[SECURITY] Fedora 8 Update: thunar-volman-0.2.0-1.fc8

The Thunar Volume Manager is an extension for the Thunar file manager, which enables automatic management of removable drives and media. For example, if thunar-volman is installed and configured properly, and you plug in your digital camera, it will automatically launch your preferred photo...

[SECURITY] Fedora 7 Update: thunar-volman-0.2.0-1.fc7

The Thunar Volume Manager is an extension for the Thunar file manager, which enables automatic management of removable drives and media. For example, if thunar-volman is installed and configured properly, and you plug in your digital camera, it will automatically launch your preferred photo...

Ubuntu 5.10 / 6.06 LTS : gdm vulnerability (USN-293-1)

If the admin configured a gdm theme that provided an user list, any user could activate the gdm setup program by first choosing the setup option from the menu, clicking on the user list and entering his own instead of root's password. This allowed normal users to configure potentially dangerous...

Ubuntu 6.06 LTS : firefox vulnerabilities (USN-327-1)

Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious URL. CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3811,...

php -- multiple security vulnerabilities

PHP project reports: Security Enhancements and Fixes in PHP 5.2.5: Fixed dl to only accept filenames. Reported by Laurent Gaffie. Fixed dl to limit argument size to MAXPATHLEN CVE-2007-4887. Reported by Laurent Gaffie. Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences...

django-csrf.txt

Author: J. Carlos Nieto. Date: Oct 21, 2007 There exists a security hole in the default django's admin panel. Background ========== Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Django has an automatic admin panel that allows a person...

WinSCP < 4.04 url protocol handler flaw

-Affected products: WinSCP 4.03 and older -Details: By default WinSCP installs url protocol handlers for the scp:// and sftp:// protocols. These could be used by malicious web content to automatically upload any file from the local system to a remote server, or automatically download files from a...

[SECURITY] Fedora Core 6 Update: tar-1.15.1-26.fc6

The GNU tar program saves many files together in one archive and can restore individual files or all of the files from that archive. Tar can also be used to add supplemental files to an archive and to update or list files in the archive. Tar includes multivolume support, automatic archive...

phpnukesearch-xss.txt

PHP-Nuke ALL versions Search Module multiple XSS and HTML injection ------------------------------------------------------------------- The well-known PHP-Nuke CMS is vulnerable to multiple XSS attacks and HTML injections through the Search Module. The request is made using POST, but the whole...

corehttp 0.5.3alpha (httpd) Remote Buffer Overflow Exploit

No description provided by source. / corehttpv0.5.3alpha: httpd remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo ...

[SECURITY] Fedora 7 Update: NetworkManager-0.6.5-3.fc7

NetworkManager attempts to keep an active network connection available at a ll times. It is intended only for the desktop use-case, and is not intended f or usage on servers. The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. If using ...

Fundanemt 2.2.0 - 'spellcheck.php' Remote Code Execution

126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i;...

CA Console Server username buffer overflow

Added: 05/25/2007 CVE: CVE-2007-2522 BID: 23906 OSVDB: 34585 Background Multiple CA products include the inoweb Console Server which listens for connections on port 12168/TCP. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, speciall...

CA Console Server username buffer overflow

Added: 05/25/2007 CVE: CVE-2007-2522 BID: 23906 OSVDB: 34585 Background Multiple CA products include the inoweb Console Server which listens for connections on port 12168/TCP. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, speciall...

CA Multiple Products inoweb Console Server Authentication Remote Overflow

The version of CA Anti-Virus for the Enterprise, CA Threat Manager, or CA Anti-Spyware installed on the remote host is affected by a buffer overflow involving its Console Server component. By means of specially crafted login credentials, a remote attacker can overflow a stack-based buffer in...

1 3 5 batch catch chicken-bug warning-the black bar safety net

Recently busy dying, so on the relatively small. Have something leave a message or e-mail: [email protected] On 1 3 5 catch the broilers in the analysis of the recent like 1 3 5 engage in a fiery saw someone also put that batch caught 1 3 5 broiler tool sent to me it said put under anyway I also d...

GLSA-200704-13 : File: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200704-13 File: Denial of Service Conor Edberg discovered an error in the way file processes a specific regular expression. Impact : A remote attacker could entice a user to open a specially crafted file, using excessive CPU...

File: Denial of service

Background file is a utility that identifies a file format by scanning binary data for patterns. Description Conor Edberg discovered an error in the way file processes a specific regular expression. Impact A remote attacker could entice a user to open a specially crafted file, using excessive CPU...

file: Integer underflow

Background file is a utility that guesses a file format by scanning binary data for patterns. Description Jean-Sebastien Guay-Leroux reported an integer underflow in fileprintf function. Impact A remote attacker could entice a user to run the "file" program on a specially crafted file that would...

MDKA-2006:065 : hal

A bug in partition detection for some SD/MMC card readers those using the sdhci driver was preventing correct detection by HAL, breaking automatic mounting/unmounting on card insertion/removal. Another bug was preventing correct mounting of LUKS-encrypted removable media. This update fixes these...