[SECURITY] Fedora 8 Update: uw-imap-2007d-1.fc8

The uw-imap package provides UW server daemons for both the IMAP Internet Message Access Protocol and POP Post Office Protocol mail access protocols. The POP protocol uses a "post office" machine to collect mail for users and allows users to download their mail to their local machine for reading...

Wireshark sniffer multiple security vulnerabilities

Multiple DoS conditions on different protocols parsing...

FreeBSD Security Advisory (FreeBSD-SA-07:07.bind.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-07:07.bind.asc ADV FreeBSD-SA-07:07.bind.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft In...

FreeBSD Ports: prozilla

The remote host is missing an update to the system as announced in the referenced advisory. VID 1a32e8ee-3edb-11d9-8699-00065be4b5b6 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: prozilla

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Pidgin MSN SLP Message Integer Overflow Vulnerabilities - Linux

Pidgin is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:pidgin:pidgin"; ifdescripti...

Microsoft IE MHTML协议处理器跨域信息泄露漏洞（MS08-048）

BUGTRAQ ID: 30585 CVECAN ID: CVE-2008-1448 Internet Explorer是微软操作系统中默认捆绑的WEB浏览器。 IE的MHTML协议处理器没有正确地解释MHTML URI重新定向。如果以UNC的形式指定了URI的话，则没有正确的应用安全策略： \MACHINENAMEORIP\PATHTORESOURCE 在这种情况下当远程站点试图访问本地资源时，Internet Explorer会无法强制区提升限制；在浏览远程站点的时候Internet Explorer会无法应用正确地安全区权限，允许将属于较小权限区的站点处理为更高权限的区。...

PCI DSS compliance

Binary data pcicompliance.nbin...

Mozilla Firefox <= 1.0.6 (Host:) Buffer Overflow DoS String

No description provided by source. !-- Mozilla Firefox = 1.0.6 Host: Buffer Overflow DoS String Formatted for your tesing /str0ke Tom Ferris www.security-protocols.com Versions Affected: Firefox Win32 1.0.6 and prior Firefox Linux 1.0.6 and prior Firefox 1.5 Beta 1 Deer Park Alpha 2...

[SECURITY] Fedora 8 Update: fetchmail-6.3.8-4.fc8

Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6, and IPSEC for retrieval...

[SECURITY] Fedora 9 Update: openssl-0.9.8g-9.fc9

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

Trillian instant messenger multiple security vulnerabilities

Buffer overflows and memory corruptions in AIM/ICQ, MSN and XML-based protocols parsing...

gnutls security update

CentOS Errata and Security Advisory CESA-2008:0489 Updated gnutls packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The GnuTLS Library provides support fo...

Moderate: Red Hat Security Advisory: bind security, bug fix, and enhancement update

Updated bind packages that fix two security issues, several bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Berkeley Internet Name Domain BIND is an implementation...

[SECURITY] Fedora 7 Update: asterisk-1.4.19.1-1.fc7

Asterisk is a complete PBX in software. It runs on Linux and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in three protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware...

Cross site scripting

The badprotocolonce function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting XSS attacks via a string containing crafted URL protocols...

DEBIAN-CVE-2008-1502

The badprotocolonce function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting XSS attacks via a string containing crafted URL protocols...

CVE-2008-1502

The badprotocolonce function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting XSS attacks via a string containing crafted URL protocols...

RHEL 4 / 5 : openldap (RHSA-2008:0110)

Updated openldap packages that fix security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenLDAP is an open source suite of Lightweight Directory Access Protocol LDAP applicatio...

[SECURITY] Fedora 7 Update: duplicity-0.4.9-1.fc7

Duplicity incrementally backs up files and directory by encrypting tar-format volumes with GnuPG and uploading them to a remote or local file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon ...