Secunia Security Advisory - Thomas Henlich has reported a vulnerability in the WebFTP module for SysCP, which can be exploited by malicious people to disclose sensitive information.
A file inclusion vulnerability exists in WebFTP version 1.2.6 in webftp.php.
Mozilla Thunderbird SMTP down-negotiation behavior allows a man-in-the-middle (MITM) attack to bypass TLS initialization and/or downgrade CRAM-MD5 to PLAIN authentication, leading to exposure of authentication information. Failure in CRAM-MD5 authentication also leads to exposure of authentication information to a passive eavesdropper. Affected versions: Mozilla Thunderbird 1.0.7 (20050923), Mozilla Thunderbird 1.5 Beta 2 (20051006), possibly other programs using the Mozilla mail component.
Mozilla Thunderbird SMTP down-negotiation behavior allows a man- in-the-middle (MITM) attack to bypass TLS initialization and/or downgrade CRAM-MD5 to PLAIN authentication, leading to exposure of authentication information. Failure in CRAM-MD5 authentication also leads to exposure of authentication information to a passive eavesdropper.
Secunia Security Advisory - Thomas Henlich has reported a security issue in MySQL, which can be exploited by malicious people to conduct script insertion attacks.