RHEL 4 : gimp (RHSA-2006:0598)

Updated gimp packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GIMP GNU Image Manipulation Program is an image composition and editing program. Henning Makho...

RHEL 2.1 / 3 / 4 : mutt (RHSA-2006:0577)

Updated mutt packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mutt is a text-mode mail user agent. A buffer overflow flaw was found in the way Mutt processes an overly long namespace from a...

CentOS 4 : netpbm (CESA-2005:793)

Updated netpbm packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The netpbm package contains a library of functions that support programs for handling various graphics file formats, including...

CentOS 4 : kdegraphics (CESA-2005:671)

Updated kdegraphics packages that resolve a security issue in kpdf are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdegraphics packages contain applications for the K Desktop Environment including kpdf, a pdf file viewer....

CentOS 3 / 4 : tcpdump (CESA-2005:417)

Updated tcpdump packages that fix several security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This updated package also adds support for output files larger than 2 GB. Tcpdump is a command-line tool for monitoring...

CentOS 3 / 4 : cvs (CESA-2005:387)

An updated cvs package that fixes security bugs is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. CVS Concurrent Version System is a version control system. A buffer overflow bug was found in the way the CVS client processes...

CentOS 3 / 4 : freeradius (CESA-2005:524)

Updated freeradius packages that fix a buffer overflow and possible SQL injection attacks in the sql module are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. FreeRADIUS is a high-performance and highly configurable free RADIUS...

CentOS 3 / 4 : openmotif (CESA-2005:412)

Updated openmotif packages that fix a flaw in the Xpm image library are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenMotif provides libraries which implement the Motif industry standard graphical user interface. An integer...

CentOS 3 : openldap / nss_ldap (CESA-2005:751)

Updated openldap and nssldap packages that correct a potential password disclosure issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol...

CentOS 3 / 4 : tetex (CESA-2006:0160)

Updated tetex packages that fix several integer overflows are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. TeTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input and creates a...

RHEL 3 / 4 : mailman (RHSA-2006:0486)

An updated mailman package that fixes a denial of service flaw is now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mailman is software to help manage email discussion lists. A flaw was found in...

Slackware 10.0 / 10.1 / 10.2 / 9.1 / current : mysql (SSA:2006-155-01)

New mysql packages are available for Slackware 9.1, 10.0, 10.1, 10.2 and -current to fix security issues. The MySQL packages shipped with Slackware 9.1, 10.0, and 10.1 may possibly leak sensitive information found in uninitialized memory to authenticated users. This is fixed in the new packages,...

RHEL 3 / 4 : quagga (RHSA-2006:0525)

Updated quagga packages that fix several security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Quagga manages the TCP/IP based routing protocol. It takes a multi-server and multi-thread approach to resolve...

Assetman <= 2.4a XSS

Assetman = 2.4a XSS Discovered by: Nomenumbra Date: 23/5/2006 impact:moderate privilege escalation,possible defacement Assetman doesn't filter any of it's input, allowing users to inject arbitrary HTML or javascript code. Nomenumbra...

RHEL 2.1 / 3 : xscreensaver (RHSA-2006:0498)

An updated xscreensaver package that fixes two security flaws is now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. XScreenSaver is a collection of screensavers. A keyboard focus flaw was found...

CVE-2006-2498

Invision Power Board IPB before 2.1.6 allows remote attackers to execute arbitrary PHP script via attack vectors involving 1 the posticon variable in classes/post/classpost.php and 2 the df value in actionpublic/moderate.php...

[slackware-security] mysql

New mysql packages are available for Slackware 10.2 and -current to fix security issues. The MySQL package shipped with Slackware 10.2 may possibly leak sensitive information found in uninitialized memory to authenticated users. The MySQL package previously in Slackware -current also suffered fro...

myBloggie <= 2.1.3 XSS

myBloggie = 2.1.3 XSS Discovered by: Nomenumbra Date: 6/4/2006 impact:moderate privilege escalation,possible defacement MyBloggie versions 2.1.3 and below are vulnerable to XSS injection in the image BBcode as follows: imgjavascript:alert'xss'/img Nomenumbra/0x4F4C...

RHEL 3 / 4 : ipsec-tools (RHSA-2006:0267)

Updated ipsec-tools packages that fix a bug in racoon are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKE...

MonsterTopList- Remote Code Execution bug

MonsterTopList- Remote Code Execution bug discovered By: VietMafia ================================= Developer site: http://www.monstertoplist.com/ Software: MTL 1.4 and prior Risk: Moderate Status: unpatched orginal advisory:http://pridels.blogspot.com/2006/04/monstertoplist.html...