Asterisk Project Security Advisory - ASA-2007-014
++
| Product| Asterisk|
===
Ubuntu Security Notice USN-488-1 July 17, 2007
libapache2-mod-perl2 vulnerability
CVE-2007-1349
===
A security issue affects the following Ubuntu releases:
Ubuntu
Computer Associates Alert Notification Server Multiple Buffer Overflow
Vulnerabilities
iDefense Security Advisory 07.17.07
http://labs.idefense.com/intelligence/vulnerabilities/
Jul 17, 2007
I. BACKGROUND
Computer Associates Alert Notification Server is used by several CA
products, including
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
What exactly constitutes a 0day? From my perspective naming a
vulnerability 0day have absolutely no value whatsoever, it just doesn't
make any sense. 0day for who? The person who release it, sure, but for
the security community as a whole... nah.
Hi all;
The LedgerSMB team is still working on a security advisory which details
the exact nature of the security vulnerability, how to test for it,
etc. We are giving it a couple days to ensure that it is correct and
well edited, and that administrators have a chance to upgrade before the
Asterisk Project Security Advisory - ASA-2007-016
++
| Product | Asterisk |
Asterisk Project Security Advisory - ASA-2007-017
++
| Product | Asterisk |
Dan Harkless wrote:
Windows 2000 users who need the ability to play QuickTime movies will have
I haven't tested this, but it's likely that editing the MSI file with
Orca or a similar utility to remove the version check will work just fine.
Insert / Update / Delete Data via Views
###
This advisory
http://www.red-database-security.com/advisory/oracle_view_vulnerability.html
Name Insert / Update / Delete Data via Views [DB17]
Systems Oracle 8i - 10g Rel. 2
Severity High Risk
Category Bypass
SQL Injection in package DBMS_PRVTAQIS
##
This advisory
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_prvtaqis.html
Name SQL Injection in package DBMS_PRVTAQIS [DB02]
Systems Oracle 9i Rel.1 - 10g Rel. 1
Severity High Risk
Asterisk Project Security Advisory - ASA-2007-015
++
| Product | Asterisk |
A security issue has been found which allows an unauthenticated user to
bypass the authentication system in LedgerSMB 1.2.0 through 1.2.6.
Severity: Highly Critical
Versions affected: 1.2.0 through 1.2.6
Status: Vendor solution available (upgrade to 1.2.7)
Effect: Authentication bypass.
What exactly constitutes a 0day? From my perspective naming a
vulnerability 0day have absolutely no value whatsoever, it just doesn't
make any sense. 0day for who? The person who release it, sure, but for
the security community as a whole... nah.
I consider a 0day to be a vulnerability for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Denial of Service Vulnerability in Cisco Wide
Area Application Services (WAAS) Software
Advisory ID: cisco-sa-20070718-waas
http://www.cisco.com/warp/public/707/cisco-sa-20070718-waas.shtml
Revision 1.0
For Public Release
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 18 Jul 2007, Chris Stromblad wrote:
deletia
One more thing about advisories. I think it would be better to release
them immediately and let people know what they are facing. With public
dissemination of a vulnerability perhaps someone will
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1333[EMAIL PROTECTED]
http://www.debian.org/security/ Steve Kemp
July 18th, 2007
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1334[EMAIL PROTECTED]
http://www.debian.org/security/ Steve Kemp
July 18th, 2007
-
Ipswitch IMail Server 2006 Multiple IMAP Buffer Overflow Vulnerabilities
iDefense Security Advisory 07.18.07
http://labs.idefense.com/intelligence/vulnerabilities/
Jul 18, 2007
I. BACKGROUND
Ipswitch Inc.'s IMail Server is an e-mail server aimed at providing
easily configured and maintained
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Team SHATTER Security Alert (Update)
Oracle Database Buffer overflows and Denial of service vulnerabilities
in public procedures of MDSYS.MD (DB12)
Jan 18, 2007 (Updated July 18th, 2007)
Risk Level: High
Affected versions:
Oracle Database Server
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Team SHATTER Security Alert (Update)
Oracle Database Buffer overflow vulnerabilities in procedure
DBMS_DRS.GET_PROPERTY (DB03)
Jan 18, 2007 (Updated July 18th, 2007)
Risk Level: Medium
Affected versions:
Oracle Database Server versions 9i, 9iR2,
Microsoft DirectX Direct3D 9
Microsoft DirectX RLE Compressed Targa Image File Heap Overflow
Ruben Santamarta ruben(at)reversemode(dot)com
07.18.2007
Affected products:
+ Microsoft DirectX Direct3D 9 runtime libraries.
+ D3dx9_28.dll – D3dx9d_28.dll and earlier
Microsoft DirectX
SQL Injection Vulnerability in Oracle APEX CHECK_DB_PASSWORD
###
This advisory
http://www.red-database-security.com/advisory/oracle_apex_sql_injection_check_db_password.html
NameSQL Injection Vulnerability in Oracle CHECK_DB_PASSWORD
Systems
22 matches
Mail list logo