Mandrake Linux Security Update Advisory - SGI developers discovered a remote DoS (Denial of Service) condition in the NFS statd server. rpc.statd did not ignore the SIGPIPE signal which would cause it to shutdown if a misconfigured or malicious peer terminated the TCP connection prematurely.

Mandrake Linux Security Update Advisory - Herbert Xu discovered that iproute can accept spoofed messages sent via the kernel netlink interface by other users on the local machine. This could lead to a local Denial of Service attack.

Mandrake Linux Security Update Advisory - Javier Fernandez-Sanguino Pena discovered two vulnerabilities in scripts included with the vim editor. The two scripts, tcltags and vimspell.sh created temporary files in an insecure manner which could allow a malicious user to execute a symbolic link attack or to create, or overwrite, arbitrary files with the privileges of the user invoking the scripts.

Secunia Security Advisory - Mandrake has issued an update for hylafax. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and by malicious users to compromise a vulnerable system.

Technical Cyber Security Alert TA07-059A - A worm is exploiting a vulnerability in the telnet daemon (in.telnetd) on unpatched Sun Solaris systems. The vulnerability allows the worm (or any attacker) to log in via telnet (23/tcp) with elevated privileges.

Technical Cyber Security Alert TA09-088A - US-CERT is aware of public reports indicating a widespread infection of the Conficker worm, which can infect a Microsoft Windows system from a thumb drive, a network share, or directly across a network if the host is not patched with MS08-067.

This Metasploit module exploits a format string vulnerability in the LPRng print server. This vulnerability was discovered by Chris Evans. There was a publicly circulating worm targeting this vulnerability, which prompted RedHat to pull their 7.0 release. They consequently re-released it as "7.0-respin".

Linux Security Checklist is a perl script that audits a given Linux host and provides recommendations for security enhancements.

A vulnerability is present in AT&T TCP/IP Release 4.0 running on SVR4 systems for both the 386/486 and 3B2 RISC platforms. The problem is in the remote execution server /usr/etc/rexecd and a new version of rexecd is available from AT&T.

HP Security Bulletin - A potential security vulnerability has been identified in the Aries PA-RISC emulation software running on HP-UX IA-64 platforms only. This vulnerability may allow local unauthorized access.

Ubuntu Security Notice USN-715-1 - Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. It was discovered that the inotify subsystem contained watch removal race conditions. Dann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. Helge Deller discovered that PA-RISC stack unwinding was not handled correctly. It was discovered that the ATA subsystem did not correctly set timeouts. It was discovered that the ib700 watchdog timer did not correctly check buffer sizes.

Secunia Security Advisory - SUSE has issued an updated for libtiff. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

Secunia Security Advisory - SUSE has issued an update for WebYaST and SUSE Studio Standard Edition. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.

Secunia Security Advisory - SUSE has issued an update for java-1_7_0-openjdk. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

Secunia Security Advisory - SUSE has issued an update for chromium. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

Secunia Security Advisory - SUSE has issued an update for virtualbox. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

Secunia Security Advisory - SUSE has issued an update for libupnp. This fixes three vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

Secunia Security Advisory - SUSE has issued an update for apache2. This fixes two weaknesses, a security issue, and a vulnerability, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

Secunia Security Advisory - SUSE has issued an update for apache2. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.

Secunia Security Advisory - SUSE has issued an update for v8. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library.