Claroline eLearning and eWorking Platform version 1.8.9 suffers from cross site scripting, unsigned redirect, and cross site request forgery vulnerabilities.

The SmbClientParser perl module suffers from a vulnerability that allows for remote command execution.

Def Blog version 1.0.3 suffers from multiple SQL injection vulnerabilities.

Follow up information regarding a whitepaper about lateral SQL injection and how ALTER SESSION privileges are not needed.

I sure want to know more: Giants have very strange sexual behaviour where the male has a metre-long muscular penis that he uses a bit like a nail gun and shoots cords of sperm under the skin of the female's arms and she carries the sperm around with her until she is ready to lay her big jelly mass of a million eggs.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Anno...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================ Turbolinux Security Announcement 18/Jul/2008 ========================================...

Re: Lateral SQL Injection Revisited - No Special Privs Required

By Mitchell & Webb.

[DSECRG-08-030] Claroline 1.8.9 Multiple Security Vulnerabilities

Lateral SQL Injection Revisited - No Special Privs Required

[ISecAuditors Security Advisories] SmbClientParser Perl module allows remote command execution

Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution

Do-it-yourself hacker team creates video series to show people how to hack everyday electronics.

Did you know that, in some jurisdictions, police can inject midazolam into suspects to subdue them? "There is no research guideline. There is no validated protocol for this. There's not even a clear set of indications for when this is to be used except when people are agitated. By saying that it's done by the emergency medical personnel, they basically are trying to have it both ways. That is, they’re trying to use a medical protocol that is not validated, not for a police function, arrest and detention," Miles said. "The decision to administer Versed is based purely on a paramedic decision, not a police decision," Slovis said. It's up to the officer to call an ambulance and determine if a person is in a condition called excited delirium. "I don't know if I would use the word diagnosing, but they are assessing the situation and saying, 'This person is not acting rationally. This is something I've been trained to recognize, this seems like excited delirium.' I don't view delirium in the field as a police function. It is a medical emergency. We're giving the drug Versed that's routinely used in thousands of health care settings across the country in the field by trained paramedics. I view what we're doing as the best possible medical practice to a medical emergency," Slovis said. The biggest side effect is amnesia, which makes it harder for any defendent to defend himself in court.

Featured links from the CNET Blog Network

Listen to the 2600 hacker conference--If you can't attend The Last HOPE conference, you can tune in over the Internet.

AMD, Intel Centrino 2 make strange bedfellows--Advanced Micro Devices is making gains at Hewlett-Packard, even in Centrino 2 notebooks.

Comcast customers: Are your e-mails going missing?--Peter Glaskowsky reports on a surprising problem: the Internet addresses of Comcast customers are associated with spam and listed on some e-mail blacklist services.

Earnings: Microsoft and Google disappoint, while IBM soars--Earnings are up across the board, but profits are down...but not everywhere.