[ GLSA 200901-04 ] D-Bus: Denial of Service

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200901-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[SECURITY] [DSA 1699-1] New zaptel packages fix privilege escalation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1699-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer January 11, 2009

Hack Aethra SV 1042 Adsl/Voip Router

Hi, with the blue serial cable ( console cable ), with advanced serial port monitor ( http://www.aggsoft.com/serial-port-monitor.htm ) you can retrive admin password of this router without reset or re-firmware Hack Aethra SV 1042 Adsl/Voip Router Mod: AETHRA STARVOICE SV 1042 Boot

[ GLSA 200901-05 ] Streamripper: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200901-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - -

[USN-707-1] CUPS vulnerabilities

=== Ubuntu Security Notice USN-707-1 January 12, 2009 cups, cupsys vulnerabilities CVE-2008-5183, CVE-2008-5184, CVE-2008-5286, CVE-2008-5377 === A security issue affects the

RE: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (Oracle CPU April 2008 DB11)

The main problem with the Oracle CVSS base scores is more with CVSS than Oracle. Under the CVSSv2 definition of Confidentiality/Integrity/Availability impact, if the entire database is compromised but not the entire system then the metric value will be Partial rather than Complete. Since the

[TKADV2009-001] Sun Solaris aio_suspend() Kernel Integer Overflow Vulnerability

Please find attached a detailed advisory of the vulnerability. Alternatively, the advisory can also be found at: http://www.trapkit.de/advisories/TKADV2009-001.txt -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Advisory: Sun Solaris aio_suspend() Kernel Integer

PHP Buffer Overflow(popen)

Apache 2.2.11/PHP 5.2.8 Buffer Overflow Exploit (popen func) Type: Remote and Local Requirements for exploit: popen() enabled. By: e.wiZz! Enes Muši#263; ew...@hotmail.com PHP Popen() function overview: Popen function in php opens a pipe to a process executed by forking the

[BMSA-2009-01] Authentication bypass in Interspire Shopping Cart v4.0.1 and below

BLUE MOON SECURITY ADVISORY 2009-01 === :Title: Authentication bypass in Interspire Shopping Cart :Severity: Critical :Reporter: Truong Van Tri and Blue Moon Consulting :Products: Interspire Shopping Cart v4.0.1 Ultimate edition :Fixed in: v4.0.2 Description

[SECURITY] [DSA 1700-1] New lasso packages fix validation bypass

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1700-1 secur...@debian.org http://www.debian.org/security/ Moritz Muehlenhoff January 11, 2009

[TKADV2009-002] Amarok Integer Overflow and Unchecked Allocation Vulnerabilities

Please find attached a detailed advisory of the vulnerabilities. Alternatively, the advisory can also be found at: http://www.trapkit.de/advisories/TKADV2009-002.txt -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Advisory: Amarok Integer Overflow and Unchecked Allocation

[ GLSA 200901-06 ] Tremulous: User-assisted execution of arbitrary code

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200901-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - -

[ MDVSA-2009:005 ] xterm

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:005 http://www.mandriva.com/security/

SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei

*SyScan'09 CALL FOR PAPERS/TRAINING* *ABOUT SYSCAN'09* This year, SyScan'09 will be held in the 4 exciting cities of Singapore, Shanghai, Taipei and Hong Kong. Details are as follows: */SyScan'09 /**/Shanghai/**/ /*date: 13, 14 May 2009 venue: Ramada Plaza Hotel Shanghai */SyScan'09 /**/Hong

Visuplay CMS SQL injection vulnerability

http://www.visuplay.com Visuplay is a web dev company that offers a CMS that goes with its websites that helps it be managed (after all, that Is what a cms does right?) Anywho, you can add your own sql code to various query areas through out the CMS like news_article.php and content_page.php.

[security bulletin] HPSBMA02392 SSRT071481 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01607558 Version: 1 HPSBMA02392 SSRT071481 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted

[SECURITY] [DSA 1701-1] New OpenSSL packages fix cryptographic weakness

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1701-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer January 12, 2009

[ GLSA 200901-07 ] MPlayer: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security AdvisoryGLSA 200901-07:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[SECURITY] [DSA 1702-1] New ntp packages fix cryptographic weakness

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1702-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer January 12, 2009

[SECURITY] [DSA 1703-1] New bind9 packages fix cryptographic weakness

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1703-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer January 12, 2009