SecurityFocus

[ MDKSA-2006:206 ] - Updated Thunderbird packages fix multiple vulnerabilities 2006-12-15
security mandriva com

Bypassing process identification of several personal firewalls and HIPS 2006-12-15
Matousec - Transparent security Research (research matousec com)

Hello,

We would like to inform you about a vulnerability in several personal firewalls and HIPS:

Description:

Personal firewalls, HIPS and similar security software that implement per process security have to be able to identify
the process that attempts to execute privileged action. Usually, n

[ more ] [ reply ]

Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!! 2006-12-15
gplit gsplit com (2 replies)

try yourself with OpenOffice.org 2.1:
http://www.milw0rm.com/sploits/12122006-djtest.doc

[ more ] [ reply ]

Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!! 2006-12-15
Josh Bressers (josh bress net)

Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!! 2006-12-15
Bruno Lustosa (bruno lists gmail com)

Windows Media MID File Denial Of Service Vulnerability 2006-12-15
sehato yandex ru

Windows Media MID File Denial Of Service Vulnerability

Tested:
Windows Media 10.00.00.4036
Windows XP SP2

file "example.mid" (Hex-Code):

4D 54 68 64 00 00 00 06 00 00 00 00 00 00

File size = 14 byte

[ more ] [ reply ]

[security bulletin] HPSBMA02173 SSRT061230 rev. 1 - HP Integrated Lights Out (iLO & iLO 2) Running SSH Key Based Authentication Remote Unauthorized Access 2006-12-15
security-alert hp com

Windows Explorer WMV File Denial Of Service Vulnerability 2006-12-15
sehato yandex ru

Windows Explorer WMV File Denial Of Service Vulnerability

Vulnerability in proccess "explorer.exe" - proccess is down, on select file *.wmv

Tested:
Windows Explorer 6.00.2900.2180
Windows Media 10.00.00.4036
Windows XP SP2

file "example.wmv" (Hex-Code):

4D 54 68 64 00 00 00 06 00 00 00 00 00 00

[ more ] [ reply ]

BitDefender AV Packed PE File Parsing Engine Heap Overflow 2006-12-15
security nruns com

n.runs AG
http://www.nruns.com/ security at nruns.com
n.runs-SA-2006.003 15-Dec-2006
________________________________________________________________________

Vendor: BitDefender, http://www.bitdefender.com
Affected Pro

[ more ] [ reply ]

[ MDKSA-2006:231 ] - Updated gdm packages fix string vulnerability 2006-12-15
security mandriva com

[USN-396-1] gdm vulnerability 2006-12-14
Kees Cook (kees ubuntu com)

===========================================================
Ubuntu Security Notice USN-396-1 December 14, 2006
gdm vulnerability
CVE-2006-6105
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10

[ more ] [ reply ]

Project Server 2003 - Credential Disclosure 2006-12-14
Brett Moore (brett moore security-assessment com)

==============================================================
% Project Server 2003 - Credential Disclosure
% brett.moore (at) security-assessment (dot) com [email concealed]
==============================================================

Microsoft Project server 2003 implements a thick client
for some of the functionality. Th

[ more ] [ reply ]

TSLSA-2006-0072 - clamav 2006-12-15
Trustix Security Advisor (tsl trustix org)

Top 10 Real Computer Crimes for 2007 2006-12-14
Pete Herzog (pete isecom org)

Hi,

I started my day writing to the ISECOM Subscribers a long rant about
year-end predictions and made a lot of my own because it made me so mad
what kind of uninspired, insipid tales of woe tacked onto new technologies
which you most likely don't have yet. Generally they're all a part of
making th

[ more ] [ reply ]

CanSecWest 2007 (April 18-20) Call For Papers (Deadline January 7th) 2006-12-13
Dragos Ruiu (dr kyx net)

CanSecWest 2007 CALL FOR PAPERS

VANCOUVER, Canada -- The eighth annual CanSecWest applied technical security
conference - where the eminent figures in the international security industry
will get together share best practices and technology - will be held in
downtown Vancouver at the the Mariott

[ more ] [ reply ]

Kerio MailServer < 6.3.1 remote Denial of Service 2006-12-14
research gleg net

Hi,

Kerio MailServer 6.3.1 changelog mentions the following bug fix:
'Fixed possible service stop when handling certain LDAP query'

It turns out that vd_kms6 vulnerability (which is a part of VulnDisco since Oct,
2006) has been fixed.

Below is a simple proof of concept code for this bug:

#!/usr/

[ more ] [ reply ]

Re: [fuzzing] NOT a 0day! Re: [Full-disclosure] OWASP Fuzzing page 2006-12-14
Juha-Matti Laurio (juha-matti laurio netti fi)

After the public release we have to accept the fact that the PoC will be possibly accessible outside of exploit sites too.
The overall risk of the issue is increasing.
To confirm the existence of PoC it was listed in several references like
http://www.securityfocus.com/bid/21589/exploit
etc.

The me

[ more ] [ reply ]

iDefense Security Advisory 12.14.06: GNOME Foundation Display Manager gdmchooser Format String Vulnerability 2006-12-14
iDefense Labs (labs-no-reply idefense com) (1 replies)

GNOME Foundation Display Manager gdmchooser Format String Vulnerability

iDefense Security Advisory 12.14.06
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 14, 2006

I. BACKGROUND

The gdmchooser program provides XDMCP (X Display Manager Control Protocol)
functionality to the GNOME Displ

[ more ] [ reply ]

Re: iDefense Security Advisory 12.14.06: GNOME Foundation Display Manager gdmchooser Format String Vulnerability 2006-12-14
iDefense Labs (labs-no-reply idefense com)

[ MDKSA-2006:164-2 ] - Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities 2006-12-14
security mandriva com

Re: Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical 2006-12-14
schafer_jeffrey hotmail com

The commonality we found was the Word docs were docs found by SAV on a PC but were Word docs that were originally created/edited on a MAC via MAC Word.

[ more ] [ reply ]

[CAID 34870]: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local Denial of Service Vulnerabilities 2006-12-14
Williams, James K (James Williams ca com)

Title: CAID 34870: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local

Denial of Service Vulnerabilities

CA Vulnerability ID (CAID): 34870

CA Advisory Date: 2006-12-13

Discovered By: RubÃ©n Santamarta (reversemode.com)

Impact: Local unprivileged attacker can cause a denial of service.

[ more ] [ reply ]

Re: The newest Word flaw is due to malformed data structure handling 2006-12-14
Juha-Matti Laurio (juha-matti laurio netti fi)

And without any reasonable technical details it is very difficult to give a title field for the vulnerability.
Several advisories using titles like Word Unspecified Code Execution Vulnerability or Word Code Execution Vulnerability #2, #3 are not the trend we want.
Related to the newest Word issue US

[ more ] [ reply ]

[ MDKSA-2006:230 ] - Updated clamav packages fix vulnerability 2006-12-14
security mandriva com

[ MDKSA-2006:229 ] - Updated evince packages fix buffer overflow vulnerability 2006-12-14
security mandriva com

Re: Microsoft 0-day word vulnerability - Secunia - Extremely critical 2006-12-14
schafer_jeffrey hotmail com

I'm seeing this vulnerability detected like crazy as of 12 Dec. Symantec is picking it up as Bloodhound.Exploit.106 as of 12 DEC defs. Strange thing is that some of the docs I'm seeing being detected with this vulnerability are docs users have had on their systems for years and haven't opened in a v

[ more ] [ reply ]

[ GLSA 200612-17 ] GNU Radius: Format string vulnerability 2006-12-14
Raphael Marichez (falco gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200612-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]