Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.9.
0ecc1763849d9738c848fa12b67d3550fa7959aba4f2b4cda34f95feedbf4053
Digital Armaments Pre-Advisory - A vulnerability exists in expand_stack() of the grsecurity patch. This vulnerability is only locally exploitable.
2d573e23058667d662a7b7f7a457771ab0b0b5b2a504e7c92eddab1b245084d0
Nwom Topsites version 3.0 is susceptible to SQL injection and cross site scripting vulnerabilities.
4dc593c12d4752d61e1bead78463e73a7305774f90e1d75e71f59b2f82f11aaa
Ubuntu Security Notice 405-1 - It was discovered that fetchmail did not correctly require TLS negotiation in certain situations. This would result in a user's unencrypted password being sent across the network.
502b7277990cb0abff840829b05ec53ba00e73e8071dae50c965089d23c9c48e
LayerOne 2007 - Call for Papers - What is LayerOne? Currently in its 4th year, LayerOne is computer security and technology conference held in the Los Angeles area. The purpose of LayerOne is to bring together the many different types of folks who make up the security community for a 2 day discussion of the technologies that impact our professional and personal lives. LayerOne is now officially accepting papers and presentations for consideration at their 2007 show.
a30eecd416e8500edf232011ba7dec71e0f88bca8e731d355caea8f231579986
HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to execute arbitrary code with the permissions of the NNM server.
228092e766356198e0f81184d708f8af68436c22dba7f367e5c06d177c5d84e5
HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to gain read access to files with the permissions of the NNM server.
32fd13336ccd04d5de40c418f959ad608d35a6532764f4a51926d0f8cb736d31
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the Tape Engine RPC service which listens by default on TCP port 6503. Affected include BrightStor ARCserve Backup r11.5, BrightStor ARCserve Backup r11.1, BrightStor ARCserve Backup r11, BrightStor Enterprise Backup r10.5, and BrightStor ARCserve Backup v9.01.
989087a7ed2d42991f6c3cdb64913d73a610e31e9ff390c4654a2792a1d17e52
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup. User interaction is not required to exploit this vulnerability. The specific flaws exists in the Message Engine RPC service which listens by default on TCP ports 6503 and 6504. Affected include BrightStor ARCserve Backup r11.5, BrightStor ARCserve Backup r11.1, BrightStor ARCserve Backup r11, BrightStor Enterprise Backup r10.5, and BrightStor ARCserve Backup v9.01.
9b55a07b1f727791ae4ace2201edb7d2cac96bc0b34845f31c6f01a415a4807e
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the handling of RPC requests to the Tape Engine service which listens by default on TCP port 6502. Affected include BrightStor ARCserve Backup r11.5, BrightStor ARCserve Backup r11.1, BrightStor ARCserve Backup r11, BrightStor Enterprise Backup r10.5, and BrightStor ARCserve Backup v9.01.
6c66da6548ef7017209667ef1a4d0c6c89619ef0dfeefa68e54903486c7ef037
FreeBSD Security Advisory - jail(2) is susceptible to a symlink related vulnerability due to a lack of sanity checking.
67718e9c6c514fdd36e62fe2606ff687a4feed8cb51383a05dc3595135aae050
Calyptix Security Advisory - Snort 2.6.1.2 is vulnerable to an integer underflow that allows a remote attacker to cause Snort to read beyond a specified length of memory, potentially corrupting logfiles.
51e3d19ce57e41633b7f6a33b25810f1643b9c31932058f68526057122832085
Microsoft Outlook is a popular personal communication manager that provides end users with a unified place to manage e-mail, calendar and contact information. As part of its standard offering, Outlook also includes an Advanced Search facility (Finder.exe) enabling end-users to query any aspect of their repository information. Unfortunately, it transpires that Outlook/Finder is susceptible to a remote Buffer overflow vulnerability, when processing the contents of a specially crafted Office Saved Search (.oss) file.
28bbbedc553e8ff09d850b01cf55df16440175c5cebf3bd1df3d95a9fa647df5
Whitepaper entitled "Anatomy of a Malware". A tutorial that was created to educate people on how a simple piece of malware works.
5172b6396a1d3bf6c98f00741dec0697cfc325806e2509483c51c1658ee514dc
DigiAffiliate versions 1.4 and below remote SQL injection exploit that makes use of visu_user.asp.
66aaf27d83e0cd498af29836867d0c8ca102843dd53f799ba7038cac9d8fbbf8
sNews versions 1.5.30 and below remote administrative password reset and code execution exploit.
f04a733858f7408bda758be8c1e8792d544592a36499c3ed1ccccda1dfcc1e61
LunarPoll version 1.0 suffers from a remote file inclusion vulnerability.
38bbd6647ce880a869ab3794990aa921db4002ba953c4ce60959f94482d6bc7d
TLM CMS versions 1.1 and below suffer from a remote file inclusion vulnerability.
51948f082b76b1274e78357c368e8f9f405c9daf04c1c297ca109e1da1055baa