It is possible to crash Ventrilo 2.3.0 by sending a malformed status packet.
6cb018997e473aaa91fd732430eed0e401f4cd1feee78f164f7540daf14e6263
Secunia Security Advisory - Phuket has discovered some vulnerabilities in PHPKit, which can be exploited by malicious people to conduct SQL injection attacks.
d82f266f336a74620fb5e0beb194c3a5184abbbc6196aca3831ddab467dc340b
Secunia Security Advisory - Ubuntu has issued an update for libpcre3. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
ff26acd3f887f68ec0a47bcc150cfaf7e28cf56ecefd9c186d683ce6fe3af904
Secunia Security Advisory - Red Hat has issued an update for elm. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
3e08750339bfda75bf38c6c8de95a2442dfb29828bcaf345f66061158c428530
A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions. Specially crafted regular expressions triggered a buffer overflow. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the application using the library.
90dedc2182e9f13fe60b58ffaaf6d0166a5497e077ce7855d8e3d7e2c6b8fd3b
Gentoo Linux Security Advisory GLSA 200508-12 - Ulf Harnhammar discovered that Evolution is vulnerable to format string bugs when viewing attached vCards and when displaying contact information from remote LDAP servers or task list data from remote servers (CVE-2005-2549). He also discovered that Evolution fails to handle special calendar entries if the user switches to the Calendars tab (CVE-2005-2550). Versions less than 2.2.3-r3 are affected.
c3c0a5ca715423ba57ad0ed3bb8e8b0cddf7444a0020c4349015ede584102d19
Javier Fernandez-Sanguino Pena noticed that the pwmconfig script created temporary files in an insecure manner. This could allow a symlink attack to create or overwrite arbitrary files with full root privileges since pwmconfig is usually executed by root.
376f85a08e46d04bd581a85bbc2d275ce2e2f13f3f55865875c59d8ef2fb241f
Debian Security Advisory DSA 782-1 - Due to missing input sanitization in the bluez-utils package, it is possible for an attacker to execute arbitrary commands supplied as the device name from the remote device.
fb543879e70119f5254b5ca8165f6a8b1c313acc9fee8d0bba01a49d6da69e9c
dsidentity on Apple OS X 10.4 allows any user on the system to add accounts to Directory Services.
9a589fe2fcf5a4e2c8797a0b1bd8fe9ec95ad4366d0ccffadf8656195041becd
During a recent internal audit, CA discovered several vulnerability issues in the CA Message Queuing (CAM / CAFT) software. CA has made patches available for all affected users. These vulnerabilities affect all versions of the CA Message Queuing software prior to v1.07 Build 220_13 and v1.11 Build 29_13 on the platforms specified below.
d5bbb6c6ef69369d57bffbc7b601ba4afb4ce1009bb13cdc9ffd06f706f43207
Cisco Security Advisory: Cisco Intrusion Prevention Systems (IPS) are a family of network security devices that provide network based threat prevention services. A user with OPERATOR or VIEWER access privileges may be able to exploit a vulnerability in the command line processing (CLI) logic to gain full administrative control of the IPS device. Vulnerable Products: Cisco Intrusion Prevention System version 5.0(1) and 5.0(2).
4c94afaddf19c9eb20203fe958a6da48230347365872adb7c394201d86b31f03
Cisco Security Advisory: A malicious attacker may be able to spoof a Cisco Intrusion Detection Sensor (IDS), or Cisco Intrusion Prevention System (IPS) by exploiting a vulnerability in the SSL certificate checking functionality in IDSMC and Secmon. Vulnerable Products: IDSMC version 2.0 and version 2.1. CiscoWorks Monitoring Center for Security (Security Monitor or Secmon) version 1.1 through version 2.0 and version 2.1.
a5385d17f8941372698a734b6a53fcd1a3048bb8c2bcf8f5600a8287611824d4
It is possible to remotely spoof the Microsoft Internet Information Server 5.0, 5.1 and 6.0 SERVER_NAME variable by doing a modified HTTP request. This allows for the revealing of sensitive ASP code through the IIS 500-100.asp error page.
9265062b769c12c9797d72a61a3d47995803db86c2d1079cb92eaf33f0bc6113
Traceroute and ping suffer from buffer overflows and a user spoofing vulnerability exists in Mac OS X versions up to 10.3.9 and 10.4.2.
ee042c25fc12d8e97cbd7e655a28d07129f44192331cb3d7682b49791c571b91
Debian Security Advisory DSA 780-1 - A bug has been discovered in the font handling code in xpdf, which is also present in kpdf, the PDF viewer for KDE. A specially crafted PDF file could cause infinite resource consumption, in terms of both CPU and disk space.
ce6384e72221bfe424ed552304717cf159ac00f8e1405d6926e72bc9d892ac06
Debian Security Advisory DSA 779-1 - Several problems have been discovered in Mozilla Firefox, a lightweight web browser based on Mozilla.
509c3a848c567a6d3fa6ef5cceee0837f1aca869dc269e3704521d3917a85261
Elm versions 2.5 PL5 through PL7 suffer from a remotely exploitable buffer overflow when parsing the Expires header of an e-mail message. Patch Included.
a0048706263ba22986c98fc1ac407ea2c9fe958fe2e09c38222c4cd1ea0a4505
End users can bypass the mandatory installation of the Cisco Clean Access Agent by changing the User-Agent string of their browser. This allows them to connect to the network without the host-based checks being run. If configured, remote checks are still run. Versions affected: This works in at least 3.5.3.1 and 3.5.4.
dfbfb8c209ba68e8a2cde2af75fd0af1b5df01de4618948be2c9d2437020a94b
Ubuntu Security Notice USN-170-1 - Serge Mister and Robert Zuccherato discovered a weakness of the symmetrical encryption algorithm of gnupg. When decrypting a message, gnupg uses a feature called 'quick scan'; this can quickly check whether the key that is used for decryption is (probably) the right one, so that wrong keys can be determined quickly without decrypting the whole message.
316285c5e7f8da83ca9ff2f4241d200e0ee398d878390031e94125fecbe5ba34
Debian Security Advisory DSA 778-1 - Two security related problems have been discovered in Mantis, a web-based bug tracking system. The bugs related to arbitrary HTML and SQL injection flaws.
66399fa36baef0dcd20bb6617eaab029be6ba7317c605800b6806bbc09cceee5
Gentoo Linux Security Advisory GLSA 200508-11 - A buffer overflow has been reported within a core application plug-in, which is part of Adobe Reader. Versions less than 7.0.1.1 are affected.
800cdc7844284ff08d581c460b2eb7a0d29fe49cbfecaface8aca3efbd6d6a37
Ubuntu Security Notice USN-169-1 - Ubuntu has released a kernel update for over a half dozen vulnerabilities in linux-source-2.6.10.
5cd2d578e4b7d2e227646dbfc111a595499f5221319dc24028ffa0c15ec23991
Gentoo Linux Security Advisory GLSA 200508-10 - Kismet is vulnerable to a heap overflow when handling pcap captures and to an integer underflow in the CDP protocol dissector. Versions less than 2005.08.1 are affected.
0e3fa2762fdbc60f882db944357ae0a917d405f887d5a1d29def503aefb9f148
Secunia Security Advisory - Secunia Research has discovered a vulnerability in various HAURI anti-virus products, which can be exploited by malicious people to write files to arbitrary directories.
811f38e7e422bc3f7ecfef6f11b8c129189a96ac25d6449e4c9638372b0b9f43
Secunia Security Advisory - Roger Dingledine has reported a vulnerability in Tor, which potentially can be exploited by malicious people to disclose or modify certain sensitive information.
7b99e1119b2ee39d8b01982687d8c6519b86d35d4f6a622fef47cac19b6012ab