SecuObs.com

SecuObs.com http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 16072010 Oracle Solaris Kernel Security Advisory2010-07-16 19:27:00 - News from trapkit.de : Oracle released an updated version of their kernel for Solaris 10 and OpenSolaris The update fixes a denial of service bug I found in the Solaris kernel For more information see http://www.secuobs.com/revue/news/241213.shtmlhttp://www.secuobs.com/revue/news/241213.shtml 22022010 avast Security AdvisorySecuobs.com : 2010-02-22 16:11:18 - News from trapkit.de - ALWIL software released an updated version of avast The update fixes a memory corruption vulnerability I found in one of the kernel drivers shipped with avast 48 and 50 For more information see http://www.secuobs.com/revue/news/194174.shtmlhttp://www.secuobs.com/revue/news/194174.shtml 02022010 Apple iPhone OS and Mac OS X Security AdvisorySecuobs.com : 2010-02-02 23:37:56 - News from trapkit.de - Apple released security updates for iPhone OS and Mac OS X that fix a stack buffer overflow vulnerability I found in CoreAudio For more information see http://www.secuobs.com/revue/news/187895.shtmlhttp://www.secuobs.com/revue/news/187895.shtml 31012010 Oracle Solaris Kernel Security AdvisorySecuobs.com : 2010-01-31 13:11:06 - News from trapkit.de - Oracle released an updated version of their kernel for Solaris 10 and OpenSolaris The update fixes a NULL pointer dereference I found in the Solaris kernel For more information see http://www.secuobs.com/revue/news/187046.shtmlhttp://www.secuobs.com/revue/news/187046.shtml 27122009 New version of checksecshSecuobs.com : 2009-12-27 13:22:08 - News from trapkit.de - I released a new version of checksecsh This script is designed to test what standard Linux OS security features are being used For more information http://www.secuobs.com/revue/news/175993.shtmlhttp://www.secuobs.com/revue/news/175993.shtml 09092009 Apple iPhone OS AudioCodecs Heap Buffer Overflow TKADV2009-007 Secuobs.com : 2009-09-10 04:34:36 - News from trapkit.de - Apple released an updated version of their iPhone OS The update fixes a heap buffer overflow vulnerability I found in the AudioCodecs library of iPhone OS 31 and iPhone OS 311 for iPod touch http://www.secuobs.com/revue/news/139479.shtmlhttp://www.secuobs.com/revue/news/139479.shtml 16052009 libsndfile/Winamp Security Advisory TKADV2009-006Secuobs.com : 2009-05-16 10:52:55 - News from trapkit.de - The libsndfile maintainers released an updated version of theirmultimedia library The update fixes a heap buffer overflowvulnerability I found in the VOC Creative Voice demuxer Aslibsndfile is used by Winamp and other software projects thispopular media player is also affected by this vulnerabilityhttp://www.secuobs.com/revue/news/97141.shtmlhttp://www.secuobs.com/revue/news/97141.shtml 01032008 Mac OS X AppleTalk AIOCSETZNUSAGE IOCTL Kernel Stack Overflow Security Advisory released TKADV2007-003Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - This security advisory describes the technical details of thevulnerability I found and published working with iDefense VCP Appleneeded a patch development time of 99 days to fix this bughttp://www.secuobs.com/revue/news/85162.shtmlhttp://www.secuobs.com/revue/news/85162.shtml 08032008 Panda Internet Security/Antivirus+Firewall 2008 Security Advisory released TKADV2008-001Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - After a patch development time of 60 days Panda Security released ahotfix for their Panda Internet Security 2008 and PandaAntivirus+Firewall 2008 products This hotfix fixes a memorycorruption vulnerability overflow in the data section I found in oneof the drivers shipped with these productshttp://www.secuobs.com/revue/news/85161.shtmlhttp://www.secuobs.com/revue/news/85161.shtml 30032008 avast 47 Security Advisory released TKADV2008-002Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - After a patch development time of only 13 days ALWIL Software released anupdated version of their avast 4 Professional and Home Edition Theupdate fixes a memory corruption vulnerability it's possible to writearbitrary data at an arbitrary memory address I found in one of thedrivers shipped with these productshttp://www.secuobs.com/revue/news/85160.shtmlhttp://www.secuobs.com/revue/news/85160.shtml 06062008 Kaspersky Security Advisory released TKADV2008-004Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - This security advisory describes the technical details of thevulnerability I found and published working with iDefense VCPKaspersky needed a patch development time of 78 days to fix this bughttp://www.secuobs.com/revue/news/85159.shtmlhttp://www.secuobs.com/revue/news/85159.shtml 07062008 ScoopyNG - The VMware detection tool v10 releasedSecuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - ScoopyNG combines the detection tricks of and as well as some newtechniques to determine if a current OS is running inside a VirtualMachine VM or on a native system ScoopyNG works on all modern uni-,multi- and multi-core cpu's and is able to detect VMware even if"anti-detection-mechanisms" are deployedhttp://www.secuobs.com/revue/news/85158.shtmlhttp://www.secuobs.com/revue/news/85158.shtml 13062008 Sun Solaris Security Advisory released TKADV2008-003Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - After a patch development time of Sun finally released an updatedversion of their kernel for Sun Solaris 10 and OpenSolaris The updatefixes a memory corruption vulnerability Integer Overlow, described in I found in the Sun Solaris kernelhttp://www.secuobs.com/revue/news/85157.shtmlhttp://www.secuobs.com/revue/news/85157.shtml 06082008 Linux Kernel Security Advisory released TKADV2008-005Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - This security advisory describes the technical details of thevulnerability I found in the Linux kernel The kernel maintainersneeded a patch development time of 4 days to fix this bughttp://www.secuobs.com/revue/news/85156.shtmlhttp://www.secuobs.com/revue/news/85156.shtml 08082008 BloggingSecuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - Like everyone else I now have a where I will publish random thoughts onsecurity vulnerabilities, exploiting and stories from kernel land fromtime to time The news from trapkitde are now also available as http://www.secuobs.com/revue/news/85155.shtmlhttp://www.secuobs.com/revue/news/85155.shtml 12082008 CA HIPS KmxFwsys Kernel Memory Corruption TKADV2008-006Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - After a patch development time of 158 days CA released updates forvarious of their products The updates are fixing a memory corruptionvulnerability kernel pool corruption I found in one of the driversshipped with these productshttp://www.secuobs.com/revue/news/85154.shtmlhttp://www.secuobs.com/revue/news/85154.shtml 09092008 Linux Kernel SCTP-AUTH API Advisory TKADV2008-007Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - This security advisory describes the technical details of somevulnerabilities I found in the SCTP-AUTH API of the Linux Kernel Thekernel maintainers needed a patch development time of 1 day to fix thebugshttp://www.secuobs.com/revue/news/85153.shtmlhttp://www.secuobs.com/revue/news/85153.shtml 17092008 G DATA Security Advisory TKADV2008-008Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - This security advisory describes the technical details of a securityvulnerability I found in the G DATA products AntiVirus,InternetSecurity and TotalCare 2008 G DATA needed a patch developmenttime of 294 days to fix the bughttp://www.secuobs.com/revue/news/85152.shtmlhttp://www.secuobs.com/revue/news/85152.shtml 21092008 WebEx Security Advisory TKADV2008-009Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - This security advisory describes the technical details of a securityvulnerability I found in an activex component of the WebEx MeetingManagerhttp://www.secuobs.com/revue/news/85151.shtmlhttp://www.secuobs.com/revue/news/85151.shtml 20102008 VLC Media Player Security Advisory TKADV2008-010Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - This security advisory describes the technical details of a securityvulnerability I found in the TiVo demuxer of VLC media playerhttp://www.secuobs.com/revue/news/85150.shtmlhttp://www.secuobs.com/revue/news/85150.shtml 05112008 VLC Media Player Advisories TKADV2008-011/TKADV2008-012Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - These advisories are describing the technical details of two stackoverflows I found in the RealText and CUE demuxers of VLC mediaplayerhttp://www.secuobs.com/revue/news/85149.shtmlhttp://www.secuobs.com/revue/news/85149.shtml 30112008 VLC Media Player Security Advisory TKADV2008-013Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - This security advisory describes the technical details of an integeroverflow vulnerability I found in the RealMedia demuxer of VLC mediaplayerhttp://www.secuobs.com/revue/news/85148.shtmlhttp://www.secuobs.com/revue/news/85148.shtml 14122008 MPlayer Security Advisory TKADV2008-014Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - This security advisory describes the technical details of a stack bufferoverflow vulnerability I found in the TwinVQ demuxer of MPlayerhttp://www.secuobs.com/revue/news/85147.shtmlhttp://www.secuobs.com/revue/news/85147.shtml 17122008 Sun Solaris Kernel Security Advisory TKADV2008-015Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - After a patch development time of Sun released an updated version oftheir kernel for Sun Solaris 10 and OpenSolaris The update fixes aNULL pointer dereference vulnerability I found in the Sun Solariskernelhttp://www.secuobs.com/revue/news/85146.shtmlhttp://www.secuobs.com/revue/news/85146.shtml 11012009 Sun Solaris Kernel Security Advisory TKADV2009-001Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - Sun released an updated version of their kernel for Sun Solaris 8, 9, 10and OpenSolaris The update fixes an Integer Overflow vulnerability Ifound in the Sun Solaris kernelhttp://www.secuobs.com/revue/news/85145.shtmlhttp://www.secuobs.com/revue/news/85145.shtml 11012009 Amarok Security Advisory TKADV2009-002Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - Today the Amarok maintainers released an updated version of their mediaplayer The update fixes some Integer Overflow and UncheckedAllocation vulnerabilities I found in Amarokhttp://www.secuobs.com/revue/news/85144.shtmlhttp://www.secuobs.com/revue/news/85144.shtml 22012009 GStreamer Security Advisory TKADV2009-003Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - Today the GStreamer maintainers released an updated version of theirmultimedia framework The update fixes some Heap Buffer Overflows andArray Index Out of Bounds vulnerability I found in GStreamerhttp://www.secuobs.com/revue/news/85143.shtmlhttp://www.secuobs.com/revue/news/85143.shtml 28012009 FFmpeg Security Advisory TKADV2009-004Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - Today the FFmpeg maintainers released an updated version of theirmultimedia framework The update fixes a type conversion vulnerabilityI found in FFmpeghttp://www.secuobs.com/revue/news/85142.shtmlhttp://www.secuobs.com/revue/news/85142.shtml 15022009 xine-lib also affected by TKADV2009-004Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - I updated TKADV2009-004 as xine-lib version 11162 is also affectedby a variant of the bug described in the advisoryhttp://www.secuobs.com/revue/news/85141.shtmlhttp://www.secuobs.com/revue/news/85141.shtml 04042009 xine-lib Security Advisory TKADV2009-005Secuobs.com : 2009-04-18 15:03:40 - News from trapkit.de - The xine-lib maintainers released an updated version of their multimedialibrary The update fixes an integer overflow vulnerability I found inthe Quicktime demuxerhttp://www.secuobs.com/revue/news/85140.shtmlhttp://www.secuobs.com/revue/news/85140.shtml