Fedora 10 : wordpress-mu-2.8.4a-1.fc10 (2009-8538)

Update spans MU-versions for the following security releases from upstream: http://wordpress.org/development/2009/08/2-8-4-security-release/ http://wordpress.org/development/2009/08/wordpress-2-8-3-security-rele ase/ - Backport of XSS fixes from WordPress 2.8.2 Backport of security fixes for...

[Full-disclosure] [MU-200803-01] Multiple buffer overflows in Asterisk

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple buffer overflows in Asterisk MU-200803-01 March 18, 2008 http://labs.musecurity.com/advisories.html Affected Products/Versions: Asterisk 1.4.18 and other branches http://www.asterisk.org/node/48466 Product Overview: Asterisk is an open source...

AST-2008-002: Two buffer overflows in RTP Codec Payload Handling

Asterisk Project Security Advisory - AST-2008-002 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Two buffer overflows in RTP Codec Payload | | | Handling |...

[Full-disclosure] [MU-200704-01] Pre-Authentication Vulnerability in Mac OS X RPC runtime library

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pre-Authentication Vulnerability in Mac OS X RPC runtime library MU-200704-01 April 20, 2007 http://labs.musecurity.com/advisories.html Affected Product/Versions: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9, Mac OS X Server v10.4.9...

GLSA-200703-25 : Ekiga: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200703-25 Ekiga: Format string vulnerability Mu Security has discovered that Ekiga fails to implement formatted printing correctly. Impact : An attacker could exploit this vulnerability to crash Ekiga and potentially execute...

Ekiga: Format string vulnerability

Background Ekiga is an open source VoIP and video conferencing application. Description Mu Security has discovered that Ekiga fails to implement formatted printing correctly. Impact An attacker could exploit this vulnerability to crash Ekiga and potentially execute arbitrary code by sending a...

USN-426-1: Ekiga vulnerabilities

Mu Security discovered a format string vulnerability in Ekiga. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user's privileges...

[Full-disclosure] [MU-200611-01] Pre-Authentication Vulnerability in Mac OSX kernel PPP

driver -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pre-Authentication Vulnerability in Mac OSX kernel PPP driver MU-200611-01 November 28, 2006 http://labs.musecurity.com/advisories.html Affected Product/Versions: Mac OS X v10.3.9 Mac OS X Server v10.3.9 Mac OS X v10.4.8 Mac OS X Server v10.4.8...

Apple Mac OS X PPP driver fails to properly validate PADI packets

Overview The Apple Mac OS X PPP driver fails to properly handle PPPoE Active Discovery Initiation PADI packets. This vulnerability may allow a remote attacker to execute arbitrary code with system privileges. Description The Apple Mac OS X PPP driver fails to properly handle PADI packets allowing...

[Full-disclosure] [MU-200606-02] Apple Open Directory Pre-Authentication Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Apple Open Directory Pre-Authentication Denial of Service MU-200606-02 June 27, 2006 http://labs.musecurity.com/advisories.html Affected Product/Versions: OSX 10.4.4 through 10.4.6 Product Overview:...

[Full-disclosure] [MU-200606-01] Real Helix RTSP Server Heap Corruption Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Real Helix RTSP Server Heap Corruption Vulnerabilities MU-200606-01 June 22, 2006 http://labs.musecurity.com/advisories.html Affected Product / Versions: Real Networks Helix DNA Server 11.0.x Real Networks Helix DNA Server 10.0.x Product Overview: The...

[Full-disclosure] Apple QuickTimeStreamingServer RTSP Server Vulnerability [MU-200605-02]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Apple QuickTimeStreamingServer RTSP Server Vulnerability MU-200605-02 May 11, 2006 http://labs.musecurity.com/advisories.html Affected Product / Versions: QuickTimeStreamingServer 5.5 and earlier Product Overview: The Real Time Streaming Protocol RTSP...

[SECURITY] [DSA 1042-1] New Cyrus SASL packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1042-1 [email protected] http://www.debian.org/security/ Martin Schulze April 25th, 2006 http://www.debian.org/security/faq -...

DSA-1042-1 cyrus-sasl2 - programming error

Bulletin has no description...

[Full-disclosure] [MU-200604-01] Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service MU-200604-01 April 7, 2006 http://labs.musecurity.com/advisories.html Affected Product/Versions: cyrus-sasl-2.1.18 Product Overview: SASL Simple Authentication Security Layer is an Internet...

[Full-disclosure] [MU-200603-01] MailEnable POP3 Pre-Authentication Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MailEnable POP3 Pre-Authentication Buffer Overflow MU-200603-01 March 20, 2006 http://labs.musecurity.com/advisories.html Affected Product / Versions: MailEnable Professional 1.7, 1.71, 1.72 MailEnable Standard 1.91, 1.92 MailEnable Enterprise 1.2...