Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to the execution of arbitrary code or denial of service. Fixed packages are available now.

Symantec ships an ActiveX control, AeXNSConsoleUtilities.dll with a vulnerable method in Symantecs Altiris Notification Server / Symantec Management Platform and with Symantecs Altiris Deployment Solution 6.9. The vulnerable control is downloaded during the initial connection to the web console on the management server to enable authorized admin access to the management server. An update addresses this issue.

Multiple security vulnerabilities in the LDAP client configuration cache daemon (ldap_cachemgr(1M)) may allow a local unprivileged user to terminate the ldap_cachemgr daemon. On Solaris 9 and 10 systems this will prevent LDAP name service requests from succeeding. This is a type of Denial-of-Service (DoS) as LDAP name service requests will hang and users may no longer be able to login to LDAP client systems. On Solaris 8 systems, LDAP name service requests will be slower, as caching will not occur which is also a type of Denial-of-Service (DoS). Updates are available now.

The TLS/SSLv3 protocol as implemented in openssl isn't able to associate already sent data to a renegotiated connection. This allows a man-in-the-middle attack by injecting HTTP requests in a HTTPS session without being noticed. An update addresses this issue.

Microsoft Internet Explorer (IE) does not safely reference CSS style elements. Using a specially crafted HTML page, an attacker can cause IE to crash and potentially execute arbitrary code. A hotfix is not available yet.

A potential cache poisoning vulnerability was found in the BIND nameserver, in which data in the additional section of a response could be cached without proper DNSSEC validation. Fixed software is available now.

A new SUSE Security Summary reports about vulnerabilities in the packages cups, jetty5, libqt4/dbus-1-qt, opera, puretls/jessie, kdegraphics3-pdf, qemu, and udev. Updated packages are available now and should be installed on vulnerable systems.

It was discovered that libvorbis, a library for the Vorbis general-purpose compressed audio codec, did not correctly handle certain malformed ogg files. An attacher could cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file.
Several remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor.
Several integer overflows, buffer overflows and memory allocation errors were discovered in the Poppler PDF rendering library, which may lead to denial of service or the execution of arbitrary code if a user is tricked into opening a malformed PDF document.
Fixed packages are available now.

A buffer overflow flaw was found in the kdelibs string to floating point conversion routines. Fixed packages are available now.

It was discovered that php-mail, a PHP PEAR module for sending email, has insufficient input sanitising, which might be used to obtain sensitive data from the system that uses php-mail. Fixed packages are available now.

A security vulnerability has been identified with HP Operations Manager for Windows. The vulnerability could be exploited remotely to gain unauthorized access. A patch is available now.

Several vulnerabilities have been found in VMware vCenter, ESX, and vMA. Fixed software is available now.

It was discovered that gforge, a collaborative development tool, is prone to a cross-site scripting (XSS) attack via the helpname parameter. Beside fixing this issue, an update also introduces some additional input sanitising.

Several vulnerabilities were found in the Sun Java 6 JRE/SDK. Fixed packages are available now.

A potential security vulnerability has been identified with certain HP Color LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to data or to create a Denial-of-Service (DoS). A firmware update remedies this issue.

Bugzilla is a Web-based bug-tracking system. When a bug is in a group, none of its information should be visible to users outside that group. It has been discovered that as of 3.3.2, Bugzilla is showing the alias of the bug to users outside of the group, if the protected bug ended up in the "Depends On" or "Blocks" list of any other bug. An update is available now.

Wyse Simple Imager (WSI) includes older versions version of TFTPD32 that contains publicly known vulnerabilities. An attacker could exploit these vulnerabilities to potentially execute arbitrary code on the system running WSI and TFTPD32. It's recommended to upgrade TFTPD32 to the latest version.

Several vulnerabilities were found in the Drupal third-party modules PHPList Integration, Strongarm, Feed Element Mapper, Subgroups for Organic Groups, PHPList Integration, Ubercart, Gallery Assist, and Printfriendly. Please be aware that Drupal core is not affected.

SolidDB is an in-memory relational database from IBM. A remotely exploitable vulnerability was found in the database server core component. Exploitation of this bug does not require authentication and will lead to a remotely triggered Denial-of-Service of the database service. IBM has issued the SolidDB and SolidDB Universal Cache 6.3 Fix Pack 3 which addresses this problem.

A potential vulnerability has been identified with the Cisco Catalyst Blade Switch 3020/3021. It might be exploited remotely to create a Denial-of-Service (DoS) or even execute arbitrary code. A firmware update is available now.

HP Openview Network Node Manager (NNM) is a widely used tool for network monitoring. A remotely exploitable vulnerability has been found in the database server core component used by NNM 7.53. Exploitation of the bug does not require authentication and will lead to a remotely triggered Denial-of-Service (DoS) of the internal database service. Fixes are available now.

Two security vulnerabilities in SAMBA(7) have been found. A remote unprivileged user with a valid SAMBA account may gain unauthorized access to the remote root file system. Further on, a remote unprivileged user on an authenticated SAMBA connection may cause a Denial-of-Service (DoS) condition via specially crafted SMB requests. Updates are available now.

The TLS/SSLv3 protocol as implemented in openssl isn't able to associate already sent data to a renegotiated connection. This allows a man-in-the-middle attack by injecting HTTP requests in a HTTPS session without being noticed. An update addresses this issue.

Several vulnerabilities were found in the Common UNIX Printing System (CUPS). Fixed packages are available now.

Several vulnerabilities have been discovered in the Linux kernels of Red Hat Enterprise Linux. Updated kernel packages are available now.

Several vulnerabilities were found in the Apache HTTP server. A design flaw has been found in the TLS and SSL protocol that allows an attacker to inject arbitrary content at the beginning of a TLS/SSL connection. Insufficient input validation in the mod_proxy_ftp module allowed remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. Insufficient input validation in the mod_proxy_ftp module allowed remote authenticated attackers to bypass intended access restrictions and send arbitrary FTP commands to an FTP server.
It was discovered that gnutls, an implementation of the TLS/SSL protocol, does not properly handle a '\0' character in a domain name in the subject's Common Name or Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
Several vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation.
Fixed packages are available now.

IBM WebSphere Application Server is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input by the Administration Console. By persuading an authenticated user to visit a malicious Web site, a remote attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities. A Fix Pack solves this problem.

The Apache HTTP Server enables the HTTP TRACE method per default which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software. Fixed packages are available now.

Several vulnerabilities were found in the kernel of SUSE SLES 9 and Novell Linux Desktop 9. Fixed kernel packages are available now.

Several vulnerabilities were found in the 'samba3x' packages of Red Hat Enterprise Linux 5 Supplementary. Fixed packages are available now.

Several vulnerabilities were found in the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Fixed packages are available now.

IBM WebSphere Application Server is vulnerable to cross-site scripting, caused by improper validation of user-supplied input in the Administration Console. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. A Fix Pack solves this problem.

Poppler is vulnerable to a buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially-crafted PDF file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the affected application to crash. Please check if there is an update for your system available.

An Integer Overflow in the ReadImage function may allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow. An updated package is available now.

A security vulnerability in the optional Sun VirtualBox Guest Additions may allow local unprivileged users to exhaust the kernel memory of the guest operating system, leading to a Denial-of-Service (DoS) against the guest operating system running in a virtual machine. Since the Guest Additions are installed in the guest operating system only, this vulnerability is limited to local users of the guest operating system running in a virtual machine where the Guest Additions have been installed. The host operating system is not affected. A new release remedies this problem.

No further comment due to legal reasons

Several vulnerabilities were found in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Fixed packages are available now.

Several vulnerabilities were found in the kernel of SuSE Linux. Exploiting these vulnerabilities might have security impact, e.g. local users getting privileged access to the system. Fixed kernel packages are available now.

Several vulnerabilities were found in the Drupal third-party modules RootCandy, AddToAny, and Web Services. Please be aware that Drupal core is not affected.

A security vulnerability in Solaris TCP sockets may allow local unprivileged users to leak kernel memory, thereby causing a Denial of Service (DoS) condition.
The web interface of the Common Unix Printing System (CUPS) in versions 1.4.1 and earlier is impacted by multiple security vulnerabilities which may lead to Cross-Site Scripting (XSS) and HTTP Response Splitting Attacks.
A security vulnerability in the the OSCAR protocol plugin library, the shared library that adds support for various instant messaging networks to the pidgin(1) Instant Messaging client (previously known as Gaim), may allow remote unprivileged users to cause a Denial of Service (DoS) through an application crash via crafted contact-list data for ICQ and possibly AIM.
Patches are available now.

Several vulnerabilities were found in the kernel of SuSE Linux. Exploiting these vulnerabilities might have security impact, e.g. local users getting privileged access to the system. Fixed kernel packages are available now.

Several vulnerabilities were found in the Apache Webserver 'httpd'. Fixed packages are available now.

The 4Suite package contains XML-related tools and libraries for Python. A buffer over-read flaw has been found in the way 4Suite's XML parser handles malformed UTF-8 sequences when processing XML files. A specially-crafted XML file could cause applications using the 4Suite library to crash while parsing the file. Updated packages are available now.

An update fixes several vulnerabilities in the Sun Java 5 Runtime Environment and the Sun Java 5 Software Development Kit. It should be installed immediately.

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

A vulnerability has been identified in Adobe Photoshop Elements versions 8.0 and 7.0. It might allow a user with valid login credentials and/or physical access to execute arbitrary commands with elevated privileges. A workaround is described in the advisory.

A new SUSE Security Summary reports about vulnerabilities in the packages cyrus-imapd, neon/libneon, freeradius, strongswan, openldap2, apache2-mod_jk, expat, xpdf, and mozilla-nspr. Updated packages are available now and should be installed on vulnerable systems.

The Windows installer defaults to a blank password for the administrative user. If this is not changed during the install process, then by default a user is created with the name admin, roles admin and manager and a blank password. It's recommended to set a strong password correctly.

Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, privilege escalation, and Denial-of-Service (DoS). It's recommended to install updates now.

CUPS is the Common Unix Printing System. It shows a possibility to initiate a Cross-Site Scripting (XSS) attack successfully. Fixed packages are available now.

An industry-wide vulnerability exists in the Transport Layer Security (TLS) protocol that could impact any Cisco product that uses any version of TLS and SSL. The vulnerability exists in how the protocol handles session renegotiation and exposes users to a potential man-in-the-middle attack. Cisco currently investigates and will provide updates when finished and necessary.

Security Update 2009-006 / Mac OS X v10.6.2 is now available and addresses many vulnerabilities, which could be exploited locally or remote. It's strongly recommended to install this update.

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Several vulnerabilities might lead to Cross-Site Scripting (XSS), information leaks, Denial-of-Service (DoS) or other impacts. Due to this, updated packages have been published.

The libvorbis packages contain runtime libraries for use in programs that support Ogg Vorbis audio format. Multiple flaws were found in the libvorbis library. A specially-crafted Ogg Vorbis media format file (Ogg) could cause an application using libvorbis to crash or, possibly, execute arbitrary code when opened. Updated packages are available now.

An update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. It should be installed immediately.

Two security vulnerabilities exist in the Apache 2 mod_perl2(3) module components. A Denial of Service (DoS) vulnerability in the "RunPerl.pm" component may allow a remote unprivileged user to cause a Denial-of-Service (DoS) to the Apache 2 "httpd" process. Further on, a Cross-Site Scripting (XSS) vulnerability in the "Status.pm" component may allow a remote unprivileged user to inject arbitrary web script or HTML. This may allow the unprivileged user to bypass access control and gain access to unauthorized data. Updates are available now.

A security vulnerability in SCTP (Stream Control Transmission Protocol) and SDP (Sockets Direct Protocol) driver sockets has been found. It may allow local unprivileged users to leak kernel memory, thereby causing a Denial-of-Service (DoS) condition. Updates address this issue.

Asterisk is a free software for telephones. Asterisk includes a demonstration AJAX based manager interface which uses the prototype.js framework. An issue has been found in this framework which could allow someone to execute a cross-site AJAX request exploit. Further on, it's possible to determine if a peer with a specific name is configured in Asterisk by sending a specially crafted REGISTER message twice. Upgrading to the latest version remedies these issues.

Blender is a 3D graphics application released as free software. Blender .blend project files can be modified to execute arbitrary commands without user intervention by design. An attacker can take full control of the machine where Blender is installed sending a specially crafted .blend file and enticing the user to open it. Until now, a patch isn't available.

A potential security vulnerability has been identified with HP Power Manager. The vulnerability could be exploited remotely to execute arbitrary code. To avoid this vulnerability network access to the HP Power Manager should be limited to trusted users.

Two vulnerabilities have been found in the IBM Java 4 JRE/SDK used in Red Hat Enterprise Linux for SAP. Fixed packages are available now.

Several vulnerabilities were found in the Drupal third-party modules User Protect, Node Hierarchy , Presentation Player, Temporary Invitation, NGP COO/CWP Integration, Smartqueues for Organic Groups, Link, Organic Groups Vocabulary, and Zoomify.
Updated software is available now and should be installed immediately when using these modules. Please be aware that Drupal core is not affected.

PowerHA Cluster Management monitoring of port 6177 allows a remote attacker to make arbitrary changes to the local AIX configuration. Fixes are now available.

The Shibboleth System is a standards based, open source software package for web single sign-on. The Shibboleth software includes code to perform arbitrary redirections and generates forms containing arbitrary destinations in certain cases. The URLs used were not properly checked for certain kinds of cross-site scripting (XSS) attacks and are vulnerable to script injection and some related vulnerabilities. Updated versions of the Shibboleth 1.3.x and 2.x Identity Provider and Service Provider software are available now.

Sun Solaris 10 Kernel Patches 141444-09 and 141445-09 may cause Interface failure in IP Multipathing (IPMP) when configured for probe based failure detection. This issue doesn't occur with a IPMP link based failure detection configuration. A workaround is described in the advisory.

A security vulnerability in the Sun Virtual Infrastructure (VDI) 3.0 authentication mechanism may allow remote unprivileged users to gain unauthorized access to the VirtualBox web service. A patch for Sun Solaris 10 is available now.

A bug in the Linux kernels "pipe" system call implementation was found which can be used by local attackers to gain root privileges. Hints for increasing security have been published. They should be implemented until a patch is available.

Symantecs Altiris Deployment Solution and Notification Server web consoles install a vulnerable ActiveX control. While the control is not intended to be called externally, it fails to properly validate/filter user input which could potentially allow unauthorized execution of arbitrary code on the targeted system in the context of the users browser. An update resolves this issue.

A security vulnerability in Solaris Sockets Direct Protocol (SDP) driver (sdp(7D)) may allow a local or remote unprivileged user to exhaust all kernel memory. This is a type of Denial-of-Service (DoS). A patch remedies this problem.

A vulnerability in Novell's eDirectory Server has been found. Due to a flaw in the LDAP implementation, attackers are able to initiate a remote Denial-of-Service (DoS) attack. Novell has issued an update to correct this vulnerability.

Several vulnerabilities have been found in drupal6, a fully-featured content management framework.
Several vulnerabilities have been discovered in the NetScape Portable Runtime Library, which may lead to the execution of arbitrary code.
It was discovered that incorrect pointer handling in the purple library, an internal component of the multi-protocol instant messaging client Pidgin, could lead to denial of service or the execution of arbitrary code through malformed contact requests.
Fixed packages are available now.

Several vulnerabilities were found in the IBM Java 6 JRE/SDK. Fixed packages are available now.

Several remote vulnerabilities have been discovered in the TYPO3 web content management framework. Fixed packages are available now.

Several vulnerabilities have been found in linux 2.6, the kernel which is the base of the system. These vulnerabilities might lead to privilege escalation, Denial-of-Service (DoS) or leaking sensitive information. An update addresses this issue.

Critical vulnerabilities have been identified in Adobe Shockwave Player. The vulnerabilities could allow an attacker, who successfully exploits the vulnerabilities, to run malicious code on the affected system. Fixed software is available now.

It was discovered that Wget is affected by the previously published "null prefix attack", caused by incorrect handling of NULL characters in X.509 certificates. Fixed packages are available now.

Several vulnerabilities have been discovered in the Linux kernels of Red Hat Enterprise Linux. Updated kernel packages are available now.

Several vulnerabilities were found in the kernel of SuSE Linux. Exploiting these vulnerabilities might have security impact, e.g. local users getting privileged access to the system. Fixed kernel packages are available now.

A security vulnerability with verifying HMAC-based XML digital signatures in the XML digital signature implementation included with the Sun GlassFish Enterprise Server may allow authentication to be bypassed. Patches are available now.

Two vulnerabilities have been discovered in mahara, an electronic portfolio, weblog, and resume builder.
It has been discovered that proftpd-dfsg, a virtual-hosting FTP daemon, does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, when the dNSNameRequired TLS option is enabled.
Fixed packages are available now.