Debian Security Advisory DSA 1158-1 (streamripper)

The remote host is missing an update to streamripper announced via advisory DSA 1158-1. Ulf Harnhammer from the Debian Security Audit Project discovered that streamripper, a utility to record online radio-streams, performs insufficient sanitising of data received from the streaming server, which...

Debian: Security Advisory (DSA-1168-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-648-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-697-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1237-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1206-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 936-1 (libextractor)

The remote host is missing an update to libextractor announced via advisory DSA 936-1. infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format PDF suite, which is also present in libextractor, a library to extract arbitrary meta-data from...

Debian: Security Advisory (DSA-1428-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1306-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/function.php in Kontakt Formular 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter...

Debian DSA-1426-1 : qt-x11-free - several vulnerabilities

Several local/remote vulnerabilities have been discovered in the Qt GUI library. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3388 Tim Brown and Dirk Muller discovered several format string vulnerabilities in the handling of error messages, which...

Design/Logic Flaw

Mail in Apple Mac OS X Leopard 10.5.1 allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a...

FreeBSD : xpdf -- multiple remote Stream.CC vulnerabilities (2747fc39-915b-11dc-9239-001c2514716c)

Secunia Research reports : Secunia Research has discovered some vulnerabilities in Xpdf, which can be exploited by malicious people to compromise a user's system. - An array indexing error within the 'DCTStream::readProgressiveDataUnit' method in xpdf/Stream.cc can be exploited to corrupt memory...

Debian DSA-1396-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1095 Michal Zalewski discovered that the unload event handler had access t...

Debian DSA-1392-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1095 Michal Zalewski discovered that the unload event handler had access to the address of...

Eggdrop: Buffer overflow

Background Eggdrop is an IRC bot extensible with C or Tcl. Description Bow Sineath discovered a boundary error in the file mod/server.mod/servrmsg.c when processing overly long private messages sent by an IRC server. Impact A remote attacker could entice an Eggdrop user to connect the bot to a...

[SECURITY] [DSA 1364-1] New vim packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1364-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 1st, 2007 http://www.debian.org/security/faq -...

DSA-1325-1 evolution

Bulletin has no description...

DSA-1306-1 xulrunner

Bulletin has no description...

GLSA-200705-17 : Apache mod_security: Rule bypass

The remote host is affected by the vulnerability described in GLSA-200705-17 Apache modsecurity: Rule bypass Stefan Esser discovered that modsecurity processes NULL characters as terminators in POST requests using the application/x-www-form-urlencoded encoding type, while other parsers used in we...