My Account

Home PHP Scripts Contact News RSS Readers Donations

Software and Script Bug Exploits

	Enter your search terms Submit search form
	Web www.amigura.co.uk

Main

Software Alerts

Software and Script Bug Exploits
Software Vulnerability
Random Feeds

Archives

| Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |

Mon, 31 Mar 08
Nik Sharpener Pro Insecure File Permissions
http://secunia.com/advisories/29586/
A security issue has been discovered in Nik Sharpener Pro, which potentially can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
Fedora update for Perlbal
http://secunia.com/advisories/29619/
Fedora has issued an update for Perlbal. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
Linux Audit "audit_log_user_command()" Buffer Overflow
http://secunia.com/advisories/29617/
A vulnerability has been reported in Linux Audit, which potentially can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
Smoothflash "cid" SQL Injection Vulnerability
http://secunia.com/advisories/29571/
S@BUN has reported a vulnerability in Smoothflash, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
Perlbal Chunked Uploads Denial of Service and Directory Traversal
http://secunia.com/advisories/29565/
Some vulnerabilities have been reported in Perlbal, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
2X ThinClientServer 2XTFTPd Service Directory Traversal
http://secunia.com/advisories/29590/
Luigi Auriemma has discovered a vulnerability in 2X ThinClientServer, which can be exploited by malicious people to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
CuteFlow Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/29612/
Some vulnerabilities have been discovered in CuteFlow, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
InspIRCd Unspecified Vulnerability
http://secunia.com/advisories/29610/
A vulnerability with unknown impact has been reported in InspIRCd.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
OpenSSH ForceCommand Bypass Weakness
http://secunia.com/advisories/29602/
A weakness has been reported in OpenSSH, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
OpenBSD OpenSSH ForceCommand Bypass Weakness
http://secunia.com/advisories/29609/
A weakness has been reported in OpenBSD, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
Slackware update for xine-lib
http://secunia.com/advisories/29578/
Slackware has issued an update for xine-lib. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
Slackware update for seamonkey
http://secunia.com/advisories/29596/
Slackware has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
Slackware update for mozilla-firefox
http://secunia.com/advisories/29594/
Slackware has issued an update for mozilla-firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
Debian update for iceweasel
http://secunia.com/advisories/29616/
Debian has issued an update for iceweasel. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
avast! Home/Professional aavmker4.sys Privilege Escalation
http://secunia.com/advisories/29605/
Tobias Klein has reported a vulnerability in avast! Home/Professional, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
CDS Invenio "Email Notification Alerts" Vulnerability
http://secunia.com/advisories/29521/
A vulnerability has been reported in CDS Invenio, which can be exploited by malicious users to manipulate certain data.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
VMware ESX Server update for libxml2
http://secunia.com/advisories/29591/
VMware has issued an update for VMware ESX Server. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
SUSE Update for Multiple Packages
http://secunia.com/advisories/29392/
SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
eggBlog Unspecified Cookie SQL Injection
http://secunia.com/advisories/29583/
A vulnerability has been reported in eggBlog, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
SUSE update for kernel
http://secunia.com/advisories/29570/
SUSE has issued an update for the kernel. This fixes some vulnerabilities and a security issue, which can be exploited by malicious, local users to bypass certain security restrictions and disclose potentially sensitive information, and by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
Debian update for iceape
http://secunia.com/advisories/29558/
Debian has issued an update for iceape. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
Iatek Products Two SQL Injection Vulnerabilities
http://secunia.com/advisories/29477/
xcorpitx has reported two vulnerabilities in various Iatek products, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
SUSE update for epiphany
http://secunia.com/advisories/29567/
SUSE has issued an update for epiphany. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
Debian update for policyd-weight
http://secunia.com/advisories/29553/
Debian has issued an update for policyd-weight. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Mon, 31 Mar 08
Debian update for exiftags
http://secunia.com/advisories/29580/
Debian has issued an update for exiftags. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
phpBB eXtreme Styles Module "phpEx" Local File Inclusion
http://secunia.com/advisories/29487/
bd0rk has discovered a vulnerability in the eXtreme Styles module (XS-Mod) for phpBB, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
phpAddressBook "skin" Local File Inclusion Vulnerabilities
http://secunia.com/advisories/29514/
0x90 has discovered two vulnerabilities in phpAddressBook, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Efestech E-Kontör "id" SQL Injection
http://secunia.com/advisories/29499/
RMx has reported a vulnerability in Efestech E-Kontör, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Apache::AuthCAS Session ID SQL Injection Vulnerability
http://secunia.com/advisories/29492/
Matthias Bethke has reported a vulnerability in Apache::AuthCAS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
DotNetNuke Multiple Vulnerabilities
http://secunia.com/advisories/29488/
Some vulnerabilities and a security issue have been reported in DotNetNuke, which can be exploited by malicious users to gain escalated privileges or to compromise a vulnerable system, and by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Novell eDirectory eMBox Utility Unspecified Vulnerability
http://secunia.com/advisories/29527/
A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
D-Link DI-604 "rf" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29531/
Jonas has reported a vulnerability in D-Link DI-604, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Joomla Custompages Component "cpage" File Inclusion
http://secunia.com/advisories/29520/
Sniper456 has discovered a vulnerability in the Custompages component for Joomla!, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
D-Link DSL-G604T "var:category" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29530/
Gareth Heyes has reported a vulnerability in D-Link DSL-G604T, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
IBM WebSphere Application Server for z/OS HTTP Server mod_status Cross-Site Scripting
http://secunia.com/advisories/29504/
IBM has acknowledged a vulnerability in IBM WebSphere Application Server for z/OS, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
D-Link DI-524 Denial of Service Vulnerabilities
http://secunia.com/advisories/29366/
laurent has reported two vulnerabilities in D-Link DI-524, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Novell eDirectory LDAP Extended Request Message Processing Buffer Overflow
http://secunia.com/advisories/29476/
A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
VLC Media Player "MP4_ReadBox_rdrf()" Buffer Overflow Vulnerability
http://secunia.com/advisories/29503/
A vulnerability has been reported in VLC Media Player, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Joomla rekry!Joom Component "op_id" SQL Injection
http://secunia.com/advisories/29510/
Sniper456 has discovered a vulnerability in the rekry!Joom component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
ZyXEL ZyWALL 1050 Undocumented Account Security Issue
http://secunia.com/advisories/29237/
Pranav Joshi has reported a security issue in ZyXEL ZyWALL 1050, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Red Hat Directory Server Insecure File Permissions
http://secunia.com/advisories/29482/
A vulnerability has been reported in Red Hat Directory Server, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Debian update for serendipity
http://secunia.com/advisories/29502/
Debian has issued an update for serendipity. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and script-insertion attacks or to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Ubuntu update for libicu
http://secunia.com/advisories/29294/
Ubuntu has issued an update for libicu. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Gentoo update for krb5
http://secunia.com/advisories/29516/
Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
ManageEngine EventLog Analyzer "searchText" Cross-Site Scripting
http://secunia.com/advisories/29524/
Yogesh Kulkarni has reported a vulnerability in ManageEngine EventLog Analyzer, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Orb Networks Orb Variant Array Parsing Integer Overflow
http://secunia.com/advisories/28203/
Secunia Research has discovered a vulnerability in Orb, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Gentoo update for wireshark
http://secunia.com/advisories/29511/
Gentoo has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Ubuntu update for bzip2
http://secunia.com/advisories/29506/
Ubuntu has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
Photo Cart "amessage" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29490/
Russ McRee has reported a vulnerability in Photo Cart, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 26 Mar 08
IBM AIX "usr/sbin/chnfsmnt" Vulnerability
http://secunia.com/advisories/29518/
A vulnerability with an unknown impact has been reported in IBM AIX.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
Internet Explorer HTTP Request Smuggling/Splitting Vulnerabilities
http://secunia.com/advisories/29453/
Stefano Di Paola has reported some vulnerabilities in Internet Explorer, which can be exploited by malicious people to conduct HTTP request smuggling/splitting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
Undernet ircu "send_user_mode" Denial of Service Vulnerability
http://secunia.com/advisories/29486/
Chris Porter has reported a vulnerability in Undernet ircu, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
Safari Address Bar Spoofing and Memory Corruption Vulnerabilities
http://secunia.com/advisories/29483/
Juan Pablo Lopez Yacubian has discovered two vulnerabilities in Safari, which can be exploited by malicious people to conduct spoofing attacks or potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
snircd "send_user_mode" Denial of Service Vulnerability
http://secunia.com/advisories/29481/
Chris Porter has reported a vulnerability in snircd, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
Fedora update for xine-lib
http://secunia.com/advisories/29472/
Fedora has issued an update for xine-lib. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
bzip2 Unspecified Vulnerability
http://secunia.com/advisories/29410/
A vulnerability with unknown impact has been reported in bzip2.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
rPath update for bzip2
http://secunia.com/advisories/29497/
rPath has issued an update for bzip2. This fixes a vulnerability with unknown impact.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
rPath update for unzip
http://secunia.com/advisories/29495/
rPath has issued an update for unzip. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
Fedora update for asterisk
http://secunia.com/advisories/29470/
Fedora has issued an update for asterisk. This fixes a weakness and some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), hijack a user session, and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
ASUS Remote Console DPC Proxy Service Buffer Overflow
http://secunia.com/advisories/29402/
Luigi Auriemma has discovered a vulnerability in ASUS Remote Console, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
7-zip Unspecified Vulnerability
http://secunia.com/advisories/29434/
A vulnerability with unknown impact has been reported in 7-zip.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
Fedora update for krb5
http://secunia.com/advisories/29464/
Fedora has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 25 Mar 08
eGroupWare HTML Filter Bypass Vulnerability
http://secunia.com/advisories/29491/
A vulnerability has been reported in eGroupWare, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
xine-lib Multiple Integer Overflow Vulnerabilities
http://secunia.com/advisories/29484/
Luigi Auriemma has reported some vulnerabilities in xine-lib, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
Linksys WRT54G Security Bypass Vulnerability
http://secunia.com/advisories/29344/
meathive has reported a vulnerability in Linksys WRT54G, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
Namazu namazu.cgi UTF-7 Cross-Site Scripting
http://secunia.com/advisories/29386/
A vulnerability has been reported in Namazu, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
Piczo Image Uploader ActiveX Control Buffer Overflows
http://secunia.com/advisories/29445/
Some vulnerabilities have been discovered in Piczo Image Uploader ActiveX control, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
Apple Aperture/iPhoto DNG Image Parsing Buffer Overflow
http://secunia.com/advisories/29469/
A vulnerability has been reported in Aperture and iPhoto, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
CenterIM URL Parsing Command Execution Vulnerability
http://secunia.com/advisories/29489/
Brian Fonfara has discovered a vulnerability in CenterIM, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
Speedport W500 b_banner.stm Password Disclosure
http://secunia.com/advisories/29414/
A vulnerability has been reported in the Speedport W500 router, which can be exploited by malicious people to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
AirPort Extreme Base Station AFP Request Denial of Service
http://secunia.com/advisories/29447/
A vulnerability has been reported in AirPort Extreme Base Station, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
Ubuntu update for mysql-dfsg-5.0
http://secunia.com/advisories/29443/
Ubuntu has issued an update for mysql-dfsg-5.0. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and gain escalated privileges, and by malicious people to cause a DoS and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
Windows Vista "NoDriveTypeAutoRun" Security Issue
http://secunia.com/advisories/29458/
CERT/CC has reported a security issue in Windows Vista, which can be exploited by malicious people to bypass certain security settings.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
Ubuntu update for unzip
http://secunia.com/advisories/29406/
Ubuntu has issued an update for unzip. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
Debian update for asterisk
http://secunia.com/advisories/29456/
Debian has issued an update for asterisk. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
Debian update for xwine
http://secunia.com/advisories/29452/
Debian has issued an update for xwine. This fixes two security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
Mandriva update for perl-Net-DNS
http://secunia.com/advisories/29446/
Mandriva has issued an update for per-Net-DNS. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
PEEL Multiple Vulnerabilities
http://secunia.com/advisories/29466/
Charles "real" F. has reported some vulnerabilities in PEEL, which can be exploited by malicious people to conduct SQL injection attacks and by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
Sun Solaris rpc.ypupdated Arbitrary Command Execution
http://secunia.com/advisories/29454/
kcope has discovered a vulnerability in Solaris, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 22 Mar 08
SecureSphere MX Management Server Alert Script Insertion
http://secunia.com/advisories/29439/
Shachar Bar (Berezniski) has reported a vulnerability in Imperva SecureSphere, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
CS-Cart "q" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29468/
sasquatch has discovered a vulnerability in CS-Cart, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
Joomla Restaurante Component "id" SQL Injection Vulnerability
http://secunia.com/advisories/29471/
S@BUN has discovered a vulnerability in the Restaurante component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
Gallarific Multiple Vulnerabilities
http://secunia.com/advisories/29399/
Some vulnerabilities have been discovered in Gallarific, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
Joomla Joovideo Component "id" SQL Injection Vulnerability
http://secunia.com/advisories/29474/
S@BUN has discovered a vulnerability in the Joovideo component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
IBM Rational ClearQuest Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29467/
sasquatch has reported some vulnerabilities in IBM Rational ClearQuest, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
Joomla Alberghi Component "id" SQL Injection Vulnerability
http://secunia.com/advisories/29473/
S@BUN has discovered a vulnerability in the Alberghi component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
Gentoo Multiple ebuilds ssl-cert eclass "docert()" Security Issue
http://secunia.com/advisories/29436/
Gentoo has acknowledged a security issue in multiple ebuilds, which can lead to the disclosure of sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
Adobe Flash FLA File Parsing Vulnerabilities
http://secunia.com/advisories/29455/
cocoruder has reported some vulnerabilities in Adobe Flash, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
Sun Solaris libexif Integer Overflow Vulnerability
http://secunia.com/advisories/29381/
Sun has acknowledged a vulnerability in libexif included with Sun Solaris, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
rPath update for krb5
http://secunia.com/advisories/29457/
rPath has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
Mandriva update for krb5
http://secunia.com/advisories/29462/
Mandriva has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
Gentoo update for openldap
http://secunia.com/advisories/29461/
Gentoo has issued an update for openldap. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 21 Mar 08
Gentoo update for viewvc
http://secunia.com/advisories/29460/
Gentoo has issued an update for viewvc. This fixes some security issues, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
ManageEngine SupportCenter Plus "searchText" Cross-Site Scripting
http://secunia.com/advisories/29441/
Yogesh Kulkarni has reported a vulnerability in ManageEngine SupportCenter Plus, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Mac OS X Security Update Fixes Multiple Vulnerabilities
http://secunia.com/advisories/29420/
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
SUSE update for cups
http://secunia.com/advisories/29448/
SUSE has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Easy-Clanpage "id" SQL Injection Vulnerability
http://secunia.com/advisories/29430/
n3w7u has discovered a vulnerability in Easy-Clanpage, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
BusinessObjects "RptViewerAX" ActiveX Control Buffer Overflow Vulnerability
http://secunia.com/advisories/29437/
Will Dormann has reported a vulnerability in BusinessObjects, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
WinRAR Multiple Unspecified Vulnerabilities
http://secunia.com/advisories/29407/
Some vulnerabilities have been reported in WinRAR, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
SUSE update for krb5
http://secunia.com/advisories/29424/
SUSE has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Asterisk Predictable HTTP Manager ID Weakness
http://secunia.com/advisories/29449/
Dino A. Dai Zovi has reported a weakness in Asterisk, which can be exploited by malicious people to hijack a user session.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
KAPhotoservice "albumid" SQL Injection Vulnerability
http://secunia.com/advisories/29433/
JosS has reported a vulnerability in KAPhotoservice, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
HP StorageWorks Library and Tape Tools (LTT) on HP-UX Security Bypass
http://secunia.com/advisories/29442/
HP has acknowledged a vulnerability in HP StorageWorks Library and Tape Tools (LTT), which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Belkin Wireless G Router Security Bypass and Denial of Service
http://secunia.com/advisories/29345/
Some security issues and a vulnerability have been reported in the Belkin Wireless G Router, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Apple Safari Multiple Vulnerabilities
http://secunia.com/advisories/29393/
Some vulnerabilities have been reported in Safari, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Red Hat update for krb5
http://secunia.com/advisories/29450/
Red Hat has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Debian update for krb5
http://secunia.com/advisories/29435/
Debian has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Ubuntu update for krb5
http://secunia.com/advisories/29438/
Ubuntu has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Red Hat update for krb5
http://secunia.com/advisories/29451/
Red Hat has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
RaidSonic ICY BOX NAS-4220-B Insecure Storage of Encryption Key
http://secunia.com/advisories/29401/
Collin Mulliner has reported a security issue in RaidSonic NAS-4220-B, which can be exploited by malicious people with physical access to the device to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Asterisk Multiple Vulnerabilities
http://secunia.com/advisories/29426/
Some vulnerabilities have been reported in Asterisk, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Red Hat update for krb5
http://secunia.com/advisories/29423/
Red Hat has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
xine-lib "sdpplin_parse()" Array Indexing Vulnerability
http://secunia.com/advisories/28694/
Secunia Research has discovered a vulnerability in xine-lib, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Kerberos Multiple Vulnerabilities
http://secunia.com/advisories/29428/
Some vulnerabilities have been reported in Kerberos, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
CUPS CGI Buffer Overflow Vulnerability
http://secunia.com/advisories/29431/
A vulnerability has been reported in CUPS, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Gentoo update for acroread
http://secunia.com/advisories/29425/
Gentoo has issued an update for acroread. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Mandriva update for unzip
http://secunia.com/advisories/29427/
Mandriva has issued an update for unzip. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 20 Mar 08
Joomla Acajoom PRO Component "mailingid" SQL Injection
http://secunia.com/advisories/29429/
fataku has reported a vulnerability in the Acajoom PRO component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 19 Mar 08
eForum "busca.php" Cross-Site Scripting
http://secunia.com/advisories/29380/
Omni has discovered two vulnerabilities in eForum, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 19 Mar 08
Home FTP Server Passive Mode Denial of Service
http://secunia.com/advisories/29419/
0in has discovered a vulnerability in Home FTP Server, which can be exploited by malicious users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 19 Mar 08
Plone Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/29361/
A vulnerability has been discovered in Plone, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 19 Mar 08
Serendipity Security Bypass and Script Insertion Vulnerabilities
http://secunia.com/advisories/29398/
Two vulnerabilities have been reported in Serendipity, which can be exploited by malicious people to conduct script insertion attacks and bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 19 Mar 08
CheckPoint VPN-1 IP Address Collision Security Issue
http://secunia.com/advisories/29394/
Robert Mitchell has reported a security issue in CheckPoint VPN-1, which can lead to a DoS (Denial of Service) or disclosure of sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 19 Mar 08
Gentoo update for dovecot
http://secunia.com/advisories/29396/
Gentoo has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 19 Mar 08
Sun Solaris "rpc.metad" Denial of Service
http://secunia.com/advisories/29418/
Kingcope has reported a vulnerability in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 19 Mar 08
PHPauction GPL "include_path" File Inclusion Vulnerabilities
http://secunia.com/advisories/29422/
RoMaNcYxHaCkEr has discovered some vulnerabilities in PHPauction GPL, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 19 Mar 08
Debian update for unzip
http://secunia.com/advisories/29432/
Debian has issued an update for unzip. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 19 Mar 08
Debian update for ikiwiki
http://secunia.com/advisories/29369/
Debian has issued an update for ikiwiki. This fixes two vulnerabilities, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 19 Mar 08
UnZip "inflate_dynamic()" Uninitialized Pointers Vulnerability
http://secunia.com/advisories/29415/
A vulnerability has been reported in UnZip, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 19 Mar 08
Gentoo update for libpcre and glib
http://secunia.com/advisories/29282/
Gentoo has issued an update for libpcre and glib. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
CA BrightStor ARCserve Backup "ListCtrl" ActiveX Control Buffer Overflow
http://secunia.com/advisories/29408/
Krystian Kloskowski has reported a vulnerability in CA BrightStor ARCserve Backup, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
Multiple Time Sheets "tab" Cross-Site Scripting
http://secunia.com/advisories/29416/
JosS has discovered a vulnerability in Multiple Time Sheets (MTS), which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
F-Secure Archives Handling Unspecified Vulnerabilities
http://secunia.com/advisories/29397/
Some vulnerabilities have been reported in various F-Secure products, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
fuzzylime (cms) "admindir" File Inclusion Vulnerability
http://secunia.com/advisories/29417/
irk4z has discovered a vulnerability in fuzzylime (cms), which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
VMware Server Multiple Vulnerabilities
http://secunia.com/advisories/29412/
Some vulnerabilities have been reported in VMware Server, which can be exploited by malicious, local users to gain escalated privileges or to cause a DoS (Denial of Service), and by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
VMware Workstation Multiple Vulnerabilities
http://secunia.com/advisories/29413/
Some vulnerabilities have been reported in VMware Server, which can be exploited by malicious, local users to gain escalated privileges and potentially by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
eXV2 myannonces Module "lid" SQL Injection
http://secunia.com/advisories/29384/
S@BUN has discovered a vulnerability in the myannonces module for eXV2, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
phpBP "id" SQL Injection Vulnerability
http://secunia.com/advisories/29411/
irk4z has reported a vulnerability in phpBP, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
MG-SOFT Net Inspector Multiple Vulnerabilities
http://secunia.com/advisories/29421/
Luigi Auriemma has discovered some vulnerabilities in MG-SOFT Net Inspector, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
Novell GroupWise Windows Client API Security Bypass
http://secunia.com/advisories/29409/
A vulnerability has been reported in Novell GroupWise, which can be exploited by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
eXV2 Viso Module "kid" SQL Injection Vulnerability
http://secunia.com/advisories/29389/
S@BUN has discovered a vulnerability in the Viso (Industry Book) module for eXV2, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
SUSE Update for Multiple Packages
http://secunia.com/advisories/29323/
SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to conduct cross-site scripting attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
Debian update for horde3
http://secunia.com/advisories/29400/
Debian has issued an update for horde3. This fixes a vulnerability, which can be exploited by malicious users to disclose sensitive information and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
Debian update for ldapscripts
http://secunia.com/advisories/29395/
Debian has issued an update for ldapscripts. This fixes a security issue, which can be exploited by malicious, local users to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
Debian update for lighttpd
http://secunia.com/advisories/29403/
Debian has issued an update for lighttpd. This fixes a security issue, which can be exploited by malicious people to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
BootManage TFTP Server Buffer Overflow Vulnerability
http://secunia.com/advisories/29404/
Luigi Auriemma has discovered a vulnerability in BootManage TFTP Server, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
eXV2 WebChat Module "roomid" SQL Injection
http://secunia.com/advisories/29390/
S@BUN has discovered a vulnerability in the WebChat module for eXV2, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
Avaya CMS Solaris Firewall Security Bypass and Denial of Service
http://secunia.com/advisories/29379/
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
Debian update for smarty
http://secunia.com/advisories/29405/
Debian has issued an update for smarty. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
Debian update for dovecot
http://secunia.com/advisories/29385/
Debian has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
Debian update for backup-manager
http://secunia.com/advisories/29377/
Debian has issued an update for backup-manager. This fixes a security issue, which can be exploited by malicious, local users to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
Ubuntu update for mailman
http://secunia.com/advisories/29388/
Ubuntu has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 18 Mar 08
Gentoo update for wml
http://secunia.com/advisories/29353/
Gentoo has issued an update for wml. This fixes some security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 15 Mar 08
Invision Power Board Nested BBCodes Script Insertion
http://secunia.com/advisories/29378/
A vulnerability has been reported in Invision Power Board, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 15 Mar 08
DB2 Monitoring Console File Upload and Unauthorized Database Access
http://secunia.com/advisories/29367/
Some vulnerabilities have been reported in DB2 Monitoring Console, which can be exploited by malicious people to bypass certain security restrictions or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 15 Mar 08
Red Hat update for kernel
http://secunia.com/advisories/29387/
Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 15 Mar 08
ZABBIX "vfs.file.cksum" Denial of Service Vulnerability
http://secunia.com/advisories/29383/
Milen Rangelov has discovered a vulnerability in ZABBIX, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 15 Mar 08
SUSE update for evolution
http://secunia.com/advisories/29317/
SUSE has issued an update for evolution. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 15 Mar 08
MDaemon IMAP Server "FETCH" Command Buffer Overflow
http://secunia.com/advisories/29382/
Matteo Memelli has discovered a vulnerability in MDaemon, which can be exploited by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 15 Mar 08
CiscoWorks Internetwork Performance Monitor Arbitrary Command Execution
http://secunia.com/advisories/29376/
A vulnerability has been reported in CiscoWorks Internetwork Performance Monitor, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 15 Mar 08
Nagios Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29363/
A vulnerability has been reported in Nagios, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 15 Mar 08
Gentoo update for live
http://secunia.com/advisories/29356/
Gentoo has issued an update for live. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 15 Mar 08
Virtual Support Office-XP "Issue_ID" SQL Injection Vulnerability
http://secunia.com/advisories/29365/
Aria-Security Team has reported a vulnerability in Virtual Support Office-XP (VSO-XP), which can be exploited by malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 15 Mar 08
Mandriva update for gcc
http://secunia.com/advisories/29334/
Mandriva has issued an update for gcc. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
Gentoo update for sarg
http://secunia.com/advisories/29309/
Gentoo has issued an update for sarg. This fixes some vulnerabilities, which can be exploited by malicious people to conduct script insertion attacks or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
Sun Solaris JDS XscreenSaver Authentication Bypass
http://secunia.com/advisories/29368/
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
EasyGallery SQL Injection and Cross-Site Scripting
http://secunia.com/advisories/29372/
JosS has discovered some vulnerabilities in EasyGallery, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
McAfee ePolicy Orchestrator Framework Service Format String Vulnerability
http://secunia.com/advisories/29337/
Luigi Auriemma has discovered a vulnerability in McAfee ePolicy Orchestrator, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
eXV2 bamaGalerie "cid" SQL Injection Vulnerability
http://secunia.com/advisories/29362/
A vulnerability has been discovered in eXV2, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
eXV2 Bama Galerie Module "cid" SQL Injection
http://secunia.com/advisories/29359/
S@BUN has discovered a vulnerability in the Bama Galerie module for eXV2, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
EasyCalendar SQL Injection and Cross-Site Scripting
http://secunia.com/advisories/29373/
JosS has discovered some vulnerabilities in EasyCalendar, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
Fully Modded phpBB "k" SQL Injection Vulnerability
http://secunia.com/advisories/29339/
TurkishWarriorr has discovered a vulnerability in Fully Modded phpBB, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
Fedora update for roundup
http://secunia.com/advisories/29375/
Fedora has issued an update for roundup. This fixes some vulnerabilities with unknown impacts, and a security issue, which can be exploited by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
Roundup Multiple Vulnerabilities
http://secunia.com/advisories/29336/
Multiple vulnerabilities and a security issue have been reported in Roundup, some of which have unknown impacts, while others can be exploited by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
Mapbender SQL and PHP Code Injection
http://secunia.com/advisories/29329/
RedTeam Pentesting has reported some vulnerabilities in Mapbender, which can be exploited by malicious people to conduct SQL injection attacks or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
IBM WebSphere MQ for HP NonStop Missing Authentication
http://secunia.com/advisories/29360/
A security issue has been reported in IBM WebSphere MQ for HP NonStop, which can be exploited by malicious, local users to bypass certain security restrictions or manipulate certain data.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
UnixWare update for openssh
http://secunia.com/advisories/29371/
SCO has issued an update for openssh. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
UnixWare "pkgadd" Directory Traversal Vulnerability
http://secunia.com/advisories/29370/
A vulnerability has been reported in UnixWare, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
XOOPS Tutorials Module "tid" SQL Injection
http://secunia.com/advisories/29358/
S@BUN has discovered a vulnerability in the Tutorials module for XOOPS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
Cisco User-Changeable Password Multiple Vulnerabilities
http://secunia.com/advisories/29351/
Some vulnerabilities have been reported in Cisco User-Changeable Password (UCP), which can be exploited by malicious people to conduct cross-site scripting attacks or potentially to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
Fedora update for horde
http://secunia.com/advisories/29374/
Fedora has issued an update for horde. This fixes a vulnerability, which can be exploited by malicious users to to disclose sensitive information and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
StoreFront "CategoryId" SQL Injection Vulnerability
http://secunia.com/advisories/29326/
Nick Merritt has reported a vulnerability in StoreFront, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
Polymita BPM-Suite / CollagePortal Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29355/
Russ McRee has reported some vulnerabilities in Polymita BPM-Suite and CollagePortal, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
Fedora update for dovecot
http://secunia.com/advisories/29226/
Fedora has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
Fedora update for ruby
http://secunia.com/advisories/29357/
Fedora has issued an update for ruby. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
rPath update for lighttpd
http://secunia.com/advisories/29318/
rPath has issued an update for lighttpd. This fixes some security issues, which can be exploited by malicious people to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 14 Mar 08
rPath update for dovecot
http://secunia.com/advisories/29364/
rPath has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
Internet Explorer FTP Command Injection Vulnerability
http://secunia.com/advisories/29346/
Derek Abdine has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to conduct FTP command injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
Bloo Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/29338/
MhZ91 has reported some vulnerabilities in Bloo, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
Adobe Form Designer/Form Client Buffer Overflow Vulnerabilities
http://secunia.com/advisories/29330/
Some vulnerabilities have been reported in Adobe Form Designer and Form Client, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
Adobe LiveCycle Workflow Web Management Login Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29331/
Dave Lewis has reported a vulnerability in Adobe LiveCycle Workflow, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
IBM AIX Multiple Vulnerabilities
http://secunia.com/advisories/29349/
Some vulnerabilities are reported in IBM AIX, which can be exploited by malicious, local users to cause a DoS (Denial of Service), bypass certain security restrictions, disclose sensitive information, or to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
IBM AIX "reboot" Buffer Overflow Vulnerability
http://secunia.com/advisories/29347/
A vulnerability has been reported in IBM AIX, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
Debian update for libnet-dns-perl
http://secunia.com/advisories/29354/
Debian has issued an update for libnet-dns-perl. This fixes some vulnerabilities, which can be exploited by malicious people to poison the DNS cache or to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
Perl Net::DNS Module DNS Response Denial of Service
http://secunia.com/advisories/29343/
Beyond Security has reported a vulnerability in the Net::DNS Perl module, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
IBM WebSphere Application Server Multiple Vulnerabilities
http://secunia.com/advisories/29335/
Some vulnerabilities and security issues have been reported in IBM WebSphere Application Server, some of which have unknown impacts while others can potentially be exploited by malicious, local users to gain knowledge of sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
Sun Solaris 10 Inter-Process Communication Denial of Service
http://secunia.com/advisories/29352/
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
Red Hat Directory Server Insecure Directory Permissions
http://secunia.com/advisories/29350/
A vulnerability has been reported in Red Hat Directory Server, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
QuickTalk forum "id" SQL Injection Vulnerability
http://secunia.com/advisories/29288/
t0pP8uZz & xprog have discovered a vulnerability in QuickTalk forum, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
HP-UX HP CIFS Server Multiple Vulnerabilities
http://secunia.com/advisories/29341/
HP has acknowledged some vulnerabilities in HP-UX, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
Gentoo update for icu
http://secunia.com/advisories/29333/
Gentoo has issued an update for icu. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
Adobe ColdFusion Multiple Vulnerabilities
http://secunia.com/advisories/29332/
Some vulnerabilities and a weakness have been reported in Adobe ColdFusion, which can be exploited by malicious people to bypass certain security restrictions and to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
Gentoo update for apache
http://secunia.com/advisories/29348/
Gentoo has issued an update for apache. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Thu, 13 Mar 08
Red Hat update for java-1.4.2-bea
http://secunia.com/advisories/29340/
Red Hat has issued an update for java-1.4.2-bea. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive/system information, cause a DoS (Denial of Service), manipulate data, or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Microsoft Office Web Components Two Vulnerabilities
http://secunia.com/advisories/29328/
Two vulnerabilities have been reported in Microsoft Office Web Components, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Microsoft Office Two Code Execution Vulnerabilities
http://secunia.com/advisories/29321/
Two vulnerabilities have been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Microsoft Outlook "mailto:" URI Handling Vulnerability
http://secunia.com/advisories/29320/
A vulnerability has been reported in Microsoft Outlook, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Savvy Content Manager "searchterms" Cross-Site Scripting
http://secunia.com/advisories/29298/
Russ McRee has reported a vulnerability in Savvy Content Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
IBM Informix Dynamic Server Multiple Vulnerabilities
http://secunia.com/advisories/29272/
Some vulnerabilities have been reported in IBM Informix Dynamic Server, where some have unknown impacts and others can potentially be exploited to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
zKup PHP Code Execution and Security Bypass
http://secunia.com/advisories/29276/
Charles "real" F. has discovered two vulnerabilities in zKup, which can be exploited by malicious people to manipulate data and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Alkacon OpenCms "filePath" Cross-Site Scripting and File Disclosure
http://secunia.com/advisories/29278/
nnposter has discovered some vulnerabilities in Alkacon OpenCms, which can be exploited by malicious users to disclose potentially sensitive information and malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Red Hat update for tomcat
http://secunia.com/advisories/29313/
Red Hat has issued an update for tomcat. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious users to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Motorola Timbuktu Pro Denial of Service and File Upload Vulnerabilities
http://secunia.com/advisories/29316/
Luigi Auriemma has discovered some vulnerabilities in Motorola Timbuktu Pro, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Joomla! eWriting Component "cat" SQL Injection
http://secunia.com/advisories/29292/
breaker_unit & Don have discovered a vulnerability in the eWriting component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Kingsoft Antivirus Online Update Module ActiveX Control Buffer Overflow
http://secunia.com/advisories/29204/
void has discovered a vulnerability in Kingsoft Antivirus Online Update Module, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
PHP-Nuke Hadith Module "cat" SQL Injection
http://secunia.com/advisories/29322/
Lovebug has reported a vulnerability in the Hadith module for PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Sun Java Server Faces Input Handling Cross-Site Scripting
http://secunia.com/advisories/29327/
Sun has acknowledged a vulnerability in Java Server Faces, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
MaxDB Multiple Vulnerabilities
http://secunia.com/advisories/29312/
Some vulnerabilities have been reported in MaxDB, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Gentoo update for pdflib
http://secunia.com/advisories/29304/
Gentoo has issued an update for pdflib. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Symantec Altiris Deployment Solution Server Agent Privilege Escalation
http://secunia.com/advisories/29319/
A vulnerability has been reported in Symantec Altiris Deployment Solution, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Gentoo update for mplayer
http://secunia.com/advisories/29307/
Gentoo has issued an update for mplayer. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
IBM Lotus QuickPlace Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29025/
Nir Goldshlager (Avnet) has reported a vulnerability in IBM Lotus QuickPlace, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
ManageEngine ServiceDesk Plus Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29310/
Yogesh Kulkarni has discovered a vulnerability in ManageEngine ServiceDesk Plus, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Ubuntu update for python
http://secunia.com/advisories/29303/
Ubuntu has issued an update for python. This fixes two security issues, which can be exploited by malicious people to disclose potentially sensitive information, to cause a DoS (Denial of Service), or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
ASG-Sentry Network Manager Multiple Vulnerabilities
http://secunia.com/advisories/29289/
Luigi Auriemma has reported some vulnerabilities and a security issue in ASG-Sentry Network Manager, which can be exploited by malicious people to manipulate certain data, bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
RealPlayer ActiveX Control "Console" Property Memory Corruption
http://secunia.com/advisories/29315/
Elazar Broad has discovered a vulnerability in RealPlayer, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Wed, 12 Mar 08
Gentoo update for cacti
http://secunia.com/advisories/29274/
Gentoo has issued an update for cacti. This fixes some vulnerabilities, which can be exploited by malicious people to conduct HTTP response splitting, cross-site scripting, and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Horde "theme" Local File Inclusion Vulnerability
http://secunia.com/advisories/29286/
A vulnerability has been reported in various Horde products, which can be exploited by malicious users to disclose sensitive information and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Beehive Secure File Transfer Appliance "sfoutbox" Hardcoded FTP Account
http://secunia.com/advisories/29197/
Brad Antoniewicz has reported a security issue in Beehive Secure File Transfer Appliance, which potentially can be exploited by malicious people to gain unauthorized access to the FTP server.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Acronis True Image Echo Group Server and Windows Agent Denial of Service
http://secunia.com/advisories/29306/
Luigi Auriemma has reported some vulnerabilities in Acronis True Image Echo, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Acronis Snap Deploy PXE Server TFTP Vulnerabilities
http://secunia.com/advisories/29305/
Luigi Auriemma has reported some vulnerabilities in Acronis Snap Deploy, which can be exploited by malicious people to disclose sensitive information or cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
PacketTrap pt360 TFTP Filename Handling Denial of Service
http://secunia.com/advisories/29308/
Luigi Auriemma has reported a vulnerability in PacketTrap pt360 TFTP server, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
BM Classifieds Two SQL Injection Vulnerabilities
http://secunia.com/advisories/29297/
xcorpitx has reported two vulnerabilities in BM Classifieds, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Argon Client Management Services TFTP Server Directory Traversal
http://secunia.com/advisories/29302/
Luigi Auriemma has discovered a vulnerability in Argon Client Management Services, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
RemotelyAnywhere HTTP Request Accept-Charset Header Denial of Service
http://secunia.com/advisories/29296/
Luigi Auriemma has reported a vulnerability in RemotelyAnywhere, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
QuickTicket "id" SQL Injection Vulnerability
http://secunia.com/advisories/29299/
croconile has discovered a vulnerability in QuickTicket, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
MailEnable IMAP Service Multiple Vulnerabilities
http://secunia.com/advisories/29277/
Luigi Auriemma has discovered some vulnerabilities in MailEnable, which can be exploited by malicious people and malicious users to cause a DoS (Denial of Service) or by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Panda Products cpoint.sys Privilege Escalation Vulnerabilities
http://secunia.com/advisories/29311/
Tobias Klein has reported some vulnerabilities in Panda products, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
AIX "man" Insecure Program Execution Vulnerability
http://secunia.com/advisories/29301/
A vulnerability has been reported in AIX, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Debian update for moin
http://secunia.com/advisories/29262/
Debian has issued an update for moin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass security restrictions, manipulate certain data, or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Gentoo update for ghostscript
http://secunia.com/advisories/29314/
Gentoo has issued an update for ghostscript-esp, ghostscript-gpl, and ghostscript-gnu. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Dovecot Authentication Bypass Vulnerability
http://secunia.com/advisories/29295/
A vulnerability has been reported in Dovecot, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
MailEnable SMTP Service EXPN/VRFY Denial of Service
http://secunia.com/advisories/29300/
A vulnerability has been reported in MailEnable, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Gentoo update for phpmyadmin
http://secunia.com/advisories/29287/
Gentoo has issued an update for phpmyadmin. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Sun Java Web Console Information Disclosure Security Issue
http://secunia.com/advisories/29290/
A security issue has been reported in Sun Java Web Console, which can be exploited by malicious people to disclose certain information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Sun Solaris ICU Regular Expressions Vulnerabilities
http://secunia.com/advisories/29291/
Sun has acknowledged some vulnerabilities in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the ICU library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
Gentoo update for vlc
http://secunia.com/advisories/29284/
Gentoo has issued an update for vlc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Tue, 11 Mar 08
rPath update for dbus
http://secunia.com/advisories/29281/
rPath has issued an update for dbus, dbus-glib, dbus-qt, and dbus-x11. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 8 Mar 08
SynCE vdccm Denial of Service and Command Injection
http://secunia.com/advisories/29228/
Some vulnerabilities have been reported in SynCE vdccm, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 8 Mar 08
Fedora update for vdccm
http://secunia.com/advisories/29285/
Fedora has issued an update for vdccm. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 8 Mar 08
WebCT Mail/Discussion Board Message Script Insertion
http://secunia.com/advisories/29227/
Benjamin Lupton has reported a vulnerability in WebCT Campus Edition, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 8 Mar 08
BosClassifieds Classified Ads System "returnTo" Cross-Site Scripting
http://secunia.com/advisories/29261/
Russ McRee has reported a vulnerability in BosClassifieds Classified Ads System, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Sat, 8 Mar 08
BosDates Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29255/
Russ McRee has reported some vulnerabilities in BosDates, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
Debian update for lighttpd
http://secunia.com/advisories/29275/
Debian has issued an update for lighttpd. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
Fedora update for lighttpd
http://secunia.com/advisories/29268/
Fedora has issued an update for lighttpd. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information or to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
Fedora update for libtirpc
http://secunia.com/advisories/29270/
Fedora has issued an update for libtirpc. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
Fedora update for nx
http://secunia.com/advisories/29271/
Fedora has issued an update for nx. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
Fedora update for kronolith
http://secunia.com/advisories/29269/
Fedora has issued an update for kronolith. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
Red Hat update for java-1.5.0-sun
http://secunia.com/advisories/29273/
Red Hat has issued an update for java-1.5.0-sun. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), to bypass certain security restrictions, or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
Fedora update for mediawiki
http://secunia.com/advisories/29266/
Fedora has issued an update for mediawiki. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
IBM Rational ClearQuest Web User Enumeration Weakness
http://secunia.com/advisories/29280/
A weakness has been reported in IBM Rational ClearQuest, which can be exploited by malicious people to identify valid user accounts.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
SUSE Update for Multiple Packages
http://secunia.com/advisories/29242/
SUSE has issued an update for multiple packages. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, by malicious users to conduct SQL injection attacks, and by malicious people to bypass certain security restrictions, gain potentially sensitive information, conduct HTTP response splitting, cross-site scripting, or SQL injection attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.



Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Fri, 7 Mar 08
Fedora update for pcre
http://secunia.com/advisories/29267/
Fedora has issued an update for pcre. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose sensitive information, or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
Fedora update for evolution
http://secunia.com/advisories/29264/
Fedora has issued an update for evolution. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
Airspan WiMAX ProST Web Interface Authentication Bypass
http://secunia.com/advisories/29265/
A security issue has been reported in Airspan WiMAX ProST devices, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
Zimbra Collaboration Suite Script Insertion Vulnerability
http://secunia.com/advisories/29263/
A vulnerability has been reported in Zimbra Collaboration Suite, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
SUSE update for kernel-rt
http://secunia.com/advisories/29245/
SUSE has issued an update for kernel-rt. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), gain escalated privileges, bypass certain security restrictions, or to corrupt a file system, and by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
BFup ActiveX Control "FilePath" Property Buffer Overflow
http://secunia.com/advisories/29260/
A vulnerability has been reported in BFup ActiveX Control, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
Mandriva update for mailman
http://secunia.com/advisories/29249/
Mandriva has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
PHP-Nuke Kütüb-i Sitte Module "kid" SQL Injection
http://secunia.com/advisories/29279/
Lovebug has discovered a vulnerability in the Kütüb-i Sitte module for PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
libtirpc "svcauth_gss_validate()" Buffer Overflow
http://secunia.com/advisories/29247/
A vulnerability has been reported in libtirpc, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/

Fri, 7 Mar 08
FreeBSD ppp Buffer Overflow Vulnerability
http://secunia.com/advisories/29238/
A vulnerability has been reported in FreeBSD, which potentially can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing