Next Page >>
Alin Rad Pop
// ( Mozilla/5.0, rv:1.9.2.3, Gecko/20100401 )
//
// P.S: This vulnerability similer with the CVE-2009-1571 [1] but it's patched on Firefox 3.6
// so this is *not the same vulnerability*!
//
// [1] CVE-2009-1571 ( Credit: Alin Rad Pop of Secunia ) - Thanks to Alin Rad Pop.
// - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1571
//
// o Discovered by x90c in INetCop(c) Security during analysis.
// o Discovered date: 2010.03.04
// o Personal homepage: http://www.x90c.org
After a standard system upgrade you need to restart Evolution to effect
the necessary changes.
Details follow:
Alin Rad Pop of Secunia Research discovered that Evolution did not
properly validate timezone data when processing iCalendar attachments.
If a user disabled the ITip Formatter plugin and viewed a crafted
iCalendar attachment, an attacker could cause a denial of service or
possibly execute code with user privileges. Note that the ITip
Formatter plugin is enabled by default in Ubuntu. (CVE-2008-1108)
03/03/2009 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
=======
Credits
=======
This vulnerability was reported to Samba developers by
Alin Rad Pop, Secunia Research.
The time line is as follows:
* Oct 30, 2007: Initial report to security@samba.org.
* Oct 30, 2007: First response from Samba developers confirming
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.
Affected: 2007.0, 2007.1
_______________________________________________________________________
Problem Description:
Alin Rad Pop found several flaws in how PDF files are handled
in pdftohtml. An attacker could create a malicious PDF file that
would cause pdftohtml to crash or potentially execute arbitrary code
when opened.
The updated packages have been patched to correct this issue.
09/04/2010 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
a buffer during the processing of GETDC logon server requests.
When samba is configured as a Primary or Backup Domain Controller,
a remote attacker could send malicious logon requests and possibly
cause a denial of service. (CVE-2007-4572)
Alin Rad Pop of Secunia Research discovered that nmbd did not properly
check the length of netbios packets. When samba is configured as a WINS
server, a remote attacker could send multiple crafted requests resulting
in the execution of arbitrary code with root privileges. (CVE-2007-5398)
12/10/2010 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Alin Rad Pop of Secunia Research discovered a vulnerability in CUPS
that can be exploited by malicious individuals to execute arbitrary
code. This flaw is due to a boundary error when processing IPP
(Internet Printing Protocol) tags.
Updated packages have been patched to prevent these issues.
Problem Description:
Security issues were identified and fixed in firefox 3.5.x:
Security researcher Alin Rad Pop of Secunia Research reported a
heap-based buffer overflow in Mozilla's string to floating point
number conversion routines. Using this vulnerability an attacker
could craft some malicious JavaScript code containing a very long
string to be converted to a floating point number which would result
in improper memory allocation and the execution of an arbitrary memory
Multiple vulnerabilities have been reported:
* Damian Put reported a heap-based buffer overflow when processing
PeSpin packed PE binaries (CVE-2008-0314).
* Alin Rad Pop of Secunia Research reported a buffer overflow in the
cli_scanpe() function when processing Upack PE binaries
(CVE-2008-1100).
* Hanno Boeck reported an infinite loop when processing ARJ archives
(CVE-2008-1387).
15/11/2007 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
Samba:
buffer during the processing of GETDC logon server requests. If samba
is configured as a Primary or Backup Domain Controller, this could
be used by a remote attacker to send malicious logon requests and
possibly cause a denial of service (CVE-2007-4572).
As well, Alin Rad Pop of Secunia Research found that nmbd did not
properly check the length of netbios packets. If samba is configured
as a WINS server, this could be used by a remote attacker able to
send multiple crafted requests to nmbd, resulting in the execution
of arbitrary code with root privileges (CVE-2007-5398).
31/10/2007 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
Description
===========
Multiple vulnerabilities have been discovered in xine-lib:
* Alin Rad Pop of Secunia reported an array indexing vulnerability in
the sdpplin_parse() function in the file input/libreal/sdpplin.c when
processing streams from RTSP servers that contain a large "streamid"
SDP parameter (CVE-2008-0073).
* Luigi Auriemma reported multiple integer overflows that result in
02/06/2009 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
It was discovered that vlc is prone to a search path vulnerability,
which allows local users to perform privilege escalations.
CVE-2008-2430
Alin Rad Pop discovered that it is possible to execute arbitrary code
when opening a WAV file containing a large fmt chunk.
CVE-2008-3794
Pınar Yanardağ discovered that it is possible to execute arbitrary code
an error in its handling of array data types when processing posted
messages. This error could be used by an attacker to corrupt heap
memory and crash the browser, potentially running arbitrary code on
a victim's computer (CVE-2010-0160).
Security researcher Alin Rad Pop of Secunia Research reported that
the HTML parser incorrectly freed used memory when insufficient space
was available to process remaining input. Under such circumstances,
memory occupied by in-use objects was freed and could later be filled
with attacker-controlled text. These conditions could result in the
execution or arbitrary code if methods on the freed objects were
during the processing of GETDC logon server requests. When samba is
configured as a Primary or Backup Domain Controller, a remote attacker
could send malicious logon requests and possibly cause a denial of
service. (CVE-2007-4572)
Alin Rad Pop of Secunia Research discovered that nmbd did not properly
check the length of netbios packets. When samba is configured as a WINS
server, a remote attacker could send multiple crafted requests resulting
in the execution of arbitrary code with root privileges. (CVE-2007-5398)
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2007-4351
Alin Rad Pop discovered that the Common UNIX Printing System is
vulnerable to an off-by-one buffer overflow in the code to process IPP
packets, which may lead to the execution of arbitrary code.
For the stable distribution (etch), this problem has been fixed in
version 1.2.7-4etch1. Updated packages for the arm architecure will be
02/07/2008 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
1 mail-client/evolution < 2.12.3-r2 >= 2.12.3-r2
Description
===========
Alin Rad Pop (Secunia Research) reported two vulnerabilities in
Evolution:
* A boundary error exists when parsing overly long timezone strings
contained within iCalendar attachments and when the ITip formatter is
disabled (CVE-2008-1108).
10/06/2009 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
23/05/2009 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
28/05/2008 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2007-6681 CVE-2007-6682 CVE-2007-6683 CVE-2008-0295
CVE-2008-0296 CVE-2008-0073 CVE-2008-0984 CVE-2008-1489
Luigi Auriemma, Alin Rad Pop, Rémi Denis-Courmont, Quovodis, Guido
Landi, Felipe Manzano, Anibal Sacco and others discovered multiple
vulnerabilities in vlc, an application for playback and streaming of
audio and video. In the worst case, these weaknesses permit a remote,
unauthenticated attacker to execute arbitrary code with the privileges
of the user running vlc.
07/11/2007 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
In general, a standard system upgrade is sufficient to affect the
necessary changes.
Details follow:
Alin Rad Pop discovered that CUPS did not correctly validate buffer
lengths when processing IPP tags. Remote attackers successfully
exploiting this vulnerability would gain access to the non-root CUPS user
in Ubuntu 6.06 LTS, 6.10, and 7.04. In Ubuntu 7.10, attackers would be
isolated by the AppArmor CUPS profile.
23/01/2009 - Public disclosure.
======================================================================
7) Credits
Discovered by Alin Rad Pop, Secunia Research.
======================================================================
8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned
Next Page>>
|
