IBM Lotus Notes buffer overflow
Published:		29.11.2007
Source:		BUGTRAQ
SecurityVulns ID:		8387
Type:		client
Level:		6/10
Description:		Buffer overflow on Lotus WorkSheet files processing.

Affected:		IBM : Lotus Notes 6.5
		IBM : Lotus Notes 7.0
		IBM : Lotus Notes 8.0

Original document

CORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor (29.11.2007)

Files:		Lotus Notes buffer overflow in the Lotus WorkSheet file processor PoC
Discuss:		Read or add your comments to this news (0 comments)

Linux multiple security vulnerabilities
Published:		29.11.2007
Source:		BUGTRAQ
SecurityVulns ID:		8389
Type:		remote
Level:		5/10
Description:		Integer overflow on IEEE 802.11 frame, DoS with minix filesystem.

Affected:		LINUX : kernel 2.6
CVE:		CVE-2007-4997
		CVE-2006-6058 (The minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. NOTE: this issue might be due to an integer overflow or signedness error.)

Original document

MANDRIVA, [ MDKSA-2007:232 ] - Updated kernel packages fix multiple vulnerabilities and bugs (29.11.2007)

Discuss:

Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 29.11.2007
Published:		29.11.2007
Source:
SecurityVulns ID:		8384
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Captcha! wordpress plugin: CAPTCHA protection bypass and XSS.

Affected:		PHPKIT : PHPKIT 1.6
		LIFERAY : Liferay Enterprise Portal 4.3
		PHPSLIDESHOW : PHPSlideshow 0.9
		GEKKOWARE : Gekko 0.8

Original document		Jose Luis Góngora Fernández, Gekko <=0.8.2 (temp directory) Path Disclosure (29.11.2007)
		morin.josh_(at)_gmail.com, PHPSlideShow XSS Update (29.11.2007)
		morin.josh_(at)_gmail.com, Liferay Enterprise Portal multiple XSS (29.11.2007)
		Jose Luis Góngora Fernández, PHPkit 1.6.1 (include.php?path=) Remote File Inclusion (29.11.2007)
		kingoftheworld92_(at)_fastwebnet.it, Eurologon CMS Multiple SQL Injection (29.11.2007)
		kingoftheworld92_(at)_fastwebnet.it, Eurologon CMS Db credentials disclosure / files download (29.11.2007)
		MustLive, MoBiC-26 Bonus: XSS in Captcha! (29.11.2007)
		MustLive, Captcha! CAPTCHA bypass (29.11.2007)

Discuss:

Read or add your comments to this news (0 comments)

RubyGnome2 format string vulnerability
Published:		29.11.2007
Source:		BUGTRAQ
SecurityVulns ID:		8385
Type:		library
Level:		5/10
Description:		Format string vulnerability in Gtk::MessageDialog.new.

Affected:		RUBYGNOME : RubyGnome2 0.16
CVE:		CVE-2007-6183 (Format string vulnerability in the mdiag_initialize function in gtk/src/rbgtkmessagedialog.c in Ruby-GNOME 2 (aka Ruby/Gnome2) 0.16.0, and SVN versions before 20071127, allows context-dependent attackers to execute arbitrary code via format string specifiers in the message parameter.)

Original document

chris.rohlf_(at)_gmail.com, Ruby/Gnome2 0.16.0 Format String Vulnerability (29.11.2007)

Discuss:

Read or add your comments to this news (0 comments)

WireShark sniffer multiple security vulnerabilities
Published:		29.11.2007
Source:		BUGTRAQ
SecurityVulns ID:		8386
Type:		remote
Level:		6/10
Description:		Buffer overflow on SSL parsing, DoS on HTTP, MEGACO, Bluetooth SDP, RPC parsing.

Affected:		WIRESHARK : wireshark 0.99
CVE:		CVE-2007-6121 (Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.)
		CVE-2007-6120 (The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.)
		CVE-2007-6118 (The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.)
		CVE-2007-6117 (Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote attack vectors related to chunked messages.)
		CVE-2007-6114 (Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser.)

Original document

DEBIAN, [SECURITY] [DSA 1414-1] New wireshark packages fix several vulnerabilities (29.11.2007)

Discuss:

Read or add your comments to this news (0 comments)

TK Toolkit buffer overflow
Published:		29.11.2007
Source:		BUGTRAQ
SecurityVulns ID:		8388
Type:		remote
Level:		5/10
Description:		Buffer overflow on animated GIF loading.

Affected:		TK : Tk Toolkit 8.4
		TK : Tk Toolkit 8.3
CVE:		CVE-2007-5378 (Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is smaller than a subsequent subimage, which triggers the overflow in the ReadImage function, a different vulnerability than CVE-2007-5137.)

Original document

DEBIAN, [SECURITY] [DSA 1416-1] New tk8.3 packages fix arbitrary code execution (29.11.2007)

Discuss:

Read or add your comments to this news (0 comments)

Symantec Backup Exec DoS
Published:		29.11.2007
Source:		BUGTRAQ
SecurityVulns ID:		8390
Type:		remote
Level:		5/10
Description:		bengine.exe (TCP/5633) integer overflows and NULL pointer dereference.

Affected:		SYMANTEC : Backup Exec 11.0
CVE:		CVE-2007-4347
		CVE-2007-4346

Original document		SYMANTEC, SYM07-029 Symantec BEWS Multiple DoS in Job Engine (29.11.2007)
		SECUNIA, Secunia Research: Symantec Backup Exec Job Engine Denial of Service (29.11.2007)

Discuss:

Read or add your comments to this news (0 comments)