Multiple buffer overflows, integer overflows and SQL injection issues were found in BrightStor Hierarchical Storage Manager (HSM). CA has provided updates to address the vulnerabilities.

Placing a specially crafted archive or packed executable into the system32 folder may allow an attacker to bypass F-Secure's antivirus. A patch is available now.

Several vulnerabilities were found in Apple iPhone. An update is available now.

A security vulnerability related to a race condition during the handling of thread contexts in the Solaris kernel may allow a local unprivileged user to panic the system and thereby cause a Denial of Service (DoS) condition. A patch addresses this issue.

A buffer overflow vulnerability was discovered in t1lib due to improper bounds checking. An attacker could send specially crafted input to an application linked against t1lib which could lead to a denial of service or the execution of arbitrary code.
A vulnerability was discovered in KDM where under certain circumstances and in particular configurations, KDM could be tricked into allowing users to login without a password.
Fixed packages are available now.

A vulnerability allows remote attackers to extract IP addresses visited through the SOCKS4 Proxy on vulnerable ISA Server installations. A patch is available now.

A cross-site scripting (XSS) vulnerability was found in the Google Search Application. A patch is not available yet.

A vulnerability was found regarding Cisco Catalyst 6500 and Cisco 7600 series devices. An attacker can exploit this behavior to bypass existing access control lists that do not filter 127.0.0.0/8 address range. Workarounds are described in the advisory.

A security vulnerability in the Human Interface Device (HID) class driver for Solaris 8, 9 and 10 may allow a local unprivileged user to panic the system, causing a Denial of Service (DoS). A patch addresses this issue.

A flaw was found in the IA32 system call emulation of the Linux kernel provided on AMD64 and Intel 64 platforms. An untrusted local user could exploit this flaw to run code in the kernel (ie a root privilege escalation). Fixed packages are available now.

Tomcat is a servlet container for Java Servlet and Java Server Pages technologies. Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5.
The GIMP (GNU Image Manipulation Program) is an image composition and editing program. Updated gimp packages that fix several security issues are now available.

Local exploitation of an information disclosure vulnerability within the ALSA driver included in the Linux Kernel allows attackers to obtain sensitive information from kernel memory. The Linux Kernel maintainers have addressed this vulnerability within version 2.6.22.8.

A security vulnerability with the way StarOffice/StarSuite 6, 7, and 8 process TIFF files may allow a remote unprivileged user who provides a StarOffice/StarSuite document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running StarOffice/StarSuite. New releases fix this vulnerability.

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager Express. Authentication is not required to exploit this vulnerability. The specific flaw exists in the dsmcad.exe process bound by default on TCP port 1581. During HTTP header parsing, a host parameter of sufficient length will trigger an overflow through a call to vswprintf(). The call overflows into imported function pointers which are later called. Exploitation of this issue can result in arbitrary code execution.
IBM has issued an update to correct this vulnerability.

As reported before, a security vulnerability in the IP implementation may allow a Denial-of-Service attack. Patches had been withdrawn, but now new patches are available for Sun Solaris 8 and 9. Sun Solaris 10 is not vulnerable.

The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. An integer overflow in the StreamPredictor::StreamPredictor function in gpdf allows remote attackers to execute arbitrary code via a crafted PDF file. An updated package solves this problem.

As reported before, a security vulnerability may allow arbitrary java script commands to be run. Now, also for Sun Solaris 10 a patch is available.

Remote exploitation of an authentication bypass vulnerability in Computer Associates Inc.'s ARCServe Backup for Laptops and Desktops allows attackers to execute arbitrary code. This vulnerability specifically exists since the command handlers that service network requests do not check to see if the peer is authenticated. Using this vulnerability, an attacker is able to upload arbitrary files to the server. This results in the execution of arbitrary code with SYSTEM privileges. Additionally, several buffer overflow vulnerabilities allow the same kind of exploitation.
CA has provided updates to address the vulnerabilities.

Several vulnerabilities were found in PHP. Fixed packages are available now.

ImageMagick is a suite of image manipulation tools that are sometimes used by other applications for processing image files. Remote exploitation of multiple integer overflow vulnerabilities in ImageMagick, as included in various vendors' operating system distributions, allows attackers to crash applications using the ImageMagick library, and in some cases, execute arbitrary code.
Several integer overflow vulnerabilities have been identified in ImageMagick's handling of various file formats. By creating a specially crafted DCM, DIB, XBM, XCF, or XWD image file, an attacker can cause a heap buffer of insufficient size to be allocated. This results in a heap-based buffer overflow.
The ImageMagick maintainers have addressed these vulnerabilities with the release of version 6.3.5-9.

A potential security vulnerability has been identified in HP-UX running the logins(1M) command. This command incorrectly reports password status. As a result password issues may not be detected, allowing remote unauthorized access. An update solves this problem.

KDM is a X Session manager for KDE. Under certain circumstances it's possible for KDM to be tricked into allowing user logins without a password.
Fetchmail is a SSL enabled POP3, APOP and IMAP mail gatherer/forwarder. Under certain circumstances it might attempt to dereference a NULL pointer and crash.
Fixed packages are available now.

A potential security vulnerability has been identified in HP-UX running the Ignite-UX or the DynRootDisk (DRD) get_system_info command. This command can change system networking parameters without notification. An update solves this problem.

A buffer overflow vulnerability in the Microsoft Foundation Class (MFC) Library could allow an attacker to execute arbitrary code on an affected system. A patch is not available yet.

Several vulnerabilities were found in VMware ESX Server, VMware Server, VMware Workstation, VMware Player, and VMware ACE. Fixed software is available now.

Several vulnerabilities were found in PHP. Fixed packages are available now.

The latest patches for Microsoft are needed to be installed when using the SMA. It's strongly recommended to install these hotfixes from Microsoft.

SGI has released the Security Update #80 for SGI Advanced Linux Environment 3. These updates fix already known security related problems in cyrus-sasl, qt and star.
So it's recommended to install this update.

A security vulnerability has been identified in HP-UX running the logins(1M) command. This command incorrectly reports password status. As a result password issues may not be detected, allowing remote unauthorized access. A patch is available now.

Several flaws were found in the way libvorbis processed audio data. An attacker could create a carefully crafted OGG audio file in such a way that it could cause an application linked with libvorbis to crash or execute arbitrary code when it was opened.
A flaw was found in the way X.Org's composite extension handles 32 bit color depth windows while running in 16 bit color depth mode.
A stack buffer overflow flaw was discovered in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash.
Fixed packages are available now.

The Cisco Adaptive Security Appliance (ASA) firewall may log user credentials, including passwords, as plain text when AAA authentication is enabled. Workarounds are described in the advisory.

On Windows systems QuickTime Media-Link files can be used to call Firefox with the -crome option and execute arbitrary scrips with the full privileges of the user. Fixed software is available now.

A vulnerability in Cacti allows remote authenticated users to cause a denial of service (CPU consumption) via large values of the graph_start, graph_end, graph_height, or graph_width parameters.
The Avahi daemon allows attackers to cause a denial of service via empty TXT data over D-Bus, which triggers an assert error.
Fixed packages are available now.

A heap overflow vulnerability has been discovered in the TIFF parsing code of the OpenOffice.org suite. The parser uses untrusted values from the TIFF file to calculate the number of bytes of memory to allocate. A specially crafted TIFF image could trigger an integer overflow and subsequently a buffer overflow that could cause the execution of arbitrary code. Fixed software is available now.

A security vulnerability has been identified with HP System Management Homepage (SMH) for Windows on systems which are also running HP Version Control Agent (VCA) or Version Control Repository Manager (VCRM). The vulnerability may result in the incomplete installation of OpenSSL updates, including security updates. Fixed software is available now.

Apple QuickTime is a media player that is available for Microsoft Windows and Apple OS X. Apple QuickTime includes browser plugins for Internet Explorer, Safari, and Netscape-compatible browsers. QuickTime includes the ability for developers to control how QuickTime movies are launched. To specify these parameters, developers can create QuickTime link (.qtl) files. QuickTime link files can be embedded in web pages and launched automatically when a user visits a website. Apple QuickTime incorrectly determines the command line used to launch the default web browser on Microsoft Windows systems. Rather than using the ShellExecute method, QuickTime determines the default handler for .HTM files and then crafts its own command line for the registered application. Any protective flags in the registered file handler are stripped out by QuickTime. Current proof-of-concept code targets systems where Mozilla Firefox is the default handler for .HTM files. Other applications are also affected by this vulnerability, although the impact may vary based on what command line parameters the application accepts. So an attacker might be able to execute arbitrary commands on a vulnerable system. Please regard the workarounds described in the advisories, since an update is not available yet.

A programming error was found in id3lib that could lead to a denial of service through symlink attacks.
The bgpd daemon in Quagga allowes remote BGP peers to cause a denial of service crash via a malformed OPEN message or COMMUNITY attribute.
Fixed packages are available now.

Several vulnerabilities have been discovered in the IPv6 and display driver implementation of NetBSD und in the nameserver BIND. Patches are available now.

A buffer overflow was found in how Qt expanded malformed Unicode strings. If an application linked against Qt parsed a malicious Unicode string, it could lead to a denial of service or potentially allow for the execution of arbitrary code. Fixed software is available now.

Several vulnerabilities were found in the linux kernel. Fixed kernel packages are available now.

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

Several vulnerabilities have been discovered in phpWiki, a wiki engine written in PHP.
It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files.
Several vulnerabilities have been discovered in jffnms, a web-based Network Management System for IP networks.
Fixed packages are available now.

Tcpdump is a tool designed to capture and print out the headers of packets on a network interface. Remote attackers can cause a Denial-of-Service (crash) via a specially crafted frame. They might also be able to execute arbitrary code via specially crafted TLVs in a BGP packet. An updated package solves these problems.

Some vulnerabilities have been found in MySQL, a relational database. A flaw in MySQL's authentication protocol allows a remote unauthenticated attacker to send a specially crafted authentication request to the MySQL server causing it to crash. A remote authenticated user can obtain sensitive information like e.g. the table structure due to no privileges necessary for a CREATE TABLE LIKE statement. Also, a remote authenticated users might gain update privileges for a table in another database via a view that refers to the external table. They might also gain database privileges due to a flaw in the function mysql_change_db when returning from SQL SECURITY INVOKER stored routines. Additionally, MySQL doesn't require the DROP privilege for RENAME TABLE statements, so a remote authenticated user could use this flaw to rename arbitrary tables.
It's strongly recommended to install an update which is available now.

Several remote vulnerabilities have been discovered in phpMyAdmin, a program to administrate MySQL over the web.
A buffer overflow was discovered in the Composite extension of the X.org X server, which can lead to local privilege escalation.
Fixed packages are available now.

The MIT Kerberos Team discovered a problem with the originally published patch for svc_auth_gss.c. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. So please install the updated patch.

Several vulnerabilities were found in the linux kernel. Fixed kernel packages are available now.

A stack-based buffer overflow in Eggdrop allows user-assisted, malicious remote IRC servers to execute arbitrary code via a long private message.
The Konqueror address bar is vulnerable to spoofing attacks that are based on embedding white spaces in the url. In addition the address bar could be tricked to show an URL which it is intending to visit for a short amount of time instead of the current URL.
A flaw was discovered in MySQL's authentication protocol. It is possible for a remote unauthenticated attacker to send a specially crafted authentication request to the MySQL server causing it to crash.
Fixed packages are available now.

It was discovered that Gforge, a collaborative development tool performs insufficient input sanitising, which allows SQL injection. Fixed packages are available now.

Some versions of Symantecs device driver SYMTDI.SYS contain a vulnerability which, if successfully exploited, could allow a local attacker to cause the system to crash. Fixed software is available now.

Several vulnerabilities were found in cstat, ibstat, inventory scout, mkpath, xlplm, svprint, swcons, uucp, and perfstat kernel extension. Patches are available now.

Cisco Video Surveillance IP Gateway video encoder and decoder, Services Platform (SP), and Integrated Services Platform (ISP) devices contain authentication vulnerabilities that allow remote users with network connectivity to gain the complete administrative control of vulnerable devices. Cisco has made free software available to address these vulnerabilities for affected customers.

The Cisco Content Switching Modules (CSM) and Cisco Content Switching Module with SSL (CSM-S) contain two vulnerabilities that can lead to a denial of service (DoS) condition. The first vulnerability exists when processing TCP packets, and the second vulnerability affects devices with service termination enabled. Cisco has made free software available to address these vulnerabilities for affected customers.

A path traversal flaw was discovered in the way GNU tar extracts archives. A malicious user could create a tar archive that could write to arbitrary files to which the user running GNU tar had write access. Fixed packages are available now.

Several vulnerabilities were found in the linux kernel. Fixed kernel packages are available now.

A flaw was discovered in the way file checksums were stored in the AIDE database. This could prevent AIDE from detecting certain file modifications.
A bug was found in cyrus-sasl's DIGEST-MD5 authentication mechanism.
A path traversal flaw was discovered in the way star extracted archives. A malicious user could create a tar archive that would cause star to write to arbitrary files to which the user running star had write access.
Fixed packages are available now.

Two vulnerability were discovered in the MIT krb5 Kerberos administration daemon (kadmind). A stack buffer overflow in the RPCSEC_GSS authentication may allow a remote attacker to execute arbitrary code. An authenticates user may write data through an uninitialized pointer. Fixed software is available now.

A security vulnerability in the Special File System (SPECFS) strfreectty() function may allow an unprivileged local user to panic the system, creating a Denial of Service (DoS). A patch addresses this issue.

Several local and remote vulnerabilities have been discovered in the Linux kernel 2.6 that may lead to a Denial-of-Service or the execution of arbitrary code. The vim editor shows two vulnerabilities allowing attackers to execute arbitrary commands, too. A vulnerability in id3lib may lead to Denial-of-Service due to symlink attacks.
Fixed packages are available now.

A vulnerability in ClamAV might allow remote attackers to cause a Denial-of-Service via a specially crafted RTF file or HTML document with a data: URI, both of which trigger a NULL dereference. A second vulnerability in clamav-milter, when run in black hole mode, might allow remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call. An updated package addresses these issues.