Secunia Security Advisory - Debian has issued an update for libxml2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library.
1c131ad38d132426b7dec64072939adee23527ec7c58cc54d03099dc2f508e5f
Secunia Security Advisory - Ubuntu has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
c2857782fa6eb28b2ac11d41f5b7558b08e2a62c1e3d4dab81a6df71a250803b
Secunia Security Advisory - Ubuntu has issued an update for mysql-dfsg-5.0. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions and malicious users to cause a DoS (Denial of Service).
478084bdd98765787b40c07ebdda0c8f548e9aa699ff37235c44a8cef37ba642
Secunia Security Advisory - A security issue has been reported in Flash Media Server, which can be exploited by malicious people to capture content.
b3d4aa9989dab17f6a687f5ac492ff72c88573fdf5eb682b45f0165baee64f07
Secunia Security Advisory - md.r00t has reported a vulnerability in KimsON, which can be exploited by malicious people to conduct cross-site scripting attacks.
3a106ae621377ebcb3473165ff70abd67af2203e85bcbd844f22d21f55757e8c
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
fc9366a2ab01924e91575352889970e57a551e087c78b5d1dd4287aaf2136a04
Secunia Security Advisory - Ubuntu has issued an update for libxml2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library.
d00f99a609857df78d1775517041c3ba9017101d3887ed96ba3b0d810638c982
Secunia Security Advisory - A vulnerability has been reported in Citrix XenServer, which can be exploited by malicious, local users to bypass certain security restrictions.
7d6f3ec629320f55d7251f087e9a8ebf5287d3737e8622298bf62f13919d6b9e
Secunia Security Advisory - xenomuta has reported a vulnerability in No-IP Linux Dynamic Update Client (DUC), which potentially can be exploited by malicious people to compromise a vulnerable system.
c27092f9309e143993f415cc2cc9c33b7443ac380fe131fccfaba42511a80cc6
Secunia Security Advisory - Ubuntu has issued an update for firefox, firefox-3.0, and xulrunner-1.9. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or compromise a user's system.
8aa942dac99ab242a20e125724da0024b3e0571bf56b202fcd6770b3f166b5e9
Secunia Security Advisory - x0r has reported a vulnerability in E-topbiz Link Back Checker, which can be exploited by malicious people to bypass certain security restrictions.
9f4d30d4f77ef2642fcc96119d6ee3f93644c0abdd424c47ed351af381f8585e
Secunia Security Advisory - Ghost Hacker has discovered a vulnerability in Free Directory Script, which can be exploited by malicious people to compromise a vulnerable system.
f3936819392887ed7ae69a8c98ad8dd217ebdc71ba73f4bddb0452a6e1ca0cba
Mandriva Linux Security Advisory 2008-231 - Drew Yaro of the Apple Product Security Team found two flaws in libxml2. The first is a denial of service flaw in libxml2's XML parser. If an application linked against libxml2 were to process certain malformed XML content, it cause the application to enter an infinite loop. The second is an integer overflow that caused a heap-based buffer overflow in libxml2's XML parser. If an application linked against libxml2 were to process certain malformed XML content, it could cause the application to crash or possibly execute arbitrary code. The updated packages have been patched to correct these issues.
7413d96099e6e8bf2e438e2347de0fdef4b3853b5f304fdd946d81861cdc2526
Ubuntu Security Notice USN-673-1 - Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. If a user or automated system were tricked into processing a malicious XML document, a remote attacker could cause applications linked against libxml2 to enter an infinite loop, leading to a denial of service. Drew Yao discovered that libxml2 did not correctly handle large memory allocations. If a user or automated system were tricked into processing a very large XML document, a remote attacker could cause applications linked against libxml2 to crash, leading to a denial of service.
14aa962cd967df79c253c644c2c8828edaaf504811b1f094c29778d229459c52
Pluck CMS version 4.5.3 suffers from a local file inclusion vulnerability in data/inc/lib/pcltar.lib.php.
a76b191f10fc38657780868a71a131bd66e626a9dafafb166d91e8d33d8c87f7
strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.
bc808f0e652c4eafe9851d3deee8b79d92f612129fd5e9d9d7d258b91d3e3a28
Ho' Detector is shellcode that detects sniffing on all interfaces in Linux by parsing /proc/net/packet.
42c881bd2e0d0ad6f16b4cdc86b99656d1572c15c7ee38cf830dbce602f77508
Free Directory Script version 1.1.1 suffers from a remote file inclusion vulnerability.vulnerability.
9de9e95253a54d5d8195e150c62dced03c5e92be004745665c337fdab2b13553
Firefox versions 2.0.0.18 and below and WebKit nightly are affected by a cross-domain arbitrary image theft vulnerability.
d0194747a05587197d8e8c47a948cf9b3eee714682e19c5c1a8a0ea718f09d2e
CUPS version 1.3.7 cross site request forgery remote crash exploit that makes use of the add rss subscription functionality.
6e4f00554a897ed6be22f88ed7198949f40913f4b34db7670960d0d1d9a7cf8f
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
abfe5378aa1c420b5a843819d5ee86801f09ce9f74415f92a8ad6c7fa7640eb6
E-topbiz Link Back Checker 1 suffers from an insecure cookie handling vulnerability that allows for administrative take-over.
6326e1a5778e098db15fb3f2ef47e30000bccc5158b3b5de51056ccf69ec17c4
A design flaw in the SSH specification allows an attacker with control over the network to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. The vulnerability has been verified against OpenSSH 4.7p1; other versions may also be susceptible.
8d48ca8b60553c221cb1492df2fd5bc59181cf198fa4fff19a8f69a7c0f813ae
Musicbox versions 2.3.8 and below suffer from a remote SQL injection vulnerability. This was discovered in the last version and the vendor still has not fixed it.
76fb9672485dc23ce06389e1199a6f3b07d74f64a42e9bc9e9ecfe73d9417079
No-IP DUC versions 2.1.7 and below remote code execution exploit with reverse shell functionality.
45aef2f944054e07955c8413368b1c84c98946f115baffb32a912c5e292375fa