Ubuntu Security Notice 593-1 - It was discovered that the default configuration of dovecot could allow access to any email files with group "mail" without verifying that a user had valid rights. An attacker able to create symlinks in their mail directory could exploit this to read or delete another user's email. By default, dovecot passed special characters to the underlying authentication systems. While Ubuntu releases of dovecot are not known to be vulnerable, the authentication routine was proactively improved to avoid potential future problems.
152ff94141df0e8a6338bc7c8610db35bac87dfa8800d44c753be25d8facba18
Ubuntu Security Notice 592-1 - A ridiculous amount of vulnerabilities in Firefox have been addressed in this advisory for Ubuntu.
b07c0e96e68ab81ecf155d01fffd3b142f8726c133c09cc6e3cb2bf3de2ffa13
Quick TFTP Pro version 2.1 SEH overflow zero day exploit that binds a shell to port 4444.
1bac570fc98c5f940e65509f6372e870bf2fe8387dd7abd28dbe29874b43bf7a
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
03bf22ca986ff65536141d78a982e27f1faa86bc10ac98016be4d6d969d1611d
TFTP Server for Windows version 1.4 ST zero day buffer overflow exploit. Binds a shell to port 4444.
67086b8e331febb1aa873729f1bee0fc7975c00a401b0d11aa39d04f9b68c580
The Linksys WRT54G firmware version 1.00.9 suffers from a slew of bypass vulnerabilities. Full details provided.
56c6c3e22d21d215263eac4438a45fbbd1ee78f39e47e11bf406698b138d115a
HP Security Bulletin - A potential security vulnerability has been identified in the SFTP Server (sftp-server) component of SSH version 3.2.0 and earlier running on HP Tru64 UNIX. The vulnerability could be exploited by a remote user to execute arbitrary code or cause a Denial of Service (DoS). Yes, this is from 2006. Yes, HP is just notifying people now.
97b55c3fc497bd98e96bbfccb72fb18e043e763c3dc094e105a84a146f8bc9bb
phpAddressBook version 2.0 suffers from a SQL injection vulnerability allowing for administrative bypass.
0048aeb863c2580cb1be75d2dc60c5dc097fb37246d95a68df83023f2c757db4
Blackboard versions 7.x and below suffer from multiple cross site scripting vulnerabilities.
a645dcc1193f7bfeb626eb7d7cae92f14e5c4bcf9b67413688401878b50d78d7
TopperMod version 1.0 suffers from a local file inclusion vulnerability.
50ab34e0f966f18f0de8b6f2d16575fef86497338f08ee989e311fd337861c14
TopperMod version 2.0 suffers from a remote SQL injection vulnerability.
4447ba6f9fa6b1701f4efb29ee316315e83b39a003061d622de00e5aeeedbf8b
PacketTrap Networks pt360 version 2.0.39 TFTPD remote denial of service exploit.
1d5e31bb3ab9232256d0c7e623888840055c80f3d02ab0d300875e0a291d9905
Aztech ADSL2/2+ version 3.7.0 suffers from a remote code execution vulnerability.
b24c6b45550cda14d9b4142983253526203f757ab6d00bbb115623dbaa9c31dc
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Orb, which can be exploited by malicious people to compromise a user's system.
31cc9747948c76de3a43b53265c45eea8e5c9bcb938877d4c17edcfa64af6509
Secunia Security Advisory - Pranav Joshi has reported a security issue in ZyXEL ZyWALL 1050, which can be exploited by malicious people to bypass certain security restrictions.
0277bf29174ca3e0015e8bbffb4e2a274e1d2b849aaa2a16a2083574cb4232e9
Secunia Security Advisory - Ubuntu has issued an update for libicu. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
3a4d59e374bddfdeb1d3be88f0fb718fa87339d5ca7353b74501ce3aef9eeb3e
Secunia Security Advisory - Mandriva has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
ed16715e95323ac01fb889578f6d76bafd3b42ebd8ef4e2837acdddf0cd5cfad
Secunia Security Advisory - c0ndemned has reported a vulnerability in XLPortal, which can be exploited by malicious people to conduct SQL injection attacks.
d9a04e7858615d46e05c99c474b5c2d3a035bc87f9bec615fd7d889265b01848
Secunia Security Advisory - Russ McRee has reported a vulnerability in Photo Cart, which can be exploited by malicious people to conduct cross-site scripting attacks.
8ad8d421483b8561ab9e8200cb971514a4dd70cfe396c937558fb0a7117667b1
Secunia Security Advisory - Jerome Athias has discovered a vulnerability in the my_gallery plugin for e107, which can be exploited by malicious people to disclose sensitive information.
7af64c9a35da86dd67b2ca3d3708ec2465563126c05fad2b3cc3645da01c62a4
Secunia Security Advisory - Debian has issued an update for serendipity. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and script-insertion attacks or to bypass certain security restrictions.
cfc7b7c423a33f1af3a62dcc4db1f85d42ab0e30f5aec5c0ce46a5e9d2eaf285
Secunia Security Advisory - Ubuntu has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
b13bc8ceb2566e29739240c286a4fe1a77b475e5be116a7f38539387a3f64cbd
Secunia Security Advisory - Gentoo has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
90594d06389309924653b5e7d68c41483677cbd0fd1dc87829fd17e6d715c31e
Secunia Security Advisory - S@BUN has reported a vulnerability in the RunCMS Photo module, which can be exploited by malicious people to conduct SQL injection attacks.
13b5c27e7d1f08aac51b0ea92187c41f8a5a494b6819064579c69308a268b112
Secunia Security Advisory - Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
72ea2d79f992b380845c6155e72dfbff3f943dda32790c69060e8c1a20fb0493