The Netkit telnetd implementation shipped with Debian Linux appears to be lacking the AYT vulnerability patch. This exposes the platform to a remote root problem discovered by scut of TESO back in 2001.
b774351baca900b321dda13082fb9c199c217207f04f1f3942bfc7692e1b6978
MySQLguest from AllWebscripts is vulnerable to an HTML injection flaw that is exposed via the entry submitting form due to a lack of proper sanitization.
adff55a9298359f4f057edc112d12bbf74c373c97e76c2d43184798b9bc21eec
GulfTech Security Research - DNS4Me version 3.0.0.4 is susceptible to cross site scripting and denial of service vulnerabilities.
4d1fd96ce8b157a8c343db0d58f22a30793e5d9cc04af8a7764712643086bfd5
Airscanner Mobile Security Advisory - Airscanner Corp. has been able to reverse engineer and post a fix for the CE.Dust virus.
dfc04361209fb2f42302f257250840672dab84f49ad9f7075e8b4132dc448d24
sudo version 1.6.8p1 has been released to address a security flaw in sudoedit that could give a malicious user read access to file that would normally be unreadable.
efab4b67cba3f43b49749ab3f9feff2c10711daa2901a428c6afc8c3591c8f21
Technical Cyber Security Alert TA04-261A - Several vulnerabilities exist in the Mozilla web browser and derived products, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system.
f7d86e4564591538d33b369f77eeeeec3819b0c8aa29f08f2d427cfa298e4d9d
The Inkra 1504GX router suffers from a denial of service vulnerability.
7d88b0aa59b5c2c116b89d4bd94a13fda2109b7744bf6cfd8791bbd00030e7ce
A buffer overflow has been discovered in the trap.c syscall() function of the FreeBSD source tree. However, you need to be root to exploit this.
6444178da5ea0a896ca263731a215cc7f808b36e98e12a1934fae459315952df
iDEFENSE Security Advisory 09.16.04 - Remote exploitation of a denial of service vulnerability in Ipswitch Inc.'s WhatsUp Gold versions 8.03 and below allows attackers to cause the application to crash.
c438fb19fce4a7088b6fd32219675ec8c1ce08196af321f87c7fec70aa9b556a
A login field longer than 8180 characters sent to the port 3103 causes the immediate freeze of the Pigeon server versions 3.02.0143 and below.
5b895839fa11cad0d1760038031d16051b1c9b2bcb399577776f785a0ffb9460
Snitz Forums 2000 v3.4.04 suffers from an HTTP response splitting vulnerability.
088243d419f091086b2f76b1287fd453be130828c19e0fef6ca6f242e098be54
Gentoo Linux Security Advisory GLSA 200409-19 Several bugs exist in the Heimdal ftp daemon which could allow a remote attacker to gain root privileges. Versions below 0.6.3 are affected.
c6878366d672dd0f0a396d0c602079ad593297bb32821664a5c6c1a6cfc62a58
Westpoint Security Advisory wp-04-0001 - Multiple browsers are susceptible to multiple cookie injection vulnerabilities. Tested: Internet Explorer 6.0 for Windows 2000 with all patches, Konqueror 3.1.4 for SuSE 9.0, Mozilla Firefox 0.9.2 for Windows 2000, Opera 7.51 for Windows 2000.
8fc149376018ed5107866eec1ab39898b97111216c66d313f39856eb9a5ec1d0
Technical Cyber Security Alert TA04-260A - Microsoft's Graphic Device Interface Plus (GDI+) contains a vulnerability in the processing of JPEG images. This vulnerability may allow attackers to remotely execute arbitrary code on the affected system. Exploitation may occur as the result of viewing a malicious web site, reading an HTML-rendered email message, or opening a crafted JPEG image in any vulnerable application. The privileges gained by a remote attacker depend on the software component being attacked.
8c2d2c6aa130bc7ec7423475bd8f9beba3c9252e9dbe9c6644dd0867560479da
Secunia Security Advisory - Multiple vulnerabilities have been reported in Netscape, which can be exploited by malicious people to conduct cross-site scripting attacks, access and modify sensitive information, and compromise a user's system.
da88eda0403bc9a8acc075e424c78e6654f656264d699c2c305e829afa003382
Debian Security Advisory DSA 548-1 - A heap overflow error in imlib could be abused by an attacker to execute arbitrary code on the vicim's machine.
cc33a1bbf517c1b544721404299dd7e7b47739a2d5e2e278b25eab5c872cb688
Debian Security Advisory DSA 547-1 - SUSE has discovered several buffer overflows in the ImageMagick graphics library. An attacker could create a malicious image or video file in AVI, BMP, or DIB format that could crash the reading process. It might be possible that carefully crafted images could also allow to execute arbitrary code with the capabilities of the invoking process.
31a9e771d7509988bad9d172db9a1f829b1994e282e9d7830a0a15f8e95f0909
ProBoards, based off of the YaBB Forums, is susceptible to a cross site scripting flaw.
325050c2279807d4a71e19dfd79394bff4bf0b671074e60d2825e1d7c4a46a56
iDEFENSE Security Advisory 09.15.04 - Remote exploitation of an input validation error in version 1.2 of GNU radiusd could allow a denial of service. The vulnerability specifically exists within the asn_decode_string() function defined in snmplib/asn1.c. When a very large unsigned number is supplied, it is possible that an integer overflow will occur in the bounds-checking code. The daemon will then attempt to reference unallocated memory, resulting in an access violation that causes the process to terminate.
638df77df40794f8d30fd8c68bc51f5d5c6d7b8da61c8fe14f8e5f634e0a5c51
gtk+ version 2.4.4 has heap and stack-based overflows that can allow for the compromise of an account used to browse a malicious XPM file.
109cfb0bda1034d53ac5db82dc78234e1d4ebcc321a14ba9479ce9f09f61a3f0
libXpm versions below 6.8.1 suffer from multiple stack and integer overflows.
fbd8d4486d62e535a9c1f5d140133d5544c6c2766a0a06ffdf2218a3d4d8b4d9
PHP versions above 4.1.2 and below or equal to 5.0.1 suffer from an exposure of arbitrary memory due to bad array parsing in php_variables.c.
afb6950881a4adf473bb29cac47e02559b458a3982c48313c7fdb03ba7a60852
SUSE Security Announcement - Alvaro Martinez Echevarria has found a remote Denial of Service condition within CUPS which allows remote users to make the cups server unresponsive. Additionally the SUSE Security Team has discovered a flaw in the foomatic-rip print filter which is commonly installed along with cups. It allows remote attackers, which are listed in the printing ACLs, to execute arbitrary commands as the printing user 'lp'.
87a70d13f5cc20c416e4b2c5025ab490ffacb14800f35874a59c8cd41fdde1cf
SITIC Vulnerability Advisory - Apache 2.0.x suffers from a buffer overflow when expanding environment variables in configuration files such as .htaccess and httpd.conf. In a setup typical of ISPs, for instance, users are allowed to configure their own public_html directories with .htaccess files, leading to possible privilege escalation.
9477ee2d98ddded93d0d277ed18e737445767878dc13e19f31e74199f9b89739
New Firefox, Thunderbird, and Mozilla releases between September 13 and 14 address 7 critical security issues. If you have not already, upgrade today.
e9d350da84264e6d5b1ca1b7bc56d5d368693bc81e678bb46bc9cee697f2656e