Symark PowerBroker Security Advisory - A vulnerability has been identified in Symark's PowerBroker suite that allows an attacker with local access to gain root access. Versions up to and including 5.0.1 are vulnerable.
7e0dfcf5434f53f7e134968251b4c19caab838f2992a8c96788c2a68bb04dc83
The original MS07-012 patch was released to fix an issue in the MFC library MFC42u.dll. The issue was the result of MS not taking into account that a TCHAR string is actually twice as big as its CHAR counterparts. To fix this, the patch readjusted the nMaxCount variable to half of its original value in the GetMenuStringW(...) call. Unfortunately, GetMenuStringW will null terminate a long string at the end adding two additional characters to the string. This gives a returned string of (nMaxCount*2) + 2 bytes in size.
229df323f7ae912131f8b18d0576e890935561607c6f835f862cb2b52d911c7b
Multiple cross site scripting, filter bypass, and information disclosure vulnerabilities exist in the F5 FirePass SSL VPN.
cfb632bcc5ccc99300621cc90d6e8b25bfe1bfc7b2cc289fe2ff92c0abb09b72
The Barracuda Spam Firewalls from versions 3.3.01.001 through 3.3.02.053 are vulnerable to arbitrary file disclosure via the preview_email.cgi script.
8363029dcc673fedc8a62cebf430f37662f1cabb8e3673ab097dc0ee0fc14f0d
The Barracuda Spam Firewalls from versions 3.3.01.001 through 3.3.02.053 have a hardcoded password for the guest account in the Login.pm script.
a3fcc3dd2bedb5c6af2f3a9c0ba005f5a2e6ef2c19975142dd9f1d41ab2e55cb