Secunia Security Advisory - Ubuntu has issued an update for unzip. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
71fe9d63b6449271320a94b8f09282c8938f874d3b9eda9d32f9421f45679d67
Secunia Security Advisory - Debian has issued an update for asterisk. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
ced2485e3154a00d31e3cb04d6cc3f72f78ae0a97792dc209d120d65cda1f470
Secunia Security Advisory - CERT/CC has reported a security issue in Windows Vista, which can be exploited by malicious people to bypass certain security settings.
897e8b43199cc7b54d88fc6f1bc703a07e2f367b9e6587d09d038a54b7217341
GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.
a0e77b76bd413d07c5bab23e98d63c98222a52197686abcf36b9eec50fef115b
ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
3289fff009448b23ae5a1a23ef532cf71037575a42ae74e17ce860cba118e657
GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
01a6114fa008aabd4c84b5eb4af2b43ecb2816c9a7e5408de54d5507d0bf83ab
ASUS Remote Control versions 2.0.0.24 and below suffer from a remote buffer overflow vulnerability.
dc80f62023f695e8c06c7fdf434d7deaba7e5deafa606f669de15eb02669e9fc
Secunia Security Advisory - A vulnerability has been reported in AirPort Extreme Base Station, which can be exploited by malicious people to cause a DoS (Denial of Service).
b30b94441a115e9eb394cc62c54edfa3b6009a6a4f6e1f9ebbb5626d6b090f89
Webutil.pl versions 2.3 and 2.7 suffer from remote code execution vulnerabilities.
c5480ecb2c2e6b5afd5d7d4f2cbe0723dc2c54eefd92ed74626ef8b7ef0be42e
PHP versions 5.2.5 and below suffer from a *printf() functions integer overflow vulnerability.
cc39a63d74c0c0a7f0114003041d88c52816eba258f5f59908c21105896c2750
DotNetNuke versions 4.8.1 and below suffer from a default machine key exposure vulnerability.
bb0ab19943bdf9c2c626b421e41ce0aa88702b0bb3613f15c6569eed9522f41c
Internet Explorer 7 allows the overwrite of headers such as Content-Length, Host and Referer, exposing the browser to HTTP request splitting attacks.
eaea3131591bfb6ccae35e2fe3c39290b35d6c49dc952d056d4a2a8909089880
Internet Explorer 7 allows the setting of header "Transfer Encoding: chunked" in setRequestHeader exposing the browser to HTTP request splitting/smuggling attacks.
27996f8ad05851a84e1ef28e49b50bfdf6fdaa29d8a9736f6f788a883dbc9cff
Secunia Security Advisory - A vulnerability has been reported in the Speedport W500 router, which can be exploited by malicious people to disclose potentially sensitive information.
2395dcdaf6267f88cc1136bf922e2ec12d974d30a555d2408b3edd1faf31559a
WowRoster versions 1.7.3 and below suffer from a SQL injection vulnerability that appears non-critical.
195c7a4928b45523b68b0cd22370be734eae569074e75fef3c47007a3d241429
A remote vanilla stack overflow vulnerability exists in the Surgemail IMAP server. The vulnerability is caused due to a boundary error in the IMAP server, when processing overly long arguments of the 'LSUB' command. The vulnerability results in a simple stack overflow condition that can be trivially exploited.
6caf1134a18b78d821475643125ddbaac4ab936cf127a25b6b9b7c01c6c4eaf2
CanSecWest 2008 announces the PWN2OWN contest where vanilla installs of Ubuntu, Vista, and OSX will be hacked. The winners get to keep the machines!
9ac602d437769611a6cd453abcad60353eecba8464cff4589fc8295a27ca9ff0
Microsoft Office Excel code execution exploit that makes use of the vulnerability noted in MS08-014.
a2605022d047e1bf3cbeaee33d181ccc7599126b5df19c8aa6f5553c70893259
D.E. Classifieds suffers from a remote SQL injection vulnerability.
d16175c189609eae26ea7057a4c88d3b4bf482e9f2b6e68d4363dbcff06f080f
The RunCMS Photo module version 3.02 suffers from a remote SQL injection vulnerability.
58ca9d0fe6bad67cdef9117db51d932abf8729f978089930b7130be7afa5ca88
phpAddressBook version 2.11 suffers from multiple local file inclusion vulnerabilities.
fe5a76983d7eba3c136a4cc15a5bc464e4a03c9137dd06ef33fbcf49c8dbde43
Secunia Security Advisory - meathive has reported a vulnerability in Linksys WRT54G, which can be exploited by malicious people to bypass certain security restrictions.
4e29b706a8adae48473977e82fa7bc437c475df8d77d3118fafa7fbea4535641
Secunia Security Advisory - A vulnerability has been reported in Namazu, which can be exploited by malicious people to conduct cross-site scripting attacks.
ba73c1faa82a980fb4b8918ddf7fb6d70332ee9fc713e0fca12954914d89dbcf
Secunia Security Advisory - Some vulnerabilities have been discovered in Piczo Image Uploader ActiveX control, which can be exploited by malicious people to compromise a user's system.
66cc3d4db98bdfd537a38884fc069ec8cf59224e0e2ebc8507b67d254e477cd2
Secunia Security Advisory - cocoruder has reported some vulnerabilities in Adobe Flash, which can be exploited by malicious people to compromise a user's system.
4345a4ae36997216bd66c566588114c2209e2b58122a211b203c9452162472be