Secunia Security Advisory - Fedora has issued an update for w3c-libwww. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
d0935784e7ff0dff7e80eab904a9597f23b24493ddd1db5ddba1d2ff7730e201
@lex Guestbook version 3.3 is susceptible to cross site scripting and injection attacks.
eabb3773c1c434b14ac8952462b781b24c7e0413a25f8f43a3d610378e0c73c7
Kerio Personal Firewall 4 (4.2.0) and Kerio Server Firewall version 1.1.1 are susceptible to a local denial of service vulnerability. Earlier versions are also presumed susceptible.
844d00225d7f054c20b7c6aa6d74222ce2248249498f97c2cfd3de4177338c46
Debian Security Advisory DSA 865-1 - Javier Fernandez-Sanguino Pena discovered that several scripts of the hylafax suite, a flexible client/server fax software, create temporary files and directories in an insecure fashion, leaving them vulnerable to symlink exploits.
665f9ba8756a18f91394c5b16dc16e066c6794141834ccdf4197e43263d83525
Debian Security Advisory DSA 864-1 - Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed.
47d5ecae7b6493059ad85577eb016af802a60c1caed43f6179eb8ecc02068db4
Secunia Security Advisory - Secunia Research has discovered a vulnerability in AhnLab V3 Antivirus, which can be exploited by malicious people to compromise a vulnerable system.
2fde5cc249225bfdc9836d2e0f593a01813828653403c51dbee9df6af919727b
Secunia Security Advisory - fRoGGz has discovered a weakness in avast! Anti-Virus scan engine, which can be exploited by malware to bypass certain scanning functionality.
460976a67a7b81645036b98c04414d3fd891608f6ac0486c373864503eaa797b
Secunia Security Advisory - A vulnerability has been reported in Brightmail AntiSpam, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
3754117ce6860f63d7cecbad65bc6e690d428628004c512c14898fd8fabb1785
Secunia Security Advisory - A vulnerability has been reported in VERITAS NetBackup, which can be exploited by malicious people to compromise a vulnerable system.
7804f875dd8112c7f5a4ebf2db8b5e13ef6d7292dc1735167968c6223b584dc0
Secunia Security Advisory - fRoGGz has discovered a weakness in AVG Anti-Virus scan engine, which can be exploited by malware to bypass certain scanning functionality.
0419160ad95798c8d6abf50ca45eb3b85a142aa934135c82719a4c67101e13a7
Secunia Security Advisory - fRoGGz has reported a weakness in Kaspersky Anti-Virus scan engine, which can be exploited by malware to bypass certain scanning functionality.
ee1fdfd3883be554da1e24948983a86b2e20d1d4a1766d4173161f5a1c0882cc
SucKIT Rootkit v2.0-devel-rc2. Easy-to-use, Linux-i386 kernel-based rootkit. The code stays in memory through /dev/kmem trick, without help of LKM support nor System.map or such things. Everything is done on the fly. It can hide PIDs, files, tcp/udp/raw sockets and sniff TTYs.
7fca632fdea9a39f68498af15c5cf2af2989c26aaccbd99bb62ead37a0eecc69
Antispyd is an HTTP/HTTPS threat filtering proxy server. The main characteristic of this project is the modularity of its conception. The program is organized around an HTTP/HTTPS gateway service and a set of filters that can be enabled or disabled, and are all configurable with a single configuration file. Current filters are: URL filtering, content filtering, content-type filtering, cookie removal, pop-up removal, shell code attack blocking, Web traffic anonymizing, and a signature-based filtering engine. All filtering is done on the fly, without blocking downloads in any case. It uses only POSIX primitives and is built with autotools, and was created with security in mind.
04fb73f45df261ea0c4dc7d14d01df24629f3cdd907c3b1a8448fa6718740655
WifiScanner is an analyzer and detector of 802.11b stations and access points which can listen alternatively on all the 14 channels, write packet information in real time, search access points and associated client stations, and can generate a graphic of the architecture using GraphViz. All network traffic may be saved in the libpcap format for post analysis. It works under Linux with a PrismII card and with the linux-wlan driver.
760e8ee723c91be0394bf2ede08958924ef5202bfc11503ec5e54d31706efc1f
The Linux orinoco driver included in kernel versions less than 2.6.13.4 pads Ethernet frames with uninitialized data, thus allowing remote attackers to obtain parts of memory which may contain sensitive information.
943689f13a94d8b3a143d68cf86a1f8f2fadbb9507737199b7abdf735e62255a
Secunia research has discovered a vulnerability in Novell NetMail, which can be exploited by malicious people to compromise a vulnerable system.
216a4b9cd6b475818d0fb2dad4209215db856a48bff8ed34e60241ff5c088664
phpWebSite versions less than and equal to 0.10.1 suffer from an SQL injection vulnerability in index.php.
4a17224794fb96c707bf1e776e3fc948d3164b1fc87356351132dc8690866429
Symantec Security Advisory - SYM05-018 - The remote exploitation of a format string overflow vulnerability in the Java user-interface authentication service, bpjava-msvc, running on VERITAS NetBackup servers and agents, could potentially allow remote attackers to execute arbitrary code on a targeted system with elevated privileges.
1cc31983e1c3e65574287c445af9190ef61cba27c7dbd6c1ee2f78bdf01b3cfa
ZDI-05-001: VERITAS NetBackup Remote Code Execution - This vulnerability allows remote attackers to execute arbitrary code on vulnerable NetBackup installations.
d5b278979fe2d177d5056d8919b4e0cd4ad1a78f4ac275fd64b33349cf7f0bc3
Sec-1 has identified an exploitable Buffer Overflow within the HTTP management interface of GFI MailSecurity 8.1. By sending large strings within several areas of the HTTP request (such as a large 'Host' or 'Accept' header) critical portions of memory are overwritten. Verification of this vulnerability can be achieved through the use of a HTTP fuzzer, such as @stake webproxy. Successful exploitation could allow an attacker to gain administrative control of the targeted host.
4300d283bb084186da283e56ddae0e40446b1e8a04f555832a86566d3489b5db
Ubuntu Security Notice USN-202-1 - Chris Evans discovered a buffer overflow in the RTF import module of KOffice. By tricking a user into opening a specially-crafted RTF file, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user.
f8b85ebd07bd53ffebda5ad4703f778252dea2abc1f22e9b5e7ecfec9dc290c5
Gentoo Linux Security Advisory GLSA 200510-11 - Applications setting the SSL_OP_MSIE_SSLV2_RSA_PADDING option (or the SSL_OP_ALL option, that implies it) can be forced by a third-party to fallback to the less secure SSL 2.0 protocol, even if both parties support the more secure SSL 3.0 or TLS 1.0 protocols. Versions less than 0.9.8-r1 are affected.
b39adf655de08fa9587a4bc8dc550a6a61431397950b1169b5ffcc9907b147fd
Secunia Security Advisory - Red Hat has issued an update for ruby. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
c86cff4366bd13017eb8565abfea0b2de35e562de5bc8864e505a324554642ba
Secunia Security Advisory - Debian has issued an update for xine-lib. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
05d8b672ac39274ac25423af53387b6a46dab86788289c04c811ef7e71b321a0
Secunia Security Advisory - Sun Microsystems has acknowledged a vulnerability in Solaris, which potentially can be exploited by malicious people to bypass certain security restrictions.
8215d87c847531b3004333746a2f775d99e095ce8d19c73058543e97b97b2601