Debian Security Advisory 1142-1 - Luigi Auriemma discovered missing boundary checks in freeciv, a clone of the well known Civilization game, which can be exploited by remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.
3d42aa7960767db336ac7b4f0d7ad8a2ccf7d98668ac1edfbed970e17d015d34
Gentoo Linux Security Advisory GLSA 200608-06 - Courier MTA has fixed a security issue relating to usernames containing the = character, causing high CPU utilization. Versions less than 0.53.2 are affected.
77407145ead068fe7b13864c89b9a1b8ea45caada38db7d694083945bc88669f
Gentoo Linux Security Advisory GLSA 200608-05 - LibVNCServer fails to properly validate protocol types effectively letting users decide what protocol to use, such as Type 1 - None. LibVNCServer will accept this security type, even if it is not offered by the server. Versions less than 0.8.2 are affected.
b8027094c07d73eb934c47c720c628324a70575205894659b17247e7195ffa27
Debian Security Advisory 1141-1 - Evgeny Legerov discovered that overly large comments can crash gnupg, the GNU privacy guard.
60492423670cc72491ef4a144ffb37a567152ba29329729d073774027fb0364b
CounterChaos versions 0.48c and below suffer from a SQL injection vulnerability.
7d22c6f0743733ece01d752fb837aec0ec18480e46924e68f4564af01f6cfba0
GaesteChaos versions 0.2 and below suffer from SQL injection and cross site scripting vulnerabilities.
a36e34100940cdbee2af6338e2e296e710c1feff3e0bdbaf4d0848299e5d6a7c
GeheimChaos versions 0.5 and below suffer from multiple SQL injection vulnerabilities.
d9baf03f646f57e4942e51227a22dd2a1eaf50218900c569764890a1cfc4f21a
StMichael is a LKM that attempts to provide a level of protection against kernel-module rootkits. StMichael is designed to be loaded early in the system boot process, and is intended to be present and running on its host system prior to the introduction of malicious kernel modules. StMichael provides this protection by monitoring various portions of the kernel, and optionally the entire kernel text itself, for modifications that may indicate the presence of a malicious kernel module. If rootkit-like activity is detected, StMichael will attempt to recover the kernel's integrity by rolling back the changes made to a previously known-good state.
adc3452e7d816d4e5d6ed1c7456dfebf7c3df08482f47ee327c38bfe49184643
StMichael is a LKM that attempts to provide a level of protection against kernel-module rootkits. StMichael is designed to be loaded early in the system boot process, and is intended to be present and running on its host system prior to the introduction of malicious kernel modules. StMichael provides this protection by monitoring various portions of the kernel, and optionally the entire kernel text itself, for modifications that may indicate the presence of a malicious kernel module. If rootkit-like activity is detected, StMichael will attempt to recover the kernel's integrity by rolling back the changes made to a previously known-good state.
ff8ec12f68893b5afc4a6cec3000fa2633c142ce110705b622d4881cffa2bcf2
Gentoo Linux Security Advisory GLSA 200608-04 - The Mozilla Foundation has reported numerous security vulnerabilities related to Mozilla Thunderbird. Versions less than 1.5.0.5 are affected.
10587b60759a1a52af713e59c08d1ef0744cd79bfcb5fd92866189370f6a5c8b
ZoneX version 1.0.3 suffers from a remote file inclusion vulnerability.
700a5d770b581d874d02eac500086494ff153dafce68947a30967d178408e55b
Gentoo Linux Security Advisory GLSA 200608-03 - The Mozilla Foundation has reported numerous security vulnerabilities related to Mozilla Firefox. Versions less than 1.5.0.5 are affected.
05ba9e712bae7bc80f109dd337e05d152c7c11d941d0eaaf1147c4bee05270f6
HP Security Bulletin - A potential security vulnerability has been identified in the Xserver running on HP-UX. The vulnerability could be exploited by a local user to execute arbitrary code with the privileges of the Xserver.
bbb76e2c5fe43808f79b31fe18cac63ece8c8136c5f9a4fc547774bcde1f4bdf
ME Download System version 1.3 suffers from a remote file inclusion vulnerability.
879bdee0465e33cf33714288df0674e22a722e8e2c65252dda21016838d9dea5
Gentoo Linux Security Advisory GLSA 200608-02 - The Mozilla Foundation has reported numerous security vulnerabilities related to Mozilla SeaMonkey. Versions less than 1.0.3 are affected.
259842a4b8fbc85db5a4243308a3449a1aa8498090053f3cadd726e83178e234
Debian Security Advisory 1140-1 - Evgeny Legerov discovered that overly large comments can crash gnupg.
67ef169c0e8da82562eebcd0186705924d9a14f8afb370351b7a7727f0f1a827
Debian Security Advisory 1139-1 - It was discovered that the interpreter for the Ruby language does not properly maintain "safe levels" for aliasing, directory accesses and regular expressions, which might lead to a bypass of security restrictions.
d7c0387fbe01d5c5bf8ef1a5cd20dcc99ffc162c6315d4230460c78a0927ba03
Blog:CMS versions 4.1.0 and below suffer from a remote file inclusion flaw.
f548cb12dcabab82dcd48af1859f00f8bffe6f9b488c2fdd8bf62bf767423a3a
Drupal security advisory DRUPAL-SA-2006-011: A malicious user can execute a cross site scripting attack by enticing someone to visit a Drupal site via a specially crafted link. Versions 4.6 and 4.7 are affected.
729acaa041bbcefdff3132971b083758ab50c3e1077bfab8676740ab791d7a63
modernbill version 1.6 suffers from a remote file inclusion vulnerability.
475861446417c96f2150f29f2d56667fb36a52baeef58197de903a212e380151
Toenda CMS versions 1.0.3 stable and below and version 1.1 suffer from a cross site scripting flaw.
67a5cade712def04ccfebab2481da14908fad9d5d04356821077ccb26a550e0b
Brute forcing utility for pswd.js, a common client-side authentication program.
a74cc082a3dfa8b02ddefa49effca8a21773eb603eee3f70c14832ee111781ef
SendCard version 3.4.0 and below unauthorized administrative access and remote command execution exploit.
75ee26461b1a9743494527d1488013f8671b535012ea009d2b763768d441b763
Ubuntu Security Notice USN-332-1 - Evgeny Legerov discovered that gnupg did not sufficiently check the validity of the comment and a control field. Specially crafted GPG data could cause a buffer overflow. This could be exploited to execute arbitrary code with the user's privileges if an attacker can trick an user into processing a malicious encrypted/signed document with gnupg.
6ee2044c87d8196115b9ed9cf39597199047605293f9b3fea86e4669ed913154
Ubuntu Security Notice USN-331-1 - A Denial of service vulnerability was reported in iptables' SCTP conntrack module. On computers which use this iptables module, a remote attacker could expoit this to trigger a kernel crash. A buffer overflow has been discovered in the dvd_read_bca() function. By inserting a specially crafted DVD, USB stick, or similar automatically mounted removable device, a local user could crash the machine or potentially even execute arbitrary code with full root privileges. The ftdi_sio driver for serial USB ports did not limit the amount of pending data to be written. A local user could exploit this to drain all available kernel memory and thus render the system unusable.
eae3ee2029948e01fc677de366868c24f91540debde31f24e4f60c399dd3edb4