http://packetstormsecurity.org/ Packet Storm Last 10 Advisories en-us http://packetstormsecurity.org/filedesc/glsa-200907-02.txt.html Gentoo Linux Security Advisory GLSA 200907-02 - Two vulnerabilities in ModSecurity might lead to a Denial of Service. Versions less than 2.5.9 are affected. http://packetstormsecurity.org/filedesc/glsa-200907-01.txt.html Gentoo Linux Security Advisory GLSA 200907-01 - libwmf bundles an old GD version which contains a use-after-free vulnerability. The embedded fork of the GD library introduced a use-after-free vulnerability in a modification which is specific to libwmf. Versions less than 0.2.8.4-r3 are affected. http://packetstormsecurity.org/filedesc/oCERT-2009-009.txt.html CamlImages versions 2.2 and below suffer from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by PNG image parsing, the read_png_file and read_png_file_as_rgb24 functions do not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability. http://packetstormsecurity.org/filedesc/USN-795-1.txt.html Ubuntu Security Notice USN-795-1 - It was discovered that Nagios did not properly parse certain commands submitted using the WAP web interface. An authenticated user could exploit this flaw and execute arbitrary programs on the server. http://packetstormsecurity.org/filedesc/USN-794-1.txt.html Ubuntu Security Notice USN-794-1 - It was discovered that the Compress::Raw::Zlib Perl module incorrectly handled certain zlib compressed streams. If a user or automated system were tricked into processing a specially crafted compressed stream or file, a remote attacker could crash the application, leading to a denial of service. http://packetstormsecurity.org/filedesc/HPSBUX02431-SSRT090085.txt.html HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), or execution of arbitrary code. Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite. http://packetstormsecurity.org/filedesc/HPSBUX02440-SSRT090106.txt.html HP Security Bulletin - A potential security vulnerability has been identified with NFS/ONCplus running on HP-UX. The vulnerability could be exploited locally to create a Denial of Service (DoS). http://packetstormsecurity.org/filedesc/USN-793-1.txt.html Ubuntu Security Notice USN-793-1 - Multiple vulnerabilities associated with the Linux 2.6 kernel have been addressed. These issues range from arbitrary code execution to denial of service vulnerabilities. http://packetstormsecurity.org/filedesc/radware-disclose.txt.html The radware AppWall Web Application Firewall suffers from a source code disclosure vulnerability on the management interface. Gateway version 4.6.0.2 and AppWall version 1.0.2.6 are affected. http://packetstormsecurity.org/filedesc/phion-dosexec.txt.html The phion airlock Web Application Firewall version 4.1-10.41 suffers denial of service and arbitrary command execution vulnerabilities.