Gentoo Linux Security Advisory GLSA 200703-24 - mgv includes code from gv that does not properly boundary check user-supplied data before copying it into process buffers. Versions less than or equal to 3.1.5 are affected.
6272a4d60ff8b787632640ce2e5805790eeb6dff23dbc79cac813e3ad511d60c
Ubuntu Security Notice 442-1 - Ulf Harnhammar of Secunia Research discovered that Evolution did not correctly handle format strings when displaying shared memos. If a remote attacker tricked a user into viewing a specially crafted shared memo, they could execute arbitrary code with user privileges.
ccb975c915aa2dbf1654fbfe92d6906c805529dcbf3633ffb4e490a2cee46a49
FreeBSD local root eject exploit.
3cb81eca9049f33276d079a740b85efee76c56f9266a5856257c94f1ba9436b1
Satel Lite for PHP-Nuke suffers from a local file inclusion vulnerability in Satellite.php.
f35edbd8223e6bda26504455cf9d5191f80db8e46b648d27515ab37066ad00ad
The libero.it ISP web site is susceptible to more cross site scripting attacks.
1e7e0e2538d23e0571b07088ad5cb2bacba9f34051d5496790090163157eda52
SubHub version 2.3.0 suffers from a cross site scripting vulnerability.
5c1b1fb5946e820e4ab42d079b4fe21721d8a428b0087c36fe4067ea1f87c3a9
Cypherstrust Ironmail version 6.1.1 suffers from multiple cross site scripting flaws.
c53a6491ffd3d0216ff3f078e941e35ec6ac60f50a23de1dfc87281606487060
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
06a0d93fbb856db9e590e50a55e1aeb4fb83a5124be71598222af4fa3bf68f84
Playstation 3 version 1.60 "Remote Play" remote denial of service exploit.
9da8fd98093c8d521584b37aa055ae7a76a91aa6f8111b4b680aea05dbf4212a
The Oracle Enterprise Manager suffers from a redirection flaw that may assist in phishing attacks.
f8e524c2b2aa0a52e5132c6f4823ae147f839a8577baabce59885e51c31a8a88
PHP version 5.2.1 with PECL phpDOC confirm_phpdoc_compiled() local buffer overflow proof of concept exploit for Win2k SP3. SEH overwrite method used.
adc156a3d4684b8b466a1cf8e42092f114e7d294742c768934a5ea2fe3f33484
PIX Logging Architecture is a project allowing for correlation of Cisco PIX Firewall traffic, IDS, and informational logs. It parses Cisco PIX logs from syslog files, then pushes the parsed data to a database. It contains a Web-based front end for displaying and searching the Cisco PIX Firewall logs.
8dfc46a4abba2d8b0525e79291130acf323696bbde237a4f4b398a24ba48c233
Easy File Sharing FTP server version 2.0 PASS remote exploit for Win2k SP4 that binds a shell to TCP port 4444.
3def45a977c52b6e8f0f60e1a2e14790ace91d83b4d0ef088bca447292e76c55
Microsoft Internet Explorer exploit that takes advantage of a double free error in the msadol5.dll NextRecordset() function.
694e1659f9b5ed8121b945fac6dc944e8e7b4722cf96ee45324b8a65a5cc0640
Frontbase for Windows versions 4.2.7 and below remote buffer overflow exploit.
256a9e775e7b3e0e1de96f8fa29fb28e216dfb542e398b5abd1d004c3f3c82f3
WarFTP version 1.65 USER remote buffer overflow exploit with multiple targets.
4c630e5bd5c64631516f402dabbbb54251efd335079bc177e313ca298c27fb71
Mercury Mail version 4.0.1 remote IMAP stack buffer overflow exploit that binds a shell to tcp port 4444.
308d3bd40ecffab66f0b3f06841565b1d6bcb4c5c1f45f07bac86bc22bc5eba8
Mephisto Blog is susceptible to a cross site scripting attack via the author's name field when adding a comment.
d7eea00e16ba4f8a1cac0d05bb5dad54782cbec6832bb1fc408066f8d00f1138
Ubuntu Security Notice 441-1 - A flaw was discovered in Squid's handling of the TRACE request method which could lead to a crash. Remote attackers with access to the Squid server could send malicious TRACE requests, and cause a denial of service.
a91a9bdecd36057f62f2d946c0476466f9fb4b576aff763b68d81031407e2b90
Backdoor patch for OpenSSH versions 4.4p1, 4.5p1, and 4.6p1 that logs usernames, hosts, and passphrases from login attempts.
bf09a9bc1fa3e69a42c62f7d9ccc67ca8d993fc674e0a8165454ad05730c9480
iodine is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be useful in situations where Internet access is firewalled, but DNS queries are allowed. It needs a TUN/TAP device to operate. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream.
6377a3a12587a82c0f0736b1c25ee88800eed0612629d5854683963954bc65b4
FreeBSD mcweject version 0.9 (eject) local root buffer overflow exploit.
864f054e5847364a2e466d2f412f25d3c6a6ba011869936c802017e439d6aac9
PHP versions below 4.4.4, 5.2.1, and 5.1.6 suffer from a readfile() safe mode bypass vulnerability.
2f92559142ea978bb19ae97f7de8910992d71b174807d71a769362f9bf62af97
Month of PHP Bugs - PHP versions below 4.4.5 and below 5.2.1 _SESSION deserialization overwrite exploit.
4f70f3805a241e4e1bfc7ee78ccb54d457fe1f492e69ce270a795841a777c520
Month of PHP Bugs - PHP versions below 4.4.5 and below 5.2.1 _SESSION unset() local exploit.
144846985e449305428e536afc4d0ed82c7b050abd8235fb624cc6e493a74a36