J漾諸事會社

2007/07/26  Scunia Vulnerability Report
http://secunia.com


Sun Solaris lbxproxy Privilege Escalation VulnerabA vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to perform certain actions with escalated privileges.ility

Cisco Products Java Secure Socket Extension SSL/TLS Request Denial of Service .Cisco has acknowledged a vulnerability in some products, which can be exploited by malicious people to cause a DoS (Denial of Service).

Ubuntu update for bind .Ubuntu has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.

McAfee VirusScan Command Line for Linux ZIP Decompression Vulnerability.
Tavis Ormandy has discovered a vulnerability in McAfee VirusScan Command Line Scanner for Linux, which potentially can be exploited by malicious people to compromise a vulnerable system.


Novell GroupWise Mobile Server Multiple Vulnerabilities
Novell has acknowledged some vulnerabilities in Novell GroupWise Mobile Server, which can be exploited by malicious people to gain knowledge of sensitive information, conduct cross-site scripting attacks, manipulate certain data, or cause a DoS (Denial of Service).

Windows RSH daemon Packet Processing Buffer Overflow Vulnerability
Joey Mengele has discovered a vulnerability in Windows RSH daemon, which can be exploited by malicious users to compromise a vulnerable system.

Sun Java System Application Server JSP Source Code Disclosure
A vulnerability has been reported in Sun Java System Application Server, which can be exploited by malicious people to disclose certain sensitive information.

CA Message Queuing Server Buffer Overflow Vulnerability
IBM ISS X-Force has reported a vulnerability in CA Message Queuing (CAM/CAFT), which can be exploited by malicious people to compromise a vulnerable system.

Cisco Multiple Products Wireless ARP Requests Denial of Service
Some vulnerabilities have been reported in multiple Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).

Mozilla SeaMonkey Multiple Vulnerabilities
Some vulnerabilities have been reported in SeaMonkey, which can potentially be exploited by malicious people to compromise a vulnerable system.


CA Products CHM and RAR File Processing Denial of Service Vulnerabilities
Two vulnerabilities have been reported in various CA products, which can be exploited by malicious people to cause a DoS (Denial of Service).

CA eTrust Intrusion Detection CallCode ActiveX Control Insecure Methods
Some vulnerabilities have been reported in CA eTrust Intrusion Detection, which can be exploited by malicious people to compromise a vulnerable system.

Red Hat update for bind
Red Hat has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.