NetBSD Security Advisory 2005-001 - The Pentium CPU shares caches between HyperThreads. This permits a local process to gain a side-channel against cryptographic processes running on the other HyperThread. Testing for cached data can be accomplished by timing reads. Under some circumstances, this permits the spying process to extract bits of the key. This has been demonstrated against OpenSSL.
1b841f93dab7671b35f142bbbc58e744bd20646981c20572bd1835e0628b395c
An error in Microsoft Windows NTFS driver code causes the file system to incorrectly assign disk blocks to files before they have been initialized. Following a recovery from a system shutdown, uninitialized data may be visible in files from previously allocated disk blocks.
19a6813bec80b15a790ba4bf91503c452214f0dd11e222e2104658130b26d1f5
Debian Security Advisory DSA 733-1 - Justin Rye discovered that crip, a terminal-based ripper, encoder and tagger tool, utilizes temporary files in an insecure fashion in its helper scripts.
eb99e39c5b9424f5d9cdb42cb81a156c69a61f9565b939d18a9e3c5e1a1d041c
FreeBSD Security Advisory FreeBSD-SA-05:15 - Two problems have been discovered in the FreeBSD TCP stack. First, when a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal "recent" timestamp for a connection. Second, a TCP packet with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options.
30663ff4e4d6e6643116559b25a849f751e84dc20b68d90c0261a28842688ff7
FreeBSD Security Advisory FreeBSD-SA-05:14 - Two problems have been discovered relating to the extraction of bzip2-compressed files. First, a carefully constructed invalid bzip2 archive can cause bzip2 to enter an infinite loop. Second, when creating a new file, bzip2 closes the file before setting its permissions.
81c864494c3fb7c1777f84c50d2ea5e1bb96b674001417c3e3f9e573fb1005a0
FreeBSD Security Advisory FreeBSD-SA-05:13 - The ipfw tables lookup code caches the result of the last query. The kernel may process multiple packets concurrently, performing several concurrent table lookups. Due to an insufficient locking, a cached result can become corrupted that could cause some addresses to be incorrectly matched against a lookup table.
6b7aa2a12074c968569303a922ef2f40cc26ef0aef04894d3fd3b9ebce0d5e08
A flaw has been discovered in the third-party XML-RPC library included with Drupal. An attacker could execute arbitrary PHP code on a target site.
c23af80afccc28c6e386c2d9c57c08cb7dcd67c51b1bdbfd76ab901c28db1291
Kuba Zygmunt discovered a flaw in the input validation routines of Drupal's filter mechanism. An attacker could execute arbitrary PHP code on a target site when public comments or postings are allowed.
3cde9b7af7d34c526f434457021465af93437a68f76031f5ab71ab278732d190
Soldier of Fortune II versions 1.02x and 1.03 suffer from a bug where a large client ID will crash the server.
8ddaa82d73fdc0f5738eb8b83782e62101712c849ad4142742b60c42b8d9948d
Technical Cyber Security Alert TA05-180A - The VERITAS Backup Exec Remote Agent for Windows contains a buffer overflow that may allow an unauthenticated, remote attacker to compromise a system and execute arbitrary code with administrative privileges.
eaac8acdce7b92b8ead88d0bfef9700c835095ef8bb557efd10b66541593117e
Serendipity version 0.8.2 and below suffer from a remote command execution flaw.
2a4ee8e7ada42a56b8aed38fe317912c764aad12ca30260dd372fba5c27cd442
Cisco Security Advisory - Remote Authentication Dial In User Service (RADIUS) authentication on a device that is running certain versions of Cisco Internetworking Operating System (IOS) and configured with a fallback method to none can be bypassed.
7a0b623fec59b13f3dec999eb730c1223315a71bc5bc62293b4b742f42a009ee
iDEFENSE Security Advisory 06.29.05-2 - Remote exploitation of an input validation error in Clam AntiVirus ClamAV allows attackers to cause a denial of service condition. The vulnerability specifically exists due to improper behavior during exceptional conditions.
6f82f5a9d5aed250a0160bb6d9ffa7df155d91e9930691c922a15d570a55ad36
iDEFENSE Security Advisory 06.29.05-1 - Remote exploitation of an input validation error in Clam AntiVirus ClamAV allows attackers to cause a denial of service condition. The cabinet file format is a Microsoft archive format used for distributing Microsoft software. The vulnerability specifically exists due to insufficient validation on cabinet file header data. Versions below 0.86 are vulnerable.
9239cca4d7dad988a5e239ca3b6875dec49832bee391c6ca9f2440684a7fb63b
Gentoo Linux Security Advisory GLSA 200506-24 - It has been reported that the getterminaltype function of Heimdal's telnetd server is vulnerable to buffer overflows. Versions less than 0.6.5 are affected.
8e702bc904b1100eb9c2188886fc6c79e3c64561199e48ade9e79f194a87619e
Ubuntu Security Notice USN-146-1 - Nobuhiro IMAI discovered that the changed default value of the Module#public_instance_methods() method broke the security protection of XMLRPC server handlers. A remote attacker could exploit this to execute arbitrary commands on an XMLRPC server.
9a01c06f07b7a6790057fbdc7b2db4db082ec300bd7883e13b24bb2ecadad95c
phpBB versions 2.0.15 and below suffer from a code injection bug.
e63c27994d926ee62e1c03f0e7bd1e6fea2f6e0145830a3405271c8bdd821969
Raritan console servers come with two unpassworded accounts. Vendor has confirmed these versions are vulnerable: DSX16, DSX32, DSX4, DSX8, DSXA-48 (MIPS and Intel).
a63dcd7bd7ce637bcc43dbf76f25c87cfd83a34f77d282079809573e2cc872f5
Secunia Security Advisory - A vulnerability has been reported in Serendipity, which can be exploited by malicious people to compromise a vulnerable system.
752cf7474bcc4eeea70676f4d08e14d5be18cbd861469815084b02a1128a7515
Secunia Security Advisory - Secunia Research has discovered a security issue in Adobe Reader for Linux, which can be exploited by malicious, local users to gain knowledge of sensitive information.
17a86c88f193252e1858c78cde8bc43f6cbdd709eab8429a23a9ca34162c9572
Secunia Security Advisory - A vulnerability has been reported in phpMyFAQ, which can be exploited by malicious people to compromise a vulnerable system.
42f609ce3692d089d52b87fb28683f47030fd1269c93651ebcc2d508a9e10004
Secunia Security Advisory - Park Gyu Tae has reported a vulnerability in NateOn Messenger, which can be exploited by malicious users to disclose system information.
724b7ff7741d266709ae3e96e74b86b5e5ad7a882c69418f937e9db5a0df6620
Secunia Security Advisory - Nortel Networks has acknowledged an old vulnerability in Communication Server 1000 (CS1000), which can be exploited by malicious people to cause a DoS (Denial of Service).
d11e9a90eb43e73931b116294f2fea1b5709927248958356626f5a79005dd05a
Secunia Security Advisory - James Bercegay has reported some vulnerabilities in Wordpress, which can be exploited by malicious people to manipulate mail messages, conduct cross-site scripting and SQL injection attacks, and by malicious users to compromise a vulnerable system.
06951da128192304c6c8f1c79b25798a71ff882d176c4e121efce27ac18f2f45
Secunia Security Advisory - Przemyslaw Frasunek has reported a vulnerability in Solaris, which can be exploited by malicious, local users to gain escalated privileges.
0eb7561ea97d5702173b76e88e758e63bfa51848ab2b287782753baa54d6ad5d