Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES - January 19, 2007

Linux Kernel SYSFS PAGE_SIZE Local Denial of Service Vulnerability

Bugtraq ID: 17402
Class: Design Error
CVE: CVE-2006-1055

Remote: No
Local: Yes

Updated: Jan 19 2007 04:30AM
Credit: This issue was discovered by Al Viro

This issue arises in SYSFS and allows local attackers to crash the kernel, denying service to legitimate users.

Kernel versions 2.6.12 to versions prior to 2.6.17-rc1 are affected.

http://www.securityfocus.com/bid/17402/info

Discussion is locked
You are posting a reply to: VULNERABILITIES - January 19, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES - January 19, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Linux Kernel IP ID Information Disclosure Weakness

In reply to: VULNERABILITIES - January 19, 2007

Bugtraq ID: 17109
Class: Design Error
CVE: CVE-2006-1242

Remote: Yes
Local: No

Updated: Jan 19 2007 04:50AM
Credit: Marco Ivaldi <raptor@0xdeadbeef.info> reported this issue.

This issue allows remote attackers to use affected computers in stealth network port and trust scans.

The Linux kernel 2.6 series, as well as some kernels in the 2.4 series, are affected by this weakness.

http://www.securityfocus.com/bid/17109/info

Collapse -
Linux Kernel ProcFS Kernel Memory Disclosure Vulnerability

In reply to: VULNERABILITIES - January 19, 2007

Bugtraq ID: 16284
Class: Input Validation Error
CVE: CVE-2005-4605

Remote: No
Local: Yes
Published: Jan 17 2006 12:00AM
Updated: Jan 19 2007 04:10AM
Credit: Discovery of this issue is credited to Karl Janmar.

The Linux kernel is affected by a local memory-disclosure vulnerability

This issue affects the 2.6 series of the Linux kernel, prior to 2.6.15.

http://www.securityfocus.com/bid/16284/info

Collapse -
Multiple PDF Readers Multiple Remote Buffer Overflow Vulnera

In reply to: VULNERABILITIES - January 19, 2007

Bugtraq ID: 21910
Class: Boundary Condition Error
CVE: CVE-2007-0104

Remote: Yes
Local: No

Updated: Jan 19 2007 04:09AM
Credit: LMH is credited with the discovery of these vulnerabilities.

Multiple PDF readers are prone to multiple remote buffer-overflow vulnerabilities because the applications fail to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

http://www.securityfocus.com/bid/21910/info

Collapse -
Linux Kernel IP_ROUTE_INPUT Local Denial of Service Vulnerab

In reply to: VULNERABILITIES - January 19, 2007

Bugtraq ID: 17593
Class: Design Error
CVE: CVE-2006-1525

Remote: No
Local: Yes

Updated: Jan 19 2007 04:50AM
Credit: Thomas discovered this issue.

The Linux kernel is prone to a local denial-of-service vulnerability. This issue is due to a design error in the 'ip_route_input()' function.

This issue affects Linux kernel versions prior to 2.6.16.8.

Collapse -
Linux Kernel Ssockaddr_In.Sin_Zero Kernel Memory Disclosure

In reply to: VULNERABILITIES - January 19, 2007

Linux Kernel Ssockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities


Bugtraq ID: 17203
Class: Design Error
CVE: CVE-2006-1342
CVE-2006-1343

Remote: No
Local: Yes

Updated: Jan 19 2007 04:50AM
Credit: Pavel Kankovsky <peak@argo.troja.mff.cuni.cz> discovered these issues.

The Linux kernel is affected by local memory-disclosure vulnerabilities. These issues are due to the kernel's failure to properly clear previously used kernel memory before returning it to local users.

http://www.securityfocus.com/bid/17203/info

Collapse -
BitDefender Client Professional Plus Settings Handling Loca

In reply to: VULNERABILITIES - January 19, 2007

BitDefender Client Professional Plus Settings Handling Local Format String Vulnerability

Advisory ID : FrSIRT/ADV-2007-0253
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Moderate Risk
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

A vulnerability has been identified in BitDefender Client Professional Plus, which could be exploited by local attackers to cause a denial of service or obtain elevated privileges. This issue is due to a format string error in the logging routines when handling malformed scanning settings, which could be exploited by malicious users to crash an affected application or execute arbitrary commands via a specially crafted scan job.

Affected Products

BitDefender Client Professional Plus version 8.02 and prior

Solution

Fixes have been delivered automatically through the regular update function :
http://www.bitdefender.com/site/Downloads/

References

http://www.frsirt.com/english/advisories/2007/0253
http://www.bitdefender.com/KB325-en--Format-string-vulnerability.html

Credits

Vulnerability reported by Deral Heiland (Layered Defense Research)

Collapse -
Cisco Multiple Product SSL/TLS Certificate and SSH Public Ke

In reply to: VULNERABILITIES - January 19, 2007

Cisco Multiple Product SSL/TLS Certificate and SSH Public Key Validation Vulnerability

Advisory ID : FrSIRT/ADV-2007-0245
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

A vulnerability has been identified in Cisco Security Monitoring, Analysis and Response System (CS-MARS) and Cisco Adaptive Security Device Manager (ASDM), which could be exploited by attackers to bypass security restrictions. This issue is due to a lack of validation of Secure Sockets Layer (SSL)/Transport Layer Security (TLS) certificates or Secure Shell (SSH) public keys presented by certain devices configured to connect to CS-MARS or ASDM, which could be exploited by attackers to impersonate a device that an affected product connects to, which could then be used to obtain sensitive information (e.g. login credentials) or submit false data to a vulnerable product.

Affected Products

Cisco Security Monitoring Analysis and Response System (CS-MARS) versions prior to 4.2.3
Cisco Adaptive Security Device Manager (ASDM) versions prior to 5.2(2.54)

Solution

Upgrade to CS-MARS version 4.2.3 (2403) :
http://www.cisco.com/pcgi-bin/tablebuild.pl/cs-mars?psrtdcat20e2

Upgrade to ASDM version version 5.2(2.54) :
http://www.cisco.com/pcgi-bin/tablebuild.pl/asa-interim?psrtdcat20e2

References

http://www.frsirt.com/english/advisories/2007/0245
http://www.cisco.com/warp/public/707/cisco-sa-20070118-certs.shtml

Credits

Vulnerability reported by Jan Bervar (NIL Data Communications)

Collapse -
myWebland myBloggie "PHP_SELF" Variable Handling Cross Site

In reply to: VULNERABILITIES - January 19, 2007

myWebland myBloggie "PHP_SELF" Variable Handling Cross Site Scripting Vulnerabilities


Advisory ID : FrSIRT/ADV-2007-0243
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-01-18

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

Two vulnerabilities have been identified in myWebland myBloggie, which could be exploited by attackers to execute arbitrary scripting code. These issues are due to input validation errors in the "index.php" and "login.php" scripts when handling the "PHP_SELF" variable, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected Web site.

Affected Products

myBloggie version 2.1.5 and prior

Solution

The issue affecting "index.php" has been fixed in myBloggie version 2.1.6 :
http://mywebland.com/download.php?id=19

References

http://www.frsirt.com/english/advisories/2007/0243

Credits

Vulnerabilities reported by CorryL

Collapse -
OpenBSD "icmp6_input()" ICMP6 Requests Handling Denial of Se

In reply to: VULNERABILITIES - January 19, 2007

OpenBSD "icmp6_input()" ICMP6 Requests Handling Denial of Service Vulnerability

Advisory ID : FrSIRT/ADV-2007-0258
CVE ID : CVE-2007-0343
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

A vulnerability has been identified in OpenBSD, which could be exploited by remote attackers to cause a denial of service. This issue is due to an infinite loop error in the "icmp6_input()" [sys/netinet6/icmp6.c] function when processing certain ICMP6 echo requests, which could be exploited by attackers to crash a vulnerable system or exhaust all available memory resources, creating a denial of service condition.

Affected Products

OpenBSD 4.0
OpenBSD 3.9

Solution

Patch for OpenBSD 4.0 :
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.0/common/008_icmp6.patch

Patch for OpenBSD 3.9 :
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/018_icmp6.patch

References

http://www.frsirt.com/english/advisories/2007/0258
http://www.openbsd.org/errata.html#icmp6

Credits

Vulnerability reported by the vendor

Collapse -
SuSE Security Update Fixes IBMJava Multiple Remote Buffer Ov

In reply to: VULNERABILITIES - January 19, 2007

SuSE Security Update Fixes IBMJava Multiple Remote Buffer Overflow Vulnerabilities

Advisory ID : FrSIRT/ADV-2007-0257
CVE ID : CVE-2006-6731 - CVE-2006-6736 - CVE-2006-6737 - CVE-2006-6745 - CVE-2006-4339
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

SuSE has released security updates to address multiple vulnerabilities identified in IBMJava. These issues could be exploited by attackers to execute arbitrary commands, disclose sensitive information, or bypass security restrictions. For additional information, see : FrSIRT/ADV-2006-5075 - FrSIRT/ADV-2006-5074 - FrSIRT/ADV-2006-5073 - FrSIRT/ADV-2006-3453

Affected Products

UnitedLinux 1.0
SuSE Linux Enterprise Server 8
SuSE Linux Openexchange Server 4
SuSE Linux Standard Server 8
SuSE Linux School Server
SUSE LINUX Retail Solution 8
SUSE SLES 9
Open Enterprise Server
Novell Linux POS 9
SLE SDK 10
SUSE SLES 10

Solution

Upgrade the affected packages :
http://support.novell.com

References

http://www.frsirt.com/english/advisories/2007/0257
http://lists.suse.com/archive/suse-security-announce/2007-Jan/0010.html

Collapse -
Fedora Security Update Fixes Kernel Memory Corruption and De

In reply to: VULNERABILITIES - January 19, 2007

Fedora Security Update Fixes Kernel Memory Corruption and Denial of Service Issues

Advisory ID : FrSIRT/ADV-2007-0256
CVE ID : CVE-2006-4814 - CVE-2006-6304 - CVE-2006-6054 - CVE-2006-5823 - CVE-2006-6053 - CVE-2006-6106
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

Fedora has released security updates to address multiple vulnerabilities identified in Kernel. These issues could be exploited by attackers to cause a denial of service or execute arbitrary commands. For additional information, see : FrSIRT/ADV-2006-5082 - FrSIRT/ADV-2006-5002 - FrSIRT/ADV-2006-4487 - FrSIRT/ADV-2006-4405 - FrSIRT/ADV-2006-4458 - FrSIRT/ADV-2006-5037

Affected Products

Fedora Core 6

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/0256
https://www.redhat.com/archives/fedora-package-announce/2007-January/msg00109.html

Collapse -
Fedora Security Update Fixes GNU ed Insecure Temporary File

In reply to: VULNERABILITIES - January 19, 2007

Fedora Security Update Fixes GNU ed Insecure Temporary File Creation Vulnerability

Advisory ID : FrSIRT/ADV-2007-0255
CVE ID : CVE-2006-6939
Rated as : Low Risk
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

Fedora has released updated packages to address a vulnerability identified in GNU ed. This issue could be exploited by malicious users to conduct symlink attacks. For additional information, see : FrSIRT/ADV-2006-4573

Affected Products

Fedora Core 6
Fedora Core 5

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/0255
https://www.redhat.com/archives/fedora-package-announce/2007-January/msg00112.html
https://www.redhat.com/archives/fedora-package-announce/2007-January/msg00111.html

Collapse -
Ubuntu Security Update Fixes Kpdf Catalog Dictionary Denial

In reply to: VULNERABILITIES - January 19, 2007

Ubuntu Security Update Fixes Kpdf Catalog Dictionary Denial of Service Vulnerability

Advisory ID : FrSIRT/ADV-2007-0252
CVE ID : CVE-2007-0104
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

Ubuntu has released updated packages to address a vulnerability identified in kdegraphics, koffice, and poppler. This issue could be exploited by attackers to cause a denial of service. For additional information, see : FrSIRT/ADV-2007-0203 - FrSIRT/ADV-2007-0204 - FrSIRT/ADV-2007-0244

Affected Products

Ubuntu 5.10
Ubuntu 6.06 LTS
Ubuntu 6.10

Solution

Ubuntu 5.10 - Upgrade to kpdf 4:3.4.3-0ubuntu2.6, kword 1:1.4.1-0ubuntu7.5, and libpoppler0c2 0.4.2-0ubuntu6.8
Ubuntu 6.06 LTS - Upgrade to kword 1:1.5.0-0ubuntu9.1 and libpoppler1 0.5.1-0ubuntu7.1
Ubuntu 6.10 - Upgrade to kword 1:1.5.2-0ubuntu2.1 and libpoppler1 0.5.4-0ubuntu4.1

References

http://www.frsirt.com/english/advisories/2007/0252
http://www.ubuntu.com/usn/usn-410-1

Collapse -
Mandriva Security Update Fixes Libgtop Process Path Handling

In reply to: VULNERABILITIES - January 19, 2007

Mandriva Security Update Fixes Libgtop Process Path Handling Buffer Overflow Vulnerability

dvisory ID : FrSIRT/ADV-2007-0251
CVE ID : CVE-2007-0235
Rated as : Moderate Risk
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

Mandriva has released updated packages to address a vulnerability identified in Libgtop. This issue could be exploited by local attackers to obtain elevated privileges. For additional information, see : FrSIRT/ADV-2007-0185

Affected Products

Mandriva Linux 2007.0

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/0251
http://archives.mandrivalinux.com/security-announce/2007-01/msg00033.php

Collapse -
Mandriva Security Update Fixes Tetex Catalog Dictionary Deni

In reply to: VULNERABILITIES - January 19, 2007

Mandriva Security Update Fixes Tetex Catalog Dictionary Denial of Service Issue

dvisory ID : FrSIRT/ADV-2007-0250
CVE ID : CVE-2007-0104
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

Mandriva has released security updates to address a vulnerability identified in Tetex. This issue could be exploited by attackers to cause a denial of service. For additional information, see : FrSIRT/ADV-2007-0203

Affected Products

Mandriva Linux 2007.0
Mandriva Linux 2006.0
Mandriva Corporate 4.0
Mandriva Corporate 3.0

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/0250
http://archives.mandrivalinux.com/security-announce/2007-01/msg00032.php

Collapse -
Mandriva Security Update Fixes Xpdf Catalog Dictionary Denia

In reply to: VULNERABILITIES - January 19, 2007

Mandriva Security Update Fixes Xpdf Catalog Dictionary Denial of Service Issue

Advisory ID : FrSIRT/ADV-2007-0249
CVE ID : CVE-2007-0104
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

Mandriva has released security updates to address a vulnerability identified in Xpdf. This issue could be exploited by attackers to cause a denial of service. For additional information, see : FrSIRT/ADV-2007-0203

Affected Products

Mandriva Linux 2007.0
Mandriva Corporate 4.0
Mandriva Corporate 3.0

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/0249
http://archives.mandrivalinux.com/security-announce/2007-01/msg00031.php

Collapse -
Mandriva Security Update Fixes Poppler Catalog Dictionary De

In reply to: VULNERABILITIES - January 19, 2007

Mandriva Security Update Fixes Poppler Catalog Dictionary Denial of Service Issue

Advisory ID : FrSIRT/ADV-2007-0248
CVE ID : CVE-2007-0104
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

Mandriva has released security updates to address a vulnerability identified in Poppler. This issue could be exploited by attackers to cause a denial of service. For additional information, see : FrSIRT/ADV-2007-0244

Affected Products

Mandriva Linux 2007.0
Mandriva Corporate 4.0

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/0248
http://archives.mandrivalinux.com/security-announce/2007-01/msg00030.php

Collapse -
Mandriva Security Update Fixes Pdftohtml Catalog Dictionary

In reply to: VULNERABILITIES - January 19, 2007

Mandriva Security Update Fixes Pdftohtml Catalog Dictionary Denial of Service Issue

Advisory ID : FrSIRT/ADV-2007-0247
CVE ID : CVE-2007-0104
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

Mandriva has released security updates to address a vulnerability identified in Pdftohtml. This issue could be exploited by attackers to cause a denial of service. For additional information, see : FrSIRT/ADV-2007-0203

Affected Products

Mandriva Linux 2007.0
Mandriva Linux 2006.0

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/0247
http://archives.mandrivalinux.com/security-announce/2007-01/msg00029.php

Collapse -
Mandriva Security Update Fixes KOffice Catalog Dictionary De

In reply to: VULNERABILITIES - January 19, 2007

Mandriva Security Update Fixes KOffice Catalog Dictionary Denial of Service Issue

Advisory ID : FrSIRT/ADV-2007-0246
CVE ID : CVE-2007-0104
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-01-19

Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format

Mandriva has released security updates to address a vulnerability identified in KOffice. This issue could be exploited by attackers to cause a denial of service. For additional information, see : FrSIRT/ADV-2007-0212

Affected Products

Mandriva Linux 2007.0

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/0246
http://archives.mandrivalinux.com/security-announce/2007-01/msg00028.php

Collapse -
SecureCRT / SecureFX OpenSSL RSA Signature Forgery

In reply to: VULNERABILITIES - January 19, 2007

TITLE:
SecureCRT / SecureFX OpenSSL RSA Signature Forgery

SECUNIA ADVISORY ID:
SA23841

VERIFY ADVISORY:
http://secunia.com/advisories/23841/

CRITICAL:
Less critical

IMPACT:
Security Bypass

WHERE:
From remote

SOFTWARE:
SecureFX 4.x
http://secunia.com/product/13286/
SecureCRT 5.x
http://secunia.com/product/5688/
SecureCRT 4.x
http://secunia.com/product/844/
SecureFX 3.x
http://secunia.com/product/7336/

DESCRIPTION:
A vulnerability has been acknowledged in SecureCRT and SecureFX,
which can be exploited by malicious people to bypass certain security
restrictions.

For more information:
SA21709

SOLUTION:
SecureCRT:
Update to version 5.2.2.

SecureFX:
Update to version 4.0.2.

ORIGINAL ADVISORY:
http://www.vandyke.com/products/securecrt/history.txt
http://www.vandyke.com/products/securefx/history.txt

OTHER REFERENCES:
SA21709:
http://secunia.com/advisories/21709/

Collapse -
Mandriva update for tetex

In reply to: VULNERABILITIES - January 19, 2007

TITLE:
Mandriva update for tetex

SECUNIA ADVISORY ID:
SA23808

VERIFY ADVISORY:
http://secunia.com/advisories/23808/

CRITICAL:
Not critical

IMPACT:
DoS

WHERE:
From remote

OPERATING SYSTEM:
Mandriva Linux 2007
http://secunia.com/product/12165/
Mandriva Linux 2006
http://secunia.com/product/9020/

DESCRIPTION:
Mandriva has issued an update for tetex. This fixes a weakness, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

For more information:
SA23799

SOLUTION:
Apply updated packages

ORIGINAL ADVISORY:
http://www.mandriva.com/security/advisories?name=MDKSA-2007:022

OTHER REFERENCES:
SA23799:
http://secunia.com/advisories/23799/

Collapse -
Ubuntu update for poppler

In reply to: VULNERABILITIES - January 19, 2007

TITLE:
Ubuntu update for poppler

SECUNIA ADVISORY ID:
SA23791

VERIFY ADVISORY:
http://secunia.com/advisories/23791/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From remote

OPERATING SYSTEM:
Ubuntu Linux 6.10
http://secunia.com/product/12470/
Ubuntu Linux 6.06
http://secunia.com/product/10611/
Ubuntu Linux 5.10
http://secunia.com/product/6606/

DESCRIPTION:
Ubuntu has issued an update for poppler. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

For more information:
SA23813

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/usn-410-1

OTHER REFERENCES:
SA23813:
http://secunia.com/advisories/23813/

Collapse -
Poppler Invalid Tree Node Denial of Service

In reply to: VULNERABILITIES - January 19, 2007

TITLE:
Poppler Invalid Tree Node Denial of Service

SECUNIA ADVISORY ID:
SA23813

VERIFY ADVISORY:
http://secunia.com/advisories/23813/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From remote

SOFTWARE:
Poppler 0.x
http://secunia.com/product/6386/

DESCRIPTION:
A vulnerability has been reported in Poppler, which can be exploited
by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the handling of
catalog dictionaries or page attributes that reference an invalid
page tree node. This can be exploited to cause an infinite loop by
e.g. tricking a user into opening a specially crafted PDF document.

SOLUTION:
Fixed in the CVS repository.

PROVIDED AND/OR DISCOVERED BY:
Reported in various PDF applications by LMH.

ORIGINAL ADVISORY:
http://projects.info-pull.com/moab/MOAB-06-01-2007.html

Collapse -
Apple Mac OS X slpd Buffer Overflow Vulnerability

In reply to: VULNERABILITIES - January 19, 2007

TITLE:
Apple Mac OS X slpd Buffer Overflow Vulnerability

SECUNIA ADVISORY ID:
SA23796

VERIFY ADVISORY:
http://secunia.com/advisories/23796/

CRITICAL:
Less critical

IMPACT:
Privilege escalation, DoS

WHERE:
Local system

OPERATING SYSTEM:
Apple Macintosh OS X
http://secunia.com/product/96/

DESCRIPTION:
KF has reported a vulnerability in Apple Mac OS X, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service) and potentially to gain escalated privileges.

The vulnerability is caused due to a boundary error within the SLP
daemon ("slpd") when processing the "attr-list" field of a
registration request. This can be exploited to cause a buffer
overflow, resulting in a crash of the service or potentially in
execution of arbitrary code with escalated privileges.

The vulnerability is reported in Mac OS X 10.4.8 (8L2127) on a x86
platform. Other versions may also be affected.

SOLUTION:
Grant only trusted users access to affected systems.

Disable the service.

PROVIDED AND/OR DISCOVERED BY:
KF

ORIGINAL ADVISORY:
http://projects.info-pull.com/moab/MOAB-17-01-2007.html

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.