar 11 18:22:49 2010 | | MD5 Checksum: | 97f5f98b2702c940fec433fe369eccb6 |
|
| /// File Name: | MDVSA-2010-061.txt | Description:
| Mandriva Linux Security Advisory 2010-061 - sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name. The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists after the program exits. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8905 | | Related CVE(s): | CVE-2010-0790, CVE-2010-0791 | | Last Modified: | Mar 11 17:30:57 2010 | | MD5 Checksum: | 8eddb3ad2d5d24403b0b99e52c566d3b |
|
| /// File Name: | ZDI-10-027.txt | Description:
| Zero Day Initiative Advisory 10-027 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Skype. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists with how the OS web-browser passes command line arguments to Skype through the registered 'skype:' protocol handler. Insufficient sanity checking to the /datapath argument allows an attacker to construct a link that will execute Skype with arbitrary arguments. This can be abused to specify a remote configuration storage directory which can be leveraged to glean target user credentials. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3574 | | Last Modified: | Mar 11 17:29:44 2010 | | MD5 Checksum: | a5b3d84df1886a5f304313233a95f00f |
|
| /// File Name: | ZDI-10-028.txt | Description:
| Zero Day Initiative Advisory 10-028 - This vulnerability allows remote attackers to remove arbitrary XML files on vulnerable installations of Skype. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in Skype's handling of the 'skype-plugin:' protocol. An attacker can specify a malicious URI, that upon clicking, will trigger the deletion of an arbitrary attacker specified XML file. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3137 | | Last Modified: | Mar 11 17:29:18 2010 | | MD5 Checksum: | 793f05951ab9ec0a9302555f95d6603b |
|
| /// File Name: | USN-909-1.txt | Description:
| Ubuntu Security Notice 909-1 - William Grant discovered that dpkg-source did not safely apply diffs when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 11987 | | Related CVE(s): | CVE-2010-0396 | | Last Modified: | Mar 11 11:24:59 2010 | | MD5 Checksum: | 7d4e4c416e8850722bfebfb1f166c1df |
|
| /// File Name: | dsa-2011-1.txt | Description:
| Debian Linux Security Advisory 2011-1 - William Grant discovered that the dpkg-source component of dpkg, the low-level infrastructure for handling the installation and removal of Debian software packages, is vulnerable to path traversal attacks. A specially crafted Debian source package can lead to file modification outside of the destination directory when extracting the package content. | | Author: | Debian | | Homepage: | http://www.debian.org/security | | File Size: | 7029 | | Related CVE(s): | CVE-2010-0396 | | Last Modified: | Mar 11 11:23:39 2010 | | MD5 Checksum: | c4b2f418358eb264d4bb4d72a3b63d6a |
|
| /// File Name: | MDVSA-2010-060.txt | Description:
| Mandriva Linux Security Advisory 2010-060 - The htcpHandleTstRequest function in htcp.c in Squid 2.x and 3.0 through 3.0.STABLE23 allows remote attackers to cause a denial of service (crash) via crafted packets to the HTCP port, which triggers a NULL pointer dereference. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5924 | | Related CVE(s): | CVE-2010-0639 | | Last Modified: | Mar 10 21:34:20 2010 | | MD5 Checksum: | 414b8437f31d74850426f8a525a3e1e8 |
|
| /// File Name: | USN-908-1.txt | Description:
| Ubuntu Security Notice 908-1 - It was discovered that mod_proxy_ajp did not properly handle errors when a client doesn't send a request body. A remote attacker could exploit this with a crafted request and cause a denial of service. This issue affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. It was discovered that Apache did not properly handle headers in subrequests under certain conditions. A remote attacker could exploit this with a crafted request and possibly obtain sensitive information from previous requests. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 38935 | | Related CVE(s): | CVE-2010-0408, CVE-2010-0434 | | Last Modified: | Mar 10 21:26:31 2010 | | MD5 Checksum: | c325fa7847fc469032e3592c119cde4f |
|
| /// File Name: | MDVSA-2010-059.txt | Description:
| Mandriva Linux Security Advisory 2010-059 - Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 18565 | | Related CVE(s): | CVE-2009-3940 | | Last Modified: | Mar 10 21:26:09 2010 | | MD5 Checksum: | 48a4c84f6d63d9b13bd485a788bc892d |
|
| /// File Name: | secunia-xnviewdicom.txt | Description:
| Secunia Research has discovered a vulnerability in XnView, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an integer overflow when processing DICOM images with certain dimensions. This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into opening a specially crafted DICOM file. Version 1.97 is affected. | | Author: | Stefan Cornelius | | Homepage: | http://secunia.com/ | | File Size: | 4126 | | Related CVE(s): | CVE-2009-4001 | | Last Modified: | Mar 10 21:23:39 2010 | | MD5 Checksum: | 06aae772fe010c07ca5d04fd20ac13e2 |
|
| /// File Name: | excel-codeexec.txt | Description:
| VUPEN Vulnerability Research Team discovered a critical vulnerability affecting Microsoft Office Excel. The flaw is caused by a memory corruption error when processing malformed "EntExU2" records in an Excel document, which could be exploited by attackers to execute arbitrary code. | | Author: | Nicolas JOLY | | Homepage: | http://www.vupen.com/ | | File Size: | 2681 | | Related CVE(s): | CVE-2010-0257 | | Last Modified: | Mar 10 21:21:05 2010 | | MD5 Checksum: | f66a1be4abfb1a54cae69d7791394e13 |
|
| /// File Name: | secunia-etsdisclose.txt | Description:
| Secunia Research has discovered security issue in Employee Timeclock Software, which can be exploited by malicious, local users to disclose sensitive information. The security issue is caused due to the application passing the database password via the command line to the "mysqldump" utility, which potentially can be exploited to disclose the password via the process list. Version 0.99 is affected. | | Homepage: | http://secunia.com/ | | File Size: | 4385 | | Related CVE(s): | CVE-2010-0124 | | Last Modified: | Mar 10 10:57:24 2010 | | MD5 Checksum: | 5c55f50ca9c91dbe8978a3bb60746a6c |
|
| /// File Name: | secunia-etssql.txt | Description:
| Secunia Research has discovered some vulnerabilities in Employee Timeclock Software, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "username" and "password" parameters in auth.php and login_action.php is not properly sanitized before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Version 0.99 is affected. | | Homepage: | http://secunia.com/ | | File Size: | 4407 | | Related CVE(s): | CVE-2010-0122 | | Last Modified: | Mar 10 10:55:45 2010 | | MD5 Checksum: | 97deca06ff6efb5d59e274ff9355eacb |
|
| /// File Name: | tarcpio-overflow.txt | Description:
| GNU Tar and GNU Cpio suffer from a heap-based buffer overflow vulnerability. Tar versions prior to 1.23 and Cpio versions prior to 2.11 are affected. | | Author: | Jakob Lell | | File Size: | 5110 | | Related CVE(s): | CVE-2010-0624 | | Last Modified: | Mar 10 10:48:29 2010 | | MD5 Checksum: | f12725e9c18845e64dcff526a6f7d29f |
|
| /// File Name: | secunia-etsb.txt | Description:
| Secunia Research has discovered security issue in Employee Timeclock Software, which can be exploited by malicious people to disclose sensitive information. The database backup functionality stores the database backup with a semi-predictable file name inside the web root. This can be exploited to download the backup by guessing the file name. Version 0.99 is affected. | | Homepage: | http://secunia.com/ | | File Size: | 4397 | | Related CVE(s): | CVE-2010-0123 | | Last Modified: | Mar 10 10:44:55 2010 | | MD5 Checksum: | 691c19edbe543e11cd7b2a8326ea3cd9 |
|
| /// File Name: | 03.09.10-4.txt | Description:
| iDefense Security Advisory 03.09.10 - Remote exploitation of a heap overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an MDXTUPLE record inside of the Excel Workbook globals stream. This record is used to store metadata for external data connections in the workbook. The vulnerability occurs when a MDXTUPLE record is broken up into several records. This could allow an attacker to trigger a heap based buffer overflow by controlling both the allocation size of a heap buffer and the number of bytes copied into this buffer. iDefense has confirmed the existence of this vulnerability in Excel versions 2007 SP0, SP1, and SP2. Previous versions do not appear to be affected as they do not support parsing the record that triggers the vulnerability. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017. | | Author: | Sean Larsson,iDefense Labs | | Homepage: | http://www.idefense.com/ | | File Size: | 3817 | | Related CVE(s): | CVE-2010-0260 | | Last Modified: | Mar 10 10:20:50 2010 | | MD5 Checksum: | 361cae51b434d20705f58c6f7cde7793 |
|
| /// File Name: | 03.09.10-3.txt | Description:
| iDefense Security Advisory 03.09.10 - Remote exploitation of a heap overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an MDXSET record inside of the Excel Workbook globals stream. This record is used to store metadata for external data connections in the workbook. The vulnerability occurs when a MDXSET record is broken up into several records. This could allow an attacker to trigger a heap based buffer overflow by controlling both the allocation size of a heap buffer and the number of bytes copied into this buffer. iDefense has confirmed the existence of this vulnerability in Excel versions 2007 SP0, SP1, and SP2. Previous versions do not appear to be affected as they do not support parsing the record that triggers the vulnerability. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017. | | Author: | Sean Larsson,iDefense Labs | | Homepage: | http://www.idefense.com/ | | File Size: | 3813 | | Related CVE(s): | CVE-2010-0261 | | Last Modified: | Mar 10 10:19:19 2010 | | MD5 Checksum: | fcd3d4df59f6a8656e954ecae6950e45 |
|
| /// File Name: | 03.09.10-2.txt | Description:
| iDefense Security Advisory 03.09.10 - Remote exploitation of an uninitialized memory vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs due to Excel using a local function variable without properly initializing it. This error occurs when parsing several related records inside of an Excel worksheet. When Excel parses certain records in a particular order, a stack variable may not be initialized properly. If an attacker can control the area of memory used for this variable, then it is possible to execute arbitrary code on the targeted host. iDefense has confirmed the existence of this vulnerability in Excel versions 2003 SP3, 2007 SP0, SP1, and SP3 . Previous versions do not appear to be affected. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017. | | Author: | Sean Larsson,iDefense Labs | | Homepage: | http://www.idefense.com/ | | File Size: | 3939 | | Related CVE(s): | CVE-2010-0262 | | Last Modified: | Mar 10 10:17:18 2010 | | MD5 Checksum: | 4c6d869c98aaa46c8b7d0dec92b565e3 |
|
| /// File Name: | 03.09.10-1.txt | Description:
| iDefense Security Advisory 03.09.10 - Remote exploitation of a type confusion vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability is a type confusion vulnerability that occurs when parsing several related Excel record types. In this case, the type confusion is due to multiple records containing fields that identify the type of an object shared between them. By controlling memory outside of the bounds of the allocated heap chunk, an attacker can control a C++ object pointer used in a virtual function call. This can result in an area of memory being treated as a different type of object than it actually is, resulting in access outside of the bounds of the allocated object. iDefense has confirmed the existence of this vulnerability in all currently supported versions of Excel (2007 SP1/SP2, 2003 SP3, XP SP3), and also the currently unsupported Excel 2000 SP3. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017. | | Author: | Sean Larsson,iDefense Labs | | Homepage: | http://www.idefense.com/ | | File Size: | 4148 | | Related CVE(s): | CVE-2010-0258 | | Last Modified: | Mar 10 10:09:49 2010 | | MD5 Checksum: | bc5319861ff9ff807a6e7bfce8180ecb |
|
| /// File Name: | dsa-2009-1.txt | Description:
| Debian Linux Security Advisory 2009-1 - It was discovered that tdiary, a communication-friendly weblog system, is prone to a cross-site scripting vulnerability due to insufficient input sanitizing in the TrackBack transmission plugin. | | Author: | Debian | | Homepage: | http://www.debian.org/security | | File Size: | 3903 | | Related CVE(s): | CVE-2010-0726 | | Last Modified: | Mar 10 10:04:15 2010 | | MD5 Checksum: | 17479d9fa7fc431d68a341d436fda6a2 |
|
| /// File Name: | TA10-068A.txt | Description:
| Technical Cyber Security Alert 2010-68A - Microsoft has released updates to address vulnerabilities in Microsoft Windows and Microsoft Office. | | Author: | US-CERT | | Homepage: | http://www.us-cert.gov/ | | File Size: | 3802 | | Last Modified: | Mar 9 18:18:07 2010 | | MD5 Checksum: | 52a06df4c61def449f7f9c9f8bcad8b7 |
|
| /// File Name: | CORE-2009-1103.txt | Description:
| Core Security Technologies Advisory - A memory corruption occurs on Microsoft Office Excel 2002 when parsing a .XLS file with a malformed DbOrParamQry record. This vulnerability could be used by a remote attacker to execute arbitrary code in the context of the currently logged on user, by enticing the user to open a specially crafted file. | | Author: | Core Security Technologies,Damian Frizza | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 7741 | | Related CVE(s): | CVE-2010-0264 | | Last Modified: | Mar 9 18:13:44 2010 | | MD5 Checksum: | 3b4084cc3bd02ec3abcf8034a1cd52e2 |
|
| /// File Name: | CORE-2009-0813.txt | Description:
| Core Security Technologies Advisory - A vulnerability was found in Windows Movie Maker and Microsoft Producer, which can be triggered by a remote attacker by sending a specially crafted file and enticing the user to open it. This vulnerability results in a write access violation and can lead to remote code execution. | | Author: | Core Security Technologies,Damian Frizza | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 12942 | | Related CVE(s): | CVE-2010-0265 | | Last Modified: | Mar 9 18:11:06 2010 | | MD5 Checksum: | c616fcba3c0a93ba3996a3ca8d8818b9 |
|
| /// File Name: | MDVSA-2010-058.txt | Description:
| Mandriva Linux Security Advisory 2010-058 - Multiple vulnerabilities have been found and corrected in PHP. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 62736 | | Last Modified: | Mar 9 18:06:23 2010 | | MD5 Checksum: | 07bda32325dbbfc3f66329dadbc38dc9 |
|
| /// File Name: | ZDI-10-026.txt | Description:
| Zero Day Initiative Advisory 10-026 - This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Hewlett-Packard Performance Insight. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the helpmanager servlet running on the Performance Insight web server. Insufficient input validation and authentication allows for arbitrary JSP pages to be uploaded which can be leveraged to execute arbitrary OS commands. Exploitation of this vulnerability allows an attacker to gain control of the affected system under SYSTEM credentials. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3057 | | Related CVE(s): | CVE-2010-0447 | | Last Modified: | Mar 9 18:02:35 2010 | | MD5 Checksum: | 7e8b4a4e56efc310c9d29affb2ee9a3f |
|
| /// File Name: | HPSBMA02489-SSRT090065.txt | Description:
| HP Security Bulletin - A potential vulnerability has been identified with HP Performance Insight. The vulnerability could be exploited remotely to execute arbitrary commands. | | Homepage: | http://www.hp.com/ | | File Size: | 6868 | | Related CVE(s): | CVE-2010-0447 | | Last Modified: | Mar 9 17:50:54 2010 | | MD5 Checksum: | d32dd84a89acc0ff85800e4c96e86450 |
|
| /// File Name: | ZDI-10-025.txt | Description:
| Zero Day Initiative Advisory 10-025 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the decompression of XLSX files. The XLSX file is a ZIP archive of the associated content making up the new Open XML Document. Due to the lack of validation on the ZIP header when decompressing certain XML elements it is possible to execute uninitialized memory. Successful exploitation can lead to remote code execution under the credentials of the currently logged in user. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2575 | | Related CVE(s): | CVE-2010-0263 | | Last Modified: | Mar 9 16:44:29 2010 | | MD5 Checksum: | 345ea63cd930dcb5de4c5273d9c5df54 |
|
| /// File Name: | dsa-2008-1.txt | Description:
| Debian Linux Security Advisory 2008-1 - Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. | | Author: | Debian | | Homepage: | http://www.debian.org/security | | File Size: | 3554 | | Last Modified: | Mar 8 21:08:11 2010 | | MD5 Checksum: | c46bf7d8dec6a12a4086dae8214e55c0 |
|
| /// File Name: | USN-907-1.txt | Description:
| Ubuntu Security Notice 907-1 - It was discovered that gnome-screensaver did not correctly lock all screens when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. It was discovered that gnome-screensaver did not correctly handle keyboard grab when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. This issue only affected Ubuntu 9.10. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 6239 | | Related CVE(s): | CVE-2010-0285, CVE-2010-0422 | | Last Modified: | Mar 8 17:08:49 2010 | | MD5 Checksum: | 0779341d5cb6e3ff11a2489dcba18547 |
|
| /// File Name: | MDVSA-2010-057.txt | Description:
| Mandriva Linux Security Advisory 2010-057 - The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 29843 | | Related CVE(s): | CVE-2010-0434 | | Last Modified: | Mar 8 16:23:47 2010 | | MD5 Checksum: | c235dd13d9ace6a2ca8327b6437ee2a6 |
|
| /// File Name: | SOS-10-002.txt | Description:
| By sending a specially crafted request followed by a reset packet it is possible to trigger a vulnerability in Apache 2.2.14 mod_isapi that will unload the target ISAPI module from memory. However function pointers still remain in memory and are called when published ISAPI functions are referenced. This results in a dangling pointer vulnerability. Successful exploitation results in the execution of arbitrary code with SYSTEM privileges. | | Author: | Brett Gervasoni | | Homepage: | http://www.senseofsecurity.com/ | | Related Exploit: | pwn-isapi.cpp.txt | | File Size: | 2870 | | Related CVE(s): | CVE-2010-0425 | | Last Modified: | Mar 6 11:09:03 2010 | | MD5 Checksum: | b7b7f8d25e9287a5b3e772f09fb7d8eb |
|
| /// File Name: | ncpfs-race.txt | Description:
| The ncpmount, ncpumount, and ncplogin utilities, installed as part of the ncpfs package, contain race conditions, information disclosures, and denial of service vulnerabilities. | | Author: | Dan Rosenberg | | File Size: | 2394 | | Related CVE(s): | CVE-2010-0788, CVE-2010-0790, CVE-2010-0791 | | Last Modified: | Mar 6 10:45:27 2010 | | MD5 Checksum: | c4f3190c00d9db2fd6a2e8908227013d |
|
| /// File Name: | junipersa-xss.txt | Description:
| Juniper Secure Access suffers from a cross site scripting vulnerability. SA Appliances running Juniper IVE OS 6.0 or higher are affected. | | Author: | Logica | | File Size: | 4333 | | Last Modified: | Mar 6 10:42:52 2010 | | MD5 Checksum: | 9b36886cd72016decdf7d91f17eadadc |
|
| /// File Name: | MDVSA-2010-055.txt | Description:
| Mandriva Linux Security Advisory 2010-055 - Denial of service, buffer overflows, integer overflows and other issues have been addressed in Poppler. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8885 | | Related CVE(s): | CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183, CVE-2009, CVE-2009-1188, CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606, CVE-2009-3607, CVE-2009-3608, CVE-2009-3609, CVE-2009-3938 | | Last Modified: | Mar 6 10:35:47 2010 | | MD5 Checksum: | 2455a21c0c713d92832579ab90a1b22b |
|
| /// File Name: | 03.04.10-1.txt | Description:
| iDefense Security Advisory 03.04.10 - Remote exploitation of an integer overflow vulnerability in Autonomy's KeyView Filter SDK allows attackers to execute arbitrary code with the privileges of the targeted application. This vulnerability occurs when processing specially crafted documents. When processing such a document, the software reads an integer value from the file and uses this integer, without validation, in an arithmetic operation to calculate the amount of memory to allocate. If a sufficiently large number is supplied, the calculation overflows, resulting in a buffer of insufficient size being allocated. The software then proceeds to copy data into this under-sized buffer. This results in an exploitable heap buffer overflow condition. | | Author: | Joshua J. Drake ,iDefense Labs | | Homepage: | http://www.idefense.com/ | | File Size: | 4991 | | Related CVE(s): | CVE-2009-3032 | | Last Modified: | Mar 5 16:18:30 2010 | | MD5 Checksum: | 02061082038dac3eab8518904cc3a6a6 |
|
| /// File Name: | bsplayerml-overflow.txt | Description:
| BS.Player version 2.51 build 1022 (Media Library) suffers from a remote buffer overflow vulnerability. | | Author: | LiquidWorm | | File Size: | 2569 | | Last Modified: | Mar 5 16:11:55 2010 | | MD5 Checksum: | db8e6e9a787fd586eb5a106e6dbfb0f8 |
|
| /// File Name: | vlcmediaplayer-overflow.txt | Description:
| VLC Media Player version 1.0.5 Goldeneye suffers from a remote buffer overflow vulnerability. | | Author: | LiquidWorm | | File Size: | 2006 | | Last Modified: | Mar 5 16:08:09 2010 | | MD5 Checksum: | a86824aea954354508bf9ecfd6099526 |
|
| /// File Name: | jriver-overflow.txt | Description:
| J. River Media Jukebox 12 suffers from a MP3 file handling remote heap overflow vulnerability. | | Author: | LiquidWorm | | File Size: | 2533 | | Last Modified: | Mar 5 16:05:58 2010 | | MD5 Checksum: | 4ef3d7f8666627eda39eb3258ecd945a |
|
| /// File Name: | NSOADV-2010-006.txt | Description:
| Remote exploitation of a buffer overflow vulnerability in Authentium Command On Demand Online scanner service could allow an attacker to execute arbitrary code within the security context of the targeted user. | | Author: | Nikolas Sotiriu | | Related Exploit: | NSOPOC-2010-006.zip | | File Size: | 5578 | | Last Modified: | Mar 5 14:58:44 2010 | | MD5 Checksum: | 3ce799d522b4cfb1294d7eca4e2dfb2a |
|
| /// File Name: | fcrontab-race.txt | Description:
| fcrontab, part of the fcron scheduler, is vulnerable to several race conditions that allow a local attacker to use symbolic links to read unauthorized files. Versions before 3.0.5 are affected. | | Author: | Dan Rosenberg | | File Size: | 1154 | | Related CVE(s): | CVE-2010-0792 | | Last Modified: | Mar 5 14:35:20 2010 | | MD5 Checksum: | ee1afe06e1fc4171975ed438e0aabf5e |
|
| /// File Name: | CA20100304-01.txt | Description:
| CA's support is alerting customers to a security risk with CA SiteMinder. Multiple cross site scripting (XSS) vulnerabilities exist that can allow a remote attacker to potentially gain sensitive information. CA has provided guidance to remediate the vulnerability. | | Author: | Ken Williams | | Homepage: | http://www3.ca.com/ | | File Size: | 3176 | | Related CVE(s): | CVE-2009-3731 | | Last Modified: | Mar 4 23:06:25 2010 | | MD5 Checksum: | c5e4abac93849cb90447a5c73fd5b883 |
|
| /// File Name: | MDVSA-2010-054.txt | Description:
| Mandriva Linux Security Advisory 2010-054 - Pam_krb5 2.2.14 through 2.3.4 generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. This update provides the version 2.3.5 of pam_krb5, which is not vulnerable to this issue. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3214 | | Related CVE(s): | CVE-2009-1384 | | Last Modified: | Mar 4 23:03:37 2010 | | MD5 Checksum: | ef415f90257e771135bf236a39a74697 |
|
| /// File Name: | VMSA-2010-0004.txt | Description:
| VMware Security Advisory - Updates have been issues for ESX Service Console newt, nfs-utils, and glib2 packages. vMA updates for newt, nfs-util, glib2, kpartx, libvolume-id, device-mapper-multipath, fipscheck, dbus, dbus-libs, ed, openssl, bind, expat, openssh, ntp and kernel packages have also been issued. | | Homepage: | http://www.vmware.com/ | | File Size: | 20620 | | Related CVE(s): | CVE-2009-2905, CVE-2008-4552, CVE-2008-4316, CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387, CVE-2009-0590, CVE-2009-4022, CVE-2009-3560, CVE-2009-3720, CVE-2009-2904, CVE-2009-3563, CVE-2009-2695, CVE-2009-2849, CVE-2009-2695, CVE-2009-2908, CVE-2009-3228, CVE-2009-3286, CVE-2009-3547, CVE-2009-3613, CVE-2009-3612, CVE-2009-3620, CVE-2009-3621, CVE-2009-3726, CVE-2008-3916, CVE-2009-1189, CVE-2009-0115 | | Last Modified: | Mar 4 22:32:24 2010 | | MD5 Checksum: | e7771d8406b79f65ee870397e15c5e8a |
|
| /// File Name: | dsa-2007-1.txt | Description:
| Debian Linux Security Advisory 2007-1 - Ronald Volgers discovered that the lppasswd component of the cups suite, the Common UNIX Printing System, is vulnerable to format string attacks due to insecure use of the LOCALEDIR environment variable. An attacker can abuse this behaviour to execute arbitrary code via crafted localization files and triggering calls to _cupsLangprintf(). This works as the lppasswd binary happens to be installed with setuid 0 permissions. | | Author: | Debian | | Homepage: | http://www.debian.org/security | | File Size: | 18385 | | Related CVE(s): | CVE-2010-0393 | | Last Modified: | Mar 4 22:31:50 2010 | | MD5 Checksum: | e2eadef2b930afc5b158fdb9f0cd4593 |
|
| /// File Name: | ZSL-2010-4929.txt | Description:
| Deimos Kasa versions 2.58 and below suffer from a local integer overflow vulnerability. | | Author: | LiquidWorm | | File Size: | 1225 | | Last Modified: | Mar 3 17:10:26 2010 | | MD5 Checksum: | aff495543ea775a39ac10c39b4da1e1d |
|
| /// File Name: | cisco-sa-20100303-dmp.txt | Description:
| Cisco Security Advisory - A vulnerability exists in the Cisco Digital Media Player that could allow an unauthenticated attacker to inject video or data content into a remote display. | | Author: | Cisco Systems | | Homepage: | http://www.cisco.com/ | | File Size: | 10311 | | Related CVE(s): | CVE-2010-0573 | | Last Modified: | Mar 3 16:59:38 2010 | | MD5 Checksum: | 761596ce9c824b2c8dc4fcdfed2a5380 |
|
| /// File Name: | cisco-sa-20100303-cucm.txt | Description:
| Cisco Security Advisory - Cisco Unified Communications Manager (formerly Cisco CallManager) contains multiple denial of service (DoS) vulnerabilities that if exploited could cause an interruption of voice services. The Session Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and Computer Telephony Integration (CTI) Manager services are affected by these vulnerabilities. | | Author: | Cisco Systems | | Homepage: | http://www.cisco.com/ | | File Size: | 18602 | | Related CVE(s): | CVE-2010-0587, CVE-2010-0588, CVE-2010-0590, CVE-2010-0591, CVE-2010-0592 | | Last Modified: | Mar 3 16:18:25 2010 | | MD5 Checksum: | 8f79a3ba09942f130027f105ff436d73 |
|
| /// File Name: | USN-906-1.txt | Description:
| Ubuntu Security Notice 906-1 - It was discovered that the CUPS scheduler did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service. Ronald Volgers discovered that the CUPS lppasswd tool could be made to load localized message strings from arbitrary files by setting an environment variable. A local attacker could exploit this with a format-string vulnerability leading to a root privilege escalation. The default compiler options for Ubuntu 8.10, 9.04 and 9.10 should reduce this vulnerability to a denial of service. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 43536 | | Related CVE(s): | CVE-2009-3553, CVE-2010-0302, CVE-2010-0393 | | Last Modified: | Mar 3 16:12:43 2010 | | MD5 Checksum: | 2a2daef48fbe21b5cab2ae0d59be49a5 |
|
| /// File Name: | glsa-201003-01.txt | Description:
| Gentoo Linux Security Advisory 201003-1 - Two vulnerabilities in sudo might allow local users to escalate privileges and execute arbitrary code with root privileges. Versions less than 1.7.2_p4 are affected. | | Author: | Gentoo | | Homepage: | http://security.gentoo.org | | File Size: | 3007 | | Last Modified: | Mar 3 16:10:59 2010 | | MD5 Checksum: | 9e00ee59e6a6c0091ba4c3af4f8739d5 |
|
| /// File Name: | ZDI-10-024.txt | Description:
| Zero Day Initiative Advisory 10-024 - This vulnerability allows remote attackers to deny services on vulnerable installations of Novell eDirectory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NDS daemon's SOAP service. When a malformed request is made to the novell.embox.connmgr.serverinfo SOAP action, the daemon makes an illegal reference thereby resulting in a denial of service. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2532 | | Last Modified: | Mar 2 21:54:10 2010 | | MD5 Checksum: | e25b3e2ca0cc4c489707de4ee829e336 |
|
| /// File Name: | dsa-2006-1.txt | Description:
| Debian Linux Security Advisory 2006-1 - Several vulnerabilities have been discovered in sudo, a program designed to allow a sysadmin to give limited root privileges to users database server. | | Author: | Debian | | Homepage: | http://www.debian.org/security | | File Size: | 7081 | | Related CVE(s): | CVE-2010-0426, CVE-2010-0427 | | Last Modified: | Mar 2 21:52:46 2010 | | MD5 Checksum: | 5776920f8194143cf7a9406ee7a62548 |
|
| /// File Name: | MDVSA-2010-053.txt | Description:
| Mandriva Linux Security Advisory 2010-053 - mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent after request headers indicate a request body is incoming; this is not a case of HTTP_INTERNAL_SERVER_ERROR. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 29547 | | Related CVE(s): | CVE-2010-0408 | | Last Modified: | Mar 2 21:27:09 2010 | | MD5 Checksum: | ae046a50754226da45275ca539cae606 |
|
| /// File Name: | 03.02.10-1.txt | Description:
| iDefense Security Advisory 03.02.10 - Remote exploitation of a stack-based buffer overflow vulnerability in IBM Corp.'s Lotus Domino Web Access ActiveX control could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerable function takes an attacker-controlled URL, and copies it into a fixed-size stack buffer. No validation checks are performed on the length of the URL. By passing in a long URL string, it is possible to trigger a stack-based buffer overflow, resulting in the execution of arbitrary code. | | Author: | Elazar Broad,iDefense Labs | | Homepage: | http://www.idefense.com/ | | File Size: | 3783 | | Last Modified: | Mar 2 21:16:51 2010 | | MD5 Checksum: | 0f49ae12b79795b324cf97c77a4b8051 |
|
| /// File Name: | ZDI-10-023.txt | Description:
| Zero Day Initiative Advisory 10-023 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of both IBM Informix Dynamic Server and EMC Legato Networker. User interaction is not required to exploit this vulnerability. The specific flaw exists within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. During authentication, a lack of a proper signedness check on a supplied parameter size can result in exploitable stack based buffer overflow leading to arbitrary code execution under the context of the SYSTEM user. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3293 | | Related CVE(s): | CVE-2009-2754 | | Last Modified: | Mar 1 18:00:17 2010 | | MD5 Checksum: | bfe5991f25e572c54d036c3558654afb |
|
| /// File Name: | ZDI-10-022.txt | Description:
| Zero Day Initiative Advisory 10-022 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of both IBM Informix Dynamic Server and EMC Legato Networker. User interaction is not required to exploit this vulnerability. The specific flaws exist within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. During authentication, a lack of proper sanity checking on supplied parameter sizes can result in exploitable stack and heap based buffer overflows leading to arbitrary code execution under the context of the SYSTEM user. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3158 | | Related CVE(s): | CVE-2009-2753 | | Last Modified: | Mar 1 17:59:47 2010 | | MD5 Checksum: | 4f1940f7c958b1b4c493bc34e7b08225 |
|
| /// File Name: | MDVSA-2010-052.txt | Description:
| Mandriva Linux Security Advisory 2010-052 - sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. The updated packages have been patched to correct this issue. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3018 | | Related CVE(s): | CVE-2010-0427 | | Last Modified: | Mar 1 17:59:32 2010 | | MD5 Checksum: | 5771b261d5cf844262338f82154f65d2 |
|
| /// File Name: | dsa-2005-1.txt | Description:
| Debian Linux Security Advisory 2005-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. Note that this advisory says DSA-2004-1 but it is actually DSA-2005-1. | | Author: | Debian | | Homepage: | http://www.debian.org/security | | File Size: | 30331 | | Related CVE(s): | CVE-2009-2691, CVE-2009-2695, CVE-2009-3080, CVE-2009-3726, CVE-2009-3889, CVE-2009-4005, CVE-2009-4020, CVE-2009-4021, CVE-2009-4138, CVE-2009-4308, CVE-2009-4536, CVE-2009-4538, CVE-2010-0003, CVE-2010-0007, CVE-2010-0291, CVE-2010-0410, CVE-2010-0415, CVE-2010-0622 | | Last Modified: | Mar 1 16:20:35 2010 | | MD5 Checksum: | 6df548355a759babe2620aa7553824b3 |
|
| /// File Name: | MDVSA-2010-051.txt | Description:
| Mandriva Linux Security Advisory 2010-051 - Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5846 | | Related CVE(s): | CVE-2009-1571 | | Last Modified: | Mar 1 15:00:58 2010 | | MD5 Checksum: | 52c29b36b535a4e076f4d244b53c6d8c |
|
| /// File Name: | ZSL-2010-4928.txt | Description:
| ExtCalendar version 2.0 Beta 2 suffers from a cross site scripting vulnerability. | | Author: | LiquidWorm | | File Size: | 2010 | | Last Modified: | Feb 28 14:33:18 2010 | | MD5 Checksum: | 14a01ecebc1f2aca941cc89b1321c089 |
|
| /// File Name: | USN-905-1.txt | Description:
| Ubuntu Security Notice 905-1 - It was discovered that sudo did not properly validate the path for the 'sudoedit' pseudo-command. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use sudoedit. The sudoedit pseudo-command is not used in the default installation of Ubuntu. It was discovered that sudo did not reset group permissions when the 'runas_default' configuration option was used. A local attacker could exploit this to escalate group privileges if sudo was configured to allow the attacker to run commands under the runas_default account. The runas_default configuration option is not used in the default installation of Ubuntu. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 12730 | | Related CVE(s): | CVE-2010-0426, CVE-2010-0427 | | Last Modified: | Feb 26 19:07:35 2010 | | MD5 Checksum: | 230ebfb801c7dd3050506c6006b4fd98 |
|
| /// File Name: | MDVSA-2010-050.txt | Description:
| Mandriva Linux Security Advisory 2010-050 - This release fixes several important issues to help prevent a detection bypass and denial of service attacks against ModSecurity. Quite a few small but notable bugs were fixed. The latest Core Ruleset (2.0.5) is included. This update provides mod_security 2.5.12, which is not vulnerable to these issues. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3505 | | Last Modified: | Feb 26 14:33:22 2010 | | MD5 Checksum: | 0fccabbaf71e2011697935542bdec54c |
|
| /// File Name: | getplus-validation.txt | Description:
| getPlus suffers from an insufficient domain name validation vulnerability. A new Adobe Download Manager was released that resolves this issue. | | Author: | Yorick Koster | | Homepage: | http://www.akitasecurity.nl/ | | File Size: | 10829 | | Related CVE(s): | CVE-2010-0189 | | Last Modified: | Feb 26 14:30:00 2010 | | MD5 Checksum: | 3fdb375f69fdba6afb5d299261d069a8 |
|
| /// File Name: | AST-2010-003.txt | Description:
| Asterisk Project Security Advisory - Host access rules using permit= and deny= configurations behave unpredictably if the CIDR notation /0 is used. Depending on the system's behavior, this may act as desired, but in other cases it might not, thereby allowing access from hosts that should be denied. | | Author: | Mark Michelson | | Homepage: | http://www.asterisk.org/security | | File Size: | 9755 | | Last Modified: | Feb 26 14:26:09 2010 | | MD5 Checksum: | 96b5d56898cb42ff746d93184ad1b2cd |
|
| /// File Name: | MDVSA-2010-049.txt | Description:
| Mandriva Linux Security Advisory 2010-049 - sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4916 | | Related CVE(s): | CVE-2010-0426 | | Last Modified: | Feb 26 14:15:26 2010 | | MD5 Checksum: | ce54f70bd3712518207c76a2bbe77157 |
|
| /// File Name: | MDVSA-2010-048.txt | Description:
| Mandriva Linux Security Advisory 2010-048 - Roundcube 0.3.1 and earlier does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages, which makes it easier for remote attackers to determine the network location of the webmail user by logging DNS requests. The updated packages have been patched to correct this issue. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2475 | | Related CVE(s): | CVE-2010-0464 | | Last Modified: | Feb 26 13:32:30 2010 | | MD5 Checksum: | 603ea6e56f052454b43c7ca0c358fcc1 |
|
| /// File Name: | ESA-2010-003.txt | Description:
| EMC HomeBase Server contains a vulnerability that may allow an unauthenticated remote user to upload arbitrary files on the affected HomeBase Server. Versions 6.2.x and 6.3.x are affected. | | Homepage: | http://www.emc.com/ | | File Size: | 4001 | | Related CVE(s): | CVE-2010-0620 | | Last Modified: | Feb 25 01:37:50 2010 | | MD5 Checksum: | c94e1940d368dcf825d56994dc9bfc65 |
|
| /// File Name: | 02.23.10-1.txt | Description:
| iDefense Security Advisory 02.23.10 - Remote exploitation of an input validation vulnerability in NOS Microsystems Ltd.'s getPlus Download Manager, as used by Adobe and potentially other vendors, could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability exists due to improper validation of the domain used to download and execute applications from. The vulnerable code always assumes that the domain being validated is a subdomain, which can lead to a logic error when comparing the valid domain and the requested domain. iDefense has confirmed the existence of this vulnerability in getPlus version 1.5.2.35 as distributed by Adobe. The Adobe Download Manager on Windows (prior to February 23, 2010) has been confirmed vulnerable by Adobe. | | Author: | Yorick Koster ,iDefense Labs | | Homepage: | http://www.idefense.com/ | | File Size: | 3781 | | Last Modified: | Feb 25 01:34:28 2010 | | MD5 Checksum: | 3858dd8f56afc2be89616b19a3311e24 |
|
| /// File Name: | symantec-overflow.txt | Description:
| VUPEN Vulnerability Research Team discovered a vulnerability in various Symantec security products. The vulnerability is caused by a buffer overflow error in the SYMLTCOM.dll module when processing user-supplied data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page on a domain masqueraded as an authorized site. | | Homepage: | http://www.vupen.com/ | | File Size: | 2569 | | Related CVE(s): | CVE-2010-0107 | | Last Modified: | Feb 25 01:29:19 2010 | | MD5 Checksum: | df40fa11e520122e23c1100672594275 |
|
| /// File Name: | TA10-055A.txt | Description:
| Technical Cyber Security Alert 2010-55A - Malicious activity detected in mid-December targeted at least 20 organizations representing multiple industries including chemical, finance, information technology, and media. Investigation into this activity revealed that third parties routinely accessed the personal email accounts of dozens of users based in the United States, China, and Europe. Further analysis revealed these users were victims of previous phishing scams through which threat actors successfully gained access to their email accounts. | | Author: | US-CERT | | Homepage: | http://www.us-cert.gov/ | | File Size: | 5579 | | Last Modified: | Feb 25 01:27:12 2010 | | MD5 Checksum: | 86574b00afefa67252260df1c529ad3d |
|
| /// File Name: | TKADV2010-003.txt | Description:
| Avast! versions 4.8 and 5.0 suffer from a aavmker4.sys kernel memory corruption vulnerability. | | Author: | Tobias Klein | | Homepage: | http://www.trapkit.de/ | | File Size: | 7926 | | Last Modified: | Feb 25 01:04:59 2010 | | MD5 Checksum: | c9b0429e48b63fc58baca33f1db8e134 |
|
| /// File Name: | USN-903-1.txt | Description:
| Ubuntu Security Notice 903-1 - OpenOffice suffers from multiple vulnerabilities. It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. If a user were tricked into opening a specially crafted image, an attacker could execute arbitrary code with user privileges. Nicolas Joly discovered that OpenOffice did not correctly handle certain Word documents. If a user were tricked into opening a specially crafted document, an attacker could execute arbitrary code with user privileges. It was discovered that OpenOffice did not correctly handle certain VBA macros correctly. If a user were tricked into opening a specially crafted document, an attacker could execute arbitrary macro commands, bypassing security controls. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 108967 | | Related CVE(s): | CVE-2009-0217, CVE-2009-2949, CVE-2009-2950, CVE-2009-3301, CVE-2009-3302, CVE-2010-0136 | | Last Modified: | Feb 25 00:53:51 2010 | | MD5 Checksum: | ce4ecf7c54524af66c724c8378accd3e |
|
| /// File Name: | USN-904-1.txt | Description:
| Ubuntu Security Notice 904-1 - It was discovered that Squid incorrectly handled certain malformed packets received on the HTCP port. A remote attacker could exploit this with a specially-crafted packet and cause Squid to crash, resulting in a denial of service. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 11711 | | Related CVE(s): | CVE-2010-0639 | | Last Modified: | Feb 25 00:51:25 2010 | | MD5 Checksum: | d3479185c4f49b3f493a9738c7f50ddb |
|
| /// File Name: | ZDI-10-020.txt | Description:
| Zero Day Initiative Advisory 10-020 - This vulnerability allows remote attackers to upload arbitrary files on vulnerable installations of EMC HomeBase Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HomeBase SSL Service due to a failure to sanitize '../' directory traversal modifiers from a parameter. This will allow a user to specify any filename to upload arbitrary contents into. Successful exploitation can result in code execution under the context of the service. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2361 | | Related CVE(s): | CVE-2010-0620 | | Last Modified: | Feb 25 00:09:59 2010 | | MD5 Checksum: | 7a47f532b7bc7be16f1d52ed570df02d |
|
| /// File Name: | ZDI-10-021.txt | Description:
| Zero Day Initiative Advisory 10-021 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell NetStorage. Authentication is not required to exploit this vulnerability. The specific flaws exists within the xsrvd process during the wide character conversion of requested file paths. In conjunction with a long username value the file path conversion will result in a heap overflow corrupting a chunk that will be immediately freed. This can be leveraged by remote attackers to compromise the NetStorage server. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2856 | | Last Modified: | Feb 23 20:05:29 2010 | | MD5 Checksum: | 1c3cad0c463d6065608d34f85b046a62 |
|
| /// File Name: | CA20100223-01.txt | Description:
| CA's support is alerting customers to a security risk with CA eHealth Performance Manager. A cross-site scripting vulnerability exists that can allow a remote attacker to potentially gain sensitive information. CA has provided guidance to remediate the vulnerability. | | Author: | Kevin Kotas | | Homepage: | http://www3.ca.com/ | | File Size: | 2419 | | Related CVE(s): | CVE-2010-0640 | | Last Modified: | Feb 23 20:04:14 2010 | | MD5 Checksum: | 746e136a27c21e328a9a50d4d0958f2a |
|
| /// File Name: | MDVSA-2010-047.txt | Description:
| Mandriva Linux Security Advisory 2010-047 - A race condition has been found in fuse that could escalate privileges for local users and lead to a DoS (Denial of Service). The updated packages have been patched to correct this issue. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5871 | | Related CVE(s): | CVE-2009-3297 | | Last Modified: | Feb 23 20:02:04 2010 | | MD5 Checksum: | ed4e84ee312f4ff2c484e93b9f29aead |
|
| /// File Name: | MDVSA-2010-046.txt | Description:
| Mandriva Linux Security Advisory 2010-046 - A vulnerability has been found in ncpfs which can be exploited by local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8420 | | Related CVE(s): | CVE-2009-3297 | | Last Modified: | Feb 23 20:01:48 2010 | | MD5 Checksum: | 518ed8f06db68fadd834f13b7e6bf4a9 |
|
| /// File Name: | MDVSA-2010-045.txt | Description:
| Mandriva Linux Security Advisory 2010-045 - PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 51420 | | Related CVE(s): | CVE-2009-4143 | | Last Modified: | Feb 23 19:59:41 2010 | | MD5 Checksum: | 59138632306bcf7a657471c53121d8d7 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
