Secunia Security Advisory - A vulnerability has been reported in Solaris, which can be exploited by malicious people to compromise a vulnerable system.
ba80317acf61549fa1ba000763d23a0b403e62a851d7b8982c39e7b4813ade85
Secunia Security Advisory - Secunia Research has discovered a vulnerability in SqWebMail, which can be exploited by malicious people to conduct script insertion attacks.
1ad053470b349dca87c34c886082a6857433975098d4c7f2896b06ee6da88f8a
Secunia Security Advisory - Kozan has discovered a security issue in ZipTorrent, which can be exploited by malicious, local users to disclose certain sensitive information.
4d48c1e0c6bda910f36c4a4f4538715c96741e8f9e61abf28ba30f4eecb14098
Secunia Security Advisory - Gentoo has issued an update for PEAR-XML_RPC / phpxmlrpc. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
c68ae5c73bb3484b7d9a6f3d08949b59a5b64664207be7b60d3c6fd83f8d4c33
Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Ventrilo Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
3a6a5f37464a1d1adb76953ca8d0ace59ac4b5ce50b67a2d15eaef0f1f41c098
Secunia Security Advisory - Sowhat has reported a vulnerability in LeapFTP, which potentially can be exploited by malicious people to compromise a vulnerable system.
40c69fba7968cfedf6c107d143706e5d036148efe09574b77c7b9b0bc0fe851c
Secunia Security Advisory - Josh Bressers has reported a security issue in cvs, which potentially can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
a6fb98cdc04d87513dd38a94e07cfc54b32a41c483aa656414252fbdaa67bf8a
Secunia Security Advisory - Fedora has issued an update for cvs. This fixes a security issue, which potentially can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
605564b0003d332ce1331e5784014d8ae937568029ad6fe3ac5d1bc08d44a5e3
Secunia Security Advisory - Igor Franchuk has discovered a weakness in Microsoft Windows, which can be exploited to hide certain information.
81b756e68c6cc1b3f60c7a0ba5571b9b6c6b822b2fb3bc6c998c068642f8f83a
Gentoo Linux Security Advisory GLSA 200508-13 - Stefan Esser of the Hardened-PHP Project discovered that the PEAR XML-RPC and phpxmlrpc libraries were improperly handling XMLRPC requests and responses with malformed nested tags. Versions less than 1.4.0 are affected.
b392e04daac6a3131a159750ecf6640f104e46dc1e949490958e28588b03b917
Debian Security Advisory DSA 783-1 Eric Romang discovered a temporary file vulnerability in a script accompanied with MySQL, a popular database, that allows an attacker to execute arbitrary SQL commands when the server is installed or updated.
0bdaf61278be5abca20b301dac437ae4001a24bd0b9e600a1bd8632d16a251e8
Exploit for the Ventrilo 2.3.0 malformed status packet vulnerability.
ad0ab9cf0589c79a21541d14896eedcac439df6ebd2f779645049f293aea60c1
It is possible to crash Ventrilo 2.3.0 by sending a malformed status packet.
6cb018997e473aaa91fd732430eed0e401f4cd1feee78f164f7540daf14e6263
This Metasploit module uses a vulnerability in the Solaris line printer daemon to delete arbitrary files on an affected system. This can be used to exploit the rpc.walld format string flaw, the missing krb5.conf authentication bypass, or simple delete system files. Tested on Solaris 2.6, 7, 8, 9, and 10.
3865e92d6319da6652ab4c7ed8c01bd18db40efa2f58d0e789c6a8a79b4fb63d
Secunia Security Advisory - Phuket has discovered some vulnerabilities in PHPKit, which can be exploited by malicious people to conduct SQL injection attacks.
d82f266f336a74620fb5e0beb194c3a5184abbbc6196aca3831ddab467dc340b
Secunia Security Advisory - Ubuntu has issued an update for libpcre3. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
ff26acd3f887f68ec0a47bcc150cfaf7e28cf56ecefd9c186d683ce6fe3af904
Secunia Security Advisory - Red Hat has issued an update for elm. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
3e08750339bfda75bf38c6c8de95a2442dfb29828bcaf345f66061158c428530
A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions. Specially crafted regular expressions triggered a buffer overflow. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the application using the library.
90dedc2182e9f13fe60b58ffaaf6d0166a5497e077ce7855d8e3d7e2c6b8fd3b
Gentoo Linux Security Advisory GLSA 200508-12 - Ulf Harnhammar discovered that Evolution is vulnerable to format string bugs when viewing attached vCards and when displaying contact information from remote LDAP servers or task list data from remote servers (CVE-2005-2549). He also discovered that Evolution fails to handle special calendar entries if the user switches to the Calendars tab (CVE-2005-2550). Versions less than 2.2.3-r3 are affected.
c3c0a5ca715423ba57ad0ed3bb8e8b0cddf7444a0020c4349015ede584102d19
Javier Fernandez-Sanguino Pena noticed that the pwmconfig script created temporary files in an insecure manner. This could allow a symlink attack to create or overwrite arbitrary files with full root privileges since pwmconfig is usually executed by root.
376f85a08e46d04bd581a85bbc2d275ce2e2f13f3f55865875c59d8ef2fb241f
ZipTorrent stores proxy server information and password in X:\\[Program_Files_Path]\[ZipTorrent_Path]\pref.txt in plain text. A local user can read passwords and others.
f17cbabb6214be4b1a15c231b17cecd4ba1bdd923fb0449fab9505b53fb8a0da
Mercora IMRadio 4.0.0.0 stores username and passwords in the Windows Registry in plain text. A local user can read the values.
baac3f4238dc50049d9fc04fadf14b5bfe96c656f5abe232e2c22c30f47da2d1
A dictionary based Oracle password checker. This is a useful and fast (150.000 pw/sec) tool for DBAs to identify Oracle accounts with weak or default passwords.
347557ee38aed91ccdfda881256b418152b5fc74c3ede2186cf61ff83fe5f29c
Logcheck parses system logs and generates email reports based on anomalies. Anomalies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.
170d528a300aa2f1792277680a460ba822c427433349e63d2a245318f6e0bfa1
Wepdecrypt is a wireless LAN tool based on wepattack that guesses WEP keys using an active dictionary attack, a key generator, a distributed network attack, and some other methods.
29ae072985616a0141a07e767e667cd33c917605338d37824de96c765a692333