Mandriva Linux Security Advisory MDKSA-2006-219-1 - GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216.
5c1c3a1aa46e6ec5047fe0c7bac640cae31a993d8472dad6d9b0a1e8ee9485e6
The network kernel extension com.apple.nke.pppoe that works concurrently with the pppd has a critical vulnerability that may lead to arbitrary code execution with system privileges. Affected product and versions include Mac OS X version 10.3.9, Mac OS X Server version 10.3.9, Mac OS X version 10.4.8, and Mac OS X Server version 10.4.8.
b5c605ccfbd217e21201254fd3af5f2ca285de19b1cb80c628719aa0964bce13
A remote buffer overflow vulnerability has been found in mod_tls module of ProFTPD server. The vulnerability could allow a remote un-authenticated attacker to gain root privileges. All versions including 1.3.0a are affected.
180db6a4b1b074c7ba9c0cbafa633c372cb43221e144a3f006a87b5cc1661238
Ubuntu Security Notice 387-1 - Dovecot was discovered to have an error when handling its index cache files. This error could be exploited by authenticated POP and IMAP users to cause a crash of the Dovecot server, or possibly to execute arbitrary code. Only servers using the non-default option "mmap_disable=yes" were vulnerable.
65853c23c7c8d92652e693162b76d16396cdf26d972f1d2c7edd4cc330ddd8b4
Ubuntu Security Notice 385-1 - Teemu Salmela discovered that tar still handled the deprecated GNUTYPE_NAMES record type. This record type could be used to create symlinks that would be followed while unpacking a tar archive. If a user or an automated system were tricked into unpacking a specially crafted tar file, arbitrary files could be overwritten with user privileges.
fcb3556bbcfb9517e7e5d4212b8cb38c4837e251a5cefd0301edcc4662dd0723
While fixing a bug reported by Hugh Warrington, a buffer overflow has been identified in all released GnuPG versions. The current versions 1.4.5 and 2.0.0 are affected. A small patch is provided.
16c01b2238c245fb4f9fc03e97f5aeb254dee53057a1c155fb1859213957cf2b
REMLAB is susceptible to an input validation vulnerability.
913ea89f58c285f876b67754a08df09a0228c61281f43a752af4e1872c33cdf5
Secunia Security Advisory - A vulnerability has been reported in KOffice, which can be exploited by malicious people to potentially compromise a user's system.
2ac389a66d0ead1eaecbc6a848752f1ed58342facf61bd800f6673d636af8aa4
Secunia Security Advisory - A vulnerability has been discovered in Safari, which can be exploited by malicious people to conduct phishing attacks.
a7b52d640c9f15f3794e613965172e867b8b31e2e6885c76fac25c5dfacddab8
Secunia Security Advisory - Eugene Teo has reported a vulnerability in the Linux Kernel, which potentially can be exploited by malicious, local users to gain escalated privileges.
bac7297bc2fe0f50a242f403fe082e4cb719254905a745980e45cdf0afe7aa81
Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in MailEnable, which can be exploited by malicious users to cause a DoS (Denial of service) or to compromise a vulnerable system.
95ae429ecae526dc918f26e61e8cc611eb5f805f463014f77a58ec49537b8068
Secunia Security Advisory - Ubuntu has isssued an update for gnupg. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
83a6faec8f92a409b9cda73ec8e8c422d811e1d0e33f68dea1095147923faf00
Secunia Security Advisory - Debian has issued an update for texinfo. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to potentially compromise a vulnerable system.
057cbecb623db729c895ab1aafb2e091b0b0c34d4f74808013fe3d167c017f9f
Secunia Security Advisory - A vulnerability with unknown impact has been reported in freePBX.
f7c379705ee067fa69d43c7cb77c8d83e304f11646f99f470badc1226922e6e6
Secunia Security Advisory - Fukumori has reported a vulnerability in Blogn, which can be exploited by malicious people to conduct cross-site scripting attacks.
54c93fee1889aad8b49588f01a2ca99469ceea6867af95bb8095f9fc235be44f
Secunia Security Advisory - Some bugs have been discovered in Adobe Reader and Adobe Acrobat, which may cause an included ActiveX control to crash.
444713d563e4b638afac878bc199aa104b892149862fb487a16a90795af88ca2
Secunia Security Advisory - A vulnerability has been reported in Kronolith, which can be exploited by malicious users to disclose sensitive information.
3bc9f8704bb6111630977f9f3b0c712b3587d628329e73ce83b48bea25ad9bfc
Secunia Security Advisory - Aria-Security Team have reported a vulnerability in fipsShop, which can be exploited by malicious people to conduct SQL injection attacks.
88f05cbb7983a7a3367521c59958c8ec6f9c3718c671d246289b9a137a7f83ef
Secunia Security Advisory - tarkus has discovered some vulnerabilities in b2evolution, which can be exploited by malicious people to conduct cross-site scripting attacks.
502517c717a4e40e17b99b5f3541ac6525717320ae383aa03d4c72cfa6f94996
Secunia Security Advisory - A vulnerability has been reported in Chama Cargo, which can be exploited by malicious people to conduct cross-site scripting attacks.
dd042c325a1eb6c5bc19a11c8526727ccb724657ca9221a13224971e6239cec1
Secunia Security Advisory - Gentoo has issued an update for mono. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
a8b968d8a37c793cce8f2a9e55095e3cdd12b01d3c91b46cccfcce76f40b0abf
Secunia Security Advisory - Gentoo has issued an update for lha. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
d65149e6876edc69bccc684be376b34025f2d39ae35066d2574bc9e62a87e848
Secunia Security Advisory - Ubuntu has issued an update for koffice. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
a4c72ec10c9560b629d3882fae43d703e4d684642b6eea48af6e65647930bc51
Mayhemic Labs Public Advisory MHL-2006-004 - MBoard does not check the Post ID for malicious data when replying, allowing an attacker to create blank files on the system wherever the web server has write access. Versions 1.22 and below are affected.
dc3792e64bd8c279e0c5bc8ef1dbd4d1d6abe41cce79d600cbf424d8b5ea242f
Debian Security Advisory 1219-1 - The GNU texinfo package has been found susceptible to insecure file handling and buffer overflow flaws.
4641c059f7cc2e1ddd3c601d1259afa8745596943b067163250cb62775f3a5a0