Call for papers for WORM 2005, the 3rd Workshop on Rapid Malcode. Submissions are due by June 23rd, 2005.
ce06ad691b6f58f4a13eaecd6e5934f34deb492bb31514677f016e6bfb106cdc
Rule Set Based Access Control (RSBAC) is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) and provides a flexible system of access control implemented with the help of a kernel patch. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.
968f48b825a3de78d395db6f9f9503f25783a06bf5fe4c85ade530ad03b7272c
Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to overwrite or delete arbitrary files on a vulnerable system.
5497d544e2202cd6075a1a5f7ff931a55d1efe78f0c25f64514e070f4c0bd641
Debian Security Advisory 690-1 - Bastian Blank found a vulnerability in bsmtpd, a batched SMTP mailer for sendmail and postfix. Unsanitized addresses can cause the execution of arbitrary commands during alleged mail delivery.
b0b1a17b1af7846374d350b779527284f2f36c713156f3fd3b1ab100b1f0ecf3
By sending a file with parenthesis in it to another GAIM user, you can cause their client to crash and completely close GAIM down.
0b8a25fa28658e8a92e8acd0c39aa0846a6d979482aca7fdd97872679f2760e3
Improper handling of several arguments in the moderate.php code in punbb version 1.2.1 allows a malicious moderator to inject arbitrary SQL statements.
6bdc9357ff20bb7f7303ff83fef6913311150b993239cb8d7c76abff375397bd
Due to a flaw in punbb version 1.2.1, a remote attacker without an account can set the password of any user on the system to NULL, effectively shutting them out of the system.
3034c8b9bfd452eee66b4d3131399bf4eb4662a52606ffdf7b798f4fc2a8493f
A remote attacker can cause register.php punbb version 1.2.1 to execute arbitrary SQL statements by supplying malicious values to the language or email parameters.
50193fa1b4c0adde13ec79fb65995c4f0740db19db311771e4c52fb259438b50