Debian Linux Security Advisory 1968-2 - It was discovered that pdns-recursor, the PowerDNS recursive name server, contains a cache poisoning vulnerability which may allow attackers to trick the server into serving incorrect DNS data (CVE-2009-4010).
93b6b97cd2634967ebb166c497f5c1a22c83bd152b29b000215698efced07d33
CemaListe version 2.3 suffers from a database disclosure vulnerability.
b8f476942015811c66175820d0a874067ef719cab7d74de5eb8eafde41bdbb06
AIC Audio Player version 1.4.1.587 local crash denial of service proof of concept exploit.
df91cc1caa418503b13875a547bbf58abed9b4e04aab9a8a481c8f3325956c8d
Ubuntu Security Notice 892-1 - Ronald Volgers discovered that FUSE did not correctly check mount locations. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service.
5581a265cff9e48cb846db4f05ccabfbf475feae6e20f5fcdcf3c5431ea5d7f9
PHP Product Catalog suffers from a cross site request forgery vulnerability.
9769bffb52f222f91f048681493b1c29d48568c80a898eed4abdfaae45f40e72
Debian Linux Security Advisory 1981-2 - The latest DSA for maildrop introduced two regressions. The maildrop program stopped working when invoked as a non-root user, such as with postfix. Also, the lenny version dropped a dependency on the courier-authlib package.
dc9c10eff52a098653f18750b581e99e43503d6ad0570f552ec380e620ccc7c0
The Joomla JE Quiz component suffers from a remote blind SQL injection vulnerability.
80bd3f60d046c4a4da88ad8aa2880ad5021d1446ea22572ed29077acb22ef4ee
XAMPP versions 1.6.8 and below suffer from cross site request forgery, cross site scripting, path disclosure, remote SQL injection and directory traversal vulnerabilities.
98714ff1d8ab1f70017793ae6fa8f89b89eaac83f325a07dcb0b841989499dc1
The Joomla CCNewsLetter component suffers from a local file inclusion vulnerability.
8205aafae6fb9908758492ca1682ef185cf657044b9c44bc6bc25c92ad159ac2
Ubuntu Security Notice 893-1 - Ronald Volgers discovered that the mount.cifs utility, when installed as a setuid program, suffered from a race condition when verifying user permissions. A local attacker could trick samba into mounting over arbitrary locations, leading to a root privilege escalation.
8d54a9e51f6d12da9bd39ed796b2aaa76b4912fadf7decc1dd8b8445217bea71
The Joomla CCNewsLetter component suffers from a directory traversal vulnerability.
1d80a9f391adbef7da3c5f3e510bd73fa389fe51777bbfa87a607fbf301da5a9
Rising AntiVirus 2008 through 2010 local privilege escalation proof of concept exploit.
04d2f1d6930f5971e2ae3032f9012bb0aeb7a4fc678e4f2504cd8ea513cb394d
CommonSpot Server suffers from a cross site scripting vulnerability.
df67dfe5debcbb27e0fef223695bfa6598ccdaa78f99196c76f1ec8693d28f42
Debian Linux Security Advisory 1981-1 - Christoph Anton Mitterer discovered that maildrop, a mail delivery agent with filtering abilities, is prone to a privilege escalation issue that grants a user root group privileges.
686b60a76e096bbcfb68030abfcf145851da868baad7fac2177dd1c60e8131f0
Arraid version 1. suffers from an insecure cookie handling vulnerability.
cd96dc8355a696490e8c079a19c7618886a205c4398efcd4cc36f41cb623e81e
The Joomla jVideoDirect component version 1.1 RC3b suffers from a remote blind SQL injection vulnerability.
e24db250aa34f2166086725ee102a72db226d14eed35d975837e36ac0f66fae9
The Joomla CCNewsLetter component suffers from a remote SQL injection vulnerability.
b7d58f293411f7c47e5123ba2fafde7743db507590b98ccc168969284c4db663
Ubuntu Security Notice 891-1 - It was discovered that lintian did not correctly validate certain filenames when processing input. If a user or an automated system were tricked into running lintian on a specially crafted set of files, a remote attacker could execute arbitrary code with user privileges.
4003b484d84f814534861d3711d43ca466e33ec2d8c8d4118de59a8ba205ab58
fipsForum version 2.6 suffers from a database disclosure vulnerability.
18c9777ddbd274ff077e7ee941ac742df9fe585e709048e4016e0a5ee055f5fe
The Joomla Autartitarot component suffers from a directory traversal vulnerability.
9da52e396a9d381586a2d8a9fa9d8dafb623a2cb8a0d3e3d9b8191059b94614f
phpBB version 2.0.1 suffers from a cross site scripting vulnerability.
895ceb3611b49cbf692d9eb4a56bfd05510ac7c22df141395622bd38bed3ff06
NovaBoard version 1.1.2 suffers from a remote SQL injection vulnerability.
f1855c117858b59ca361d6858975ac70417aa29475b41a84336fd26cb65b6316
LandShop suffers from a cross site scripting vulnerability.
c9f90c560b3fac0a0db362eabfdc48413c34e1637d138f2e1522f8609f55c09b
Debian Linux Security Advisory 1980-1 - David Leadbeater discovered an integer underflow that could be triggered via the LINKS command and can lead to a denial of service or the execution of arbitrary code (CVE-2009-4016). This issue affects both, ircd-hybrid and ircd-ratbox.
0a6ecd8132d5653e5359b9dd2ff6f80c30c048776ddc6919626b811351537118
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
9fcb24f86157541c2f17cc8a0cc1e5d15d909b51720d163fcad5faaa6201b0ba