RHEL 4 : openssh (RHSA-2005:527)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:527 advisory. OpenSSH is OpenBSD's SSH Secure SHell protocol implementation. An error in the way OpenSSH handled GSSAPI credential delegation was discovere...

RHEL 4 : cups (RHSA-2005:772)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2005:772 advisory. The Common UNIX Printing System CUPS provides a portable printing layer for UNIXR operating systems. A bug was found in the way CUPS processes malform...

Limbo CMS <=1.0.4.2 XSS

Limbo CMS =1.0.4.2 XSS 2005-10-03 12:37:28 bugtaq at lol dot lt Vulnerability type: Permanent XSS Risk: Moderate A malicious HTML tag can be injected through the Contact menu form. A PM can be send, which will later be red by admins. E.g.: scriptalertdocument.cookie/script Information was provide...

Moderate: Red Hat Security Advisory: pcre security update

Updated pcre packages are now available to correct a security issue. This update has been rated as having moderate security impact by the Red Hat Security Response Team PCRE is a Perl-compatible regular expression library. An integer overflow flaw was found in PCRE, triggered by a maliciously...

RHEL 4 : gedit (RHSA-2005:499)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2005:499 advisory. gEdit is a small text editor designed specifically for the GNOME GUI desktop. A file name format string vulnerability has been discovered in gEdit. It...

RHEL 2.1 : ncpfs (RHSA-2005:371)

An updated ncpfs package is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ncpfs is a file system that understands the Novell NetWareTM NCP protocol. A bug was found in the way ncpfs handled file permissions. ncpfs did not...

RHEL 4 : cyrus-imapd (RHSA-2005:408)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2005:408 advisory. The cyrus-imapd package contains the core of the Cyrus IMAP server. Several buffer overflow bugs were found in cyrus-imapd. It is possible that an...

[SA14091] Squid Oversized Reply Header Handling Security Issue

TITLE: Squid Oversized Reply Header Handling Security Issue SECUNIA ADVISORY ID: SA14091 VERIFY ADVISORY: http://secunia.com/advisories/14091/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote SOFTWARE: Squid 2.x http://secunia.com/product/310/ DESCRIPTION: A security issue with an...

[SA13935] Help Desk Reloaded Unspecified Login Vulnerability

TITLE: Help Desk Reloaded Unspecified Login Vulnerability SECUNIA ADVISORY ID: SA13935 VERIFY ADVISORY: http://secunia.com/advisories/13935/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote SOFTWARE: Help Desk Reloaded 3.x http://secunia.com/product/4545/ DESCRIPTION: A...

phpGiftReq.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: phpGiftReq SQL Injection Vulnerability discovery: Madelman Date: 16/01/2005 Severity: Moderately critical Summary: - -------- The PHP Gift Registry is a web-enabled gift registry intended for use among a circle of family members or friends from...

MinisTraverse.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Minis directory traversal vulnerability Vulnerability discovery: Madelman Date: 31/12/2004 Severity: Moderate Summary: - -------- from vendor site: http://minis.sourceforge.net/ Minis is a tiny, PHP-powered, text-file based weblogging system. I...

Cross Site Scripting holes found in Horde 3.0

Hyperdose Security Advisory Name: Cross Site Scripting holes found in Horde 3.0 Systems Affected: Horde 3.0 installations Severity: Moderate Author: Robert Fly - [email protected] Advisory URL: http://www.hyperdose.com/advisories/H2005-01.txt --Horde Description-- The Horde Application Framewo...

sphpBlog037.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Simple PHP Blog directory traversal vulnerability Vulnerability discovery: Madelman Date: 02/01/2005 Severity: Moderate Summary: - -------- I started this project because I wanted a dead-simple blog. Something that didn't require a database, us...

[SA12937] Sun ONE Messaging Server Webmail Session Hijacking Vulnerability

---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...

[SA13040] Caudium HTTP Request Processing Denial of Service

TITLE: Caudium HTTP Request Processing Denial of Service SECUNIA ADVISORY ID: SA13040 VERIFY ADVISORY: http://secunia.com/advisories/13040/ CRITICAL: Moderately critical IMPACT: DoS WHERE: From remote SOFTWARE: Caudium 1.x http://secunia.com/product/4196/ DESCRIPTION: A vulnerability has been...

Microsoft Security Bulletin MS04-018

Microsoft Security Bulletin MS04-018 Cumulative Security Update for Outlook Express 823353 Issued: July 13, 2004 Version: 1.0 Summary Who should read this document: Customers who use Microsoft® Outlook Express® Impact of Vulnerability: Denial of Service Maximum Severity Rating: Moderate...

Microsoft Security Bulletin MS04-010

Microsoft Security Bulletin MS04-010 Vulnerability in MSN Messenger Could Allow Information Disclosure 838512 Issued: March 9, 2004 Version: 1.0 Summary Who should read this document: Customers who are using Microsoft® MSN Messenger Impact of vulnerability: Information Disclosure Maximum Severity...

Microsoft Security Bulletin MS04-008

Microsoft Security Bulletin MS04-008 Vulnerability in Windows Media Services Could Allow a Denial of Service 832359 Issued: March 9, 2004 Version: 1.0 Summary Who Should Read This Document: Customers who are using Microsoft® Windows® 2000 Impact of Vulnerability: Denial of Service Maximum Severit...

ezphotoshare.txt

eZphotoshare Multiple Overflow Vulnerabilities Credit: Author : Peter Winter-Smith Software: Package : eZphotoshare Versions : All up to and including the latest verson Vendor : eZnetwork Vendor Url : http://www.ezphotoshare.com/ Vulnerability: Bug Type : Multiple Interesting Overflows Severity :...

Microsoft Security Bulletin MS03-021: Flaw In Windows Media Player May Allow Media Library Access(Q819639)

-----BEGIN PGP SIGNED MESSAGE----- - - ------------------------------------------------------------------ Title: Flaw In Windows Media Player May Allow Media Library Access 819639 Date: 25 June 2003 Software: Microsoftr Windowsr Media Player 9 Series Impact: Information disclosure Max Risk:...