Ubuntu Security Notice 581-1 - It was discovered that PCRE did not correctly handle very long strings containing UTF8 sequences. In certain situations, an attacker could exploit applications linked against PCRE by tricking a user or automated system in processing a malicious regular expression leading to a denial of service or possibly arbitrary code execution.
5d4d28d71aa4196dfa553f35b8d5f246c6709cc8f02570229ae7a03326162b71
Gentoo Linux Security Advisory GLSA 200802-09 - An integer overflow has been reported in the cli_scanpe() function in file libclamav/pe.c (CVE-2008-0318). Another unspecified vulnerability has been reported in file libclamav/mew.c (CVE-2008-0728). Versions less than 0.92.1 are affected.
3e3fc3298d336111117cb9c591a0cf4913c8f3d65d8884515732f489c503c3af
Debian Security Advisory 1501-1 - Tobias Gruetzmacher discovered that a Debian-provided CRON script in dspam, a statistical spam filter, included a database password on the command line when using the MySQL backend. This allowed a local attacker to read the contents of the dspam database, such as emails.
83c513ad520fd2159e715aeb3ec2e2bc13585a139d2efadad7d9d06c9d0156c1
Debian Security Advisory 1500-1 - Mike Ashton discovered that splitvt, a utility to run two programs in a split screen, did not drop group privileges prior to executing 'xprop'. This could allow any local user to gain the privileges of group utmp.
114ea5757e00b541b0d215690282a991b4b37f238ae60441cafb8b9abd16b2c9
The PHP-Nuke NukeC module version 2.1 suffers from a remote SQL injection vulnerability.
a27a60b9bf8b52bcd30a211ae04307d7f8c4c49fc6d02249b2e00a9190485acb
VMware Security Advisory - This patch fixes a flaw in how the aacraid SCSI driver checked IOCTL command permissions. This flaw might allow a local user on the service console to cause a denial of service or gain privileges. Alin Rad Pop of Secunia Research found a stack buffer overflow flaw in the way Samba authenticates remote users. A remote unauthenticated user could trigger this flaw to cause the Samba server to crash or to execute arbitrary code with the permissions of the Samba server. Chris Evans of the Google security research team discovered an integer overflow issue with the way Python's Perl-Compatible Regular Expression (PCRE) module handled certain regular expressions. If a Python application used the PCRE module to compile and execute untrusted regular expressions, it might be possible to cause the application to crash, or to execute arbitrary code with the privileges of the Python interpreter.
af87f71c42e6aa0e473a56dc13773e081ca262c64e1a2f396e37c8aeff184654
Test program that reads chip and PIN credit cards using the ENV standard. This will most likely be integrated into RFIDIOt in the future.
20b53eb58d591db2ef8bb38ff3e67340c1adf0d38ec1d3911920f448bd3f4e8d
Os-sim versions 0.99rc5 and below suffer from SQL injection and cross site scripting vulnerabilities.
ae879ef650e4cf8dad9b1f29043362efdc9e1aa632b8ff245a8e5768b71e280c
Secunia Security Advisory - A vulnerability and a weakness have been discovered in PunBB, which can be exploited by malicious users to manipulate data and by malicious people to conduct cross-site scripting attacks.
18a2c590af4cd7f6bdf2c81f1511c1ae43e92cc3b117c99814cc76a33b90ae61
Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Sybase MobiLink, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
0f90a08f7ef4638d1bbd8b0428a5c924c236e7eb809f167acc8bacd437ee17c6
The XOOPS tinyevent-print module suffers from a remote SQL injection vulnerability.
e03b3583082375167ea461584f6aa1923acbefbed3e6780dda87db4d45eb7e1a
The PHP-Nuke Downloads module suffers from a remote SQL injection vulnerability.
ff5269649e7624bb8b06c716a52bbe45eb73f2a3f4b797eb2526a0eb04e17c9c
The PHP-Nuke genaral print module suffers from a remote SQL injection vulnerability.
00f9460dd6966147ea5d2c8e1f9e7bf0ab905d554170ffe4e1e6645426ee2ab5
The PHP-Nuke Classifieds module suffers from a remote SQL injection vulnerability.
e5df2fdc46dfb3ccaf75d9ff9c8049a7ede04b9cc881cdec72c609b5ded9d75a
The XOOPS prayerlist module suffers from a remote SQL injection vulnerability.
06182cf055d43c88e971b134f580eefd10da716a55019a800902b1bc9fccc7f3
The PHP-Nuke BenchmarkNewsInjection module suffers from a remote SQL injection vulnerability.
a29133a66abbce65924feee545e5198286f021a3a2d918b601ac48e96b507cf2
The PHP-Nuke Dossiers module suffers from a remote SQL injection vulnerability.
910dfe8996c962b30546557c2b03adaf25e5d3d0fd9e43ee74c06e46e61d9960
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
8428e3bec07e11942ba74656c6c79289542270d6cc6c39ae6e047259107e1950
Ubuntu Security Notice 580-1 - Devon Miller discovered that the iso-info and cd-info tools did not properly perform bounds checking. If a user were tricked into using these tools with a crafted iso image, an attacker could cause a denial of service via a core dump, and possibly execute arbitrary code.
9e4b0a9dc13824192aa65c5fa9427e583bb4a29fe5b549c6b485588ed33ff8eb
Ubuntu Security Notice 579-1 - It was discovered that QSslSocket did not properly verify SSL certificates. A remote attacker may be able to trick applications using QSslSocket into accepting invalid SSL certificates.
3579c00055d6f9b733cef375436b246bb5146f214d0a228e144cf30ba520a61e
BeContent version 031 suffers from a remote SQL injection vulnerability.
e0dd8a28780a1717ebcfed60e8917e6b2a8773816dfdf319496f04f9ec7c7e98
The Joomla com_joomlavvz component suffers from a remote SQL injection vulnerability.
2918f9317bdeeed81578da7c0663b2f09ac7f230a085c565b0550845cc4aef19
The Joomla com_mygallery component suffers from a remote SQL injection vulnerability.
dab27ddbfd29b2fb15e2e51ea168f70bd09e5c0e5de9253c36971a6630f6212d
The Joomla com_idvnews component suffers from a remote SQL injection vulnerability.
f97694b941ccabd240fc09d56a9972580ac5a68fda5ac08ff1c1f8249fc07673
The Joomla com_asortyment component suffers from a remote SQL injection vulnerability in the katid variable.
505d19a5671b10c1e3989e346b459d36a06d59521cc11e0be1161dd7c73ca173