Debian Security Advisory 1142-1 - Luigi Auriemma discovered missing boundary checks in freeciv, a clone of the well known Civilization game, which can be exploited by remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.
3d42aa7960767db336ac7b4f0d7ad8a2ccf7d98668ac1edfbed970e17d015d34Gentoo Linux Security Advisory GLSA 200608-06 - Courier MTA has fixed a security issue relating to usernames containing the = character, causing high CPU utilization. Versions less than 0.53.2 are affected.
77407145ead068fe7b13864c89b9a1b8ea45caada38db7d694083945bc88669fGentoo Linux Security Advisory GLSA 200608-05 - LibVNCServer fails to properly validate protocol types effectively letting users decide what protocol to use, such as Type 1 - None. LibVNCServer will accept this security type, even if it is not offered by the server. Versions less than 0.8.2 are affected.
b8027094c07d73eb934c47c720c628324a70575205894659b17247e7195ffa27Debian Security Advisory 1141-1 - Evgeny Legerov discovered that overly large comments can crash gnupg, the GNU privacy guard.
60492423670cc72491ef4a144ffb37a567152ba29329729d073774027fb0364bCounterChaos versions 0.48c and below suffer from a SQL injection vulnerability.
7d22c6f0743733ece01d752fb837aec0ec18480e46924e68f4564af01f6cfba0GaesteChaos versions 0.2 and below suffer from SQL injection and cross site scripting vulnerabilities.
a36e34100940cdbee2af6338e2e296e710c1feff3e0bdbaf4d0848299e5d6a7cGeheimChaos versions 0.5 and below suffer from multiple SQL injection vulnerabilities.
d9baf03f646f57e4942e51227a22dd2a1eaf50218900c569764890a1cfc4f21aStMichael is a LKM that attempts to provide a level of protection against kernel-module rootkits. StMichael is designed to be loaded early in the system boot process, and is intended to be present and running on its host system prior to the introduction of malicious kernel modules. StMichael provides this protection by monitoring various portions of the kernel, and optionally the entire kernel text itself, for modifications that may indicate the presence of a malicious kernel module. If rootkit-like activity is detected, StMichael will attempt to recover the kernel's integrity by rolling back the changes made to a previously known-good state.
adc3452e7d816d4e5d6ed1c7456dfebf7c3df08482f47ee327c38bfe49184643StMichael is a LKM that attempts to provide a level of protection against kernel-module rootkits. StMichael is designed to be loaded early in the system boot process, and is intended to be present and running on its host system prior to the introduction of malicious kernel modules. StMichael provides this protection by monitoring various portions of the kernel, and optionally the entire kernel text itself, for modifications that may indicate the presence of a malicious kernel module. If rootkit-like activity is detected, StMichael will attempt to recover the kernel's integrity by rolling back the changes made to a previously known-good state.
ff8ec12f68893b5afc4a6cec3000fa2633c142ce110705b622d4881cffa2bcf2Gentoo Linux Security Advisory GLSA 200608-04 - The Mozilla Foundation has reported numerous security vulnerabilities related to Mozilla Thunderbird. Versions less than 1.5.0.5 are affected.
10587b60759a1a52af713e59c08d1ef0744cd79bfcb5fd92866189370f6a5c8bZoneX version 1.0.3 suffers from a remote file inclusion vulnerability.
700a5d770b581d874d02eac500086494ff153dafce68947a30967d178408e55bGentoo Linux Security Advisory GLSA 200608-03 - The Mozilla Foundation has reported numerous security vulnerabilities related to Mozilla Firefox. Versions less than 1.5.0.5 are affected.
05ba9e712bae7bc80f109dd337e05d152c7c11d941d0eaaf1147c4bee05270f6HP Security Bulletin - A potential security vulnerability has been identified in the Xserver running on HP-UX. The vulnerability could be exploited by a local user to execute arbitrary code with the privileges of the Xserver.
bbb76e2c5fe43808f79b31fe18cac63ece8c8136c5f9a4fc547774bcde1f4bdfME Download System version 1.3 suffers from a remote file inclusion vulnerability.
879bdee0465e33cf33714288df0674e22a722e8e2c65252dda21016838d9dea5Gentoo Linux Security Advisory GLSA 200608-02 - The Mozilla Foundation has reported numerous security vulnerabilities related to Mozilla SeaMonkey. Versions less than 1.0.3 are affected.
259842a4b8fbc85db5a4243308a3449a1aa8498090053f3cadd726e83178e234Debian Security Advisory 1140-1 - Evgeny Legerov discovered that overly large comments can crash gnupg.
67ef169c0e8da82562eebcd0186705924d9a14f8afb370351b7a7727f0f1a827Debian Security Advisory 1139-1 - It was discovered that the interpreter for the Ruby language does not properly maintain "safe levels" for aliasing, directory accesses and regular expressions, which might lead to a bypass of security restrictions.
d7c0387fbe01d5c5bf8ef1a5cd20dcc99ffc162c6315d4230460c78a0927ba03Blog:CMS versions 4.1.0 and below suffer from a remote file inclusion flaw.
f548cb12dcabab82dcd48af1859f00f8bffe6f9b488c2fdd8bf62bf767423a3aDrupal security advisory DRUPAL-SA-2006-011: A malicious user can execute a cross site scripting attack by enticing someone to visit a Drupal site via a specially crafted link. Versions 4.6 and 4.7 are affected.
729acaa041bbcefdff3132971b083758ab50c3e1077bfab8676740ab791d7a63modernbill version 1.6 suffers from a remote file inclusion vulnerability.
475861446417c96f2150f29f2d56667fb36a52baeef58197de903a212e380151Toenda CMS versions 1.0.3 stable and below and version 1.1 suffer from a cross site scripting flaw.
67a5cade712def04ccfebab2481da14908fad9d5d04356821077ccb26a550e0bBrute forcing utility for pswd.js, a common client-side authentication program.
a74cc082a3dfa8b02ddefa49effca8a21773eb603eee3f70c14832ee111781efSendCard version 3.4.0 and below unauthorized administrative access and remote command execution exploit.
75ee26461b1a9743494527d1488013f8671b535012ea009d2b763768d441b763Ubuntu Security Notice USN-332-1 - Evgeny Legerov discovered that gnupg did not sufficiently check the validity of the comment and a control field. Specially crafted GPG data could cause a buffer overflow. This could be exploited to execute arbitrary code with the user's privileges if an attacker can trick an user into processing a malicious encrypted/signed document with gnupg.
6ee2044c87d8196115b9ed9cf39597199047605293f9b3fea86e4669ed913154Ubuntu Security Notice USN-331-1 - A Denial of service vulnerability was reported in iptables' SCTP conntrack module. On computers which use this iptables module, a remote attacker could expoit this to trigger a kernel crash. A buffer overflow has been discovered in the dvd_read_bca() function. By inserting a specially crafted DVD, USB stick, or similar automatically mounted removable device, a local user could crash the machine or potentially even execute arbitrary code with full root privileges. The ftdi_sio driver for serial USB ports did not limit the amount of pending data to be written. A local user could exploit this to drain all available kernel memory and thus render the system unusable.
eae3ee2029948e01fc677de366868c24f91540debde31f24e4f60c399dd3edb4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed