Get a FREE LinuxLookup login, sign up here.

BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 1 hour 12 min ago

[ MDVSA-2008:136 ] - Updated Firefox packages fix vulnerabilities

6 hours 27 min ago
Posted by security_at_mandriva.com on Jul 08

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory MDVSA-2008:136
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
...

Categories: Security

[USN-622-1] Bind vulnerability

6 hours 37 min ago
Posted by Kees Cook on Jul 8

===========================================================
Ubuntu Security Notice USN-622-1 July 08, 2008
bind9 vulnerability
CVE-2008-1447
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
...

Categories: Security

iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability

6 hours 38 min ago
Posted by iDefense Labs on Jul 08

iDefense Security Advisory 07.08.08
http://labs.idefense.com/intelligence/vulnerabilities/
Jul 08, 2008

I. BACKGROUND

SQL Server is Microsoft's database server product. It supports the
restoration and inspection of backups via SQL statements. For more
information see the vendor's website...

Categories: Security

Minneapolis DC612 Meeting July 10th, 2008646pm

8 hours 28 min ago
Posted by David Bryan on Jul 8

Only one month to DEFCON.

Just passing on to the security community of Minneapolis, please feel
free to join us.

Topic: How malware can still subvert Anti-Virus and computer security controls.
Speaker: Chris Secrest

Time: 6PM-10PM
Talk will start at 7PM

This is part of our regular monthly...

Categories: Security

[ GLSA 200807-04 ] Poppler: User-assisted execution of arbitrary code

9 hours 8 min ago
Posted by Matthias Geerdsen on Jul 08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200807-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

Categories: Security

Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

9 hours 20 min ago
Posted by Cisco Systems Product Security Incident Response Team on Jul 8

Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache
Poisoning Attacks

Advisory ID: cisco-sa-20080708-dns

http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml

Revision 1.0

For Public Release 2008 July 08 1800 UTC (GMT)

Summary
=======

Multiple Cisco...

Categories: Security

[SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver

10 hours 51 min ago
Posted by Florian Weimer on Jul 08

------------------------------------------------------------------------
Debian Security Advisory DSA-1605-1 security_at_debian.org
http://www.debian.org/security/ Florian Weimer
July 08, 2008 ...

Categories: Security

[SECURITY] [DSA 1604-1] BIND 8 deprecation notice

10 hours 53 min ago
Posted by Florian Weimer on Jul 08

------------------------------------------------------------------------
Debian Security Advisory DSA-1604-1 security_at_debian.org
http://www.debian.org/security/ Florian Weimer
July 08, 2008 ...

Categories: Security

[SECURITY] [DSA 1603-1] New bind9 packages fix cache poisoning

10 hours 53 min ago
Posted by Florian Weimer on Jul 08

------------------------------------------------------------------------
Debian Security Advisory DSA-1603-1 security_at_debian.org
http://www.debian.org/security/ Florian Weimer
July 08, 2008 ...

Categories: Security

XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower

10 hours 57 min ago
Posted by Jessica Hope on Jul 8

======================================================================

Advisory : XSS in admin logs
Release Date : July 06th 2008
Application : vBulletin
Version : vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower
Platform : PHP
Vendor URL : http://www.vbulletin.com/
Authors :...

Categories: Security

[security bulletin] HPSBMA02349 SSRT080043 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data

12 hours 11 min ago
Posted by security-alert_at_hp.com on Jul 08

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01496048
Version: 1

HPSBMA02349 SSRT080043 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date:...

Categories: Security

[security bulletin] HPSBMA02348 SSRT080033 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)

12 hours 12 min ago
Posted by security-alert_at_hp.com on Jul 08

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01495949
Version: 1

HPSBMA02348 SSRT080033 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as soon as...

Categories: Security

Call for Papers for the MEITSEC 2008 is now open.

17 hours 36 min ago
Posted by Meitsec2008 Conference on Jul 8

The Call for Papers for the MEITSEC 2008 to be held in Dubai is now open.

MEITSEC 2008 will be held at the Etisalat Academy from 16 to 20
November 2008. The event will consist of three-day pre-conference
workshops, and a two-day conference and exhibition. Please visit
www.meitsec.ae for...

Categories: Security

Pwnie Awards 2008

19 hours 19 min ago
Posted by Alexander Sotirov on Jul 8

The Pwnie Awards ceremony will return to the BlackHat USA 2008 conference in
Las Vegas. Last year's inagural event was a lot of fun, and we hope it will
only get better. What should you expect from this year's ceremony? Exciting new
categories, an inspirational acceptance speech by the winner...

Categories: Security

Re: Local vulnerability in WeFi Client v3.2.1.4.1(Update)

20 hours 8 min ago
Posted by galia_at_wefi.com on Jul 8

('binary' encoding is not supported, stored as-is) Thank you for bringing this to our attention. The security issue only occurs when the WeFi diagnostic mode is manually selected by the user. This is not the normal operation mode and is only used for debugging purposes. In any case, the mentioned...

Categories: Security

[ GLSA 200807-03 ] PCRE: Buffer overflow

July 7, 2008 - 3:34pm
Posted by Robert Buchholz on Jul 7

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200807-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
...

Categories: Security

PHP-NUKE SQL Modules Name 4ndvddb

July 7, 2008 - 2:24pm
Posted by lovebug_at_hotmail.it on Jul 7

('binary' encoding is not supported, stored as-is)  Module's Name: 4ndvddb
 Module's Version: 0.91
 
+---------------------------------------+
| SQL Injection Vulnerability PHP-NUKE
  | Module's Name: 4ndvddb
| Module's Version: 0.91 |
|...

Categories: Security

[oCERT-2008-007] libpoppler uninitialized pointer

July 7, 2008 - 9:06am
Posted by Andrea Barisani on Jul 7

2008/07/07 #2008-007 libpoppler uninitialized pointer

Description:

The poppler PDF rendering library suffers a memory management bug which leads
to arbitrary code execution.

The vulnerability is present in the Page class constructor/destructor. The
pageWidgets object is not initialized in...

Categories: Security

Re: Multiple vulnerabilities in TietoEnators Procapita school administration system, at least version

July 6, 2008 - 3:10pm
Posted by Juha-Matti Laurio on Jul 6

The vendor Nextime Solutions has informed about the release of upcoming bugfix version this week.

The company VP has stated that the test process of fixed version is started and a fixed version will be delivered to customers before a new academic term.

TietoEnator sold its education business in...

Categories: Security

[SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution

July 5, 2008 - 7:37am
Posted by Florian Weimer on Jul 05

------------------------------------------------------------------------
Debian Security Advisory DSA-1602-1 security_at_debian.org
http://www.debian.org/security/ Florian Weimer
July 05, 2008 ...

Categories: Security