pam security update

CentOS Errata and Security Advisory CESA-2007:0737 Updated pam packages that fix two security flaws, resolve two bugs, and add an enhancement are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team...

Security fix for the ALT Linux 5 package samba version 3.0.27-alt1

Nov. 15, 2007 Alexander Bokovoy 3.0.27-alt1 - Security release 3.0.27: + CVS-2007-4572 Stack buffer overflow in nmbd's logon request processing. + CVE-2007-5398 Remote code execution in Samba's WINS server daemon nmbd when processing name registration followed name query requests. - Updated set o...

irb, ruby security update

CentOS Errata and Security Advisory CESA-2007:0961 Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting languag...

Moderate: Red Hat Security Advisory: ruby security update

Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for object-oriented programming. A flaw was...

Moderate: Red Hat Security Advisory: ruby security update

Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for object-oriented programming. An SSL certifica...

openSUSE 10 Security Update : yast2-core (yast2-core-4634)

This update fixes a security bug in yast2-core that allowed local attackers to provide malicious yast2 modules to yast2 that are executed with root privileges. To trigger this vulnerability root has to execute yast2 in an untrusted directory i.e. /tmp. Thanks to Stefan Nordhausen for reporting th...

Ubuntu 6.10 : linux-restricted-modules-2.6.17 vulnerability (USN-404-1)

Laurent Butti, Jerome Razniewski, and Julien Tinnes discovered that the MadWifi wireless driver did not correctly check packet contents when receiving scan replies. A remote attacker could send a specially crafted packet and execute arbitrary code with root privileges. Note that Tenable Network...

Gallery: Multiple vulnerabilities

Background Gallery is a PHP based photo album manager. Description Merrick Manalastas and Nicklous Roberts have discovered multiple vulnerabilities in the WebDAV and Reupload modules. Impact A remote attacker could exploit these vulnerabilities to bypass security restrictions and rename, replace...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter to 1 certinfo/index.php, 2 emails/index.php, 3 events/index.php, 4 fax/index.php, 5 files/index.php, 6...

PeopleAggregator <= 1.2pre6-release-53 Multiple RFI Vulnerabilities

Exploit for unknown platform in category web applications =================================================================== PeopleAggregator = 1.2pre6-release-53 Multiple RFI Vulnerabilities =================================================================== PeopleAggregator 1.2pre6 Multiple...

PHP Project Management 0.8.10 - Multiple LocalRemote File Inclusions

PHP Project Management 0.8.10 - Multiple LocalRemote File Inclusions PHP Project Management = 0.8.10 Multiple RFI / LFI Vulnerabilities http://surfnet.dl.sourceforge.net/sourceforge/php-pm/release-0.8.tar.gz DORK : "PHP Project Management 0.8.10" POC : RFI...

PHP Project Management <= 0.8.10 Multiple RFI / LFI Vulnerabilities

Exploit for unknown platform in category web applications =================================================================== PHP Project Management = 0.8.10 Multiple RFI / LFI Vulnerabilities =================================================================== PHP Project Management = 0.8.10...

CVE-2002-2249

PHP remote file inclusion vulnerability in News Evolution 2.0 allows remote attackers to execute arbitrary PHP commands via the neurl parameter to 1 backend.php, 2 screen.php, or 3 admin/modules/comment.php...

Design/Logic Flaw

Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console /dev/console access to cause a denial of service "unusable" system console via unspecified vectors...

CVE-2007-5319

Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console /dev/console access to cause a denial of service "unusable" system console via unspecified vectors...

CVE-2007-5319

CVE-2007-5319 concerns the vuidmice STREAMS modules on Sun Solaris 8, 9, and 10. The vulnerability allows local users with access to the console (/dev/console) to cause a denial of service, rendering the system console unusable via unspecified vectors. The provided description does not specify th...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in iziContents 1 RC6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the gsLanguage parameter to 1 search/search.php, 2 poll/inlinepoll.php, 3 poll/showpoll.php, 4 links/showlinks.php, or 5 links/submitlinks.php in...

CVE-2004-2686

Vulnerability CVE-2004-2686 affects the Solaris kernel (versions 2.6, 7, 8, 9) in the vfs_getvfssw function. It describes a directory traversal that allows local users to load arbitrary kernel modules via crafted mount or sysfs system calls, enabling privilege escalation. The note mentions it mig...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Txx CMS 0.2 allow remote attackers to execute arbitrary PHP code via a URL in the docroot parameter to 1 addons/plugin.php, 2 addons/sidebar.php, 3 mail/index.php, or 4 mail/mailbox.php in modules/...

CVE-2007-4818

Multiple PHP remote file inclusion vulnerabilities in Txx CMS 0.2 allow remote attackers to execute arbitrary PHP code via a URL in the docroot parameter to 1 addons/plugin.php, 2 addons/sidebar.php, 3 mail/index.php, or 4 mail/mailbox.php in modules/...