Symark PowerBroker Security Advisory - A vulnerability has been identified in Symark's PowerBroker suite that allows an attacker with local access to gain root access. Versions up to and including 5.0.1 are vulnerable.
7e0dfcf5434f53f7e134968251b4c19caab838f2992a8c96788c2a68bb04dc83
Multiple cross site scripting, filter bypass, and information disclosure vulnerabilities exist in the F5 FirePass SSL VPN.
cfb632bcc5ccc99300621cc90d6e8b25bfe1bfc7b2cc289fe2ff92c0abb09b72
Novell eDirectory/iMonitor Remote Code Execution Security Advisory: Novell's HTTP Protocol Stack (httpstk) is a component of iMonitor which provides a web-based interface for management of eDirectory, an LDAP service forming the basis for many of the world s largest identity-management deployments. The code fails to check the length of client-supplied HTTP Host request-header (e.g. Host: www.host.com) values before using them to build a formatted URL into an inadequate, statically-sized buffer on the stack. This condition occurs in a call to snprintf() while the server is preparing an HTTP redirect response and can be triggered remotely, before any authentication takes place. This can allow attacker supplied code to be executed on vulnerable systems.
83f493818d78f80ff8f029bc85f643e0e2806d60376926715e9dc35b65088b58