aimXSS.txt
Various America Online (AOL) Instant Messenger scripts are susceptible to cross site scripting attacks. Full details provided.
View Articlevbulletin352.txt
vBulletin version 3.5.2 is susceptible to cross site scripting attacks.
View ArticleUbuntu Security Notice 239-1
Ubuntu Security Notice USN-239-1 - Several format string vulnerabilities were discovered in the error logging handling of libapache2-mod-auth-pgsql. By sending specially crafted user names, an...
View ArticlemswGRE.txt
Microsoft Windows GRE is susceptible to multiple overrun vulnerabilities when rendering WMF files.
View ArticleUbuntu Security Notice 235-2
Ubuntu Security Notice USN-235-2 - USN-235-1 fixed a vulnerability in sudo's handling of environment variables. Tavis Ormandy noticed that sudo did not filter out the PYTHONINSPECT environment...
View ArticleDebian Linux Security Advisory 929-1
Debian Security Advisory DSA 929-1 - Steve Kemp from the Debian Security Audit project discovered a buffer overflow in petris, a clone of the Tetris game, which may be exploited to execute arbitrary...
View ArticleDebian Linux Security Advisory 930-1
Debian Security Advisory DSA 930-1 - Ulf Harnhammar from the Debian Security Audit project discovered a format string attack in the logging code of smstools, which may be exploited to execute arbitrary...
View Articlert-sa-2005-15.txt
BSD Securelevels can be circumvented at runtime. By mounting another filesystem, immutable files can be masked. Masking means placing an arbitrary file at the location of an immutable file, without...
View Articlert-sa-2005-16.txt
The implementations of securelevels on NetBSD and Linux contain an integer overflow, allowing the protection of system time to be completely circumvented.
View ArticleNetBSD-SA2006-001.txt
NetBSD Security Advisory 2006-001 - The kernfs filesystem does not validate file offsets properly and a userlevel non-privileged process can read arbitrary kernel memory locations.
View ArticleNetBSD-SA2006-002.txt
NetBSD Security Advisory 2006-002 - The prohibition against setting the system time backwards at securelevel > 1 can be circumvented.
View ArticleDebian Linux Security Advisory 931-1
Debian Security Advisory DSA 931-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, that can lead to a denial of service...
View ArticleEV0020.txt
Foxrum BBCode version 4.0.4f is susceptible to cross site scripting attacks.
View ArticleEV0021.txt
Venom Board version 1.22 is susceptible to SQL injection attacks. Exploitation details provided.
View Article2006090173928420.txt
Due to an insecure usage of the Apache logging function (ap_log_rerror) in auth_ldap_log_reason of auth_ldap, it is possible to run arbitrary code on the server running the module. Versions 1.6.0 and...
View Articlesecunia-ADOdb.txt
Secunia Research has discovered two security issues in ADOdb, which can be exploited by malicious people to disclose system information, execute arbitrary SQL code, and potentially compromise a...
View ArticleiDEFENSE Security Advisory 2006-01-09.t
iDefense Security Advisory 01.09.06 - Remote exploitation of a format string vulnerability in multiple versions of the mod_auth_pgsql authentication module for the Apache httpd could allow the...
View ArticleDebian Linux Security Advisory 933-1
Debian Security Advisory DSA 933-1 - Patrice Fournier found that hylafax passes unsanitized user data in the notify script, allowing users with the ability to submit jobs to run arbitrary commands with...
View ArticleDebian Linux Security Advisory 934-1
Debian Security Advisory DSA 934-1 - Two vulnerabilities have been discovered in Pound, a reverse proxy and load balancer for HTTP.
View Articlewebwiz634.txt
Web Wiz Forums versions 6.34 and below are susceptible to a cross site scripting attacks.
View Article
