Aspee Ziyareti Defteri suffers from a SQL injection vulnerability.
058e19c1a779c5c30e8dc155d466494117e5449ba7c478cbb57e4d8e50b000b2
Layered Defense Advisory - A format string vulnerability was discovered within Novell client 4.91 . The vulnerability is due to improper processing of format strings within NMAS (Novell Modular Authentication Services) Information message window. An attacker who enters special crafted format strings in the Username field at the Novell logon and selects Sequences under the NMAS tab can read data from the winlogon process stack or read from arbitrary memory, and at a minimum cause a denial of service.
16000cd5b2e4b7f104dd288b51b65a2f794e2c097e823e6489eb20d40d32e75f
Invision Gallery version 2.0.7 suffers from a SQL injection vulnerability.
6b4d87867890754e2f9c8434bedef1581811919db059125d5333145b08aa0936
Storye suffers from a SQL injection vulnerability.
f60858302bd94d7bb6ffad269f6b1ec5ab55f8d9d37de40a7b9cb4128f7c938c
Debian Security Advisory 1222-2 - Due to technical problems yesterday's proftpd update lacked a build for the amd64 architecture, which is now available. Several remote vulnerabilities have been discovered in the proftpd FTP daemon, which may lead to the execution of arbitrary code or denial of service.
b6cf6ad61f34245ebd9b4e72ef0bee6c823bdb1f06c59ff4c77354091c5374c9
Debian Security Advisory 1223-1 - Teemu Salmela discovered a vulnerability in GNU tar that could allow a malicious user to overwrite arbitrary files by inducing the victim to attempt to extract a specially crafted tar file containing a GNUTYPE_NAMES record with a symbolic link.
88f8e141b17e87deabd1aecfa3c726596e7ba20df2f0f17b926453955ed6964e
Debian Security Advisory 1205-2 - Marco d'Itri discovered that thttpd, a small, fast and secure webserver, makes use of insecure temporary files when its logfiles are rotated, which might lead to a denial of service through a symlink attack. The original advisory for this issue did not contain fixed packages for all supported architectures which are corrected in this update.
87ab63dc07bcb96f2809e8fbe5bbc84cffe3c005e569f8adeaa6f460f32a2a4b
Demonstration exploit that shows how Outpost Firewall Pro version 4.0 fails to protect against advanced DLL injection.
d098e88f484e24499c8384ec307c65852dc1541fe2460675f4823a8e79ba1d12
Outpost Firewall Pro version 4.0 fails to protect against advanced DLL injection.
d10c68573c91fa3188e94d699972e536a48599b7f66ade2ce1a96497197376aa
deV!L'z Clanportal version 1.3.6 allows arbitrary files to be uploaded and stored on the server's filesystem, which enables anyone, even without a user account, to upload PHP code and execute it, leading to arbitrary code execution.
b440108559e6cbef251370d1ea8bf8d57c1bb3f040aca37a9e0e7235283014ee
deV!L'z Clanportal version 1.3.6 suffers from a remote SQL injection vulnerability.
95a08f5d834ca164f6e87075e01668750d9cef64f4e5da50e376f44cba717b5e
freeqboard versions 1.1 and below suffer from a remote file inclusion vulnerability.
86c7597e19e134f1c810432d8aa51b3b841adb2beb818bc90d26854ea5536a7b
Mandriva Linux Security Advisory - Buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages that cause the make_printable_string function to return a longer string than expected while constructing a prompt.
1041a6ca0a612f13d8726413b84470bc96b4c160d46d073771f7593a9459b069
Mandriva Linux Security Advisory - "infamous41md" discovered a heap buffer overflow vulnerability in libgsf, a GNOME library for reading and writing structured file formats, which could lead to the execution of arbitrary code.
54af3bee684e74af9c81bcbbf88436579fb7db5630aecf1cf2ff05d80f55d978
The NetBSD ftpd and the tnftpd port suffer from a remote stack overrun, which can lead to a root compromise. The bug is in glob.c file.
6f91ab16ee6d396173a45820d89bcfd6ed6fcfb8449312205c4ce215b6caec78
Gentoo Linux Security Advisory GLSA 200611-26 - Evgeny Legerov discovered a stack-based buffer overflow in the s_replace() function in support.c, as well as a buffer overflow in in the mod_tls module. Additionally, an off-by-two error related to the CommandBufferSize configuration directive was reported. Versions less than 1.3.0a are affected.
36843aa15487f5c24c730fe36f5878646a76081434d9b34f8914a0db698fec08
Ubuntu Security Notice 390-1 - A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a specially crafted PS file, an attacker could crash evince or execute arbitrary code with the user's privileges.
4ff27831c73ace4a7dd7186a492469ef44e83021bd2cc275e38f7c5f69ece81e
Invision Community Blog Mod version 1.2.4 suffers from a SQL injection vulnerability.
d19c635dbc5363effee0c7981fa6804ef279c8b1f7d5a60a8ab2c88ae39592d9
iDefense Security Advisory 11.30.06 - Remote exploitation of a heap overflow vulnerability in libgsf, as included in various vendors' operating system distributions, could allow an attacker to execute arbitrary code. iDefense has confirmed the existence of this vulnerability in version 1.14.0 of the Gnome Structured File library. Any applications or libraries that utilize this library for OLE should be considered vulnerable.
5d4c56467eb778c75d08c305bfec51da69d2f5789a00f83e1d00ad34f3088755
@lex Guestbook version 4.0.1 suffers from path disclosure and cross site scripting flaws.
ecd4efd463923ecea8b1677e62bb2faa81af2fc1bbc94e5971a7902dde5b71f1
Woltlab Burning Board version 2.3.x suffers from a cross site scripting vulnerability in register.php.
0d5941ebb24ebf2d3766cd7ed78636a668a50120c97bfae0ce5dc053ca2bab14
Mandriva Linux Security Advisory - Multiple vulnerabilities exist in ProFTPd versions 1.3.0a and below.
e2171be169bfd780fec771b7e39e63a762c38535f944aa32aed8c1273821ce01
Secunia Research has discovered two vulnerabilities in MailEnable, which can be exploited by malicious users to cause a DoS (Denial of service) or compromise a vulnerable system. MailEnable Professional Edition version 2.32 is affected.
35a02dd382af8339dd40e9bc9902acf6fcc605c86f10a866278e33e52c596382
Debian Security Advisory 1222-1 - Several remote vulnerabilities have been discovered in the proftpd FTP daemon, which may lead to the execution of arbitrary code or denial of service.
c12800e6db0918beeb56fcbd6c44c2e32fc8823002ebfbc8af9853095cfdc2b7
ContentServ 4.x still suffers from an arbitrary file reading vulnerability.
520b982f3405ce2c8b9dc8ffe0a75f8049afc6d4def00cff8b6ee08d2bc4058b