A vulnerability has been identified in Citrix XenServer that, when triggered, could result in a Denial-of-Service (DoS) to the host. This vulnerability can be triggered when a guest using a pvops kernel makes specific calls to the host, causing XenServer to incorrectly set flags. A hotfix has been released to address this issue.

SNARE (System iNtrusion Analysis and Reporting Environment) is a series of log collection agents that facilitate centralised analysis of audit log data. The web interface allows the administrator to manage several agent settings, including changing the listening port and password. These HTTP requests don't perform proper validity checks and are susceptible to a cross-site request forgery attack (CSRF). Due to this, an attacker can change several agent settings, such as the password or listening port, if able to trick an administrator into visiting a specially crafted link. Updated software is available now.

As reported in AE-201006-008, critical vulnerabilities exist in Adobe Flash Player, Adobe Reader, and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. A fix is available now, so an upgrade is strongly recommended.

A security vulnerability with the IBM FileNet P8 Content Engine and Content Search Engine has been discovered. An attacker who successfully exploits this vulnerability could gain the same user rights as the user credentials used to install and configure the CSE or the user credentials used to bootstrap the CE. Fixes are available now.

Cisco Adaptive Security Appliance (ASA) is vulnerable to HTTP response splitting caused by improper validation of user supplied input. A remote user can exploit this to spoof content on the target ASA appliance, attempt to poison any intermediate web caches or conduct cross-site scripting attacks. Cisco has released free software updates that address this vulnerability.

F-Secure Policy Manager Server does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests. Fixed software is available now.

Remote exploitation of a stack buffer overflow vulnerability in LibTIFF could allow an attacker to execute arbitrary code with the privileges of the current user. Fixed software is available now.

Bugzilla is a Web-based bug-tracking system used by a large number of software projects. Two vulnerabilities were found that allow an attacker to access privileged data. Fixed software is available now.

Two security issues have been discovered in the DCC protocol support code of kvirc, a KDE-based next generation IRC client, which allow the overwriting of local files through directory traversal and the execution of arbitrary code through a format string attack. Fixed packages are available now.

Splunk helps admininstrators to keep the overview in their IT infrastructure. A vulnerability has been discovered in Splunk. Input passed via the "Referer" header is not properly sanitised before being returned to the user within a HTTP 404 error message. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site which is a Cross-Site Scripting (XSS) attack. Successful exploitation requires the victim to use Internet Explorer. An update to version 4.1.3 remedies this problem.

Fllow a remote attacker to execute arbitrary code on the system, caused by an error in the SplObjectStorage class unserialize() function. An attacker could exploit this vulnerability to execute arbitrary code. ixed software is not available yet.

Two cross-site scripting vulnerabilities were found in the IBM WebSphere Application Server. Fixed software is available now.

Novell iManager is prone to a stack-based buffer overflow vulnerability that can be exploited by authenticated users to execute arbitrary code, and to an off-by-one error that can be abused by remote, unauthenticated attackers to cause a Denial of Service to the application. Fixed software is not available yet.

Some vulnerabilities regarding Cross-Site Scripting (XSS) were found in the Drupal third-party modules Masquerade, Case Tracker, Easy Translator, Block Queue, and Multiple Image Upload. Fixed software is available now. Please be aware that Drupal core is not affected.

It was discovered that 'pulseaudio' creates temporary files in an insecure way. Fixed packages are available now.

Several vulnerabilities were found in the 'Red Hat Enterprise Virtualization Manager', 'vdsm', and 'rhev-hypervisor'. Fixed packages are available now.

Several vulnerabilities were found in the Mozilla Firefox browser, Thuderbird and Seamonkey. Fixed software is available now.

A vulnerability was reported in the SquirrelMail Mail Fetch plugin, wherein a user is allowed to specify (without restriction) any port number for their external POP account settings. Fixed packages are available now.

The web services run-time might allow an attacker to cause a denial of service or remotely read arbitrary files on the file system where the run-time is installed. This vulnerability might potentially be exploited on any installation that receives XML messages from untrusted sources. Fixed software is available now.

A vulnerability regarding Cross-Site Scripting (XSS) has been found in the Drupal third-party module FileField. The module Views shows is vulnerable to a Cross Site Request Forgery (CSRF). Fixed software is available now. Please be aware that Drupal core is not affected.

Some vulnerabilities have been found in CUPS, the Common UNIX Printing System (CUPS). Exploiting them might lead to a NULL pointer dereference, a Cross-Site Request Forgery (CSRF) issue in the web interface. Further on, an uninitialized memory read issue was found in the CUPS web interface. Updated packages are available now.

Several vulnerabilities were found in the java-1.5.0-ibm packages for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. Fixed packages are available now.

Potential security vulnerabilities have been identified with HP-UX running Apache with PHP. These vulnerabilities could be exploited remotely to create a Denial-of-Service (DoS) gain unauthorized access, and perform cross site scripting (XSS). Updates are available now.

Potential security vulnerabilities have been identified with HP-UX running Tomcat-based Servlet Engine. The vulnerabilities could be exploited remotely to increase privilege or arbitrarily modify files. Tomcat-based Servlet Engine is contained in the Apache Web Server Suite. An upgrade is available now.

It was discovered that pmount, a wrapper around the standard mount program which permits normal users to mount removable devices without a matching /etc/fstab entry, creates files in /var/lock insecurely. A local attacker could overwrite arbitrary files utilising a symlink attack. Fixed packages are available now.

It was discovered that cacti, a front-end to rrdtool for monitoring systems and services, is not properly validating input passed to the rra_id parameter of the graph.php script. Fixed packages are available now.

It was discovered that Samba, an implementation of the SMB/CIFS protocol for Unix systems, is not properly handling certain offset values when processing chained SMB1 packets. This enables an unauthenticated attacker to write to an arbitrary memory location resulting in the possibility to execute arbitrary code with root privileges. Fixed software is available now.

A new SUSE Security Summary reports about vulnerabilities in the packages apache2-mod_php5/php5, bytefx-data-mysql/mono, flash-player, fuse, java-1_4_2-ibm, krb5, libcmpiutil/libvirt, libmozhelper-1_0-0/mozilla-xulrunner190, libopenssl-devel, libpng12-0, libpython2_6-1_0, libtheora, memcached, ncpfs, pango, puppet, python, seamonkey, te_ams, and texlive. Updated packages are available now and should be installed on vulnerable systems.

A flaw was found in the way sudo handled the presence of duplicated environment variables. A local user authorized to run commands using sudo could use this flaw to set additional values for the environment variables set by sudo, which could result in those values being used by the executed command instead of the values set by sudo. Fixed packages are available now.

Updated kernel packages that fix one security issue and add one enhancement are now available for Red Hat Enterprise Linux 4.

Several vulnerabilities were found in the Java 2 Runtime Environment. Fixed packages are available now.

It was discovered that cacti, a front-end to rrdtool for monitoring systems and services, is not properly validating input passed to the rra_id parameter of the graph.php script. Fixed packages are available now.

Multiple vulnerabilities has been discovered and corrected in Safe.pm which could lead to escalated privileges. Updated packages have been patched to correct these issues.

No further comment due to legal reasons

Several critical vulnerabilities have been identified in Adobe Flash Player These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. Fixed software is available now.

Several vulnerabilities have been discovered in the GNU C Library (aka glibc).
It was discovered that PCSCD, a daemon to access smart cards, was vulnerable to a buffer overflow allowing a local attacker to elevate his privileges to root.
Fixed packages are available now.

Cisco Unified Contact Center Express (UCCX or Unified CCX) contains a denial of service (DoS) vulnerability and a directory traversal vulnerability. Cisco has released free software updates that address these vulnerabilities.

The Cisco Application Extension Platform contains a privilege escalation vulnerability in the tech support diagnostic shell that may allow an authenticated user to obtain administrative access to a vulnerable Cisco Application Extension Platform module. Cisco has released free software updates that address this vulnerability.

Several security vulnerabilities have been identified with the HP OpenView Network Node Manager (OV NNM). These vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. Patches are available now.

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

No further comment due to legal reasons

Multiple vulnerabilities were discovered in glibc. Fixed packages are available now.

Several vulnerabilities were found in the Apple Safari web browser. Fixed software is available now.

Several vulnerabilities were found in the 'perl' Safe module and the File::Path module.
A flaw was found in the way OpenOffice.org enforced a macro security setting for macros, written in the Python scripting language, that were embedded in OpenOffice.org documents. If a user were tricked into opening a specially-crafted OpenOffice.org document and previewed the macro directory structure, it could lead to Python macro execution even if macro execution was disabled.
Fixed packages are available now.

Several vulnerabilities have been discovered in the MySQL database server. Fixed packages are available now.

A vulnerability exists in CA ARCserve Backup that can potentially allow a local attacker to gain sensitive information. Fixed software is available now.

Several cache-poisoning vulnerabilities have been discovered in BIND. These vulnerabilities are apply only if DNSSEC validation is enabled and trust anchors have been installed.
It was discovered that OpenOffice.org suite is not properly handling python macros embedded in an office document. This allows an attacker to perform user-assisted execution of arbitrary code in certain use cases of the python macro viewer component.
It was discovered that in zonecheck, a tool to check DNS configurations, the CGI does not perform sufficient sanitation of user input; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks.
Fixed packages are available now.

A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability could cause a crash (DoS) and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.
A fix is going to be published as soon as possible.

A potential security vulnerability has been identified with HP ServiceCenter running on AIX, HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited remotely to allow Cross-Site scripting (XSS). A patch is available now.

A potential security vulnerability has been identified with HP StorageWorks Storage Mirroring. This vulnerability could be exploited remotely to gain unauthorized access. A patch is available now.

Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote execution of arbitrary code, disclosure of information, and other vulnerabilities. Further on, many security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial-of-Service (DoS) or unauthorized access. Updated software is available now.

Some vulnerabilities regarding Cross-Site Scripting (XSS) were found in the Drupal third-party modules Storm and Rotor Banner. Fixed software is available now. Please be aware that Drupal core is not affected.

A vulnerability in Novell ZENworks allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks. Authentication is not required to exploit this vulnerability. Novell has issued an update to correct this vulnerability.

The Accoria web server is also known as Rock Web Server. Accoria Web Server 1.4.7 for x86 Solaris and on OpenSolaris 2008.11 in VMWare contains several Cross-Site scripting (XSS) and Cross-Site request forgery (XSRF) vulnerabilities. Directory traversal and format string vulnerabilities exist as well. The getenv sample code contains a XSS vulnerability when viewed by Internet Explorer 6 or other web browsers that don't follow RFC 2616 Section 7.2.1. Generated cookies appear to be weak and predictable which may allow an attacker to bypass authentication. An update isn't available yet.

It was discovered that rhn-client-tools set insecure permissions on the loginAuth.pkl file, used to store session credentials for authenticating connections to Red Hat Network servers. A local, unprivileged user could use these credentials to download packages from the Red Hat Network. They could also manipulate package or action lists associated with the system's profile. Fixed packages are available now.