nufw-2.2.2.tar.gz
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends...
View ArticleUbuntu Security Notice 475-1
Ubuntu Security Notice 475-1 - Philip Van Hoof discovered that the IMAP client in Evolution did not correctly verify the SEQUENCE value. A malicious or spoofed server could exploit this to execute...
View ArticleMandriva Linux Security Advisory 2007.134
Mandriva Linux Security Advisory - xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
View ArticleMS07-034.txt
In Internet Explorer, using the mhtml: protocol handler and using Outlook Express's feature, arbitrary resources (such as HTML, image, application file and so on) can opened as MHTML formatted file and...
View Articlemj-rfi.txt
Mambo and Joomla appear to suffer from multiple remote file inclusion vulnerabilities. Versions unavailable.
View Articlepagetool-sql.txt
Pagetool version 1.07 suffers from a remote SQL injection vulnerability.
View Articleedocstore-sql.txt
eDocStore suffers from a remote SQL injection vulnerability in doc.php.
View Articlepsb-rfi.txt
phpSiteBackup version 0.1 suffers from a remote file inclusion vulnerability in pcltar.lib.php.
View Articleevaweb-rfi.txt
EVA-Web versions 1.1 through 2.2 suffer from a remote file inclusion vulnerability in index.php3.
View Articlewp22-upload.txt
WordPress version 2.2 arbitrary file upload exploit that makes use of wp-app.php.
View ArticleNCTAudioStudio2.txt
NCTAudioStudio2 ActiveX DLL version 2.6.1.148 CreateFile() insecure method exploit.
View ArticleNCTAudioEditor2.txt
NCTAudioEditor2 ActiveX DLL NCTWMAFile2.dll version 2.6.2.157 exploit.
View Articleavaxswf-write.txt
Avaxswf.dll, a library included in the Avax Vector ActiveX version 1.3 software package from the Company Civitech, has a flaw that allows for arbitrary file overwrite on the underlying system.
View ArticleCAID-Ingres.txt
Various CA products that embed Ingres products contain multiple vulnerabilities that can allow an attacker to potentially execute arbitrary code.
View Articleorkut-mgmt.txt
Orkut fails to expire or disable the session associated with the 'orkut_state' cookie when the user logs out or fails to authenticate himself during a session.
View ArticleUbuntu Security Notice 476-1
Ubuntu Security Notice 476-1 - Fabio Massimo Di Nitto discovered that cman did not correctly validate the size of client messages. A local user could send a specially crafted message and execute...
View ArticleVULWAR200706223.txt
BarCodeAx.dll version 4.9 ActiveX control is susceptible to a remote stack buffer overflow.
View Articledsa-1317.txt
Debian Security Advisory 1317-1 - duskwave discovered that tinymux, a text-based multi-user virtual world server, performs insufficient boundary checks when working with user-supplied data, which might...
View ArticleDebian Linux Security Advisory 1318-1
Debian Security Advisory 1318-1 - Several remote vulnerabilities have been discovered in ekg, a console Gadu Gadu client.
View Article
