Gentoo Linux Security Advisory GLSA 200711-03 - Merrick Manalastas and Nicklous Roberts have discovered multiple vulnerabilities in the WebDAV and Reupload modules. Versions less than 2.2.3 are affected.
f857448a23e6195c33b2b0f3e69cb9bbfc03e823b58f162e265e8de4dec66f71
Gentoo Linux Security Advisory GLSA 200711-02 - Jan Pechanec discovered that OpenSSH uses a trusted X11 cookie when it cannot create an untrusted one. Versions less than 4.7 are affected.
ad1be1c610f7f1d9f29d591294e87e83ff9ac8007825b12f71a3bd6609587052
Gentoo Linux Security Advisory GLSA 200711-01 - Kalle Olavi Niemitalo discovered two boundary errors in fsplib code included in gFTP when processing overly long directory or file names. Versions less than 2.0.18-r6 are affected.
8a2ef2920d1f07e05f409cf149204b34926976dbee9b7aba9787649d209aa2c3
Mandriva Linux Security Advisory - Alin Rad Pop of Secunia Research discovered a vulnerability in CUPS that can be exploited by malicious individuals to execute arbitrary code. This flaw is due to a boundary error when processing IPP (Internet Printing Protocol) tags.
121c00fb89e4dd96694f3938fe2d88db5da8b48fac0aa6d3f9463197b53507a1
Two cross site scripting vulnerabilities have been discovered in the Blue coat ProxySG Management Console. Versions below 4.2.6.1 and 5.2.2.5 are susceptible.
3727cb9c34a1696c8c0b76accc01046338bd92bc0f1d21fd1d216fbf171502a4
Mandriva Linux Security Advisory - Tavis Ormandy discovered a heap overflow flaw during video-to-video copy operations in the Cirrus VGA extension code that is used in Xen. A malicious local administrator of a guest domain could potentially trigger this flaw and execute arbitrary code outside of the domain. Tavis Ormandy also discovered insufficient input validation leading to a heap overflow in the NE2000 network driver in Xen. If the driver is in use, a malicious local administrator of a guest domain could potentially trigger this flaw and execute arbitrary code outside of the domain. Steve Kemp found that xen-utils used insecure temporary files within the xenmon tool that could allow local users to truncate arbitrary files. Joris van Rantwijk discovered a flaw in Pygrub, which is used as a boot loader for guest domains. A malicious local administrator of a guest domain could create a carefully-crafted grub.conf file which could trigger the execution of arbitrary code outside of that domain.
9076c2c1e558f53249d3caac94be7f10d92bcf80c2427453260d6123d770d26b
Secunia Security Advisory - Some vulnerabilities with unknown impact have been reported in WORK system e-commerce.
02782ef4918397f353a537ed5c5c38c7856892d23a83fd24246162734e213cb6
Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
f997110fe65aec01b8210db4d5b7c6ac7a5ce100d7ae82a0550afb8c1e0d6219
Secunia Security Advisory - d3hydr8 has reported a vulnerability in CONTENTCustomizer, which can be exploited by malicious people to disclose sensitive information.
92db9a525e473fbcb80e45eace6c68942756b5fd371a58e8036f428b5a9a3be4
Secunia Security Advisory - A vulnerability has been reported in Novell BorderManager, which can be exploited by malicious people to compromise a vulnerable system.
14aea4506f373b158974b2c357eb3b879c684a3bb2acd6af1494d234b57c4769
Secunia Security Advisory - GoLd_M has discovered two vulnerabilities in ISPworker, which can be exploited by malicious people to disclose sensitive information.
573c1dcba1417906c949c4e992ac25842a5a9d29753d58e6bf40287894f4f5cd
Secunia Security Advisory - A security issue has been reported in IBM Tivoli Continuous Data Protection for Files, which can be exploited by malicious, local users to compromise other systems.
5b0955284cb46851a461bf530b08bd0310c0e97b4c5831b59f72e381fa3cdf28
Secunia Security Advisory - IBM has acknowledged a security issue in WebSphere Application Server Community Edition, which can be exploited by malicious people to bypass certain security restrictions.
cc04822f45f5f9c63e096462ae0a4a561f07484fa2414d3eb72afaa133ee8bb7
Secunia Security Advisory - A vulnerability has been acknowledged in Apache Geronimo, which can be exploited by malicious users to disclose potentially sensitive information.
47715c0f36b33ad04a4bf07a57862f43727d64d6486be0e437be318bdb6ba6d5
Secunia Security Advisory - A security issue has been reported in Apache Geronimo, which can be exploited by malicious people to bypass certain security restrictions.
6a14e8493fed1c8d7cd082df60c324a27548c99ea6f3c1a2b9a89c406a9261c0
Packet Storm new exploits for October, 2007.
9971b21df8c29771123e3f6f470e9828c3c78df98de4e0cab840815b9f4d9e6b
Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes a weakness, some security issues and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and malicious users and malicious people to bypass certain security restrictions.
5ceb16947d0de82ec08f72d029afd58a58df7fcda7a6c65be570a493832e1b37
Call for papers: Second International Workshop on Secure Software Engineering in conjunction with ARES 2008.
bf4e9a94a086b35a420c44db857e47d9850a9f87d4380e9ac8406abf24a5e77f
SEC Consult Security Advisory 20071101-0 - The SonicWALL SSL-VPN solution comes with various ActiveX Controls which allows users to access the VPN with Internet Explorer. These controls contain various vulnerabilities. Some details provided. Vulnerable versions include SonicWALL SSL-VPN 1.3.0.3, WebCacheCleaner ActiveX Control 1.3.0.3, and NeLaunchCtrl ActiveX Control 2.1.0.49.
b43c0aec3d769dbce9e0724d5a99830b17f328ef1c8aa8f7aaea4b93f308d5cd
Synergiser versions 1.2 RC1 and below suffer from local file inclusion and full path disclosure vulnerabilities.
30b88d672f425dc1bfef99169430c0dfc2b2901c45aecc3449e3d1888ee4cfc4
Secunia Security Advisory - Gentoo has issued an update for opera. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and to compromise a user's system.
99ef51b2fa7df221e13112275ad991f5a6254275d4e86a4103830472cf9438ef
Secunia Security Advisory - Secunia Research has discovered a vulnerability in McAfee E-Business Server, which can be exploited by malicious people to compromise a vulnerable system.
83c66bda5375aa896eb4ce57b473f5f9aa902dba6952252c6c19cf4f318b8b77
Secunia Security Advisory - Some vulnerabilities have been reported in the Hitachi Web Server, which can be exploited by malicious people to bypass certain security restrictions or conduct cross-site scripting attacks.
b1eaba6b0c761dcffe6feccfbe994aeeaba114987127a09d5287128f1332ce2c
Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Mozilla 1.7 for Sun Solaris, which potentially can be exploited by malicious people to compromise a user's system.
31aed2a6576c5522273132a3139d940032120fe76ad5c78a8a42618582173dda
Secunia Security Advisory - Gentoo has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
33af3c6f0d3f1e1c5945f4aa04cb9ab6b3cad497bb253d184ff4efca7123441b