[Full-disclosure] Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities

2007-11-07 Thread Secunia Research
== Secunia Research 07/11/2007 - Xpdf "Stream.cc" Multiple Vulnerabilities - == Table of Contents Affected Software

[Full-disclosure] [ GLSA 200711-06 ] Apache: Multiple vulnerabilities

2007-11-07 Thread Pierre-Yves Rofes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200711-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full-disclosure] [ GLSA 200711-08 ] libpng: Multiple Denials of Service

2007-11-07 Thread Pierre-Yves Rofes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200711-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full-disclosure] Secunia Research: Link Grammar "separate_sentence()" Buffer Overflow

2007-11-07 Thread Secunia Research
== Secunia Research 07/11/2007 - Link Grammar "separate_sentence()" Buffer Overflow - == Table of Contents Affected Software..

[Full-disclosure] [SECURITY] [DSA 1402-1] New gforge packages fix several vulnerabilities

2007-11-07 Thread Steve Kemp
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1402-1 [EMAIL PROTECTED] http://www.debian.org/security/ Steve Kemp November 07, 2007

[Full-disclosure] [ GLSA 200711-07 ] Python: User-assisted execution of arbitrary code

2007-11-07 Thread Pierre-Yves Rofes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200711-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full-disclosure] Announcement : CCWAPSS methodology release 1.1

2007-11-07 Thread Frederic Charpentier
Greetings FD, I'm pleased to announce the release of the latest version of the Common Criteria Web Application Security Scoring : CCWAPSS v1.1. This update clarifies the rating process when rating multiple flaws associated to the same criteria. CCWAPSS = CCWAPSS is a comprehensiv

[Full-disclosure] iDefense Security Advisory 11.07.07: Oracle 10g R2 PITRIG_DROPMETADATA Buffer Overflow Vulnerability

2007-11-07 Thread iDefense Labs
iDefense Security Advisory 11.07.07 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 07, 2007 I. BACKGROUND Oracle Database Server is a family of database products that range from personal databases to enterprise solutions. Further information is available at the following URL. http://

[Full-disclosure] Secunia Research: AbiWord Link Grammar "separate_sentence()" Buffer Overflow

2007-11-07 Thread Secunia Research
== Secunia Research 07/11/2007 - AbiWord Link Grammar "separate_sentence()" Buffer Overflow - == Table of Contents Affected Softwar

[Full-disclosure] [ GLSA 200711-09 ] MadWifi: Denial of Service

2007-11-07 Thread Pierre-Yves Rofes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200711-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full-disclosure] [ GLSA 200711-10 ] Mono: Buffer overflow

2007-11-07 Thread Pierre-Yves Rofes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200711-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full-disclosure] Gmail 0day

2007-11-07 Thread Scripter Hack
There is a html injection vulnerability in https://www.google.com. It is very critical,you can get the cookie to login into gmail ore other service. POC: https://www.google.com/accounts/ServiceLogin?service=mail&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl