AOH :: IS1031.HTM

Secunia Weekly Summary - Issue: 2008-34




Secunia Weekly Summary - Issue: 2008-34
Secunia Weekly Summary - Issue: 2008-34



=======================================================================
                  The Secunia Weekly Advisory Summary                  
                        2008-08-14 - 2008-08-21                        

                       This week: 48 advisories                        

=======================================================================Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

=======================================================================1) Word From Secunia:

Try the Secunia Network Software Inspector (NSI) 2.0 for free! The
Secunia NSI 2.0 is available as a 7-day trial download and can be used
to scan up to 3 hosts within your network.

Download the Secunia NSI trial version from:
https://psi.secunia.com/NSISetup.exe

=======================================================================2) This Week in Brief:

Some vulnerabilities have been reported in Opera, which can be
exploited by malicious people to conduct spoofing and cross-site
scripting attacks, bypass certain security restrictions, disclose
potentially sensitive information, or potentially compromise a user's
system.

For more information, refer to:
http://secunia.com/advisories/31549/ 

 --

g_ has discovered a vulnerability in VLC Media Player, which
potentially can be exploited by malicious people to compromise a user's
system.

For more information, refer to:
http://secunia.com/advisories/31512/ 

 --

VIRUS ALERTS:

During the past week Secunia collected 230 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

=======================================================================3) This Weeks Top Ten Most Read Advisories:

1.  [SA31441] uTorrent "created by" Buffer Overflow Vulnerability
2.  [SA31498] Microsoft Visual Studio Masked Edit Control "Mask" Buffer
              Overflow
3.  [SA31485] Postfix Symlink Handling and Destination Ownership
              Security Issues
4.  [SA31549] Opera Multiple Vulnerabilities
5.  [SA14652] Subdreamer Light Global Variables SQL Injection
              Vulnerability
6.  [SA31486] Symantec Veritas Storage Foundation NULL NTLMSSP
              Authentication Security Bypass
7.  [SA31507] Mktemp Insecure Random Name Generator Vulnerability
8.  [SA31469] Red Hat update for postfix
9.  [SA31502] xine-lib Multiple Vulnerabilities
10. [SA31472] Red Hat update for yum-rhn-plugin

=======================================================================4) Vulnerabilities Summary Listing

Windows:
[SA31554] Anzio Web Print Object (WePO) ActiveX Component "mainurl"
Buffer Overflow
[SA31534] MailScan for Mail Servers Web Administration Interface
Multiple Vulnerabilities
[SA31511] EO Video Playlist File "Name" Buffer Overflow Vulnerability
[SA31504] WS_FTP Home / Professional Format String Vulnerability
[SA31559] Folder Lock Weak Password Encryption Security Issue

UNIX/Linux:
[SA31550] Programs Rating "id" SQL Injection Vulnerability
[SA31542] Banner Management "id" SQL Injection Vulnerability
[SA31535] Avaya CMS Solaris "snoop" Multiple Vulnerabilities
[SA31531] Reflection for Secure IT Multiple Vulnerabilities
[SA31526] EchoVNC for Linux "CLogger::WriteFormated()" Buffer Overflow
[SA31518] SUSE update for python
[SA31538] Sun Java System Portal Server Cross-Site Scripting
Vulnerability
[SA31524] Avaya Products nss_ldap Race Condition Security Issue
[SA31508] neon "parse_domain()" Denial of Service Vulnerability
[SA31536] Avaya CMS Solaris namefs Kernel Module Privilege Escalation
[SA31530] Debian update for postfix
[SA31507] Mktemp Insecure Random Name Generator Vulnerability
[SA31517] Sun Solaris NFSv4 Client Kernel Module Denial of Service
[SA31509] Linux Kernel "dccp_setsockopt_change()" Integer Overflow
[SA31501] Avaya CMS Solaris "picld" Denial of Service

Other:


Cross Platform:
[SA31549] Opera Multiple Vulnerabilities
[SA31521] PHP Live Helper Multiple Vulnerabilities
[SA31502] xine-lib Multiple Vulnerabilities
[SA31547] Short Url & Url Tracker Script "id" SQL Injection
Vulnerability
[SA31546] URL Rotator Script "id" SQL Injection Vulnerability
[SA31544] Active PHP Bookmarks "id" SQL Injection Vulnerability
[SA31541] Viral Marketing Script "id" SQL Injection Vulnerability
[SA31539] SunShop Shopping Cart class.ajax.php SQL Injection
Vulnerabilities
[SA31537] SFS Affiliate Directory "id" SQL Injection Vulnerability
[SA31529] Ad-Exchange Script "id" SQL Injection Vulnerability
[SA31522] vbDrupal Multiple Vulnerabilities
[SA31520] Papoo "suchanzahl" SQL Injection Vulnerability
[SA31516] dotCMS Two File Disclosure Vulnerabilities
[SA31515] ZEEJOBSITE "adid" SQL Injection Vulnerability
[SA31513] YourFreeWorld Classifieds Script "category" SQL Injection
Vulnerability
[SA31512] VLC Media Player TTA Processing Integer Overflow
[SA31510] Forced Matrix Script "id" SQL Injection Vulnerability
[SA31506] E-Shop Shopping Cart "cid" SQL Injection Vulnerability
[SA31552] vBulletin Private Message Subject Script Insertion
[SA31543] NOAH Unspecified Cross-Site Scripting Vulnerability
[SA31532] FlexCMS "PreviousColorsString" Cross-Site Scripting
[SA31528] Mambo Two Cross-Site Scripting Vulnerabilities
[SA31527] Vanilla Multiple Vulnerabilities
[SA31525] Interleave Information Disclosure Security Issues
[SA31519] AWStats URL Cross-Site Scripting Vulnerability
[SA31503] Harmoni Cross-Site Request Forgery and Security Bypass
[SA31533] PHPizabi "id" Information Disclosure and Manipulation
[SA31505] GnuTLS "gnutls_handshake()" Denial of Service

=======================================================================5) Vulnerabilities Content Listing

Windows:--

[SA31554] Anzio Web Print Object (WePO) ActiveX Component "mainurl"
Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-08-21

Core Security Technologies has reported a vulnerability in the Anzio
Web Print Object (WePO) ActiveX component, which can be exploited by
malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/31554/ 

 --

[SA31534] MailScan for Mail Servers Web Administration Interface
Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Exposure of
sensitive information
Released:    2008-08-19

Oliver Karow has reported some vulnerabilities in MailScan for Mail
Servers, which can be exploited by malicious people to disclose
potentially sensitive information, conduct cross-site scripting
attacks, and bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/31534/ 

 --

[SA31511] EO Video Playlist File "Name" Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2008-08-18

Muris Kurgas has discovered a vulnerability in EO Video, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/31511/ 

 --

[SA31504] WS_FTP Home / Professional Format String Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2008-08-19

securfrog has discovered a vulnerability in WS_FTP Home and
Professional, which can be exploited by malicious people to potentially
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/31504/ 

 --

[SA31559] Folder Lock Weak Password Encryption Security Issue

Critical:    Not critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2008-08-21

Charalambous Glafkos and George Nicolaou have discovered a security
issue in Folder Lock, which can be exploited by malicious, local users
to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/31559/ 


UNIX/Linux:--

[SA31550] Programs Rating "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-08-20

Hussin X has reported a vulnerability in Programs Rating, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/31550/ 

 --

[SA31542] Banner Management "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-08-20

S.W.A.T. has reported a vulnerability in Banner Management, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/31542/ 

 --

[SA31535] Avaya CMS Solaris "snoop" Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2008-08-20

Avaya has acknowledged some vulnerabilities in Avaya CMS, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/31535/ 

 --

[SA31531] Reflection for Secure IT Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Security Bypass, Exposure of sensitive
information, DoS
Released:    2008-08-18

Attachmate has reported some vulnerabilities in Reflection for Secure
IT, where some have unknown impacts and others can be exploited by
malicious, local users to disclose sensitive information and bypass
certain security restrictions, and by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/31531/ 

 --

[SA31526] EchoVNC for Linux "CLogger::WriteFormated()" Buffer Overflow

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-08-18

A vulnerability has been reported in EchoVNC for Linux, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/31526/ 

 --

[SA31518] SUSE update for python

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2008-08-19

SUSE has issued an update for python. This fixes some vulnerabilities,
where some have unknown impact and others can potentially be exploited
by malicious people to cause a DoS (Denial of Service) or to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/31518/ 

 --

[SA31538] Sun Java System Portal Server Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-08-19

A vulnerability has been reported in Sun Java System Portal Server,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/31538/ 

 --

[SA31524] Avaya Products nss_ldap Race Condition Security Issue

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-08-18

Avaya has acknowleged a security issue in various Avaya products, which
can be exploited by malicious people to manipulate certain data.

Full Advisory:
http://secunia.com/advisories/31524/ 

 --

[SA31508] neon "parse_domain()" Denial of Service Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2008-08-21

A vulnerability has been reported in neon, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/31508/ 

 --

[SA31536] Avaya CMS Solaris namefs Kernel Module Privilege Escalation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation, DoS
Released:    2008-08-20

Avaya has acknowledged a vulnerability in Avaya CMS, which can be
exploited by malicious, local users to cause a DoS (Denial of Service)
or to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/31536/ 

 --

[SA31530] Debian update for postfix

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2008-08-19

Debian has issued an update for postfix. This fixes a security issue,
which can be exploited by malicious, local users to perform certain
actions with escalated privileges.

Full Advisory:
http://secunia.com/advisories/31530/ 

 --

[SA31507] Mktemp Insecure Random Name Generator Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2008-08-15

A vulnerability has been reported in Mktemp, which can be exploited by
malicious, local users to perform certain actions with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/31507/ 

 --

[SA31517] Sun Solaris NFSv4 Client Kernel Module Denial of Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2008-08-20

A vulnerability has been reported in Sun Solaris, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/31517/ 

 --

[SA31509] Linux Kernel "dccp_setsockopt_change()" Integer Overflow

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2008-08-18

A vulnerability has been reported in the Linux Kernel, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/31509/ 

 --

[SA31501] Avaya CMS Solaris "picld" Denial of Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2008-08-20

Avaya has acknowledged a vulnerability in Avaya CMS, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/31501/ 


Other:


Cross Platform:--

[SA31549] Opera Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Spoofing, Exposure of sensitive
information, DoS, System access
Released:    2008-08-20

Some vulnerabilities have been reported in Opera, which can be
exploited by malicious people to conduct spoofing and cross-site
scripting attacks, bypass certain security restrictions, disclose
potentially sensitive information, or potentially compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/31549/ 

 --

[SA31521] PHP Live Helper Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information,
System access
Released:    2008-08-20

James Bercegay has reported some vulnerabilities in PHP Live Helper,
which can be exploited by malicious people to conduct SQL injection
attacks and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/31521/ 

 --

[SA31502] xine-lib Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-08-15

Some vulnerabilities have been reported in xine-lib, which potentially
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/31502/ 

 --

[SA31547] Short Url & Url Tracker Script "id" SQL Injection
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-08-20

Hussin X has reported a vulnerability in Short Url & Url Tracker
Script, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/31547/ 

 --

[SA31546] URL Rotator Script "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-08-20

Hussin X has reported a vulnerability in URL Rotator Script, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/31546/ 

 --

[SA31544] Active PHP Bookmarks "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-08-20

Hussin X has discovered a vulnerability in Active PHP Bookmarks (APB),
which can be exploited by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/31544/ 

 --

[SA31541] Viral Marketing Script "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-08-20

Hussin X has reported a vulnerability in Viral Marketing Script, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/31541/ 

 --

[SA31539] SunShop Shopping Cart class.ajax.php SQL Injection
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-08-21

James Bercegay has reported some vulnerabilities in SunShop Shopping
Cart, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/31539/ 

 --

[SA31537] SFS Affiliate Directory "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-08-19

Hussin X has reported a vulnerability in SFS Affiliate Directory, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/31537/ 

 --

[SA31529] Ad-Exchange Script "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-08-20

Hussin X has reported a vulnerability in Ad-Exchange Script, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/31529/ 

 --

[SA31522] vbDrupal Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, System access
Released:    2008-08-18

Some vulnerabilities have been reported in vbDrupal, which can be
exploited by malicious users to conduct script insertion attacks and
compromise a vulnerable system, and by malicious people to conduct
cross-site scripting and cross-site request forgery attacks.

Full Advisory:
http://secunia.com/advisories/31522/ 

 --

[SA31520] Papoo "suchanzahl" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-08-19

Russ McRee has reported a vulnerability in Papoo, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/31520/ 

 --

[SA31516] dotCMS Two File Disclosure Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2008-08-18

Don has discovered two vulnerabilities in dotCMS, which can be
exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/31516/ 

 --

[SA31515] ZEEJOBSITE "adid" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-08-18

Hussin X has reported a vulnerability in ZEEJOBSITE, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/31515/ 

 --

[SA31513] YourFreeWorld Classifieds Script "category" SQL Injection
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-08-20

Hussin X has reported a vulnerability in YourFreeWorld Classifieds
Script, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/31513/ 

 --

[SA31512] VLC Media Player TTA Processing Integer Overflow

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-08-18

g_ has discovered a vulnerability in VLC Media Player, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/31512/ 

 --

[SA31510] Forced Matrix Script "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-08-20

Hussin X has reported a vulnerability in Forced Matrix Script, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/31510/ 

 --

[SA31506] E-Shop Shopping Cart "cid" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-08-15

Mormoroth has reported a vulnerability in E-Shop Shopping Cart (E-Php
Shopping Cart), which can be exploited by malicious people to conduct
SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/31506/ 

 --

[SA31552] vBulletin Private Message Subject Script Insertion

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-08-21

Federico Muttis has reported a vulnerability in vBulletin, which can be
exploited by malicious users to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/31552/ 

 --

[SA31543] NOAH Unspecified Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-08-19

A vulnerability has been reported in NOAH, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/31543/ 

 --

[SA31532] FlexCMS "PreviousColorsString" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-08-18

Khashayar Fereidani has discovered a vulnerability in FlexCMS, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/31532/ 

 --

[SA31528] Mambo Two Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-08-18

Khashayar Fereidani has discovered two vulnerabilities in Mambo, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/31528/ 

 --

[SA31527] Vanilla Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-08-20

Some vulnerabilities have been reported in Vanilla, which can be
exploited by malicious users to conduct script insertion attacks, and
by malicious people to conduct cross-site scripting and cross-site
request forgery attacks.

Full Advisory:
http://secunia.com/advisories/31527/ 

 --

[SA31525] Interleave Information Disclosure Security Issues

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2008-08-19

Some security issues have been reported in Interleave, which can be
exploited by malicious users to disclose certain sensitive
information.

Full Advisory:
http://secunia.com/advisories/31525/ 

 --

[SA31519] AWStats URL Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-08-18

Morgan Todd has discovered a vulnerability in AWStats, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/31519/ 

 --

[SA31503] Harmoni Cross-Site Request Forgery and Security Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of sensitive information
Released:    2008-08-15

Two vulnerabilities have been reported in Harmoni, which can be
exploited by malicious people to bypass certain security restrictions
and conduct cross-site request forgery attacks.

Full Advisory:
http://secunia.com/advisories/31503/ 

 --

[SA31533] PHPizabi "id" Information Disclosure and Manipulation

Critical:    Not critical
Where:       From remote
Impact:      Manipulation of data, Exposure of system information,
Exposure of sensitive information
Released:    2008-08-19

Lostmon has discovered a vulnerability in PHPizabi, which can be
exploited by malicious users to disclose sensitive information and
manipulate data.

Full Advisory:
http://secunia.com/advisories/31533/ 

 --

[SA31505] GnuTLS "gnutls_handshake()" Denial of Service

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2008-08-15

A vulnerability has been reported in GnuTLS, which can potentially be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/31505/ 



=======================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/ 

Subscribe:
http://secunia.com/secunia_weekly_summary/ 

Contact details:
Web	: http://secunia.com/ 
E-mail	: support@secunia.com 
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


__________________________________________________      
Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
http://conference.hackinthebox.org/hitbsecconf2008kl/ 

Site design & layout copyright © 1986-2014 CodeGods