January 2010
[2/5] TantumWeb PhpCatalog Cross-Site Request...
A vulnerability has been reported in TantumWeb PhpCatalog, which can be exploited by malicious people to conduct cross-site request forgery attacks.
http://secunia.com/advisories/38376/
[1/5] Feodra update for ncpfs
Fedora has issued an update for ncpfs. This fixes multiple security issues, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges.
http://secunia.com/advisories/38371/
[1/5] Ubuntu update for samba
Ubuntu has issued an update for samba. This fixes a security issue, which can be exploited by malicious, local users to disclose potentially sensitive information and potentially gain escalated privileges.
http://secunia.com/advisories/38357/
[2/5] Comtrend CT-507IT "srvName" Cross-Site...
A vulnerability has been reported in Comtrend CT-507IT, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/38309/
[1/5] Fedora update for samba
Fedora has issued an update for samba. This fixes a security issue, which can be exploited by malicious, local users to disclose potentially sensitive information and potentially gain escalated privileges.
http://secunia.com/advisories/38308/
[3/5] Joomla ccNewsletter Component "controller"...
A vulnerability has been discovered in the ccNewsletter component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.
http://secunia.com/advisories/38378/
[1/5] ncpfs "ncpmount" / "ncpumount" Race...
Some security issues have been reported in ncpfs, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges.
http://secunia.com/advisories/38327/
[4/5] Geo GNCASTER Multiple Weaknesses and...
RedTeam Pentesting has reported some weaknesses and vulnerabilities in Geo GNCASTER, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system, and by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS, and potentially compromise a vulnerable system.
...
[4/5] Debian update for ircd-hybrid and...
Debian has issued an update for ircd-hybrid and ircd-ratbox. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
http://secunia.com/advisories/38383/
[4/5] oftc-hybrid "LINKS" Command Integer...
A vulnerability has been reported in oftc-hybrid, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
http://secunia.com/advisories/38382/
[4/5] IRCD-hybrid "LINKS" Command Integer...
A vulnerability has been reported in IRCD-hybrid, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
http://secunia.com/advisories/38381/
[3/5] NovaBoard Multiple SQL Injection...
Some vulnerabilities have been discovered in NovaBoard, which can be exploited by malicious people to conduct SQL injection attacks.
http://secunia.com/advisories/38368/
[1/5] Ubuntu update for fuse
Ubuntu has issued an update for fuse. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
http://secunia.com/advisories/38359/
[2/5] Fedora update for bltk
Fedora has issued an update for bltk. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
http://secunia.com/advisories/38313/
[1/5] Samba "mount.cifs" Race Condition Security...
A security issue has been reported in Samba, which can be exploited by malicious, local users to disclose potentially sensitive information and potentially gain escalated privileges.
http://secunia.com/advisories/38286/
[1/5] FUSE "fusermount" Race Condition Denial of...
A security issue has been reported in FUSE (File System in Userspace), which can be exploited by malicious, local users to cause a DoS (Denial of Service).
http://secunia.com/advisories/38261/
[4/5] ircd-ratbox Integer Underflow and NULL...
Two vulnerabilities have been reported in ircd-ratbox, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
http://secunia.com/advisories/38210/
[4/5] Hitachi Products Image File Processing...
A vulnerability has been reported in multiple Hitachi products, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
http://secunia.com/advisories/38363/
[2/5] Symantec Altiris Notification Server Static...
A security issue has been reported in Symantec Altiris Notification Server, which can be exploited by malicious, local users to disclose sensitive information.
http://secunia.com/advisories/38356/
[1/5] Debian update for maildrop
Debian has issued an update for maildrop. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
http://secunia.com/advisories/38374/
[1/5] maildrop Privilege Escalation Security Issue
A security issue has been reported in maildrop, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
http://secunia.com/advisories/38367/
[3/5] Hybrid2 IRC Services Private Message...
A vulnerability has been discovered in Hybrid2 IRC Services, which can be exploited by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/38352/
[3/5] Enano CMS SQL Injection Vulnerability
A vulnerability has been reported in Enano CMS, which can be exploited by malicious people to conduct SQL injection attacks.
http://secunia.com/advisories/38253/
[2/5] HP-UX update for CIFS Server
HP has acknowledged a vulnerability in HP-UX, which can be exploited by malicious users to bypass certain security restrictions.
http://secunia.com/advisories/38373/
[1/5] Serversman HTTP Request Processing Denial of...
A vulnerability has been reported in Serversman (for iPhone / iPod Touch), which can be exploited by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/38315/
[3/5] F2L 3000 SQL Injection Vulnerability
A vulnerability has been reported in F2L 3000, which can be exploited by malicious people to conduct SQL injection attacks.
http://secunia.com/advisories/38310/
[2/5] Discuz! "tid" Cross-Site Scripting...
A vulnerability has been reported in Discuz!, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/38279/
[3/5] Wireshark LWRES Dissector Buffer Overflow...
Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/38257/
[3/5] Ubuntu update for lintian
Ubuntu has issued an update for lintian. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system, disclose system information, and manipulate certain data.
http://secunia.com/advisories/38379/
[3/5] Debian update for lintian
Debian has issued an update for lintian. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system, disclose system information, and manipulate certain data.
http://secunia.com/advisories/38375/
[4/5] Apache mod_proxy "ap_proxy_send_fb()"...
Adam Zabrocki has reported a vulnerability in Apache, which can be exploited by malicious people to potentially compromise a vulnerable system.
http://secunia.com/advisories/38319/
[2/5] Drupal Author Contact Module Script...
A vulnerability has been reported in the Author Contact module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
http://secunia.com/advisories/38380/
[2/5] Fedora update for wordpress-mu
Fedora has issued an update for wordpress-mu. This fixes a security issue and a vulnerability, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system.
http://secunia.com/advisories/38372/
[3/5] Fedora update for zabbix
Fedora has issued an update for zabbix. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and conduct SQL injection attacks.
http://secunia.com/advisories/38370/
[2/5] VirtueMart "order_status_id" SQL Injection...
A vulnerability has been discovered in VirtueMart, which can be exploited by malicious users to conduct SQL injection attacks.
http://secunia.com/advisories/38369/
[3/5] MySQL yaSSL Certificate Processing Buffer...
A vulnerability has been reported in MySQL, which can be exploited by malicious people to compromise a vulnerable system.
http://secunia.com/advisories/38364/
[2/5] Drupal Feedback Module Script Insertion...
A vulnerability has been reported in the Feedback module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
http://secunia.com/advisories/38351/
[4/5] yaSSL Certificate Processing Buffer Overflow...
A vulnerability has been reported in yaSSL, which can be exploited by malicious people to compromise an application using the library.
http://secunia.com/advisories/37493/
[3/5] Cisco Unified MeetingPlace Multiple...
Some vulnerabilities have been reported in Cisco Unified MeetingPlace, which can be exploited by malicious users to gain escalated privileges and by malicious people to conduct SQL injection attacks, create user and administrator accounts, or gain knowledge of sensitive information.
http://secunia.com/advisories/38259/
[3/5] NetSupport Manager Gateway Request...
A vulnerability has been reported in NetSupport Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/38258/
[4/5] yaSSL Certificate Processing Buffer Overflow...
A vulnerability has been reported in yaSSL, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
http://secunia.com/advisories/38344/
[2/5] HP OpenView Storage Data Protector...
A vulnerability has been reported in HP OpenView Storage Data Protector, which can be exploited by malicious, local users to bypass certain security restrictions.
http://secunia.com/advisories/38306/
[1/5] sudosh2 sudosh-replay Privilege Escalation...
A vulnerability has been discovered in sudosh2, which can be exploited by malicious, local users to gain escalated privileges.
http://secunia.com/advisories/38349/
[2/5] Status2k Cross-Site Request Forgery...
A vulnerability has been reported in Status2k, which can be exploited by malicious people to conduct cross-site request forgery attacks.
http://secunia.com/advisories/38336/
[1/5] sudosh3 sudosh-replay Privilege Escalation...
A vulnerability has been discovered in sudosh3, which can be exploited by malicious, local users to gain escalated privileges.
http://secunia.com/advisories/38292/
[3/5] Event Horizon Multiple SQL Injection...
Multiple vulnerabilities have been reported in Event Horizon, which can be exploited by malicious people to conduct SQL injection attacks.
http://secunia.com/advisories/38289/
[2/5] IBM DataPower ICMP Packet Processing Denial...
A vulnerability has been reported in WebSphere DataPower, which can be exploited by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/38256/
[2/5] cPanel "failurl" HTTP Response Splitting...
Trancer has reported a vulnerability in cPanel, which can be exploited by malicious people to conduct HTTP response splitting attacks.
http://secunia.com/advisories/38255/
[2/5] LedgerSMB Multiple Vulnerabilities
Some vulnerabilities have been reported in LedgerSMB, which can be exploited by malicious people to conduct cross-site request forgery attacks and by malicious users to conduct SQL injection attacks or bypass certain security restrictions.
http://secunia.com/advisories/38304/
[4/5] SUSE update for acroread
SUSE has issued an update for acroread. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user’s system.
http://secunia.com/advisories/38295/