|
|
Prev week |
Colapse all |
Post message
Re: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability 2007-01-25 bounce hadihariri com Remove all admin->root authorization prompts from OSX 2007-01-25 K F (lists) (kf_lists digitalmunition com) [USN-414-1] Squid vulnerabilities 2007-01-25 Kees Cook (kees ubuntu com) =========================================================== Ubuntu Security Notice USN-414-1 January 24, 2007 squid vulnerabilities CVE-2007-0247, CVE-2007-0248 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.0 [ more ] [ reply ] Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL 2007-01-24 Team SHATTER (shatter appsecinc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Database Buffer overflow vulnerabilities in procedures of package DBMS_CAPTURE_ADM_INTERNAL (DB09) AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle Jan 18, 2007 Affected versions: Oracle Database Server [ more ] [ reply ] [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities 2007-01-24 Williams, James K (James Williams ca com) Oracle Multiple Buffer Overflows and DoS attacks in public procedures of MDSYS.MD 2007-01-24 Team SHATTER (shatter appsecinc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Database Buffer overflows and Denial of service vulnerabilities in public procedures of MDSYS.MD (DB05) AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle Jan 18, 2007 Affected versions: Oracle Database Se [ more ] [ reply ] Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME 2007-01-24 Team SHATTER (shatter appsecinc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Database Buffer overflow vulnerability in procedure DBMS_LOGREP_UTIL.GET_OBJECT_NAME (DB08) AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle Jan 18, 2007 Affected versions: Oracle Database Server version [ more ] [ reply ] Oracle Buffer Overflow in DBMS_DRS.GET_PROPERTY 2007-01-24 Team SHATTER (shatter appsecinc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Database Buffer overflow vulnerabilities in procedure DBMS_DRS.GET_PROPERTY (DB03) AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle Jan 18, 2007 Affected versions: Oracle Database Server versions 9iR2 an [ more ] [ reply ] Oracle Buffer Overflow in DBMS_LOGMNR.ADD_LOGFILE 2007-01-24 Team SHATTER (shatter appsecinc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Database Buffer overflow vulnerabilities in procedure DBMS_LOGMNR.ADD_LOGFILE (DB04) AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle Jan 18, 2007 Affected versions: Oracle Database Server versions 9iR2 [ more ] [ reply ] Oracle Buffer Overflow in DBMS_REPCAT_UNTRUSTED.UNREGISTER_SNAPSHOT 2007-01-24 Team SHATTER (shatter appsecinc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Database Buffer overflow vulnerabilities in procedure DBMS_REPCAT_UNTRUSTED.UNREGISTER_SNAPSHOT (DB07) AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle Jan 18, 2007 Affected versions: Oracle Database Ser [ more ] [ reply ] ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability 2007-01-24 zdi-disclosures 3com com ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-006.html January 24, 2007 -- CVE ID: CVE-2007-0444 -- Affected Vendor: Citrix -- Affected Products: Citrix Presentation Server 4.0 Citrix Me [ more ] [ reply ] [security bulletin] HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access 2007-01-24 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00849540 Version: 1 HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access NOTICE: The information in this Security [ more ] [ reply ] [ GLSA 200701-21 ] MIT Kerberos 5: Arbitrary Remote Code Execution 2007-01-24 Matthias Geerdsen (vorlon gentoo org) Re: phpAdsNew 2.0.7 Remote File Include 2007-01-24 matteo beccati com Hi, I've been recently pointed to this vulnerability report by a friend. I'm not subscribed to Bugtraq myself and I beg pardon for being a bit late, but the vulnerability hasn't been reported to the vendor. Luckily enough there's no real danger because the vulnerabilites reported are fakes. Moreo [ more ] [ reply ] [OPENADS-SA-2007-001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability fixed 2007-01-24 Matteo Beccati (php beccati com) Cisco Security Advisory: Crafted IP Option Vulnerability 2007-01-24 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Crafted IP Option Vulnerability Advisory ID: cisco-sa-20070124-crafted-ip-option http://www.cisco.com/warp/public/707/cisco-sa-20070124-crafted-ip-option .shtml Revision 1.0 For Public Release 2007 January 24 1600 UTC (GMT) [ more ] [ reply ] Cisco Security Advisory: IPv6 Routing Header Vulnerability 2007-01-24 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: IPv6 Routing Header Vulnerability Advisory ID: cisco-sa-20070124-IOS-IPv6 http://www.cisco.com/warp/public/707/cisco-sa-20070124-IOS-IPv6.shtml Revision 1.0 For Public Release 2007 January 24 1600 UTC (GMT) - ------------- [ more ] [ reply ] Cisco Security Advisory: Crafted TCP Packet Can Cause Denial of Service 2007-01-24 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Crafted TCP Packet Can Cause Denial of Service Advisory ID: cisco-sa-20070124-crafted-tcp http://www.cisco.com/warp/public/707/cisco-sa-20070124-crafted-tcp.shtml Revision 1.0 For Public Release 2007 January 24 1600 UTC (GM [ more ] [ reply ] Re: Secunia Research: NCTsoft Products NCTAudioFile2 ActiveXControl Buffer Overflow 2007-01-24 Secunia Research (remove-vuln secunia com) Hello, The following products are also affected and currently unpatched: Magic Video Products NCTAudioFile2 ActiveX Control Buffer Overflow http://secunia.com/secunia_research/3/ Aurora Media Workshop NCTAudioFile2 ActiveX Control Buffer Overflow http://secunia.com/secunia_research/4/ DB Audio M [ more ] [ reply ] Re: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability 2007-01-24 Stefano Zanero (s zanero securenetwork it) Re: Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability 2007-01-24 Stefano Zanero (s zanero securenetwork it) > Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include > Vulnerability Bogus > code :. > > require_once $include_path."/admin/config.inc.php"; > require_once $include_path."/lib/$DB_CLASS"; > require_once $include_path."/lib/image.class.php"; > require_once $include_path."/lib/template [ more ] [ reply ] ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure Vulnerability 2007-01-24 me you (r 5 7 hotmail com) ####################################################### ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure Vulnerability Script: ZixForum Version: 1.14 URL: http://www.hotscripts.com/jump.php?listing_id=58424&jump_type=1 Risk: Low Foud by: BorN To K!LL ################################ [ more ] [ reply ] Re: AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability 2007-01-24 mail hadihariri com Unless otherwise demostrated, this report is fake. We have never been contacted by this person and apart from an invalid workaround, there is also no actual mention of how this DOS is acheived, let alone mentioning that it's based on IIS so in principle could effect IIS itself and not only ISAPI app [ more ] [ reply ] [CAID 34993]: CA BrightStor ARCserve Backup for Laptops and Desktops Multiple Overflow Vulnerabilities 2007-01-24 Williams, James K (James Williams ca com) Title: [CAID 34993]: CA BrightStor ARCserve Backup for Laptops and Desktops Multiple Overflow Vulnerabilities CA Vuln ID (CAID): 34993 CA Advisory Date: 2007-01-23 Discovered By: Next Generation Security Software Impact: Remote attacker can cause a denial of service or execute arbi [ more ] [ reply ] Secunia Research: Sienzo Digital Music Mentor NCTAudioFile2ActiveX Control Buffer Overflow 2007-01-24 Secunia Research (remove-vuln secunia com) Secunia Research: NCTsoft Products NCTAudioFile2 ActiveX ControlBuffer Overflow 2007-01-24 Secunia Research (remove-vuln secunia com) |
|
Privacy Statement |
http://blogs.atozed.com/olaf/20070124A.en.aspx
[ more ] [ reply ]