[SECURITY] [DSA 2423-1] movabletype-opensource security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2423-1 secur...@debian.org http://www.debian.org/security/Florian Weimer March 02, 2012

Security Implications of Predictable IPv6 Fragment Identification values (rev'ed IETF I-D)

Folks, We have published a revision of the aforementioned IETF Internet-Draft. The revised document is available at: http://tools.ietf.org/id/draft-gont-6man-predictable-fragment-id-01.txt. A diff from the previous version is available at:

Lastguru ASP GuestBook 'View.asp' - SQL Injection Vulnerability

Title: Lastguru ASP GuestBook 'View.asp' - SQL Injection Vulnerability Product : Lastguru ASP GuestBook Version : Free Version Vendor: http://www.LastGuru.com Class: Input Validation Error CVE: Remote: Yes Local: No Published: 2012-03-04 Updated: Impact : Medium (CVSSv2 Base

[SECURITY] [DSA 2424-1] libxml-atom-perl security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2424-1 secur...@debian.org http://www.debian.org/security/Florian Weimer March 04, 2012

%windir%\temp\sso\ssoexec.dll (or: how trustworthy is Microsoft's build process)

Hi @ll, the system image \Setup\WIM\setup.wim on the POSReady 2009 eval CD, available from the Microsoft Download Center under http://www.microsoft.com/downloads/en/details.aspx?FamilyID=1e077ece-3f19-4c41-b219-6fcc821fb5fc, contains the following registry entries:

[SECURITY] [DSA 2425-1] plib security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2425-1 secur...@debian.org http://www.debian.org/security/Florian Weimer March 04, 2012

Symfony2 Local File Disclosure - Security Advisory - SOS-12-002

Sense of Security - Security Advisory - SOS-12-002 Release Date. 05-Mar-2012 Last Update. - Vendor Notification Date. 24-Feb-2012 Product.Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10

Timesheet Next Gen 1.5.2 Multiple SQLi

# Exploit Title: Timesheet Next Gen 1.5.2 Multiple SQLi # Date: 02/23/12 # Author: G13 # Software Link: https://sourceforge.net/projects/tsheetx/ # Version: 1.5.2 # Category: webapps (php) # # Vulnerability # The login.php page has multiple SQL injection vulnerabilities. Both the

Open-Realty CMS 2.5.8 (2.x.x) = select_users_template Local File Inclusion Vulnerability

1. OVERVIEW Open-Realty 2.5.8 and lower versions are vulnerable to Local File Inclusion. 2. BACKGROUND Open-Realty is the world's leading real estate listing marketing and management CMS application, and has enjoyed being the real estate web site software of choice for professional web site

Etano 1.x = Multiple Cross Site Scripting Vulnerabilities

1. OVERVIEW Etano 1.x versions are vulnerable to Cross Site Scripting. 2. BACKGROUND The community builder script we provide - Etano - was built entirely based on requests from customers of our previous dating package (Dating Site Builder). Almost every feature ever requested was built into