ZDI-11-089: Novell ZenWorks TFTPD Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-089
February 17, 2011
-- CVE ID:
CVE-2010-4323
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Zenworks
-- TippingPoint
*** REMINDER ***
This is next Tuesday!
If it ain't in your diary already, make sure it is now... THC talk
promises to be a stonker, and Christer is, well Christer!!!
This month we have a spectacular start to the year with a stellar guest
speaker from The Hacker's Choice presenting new
www.eVuln.com advisory:
"wsnuser" Cookie SQL Injection vulnerability in WSN Guest
---Summary---
http://evuln.com/vulns/174/summary.html
eVuln ID: EV0174
Software: WSN Guest
Vendor: n/a
Version: 1.24
Critical Level: medium
Type: SQL Injection
Status: Unpatched. No reply from devel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:029
http://www.mandriva.com/security/
_
===
Ubuntu Security Notice USN-1067-1 February 17, 2011
telepathy-gabble vulnerability
https://launchpad.net/bugs/720201
===
A security issue affects the following Ubuntu release
On Wed, 16 Feb 2011 16:11:23 -0700 cxib wrote:
Affected Software:
- PHP 5.3.5
grapheme is neither part of PHP core, nor built-in PHP extension,
therefore above is false as bug is not in PHP itself. People
using PHP 5.3.5 but not using grapheme (some distros like Debian
and derrivatives offer t
===
Ubuntu Security Notice USN-1066-1 February 17, 2011
python-django vulnerabilities
CVE-2011-0696, CVE-2011-0697
===
A security issue affects the following Ubuntu releases:
Ub