[oCERT-2008-016] Multiple OpenSSL signature verification API misuses

#2008-016 multiple OpenSSL signature verification API misuse Description: Several functions inside the OpenSSL library incorrectly check the result after calling the EVP_VerifyFinal function. This bug allows a malformed signature to be treated as a good signature rather than as an error. This

Secunia Research: HP OpenView Network Node Manager Multiple Vulnerabilities

== Secunia Research 07/01/2009 - HP OpenView Network Node Manager Multiple Vulnerabilities - == Table of Contents Affected

Plunet BusinessManager failure in access controls and multiple stored cross site scripting

Secure Network - Security Research Advisory Vuln name: Failure in Access Controls; multiple Stored Cross Site Scripting vulnerabilities. Systems affected: Plunet BusinessManager Systems not affected: Severity: High Local/Remote: Remote Vendor URL: http://www.plunet.de Author(s): Matteo Ignaccolo

Cisco Security Advisory: Cisco Global Site Selector Appliances DNS Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Global Site Selector Appliances DNS Vulnerability Advisory ID: cisco-sa-20090107-gss http://www.cisco.com/warp/public/707/cisco-sa-20090107-gss.shtml Revision 1.0 For Public Release 2009 January 07 1600 UTC (GMT

CFP: COLSEC 2009

Apologies for multiple copies or for innapropriate targeted lists. = The 2009 International Symposium on Collaborative Technologies and Systems (CTS

[USN-701-2] Thunderbird vulnerabilities

=== Ubuntu Security Notice USN-701-2 January 06, 2009 mozilla-thunderbird vulnerabilities CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5511, CVE-2008-5512

PHP-Fusion Mod Members Bewerb Sql Injection

# PHP-Fusion Mod Members Bewerb Sql Injection # #

Secunia Research: TSC2 Help Desk CTab ActiveX Control Buffer Overflow

== Secunia Research 07/01/2009 - TSC2 Help Desk CTab ActiveX Control Buffer Overflow - == Table of Contents Affected

[USN-701-1] Thunderbird vulnerabilities

=== Ubuntu Security Notice USN-701-1 January 06, 2009 thunderbird vulnerabilities CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512

PHP-Fusion Mod E-Cart Sql Injection

# PHP-Fusion Mod E-Cart Sql Injection # #

Plunet BusinessManager failure in access controls and multiple stored cross site scripting

Secure Network - Security Research Advisory Vuln name: Failure in Access Controls; multiple Stored Cross Site Scripting vulnerabilities. Systems affected: Plunet BusinessManager Systems not affected: Severity: High Local/Remote: Remote Vendor URL: http://www.plunet.de Author(s): Matteo Ignaccolo

[SECURITY] [DSA 1696-1] New icedove packages fix several vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1696-1 secur...@debian.org http://www.debian.org/security/ Steffen Joeris January 07, 2009

[SECURITY] [DSA 1697-1] New iceape packages fix several vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1697-1 secur...@debian.org http://www.debian.org/security/ Steffen Joeris January 07, 2009

FreeBSD Security Advisory FreeBSD-SA-09:02.openssl

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-09:02.opensslSecurity Advisory The FreeBSD Project Topic:

FreeBSD Security Advisory FreeBSD-SA-09:01.lukemftpd

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-09:01.lukemftpd Security Advisory The FreeBSD Project Topic:

CA20090107-01: CA Service Metric Analysis and CA Service Level Management smmsnmpd Arbitrary Command Execution Vulnerability

Title: CA20090107-01: CA Service Metric Analysis and CA Service Level Management smmsnmpd Arbitrary Command Execution Vulnerability CA Advisory Reference: CA20090107-01 CA Advisory Date: 2009-01-07 Reported By: Michel Arboi of Tenable Network Security Impact: A remote attacker can