Mambo component Bookmarks is susceptible to a remote file inclusion vulnerability.
02c659c8670460971d178b5c27d80b3ee01c07012ac3f3cd385f27c75ca5cecdMIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
3674b7f187862d2157634d2d57f3ee6b4dd305f26e6efeb3decc684d34a17a23The MultiAdmin security framework kernel module provides a means to have multiple root users with unique UIDs. This bypasses collation order problems with NSCD, allows you to have files with unique owners, and allows you to track the quota usage for every real user. It also implements a sub-admin, a partially restricted root user who has full read-only access to most subsystems, but write rights only to a limited subset, for example writing to files or killing processes only of certain users.
0b7cb673570693e214cb38e3b86f8d5fee7796dc97258e403ee5f7b5d57d8739GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.
07d16cfef908d02f8728bcc7e6e2adc6e08c9585d3209b039a035186758f708cRacer version 0.5.3 beta 5 remote buffer overflow exploit that binds a shell to TCP/4444.
ce7e884e30b9977643a85468c6bebe8db229d682df9f029548fda9a983cec050Savant version 3.1 GET request remote universal overflow exploit that binds a shell to TCP/4444.
12b874bede38d6dd884dfbb2fc091d660d3216fcdc9cd1790d40574c079fc821Prozilla Webring Website Script suffers from a SQL injection vulnerability in category.php.
820b765ff80af39042e2747b7656c306d55d61cf72abe67a47c9c0d38efac5abSOTEeSKLEP versions 3.5RC9 and below suffer form a remote file disclosure vulnerability.
d19dbb41829343cd77b7b5861a50a6eff8f758f9066b00ef060b16526b9f508dWengoPhone SIP Phone version 2.x suffers from a remote denial of service vulnerability.
844aee0a2cd207db48e3126900dd64fcafd1de57444fd3eb8ba3a8990d42a2b4CounterPath X-Lite SIP Phone version 3.x suffers from a remote denial of service vulnerability.
7d308fdccd85abb51ba288ba7af1e1d449f69e1da5dadc2d7eacd42df1012eccGentoo Linux Security Advisory GLSA 200708-08 - The functions deletekey(), gpg_check_sign_pgp_mime() and gpg_recv_key() used in the SquirrelMail G/PGP encryption plugin do not properly escape user-supplied data. Versions less than 1.4.10a-r2 are affected.
9d078d0dc028f915969339c60ba23959b7a1782720672d619014f929d54005e0Gentoo Linux Security Advisory GLSA 200708-07 - Lasse Karkkainen discovered that the function terminal_helper_execute() in file terminal-helper.c does not properly escape the URIs before processing. Versions less than 0.2.6_p25931 are affected.
330b4e24fb821b2cd5f7c0a3bd591f92d633d2a9129ad6efcf09f92746b72a12Gentoo Linux Security Advisory GLSA 200708-06 - hjp discovered an error when handling DNS query IDs which make them partially predictable. Steffen Ullrich discovered an error in the dn_expand() function which could lead to an endless loop. Versions less than 0.60 are affected.
59cd929ff364da7d666efcbc165c756816e258c729bf01d9358b4fe11deba8daPHP-Stats has a cross site scripting vulnerability in whois.php.
4cda100df0817d5e35f93b555007f9337c860febd9b4f8f22e4d47b6c988276fDebian Security Advisory 1353-1 - It was discovered that an integer overflow in the BGP dissector of tcpdump, a powerful tool for network monitoring and data acquisition, may lead to the execution of arbitrary code.
ab436bdfac5ee125d75fd83842aa8be4f67bf4f3fe0108a2f49f67da00bdf4d1It appears that www.symantec.com is susceptible to a cross site scripting vulnerability.
2e2d37f6a8cdb6e2ccd7cd5703ed62fb500209d6a25423080d5220f022bde790Mandriva Linux Security Advisory - The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478. Also affects kdelibs 3.5.6, as per KDE official advisory.
a21172bcbb0303e9d0b0f74bfcca190017f7bf6cc6ef8607c778e1fbac5a72a9Mandriva Linux Security Advisory - M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load() function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an application using Imlib2 attempts to view the image. The tga loader fails to bounds check input data to make sure the input data does not load outside the memory mapped region. The RLE decoding loops of the load() function in the tga loader does not check that the count byte of an RLE packet does not cause a heap overflow of the pixel buffer. The load() function of the pnm loader writes arbitrary length user data into a fixed size stack allocated buffer buf[] without bounds checking.
1c20ca2a09cf52db44cc93afd878f7cd7a24dabb1835fefb06d9dc2db1684701Secunia Security Advisory - Some vulnerabilities have been reported in Article Dashboard, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
97bc0351d91db7e504a7622cbd4eb56b513e209dcaf635aa2eaf39b2bdb346d7Secunia Security Advisory - Slackware has issued an update for xpdf. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
0d60b8fd1b4c306cc73ba78086b5601f9c582f9a6b2dfea8c6ca14764b46a966Secunia Security Advisory - Slackware has issued an update for gimp. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
d118d197b7952a8d6c2a0eb1e8c5cf7e68e2908781f475d956e68bcc3d8600faSecunia Security Advisory - Slackware has issued an update for qt. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
ebb18a48be7f1e81f9d81d9dfbcbd6f5e2870a03a2f7751019c68db75706f028Secunia Security Advisory - Slackware has issued an update for seamonkey. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
21225762bd3747d6378a37e843b8a37044efc3925515c5ee79a50ad4bf7c5344Secunia Security Advisory - rPath has issued an update for firefox and thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
f9361aeb7f00c7564944b409fb4f1273ff784fbd638c95df4ed5b63569693801Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
ddb3f8f9e67bb370fe149abfd6d1d60104b102c918fe46731e9cf63cef5c1987
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed