WMNews suffers from multiple XSS vulnerabilities.
fde8187d99895ed328b1cc0716c6af69bd1b4957be1661fe02fd656cc2a7c7f2Ipswitch Collaboration Suite 2006.02 and below suffers from a vulnerability in the IMAP daemon. A lack of bounds checking during the parsing of long arguments to the FETCH verb can result in an exploitable buffer overflow.
9c3327b54f3ff5f19f49f3a4a94ebc51b81ee282521692e19a0057072454affbSecunia Research has discovered two vulnerabilities in Dwarf HTTP Server, which can be exploited by malicious people to disclose potentially sensitive information and to conduct cross-site scripting attacks.
ae88c420d91c740fea3b205334cd447742a2fc54a2bdc918ff07f6418bc02894Secunia Research has discovered a vulnerability in unalz, which potentially can be exploited by malicious people to compromise a user's system.
3922b1e00fb999550279add8079a26e2a644c63ccc39246770ba772ec96e00f3Vegas Forum version 1.0 suffers from SQL injection.
45ac70a8bdd5e72938e369b5dafe84ada75903492a47c4c323d049dce6ac57b5Ubuntu Security Notice USN-263-1 - linux-source-2.6.8.1/-2.6.10/-2.6.12 vulnerabilities
17275c3152d4e6ce22e793a8a8ab3cc5dd9c116401c453f3b5455acd28bc0a74Ubuntu Security Notice USN-262-1 - Karl
7e33c2e2a098cff890ef77bd17f00e024ecf9f9c2339ca53b02355b98fe9a196Ubuntu Security Notice USN-264-1 - Tavis Ormandy discovered a flaw in gnupg's signature verification. In some cases, certain invalid signature formats could cause gpg to report a 'good signature' result for auxiliary unsigned data which was prepended or appended to the checked message part.
89ddf7339f6a59f338b4c948d9fe8d40a870062b784e778dbef44686023924acDebian Security Advisory DSA 997-1 - Stefan Cornelius of Gentoo Security discovered that bomberclone, a free Bomberman-like game, crashes when receiving overly long error packets, which may also allow remote attackers to execute arbitrary code.
b1be1d38f21a535b65feca2fd4bcac338ac70ed882eb6c843fe635bc0e251ba4Debian Security Advisory DSA 993-2 - Tavis Ormandy noticed that gnupg, the GNU privacy guard - a free PGP replacement, can be tricked to emit a "good signature" status message when a valid signature is included which does not belong to the data packet. This update basically adds fixed packages for woody whose version turned out to be vulnerable as well.
1c9dc8d97027cd79f4dbec2b8bda2899d4c89503843c6d96388b09e4a1551394Debian Security Advisory DSA 996-1 - Lincoln Stein discovered that the Perl Crypt::CBC module produces weak ciphertext when used with block encryption algorithms with a blocksize less than 8 bytes.
a6f13af171246134973c850055dfb4515d28157d1adbb810684713de2cd9348dDebian Security Advisory DSA 995-1 - Ulf Harnhammar discoverd a buffer overflow in metamail, an implementation of MIME (Multi-purpose Internet Mail Extensions), that could lead to a denial of service or potentially execute arbitrary code when processing messages.
ca6cac2a1622894c513b90aa108dc705a135f0543d049f59a1c3a2db8ecf1331Debian Security Advisory DSA 994-1 - Luigi Auriemma discovered a denial of service condition in the free Civilization server that allows a remote user to trigger a server crash.
7d64c8d439be5960b383d4d5b915a181fffd5e6408ae4d2b038544e766a0bff1Gentoo Linux Security Advisory GLSA 200603-10 - Luigi Auriemma reported that Cube is vulnerable to a buffer overflow in the sgetstr() function (CVE-2006-1100) and that the sgetstr() and getint() functions fail to verify the length of the supplied argument, possibly leading to the access of invalid memory regions (CVE-2006-1101). Furthermore, he discovered that a client crashes when asked to load specially crafted mapnames (CVE-2006-1102). Versions less than or equal to 20050829 are affected.
c13fb0ccdf9b15d2e2cdf722042403751f475170345e8848a4f279613999a6baA buffer overflow and installation script error in firebird 1.5.3 could lead to system compromise.
6f73336e46aae3d245c51d99b29e87b451e578c58987b15299903772928e5ac6GNU PeerCast versions less than or equal to v0.1216 Remote Exploit.
52782b7c57a34d83e13abde55ce91f90e5499e6f8617ad2fe720595a4239b49eA perl script to backdoor chkrootkit rendering it useless. Tested on chkrootkit version 0.44 running on Red Hat enterprise 3.
25f5835469aa6bfe744b1e2b431b83379eda7e12ff32ef7155bc1202e115e406Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in Dwarf HTTP Server, which can be exploited by malicious people to disclose potentially sensitive information and to conduct cross-site scripting attacks.
00420dbd71f4c9e3e57e9c768e93346226afd3fdd84bfb178cef1615ba56c3c7Secunia Security Advisory - Secunia Research has discovered a vulnerability in unalz, which potentially can be exploited by malicious people to compromise a user's system.
d5b79122b144ba6d6137903b45c4764b7fa113f12aeddd29665a836035f8c1ebSecunia Security Advisory - Debian has issued an update for libcrypt-cbc-perl. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
4f639b1c201306c6b0fe84b35128e42dc70550bf10ba67bbd996b5ce6f1b9df5Secunia Security Advisory - Debian has issued an update for ffmpeg. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
6de3cc49917d12c743a843b22a31fb599f8c34722f399c86b50172748e7acc21Secunia Security Advisory - SUSE has issued an update for gpg. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
270ac457094595ee0432856739f1cb713a83d7c9a6939fcc4f6f84460830d7adSecunia Security Advisory - Gentoo has acknowledged some vulnerabilities in cube, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system.
ff84ac1c333dc6ee4ad35577df398614bdfa6d21780b4d5f7292574486e0f8aaSecunia Security Advisory - Karl
0338cfd46a51887e9ece7c0b028985e1ae2f7eec664fd306fec0f34612fdbf9fSecunia Security Advisory - Aliaksandr Hartsuyeu has discovered some vulnerabilities in DSDownload, which can be exploited by malicious people to conduct SQL injection attacks.
ae5ddb15b8b7178de79435311ab963592bb5118dda6ba9acaadf9c2704b90a89
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed