Debian Security Advisory - Imp, a webmail interface, did not check the $from variable which contains the sender address for shell metacharacters. This could be used to run arbitrary commands on the server running imp. To fix this horde (the library imp uses) and imp itself has been modified to sanitize user input.
97d64ae7d8dcbc7d8f70877848129bc89275bed5a3d1f84c53f57e75fc362482
Debian Security Advisory - Xpdf has two security problems - Tempfiles were created insecurely, and when handling URLs in documents no checking was done for shell metacharacters before starting the browser. This makes it possible to construct a document which cause xpdf to run arbitrary commands when the user views an URL. Both problems have been fixed in version 0.90-7, and we recommend you upgrade your xpdf package immediately.
e56990f7174ae5f59fb7c1fa5969013a7c59b4c17eb4b2d38c8deea23a6726b8
statdx-scan contains some bash shell scripts to make it easy to scan large numbers of hosts for the rpc.statd vulnerability.
de24b65684ce4df514b49c7404958227f210d2c8669662d1666842b48029d26b
Anyportal v0.1 allows remote users to read any file on the webserver by submitting modified forms.
e1ec85ae33fed5f71b59bb5010d7c3248c2ba5c473dd1c55908c4be4e6a1ee39
phpPhotoAlbum v0.99 and below for Windows and Unix allows remote users to read any file on the system with priviledges as the httpd. Fix available here.
1fd5dac557c53d92324e640ef142c13d6504f28411ca172131ea0b05a2852c6e
Secure Reality Pty Ltd. Security Advisory #1 - PHP's handling of uploads permits a remote attacker to manipulate PHP applications into opening arbitrary files on the server with the permission level of the user running the server. Almost any PHP program which provides upload capability is vulnerable.
aeaf6e2aa7063b4ff85dd2c6645bd2a6aa56552e8a26b759f5817c1bbd0a2039
FPipe version 2.4 is a TCP source port forwarder/redirector that can be used to force a TCP stream to always connect using a specific source port. This tool can be used to get around firewalls that only accept traffic originating from common source ports.
d0eff452959037ffd1b6d1745db0de980ab8d88b67cb2476d7e142788ad15cb4
@stake Advisory A090800-1 - Application: Mobius DocumentDirect for the Internet 1.2, Platform: Windows NT 4.0, Severity: There are several buffer overflow conditions that could result in execution of arbitrary code or a denial of service.
e18e06ec635a16b0cea92f28e5a5084f01741c21323819a63b4517ac55736635
The $from-bug is in the horde library file 'horde.lib', (on debian systems installed in /usr/share/horde/lib/horde.lib) in line 1108 belonging to function "mailfrom". In this file there is a call to "popen" with an unchecked "from:"-line as argument. Bug found and exploited by Jens "atomi" Steube, fixed and documentated by Christian "thepoet" Winter
26f093926bfd1dd43f634cf8d0562c202fcf591bde428c8157fc922d25f3a850
WebSite Pro is a Web Server for Win95/98/NT platforms. The vulnerability (or bad server administration) allows any user to create arbitrary files with arbitrary text on the victim machine, from the Internet web browser. By a default installation, any user can create or uploads files to the victim machine running a vulnerable version of WebSite Pro. The problem is a bad "protection access" of the main directories on the machine.
bd5cdf4a6fed674aba622112ecb317033d101e50f0c57a16cba894aadc40d73e
Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: Novell directory services problem, @Stake Advisory on DocumentDirect for the Internet, Mailman 1.1 + external archiver vulnerability, SuSE Security Announcement on Apache, buffer overflow in Net.Data DB2WWW, SuSE Apache CGI source code viewing, still image service priviledge escalation patched, and segfaulting Interbase 6 SS Linux.
1d4e15b1255386f1db5ef76fb528bce8ead790f0cd5cbd36794cf9c3f97266bc