the original cloud security
Showing 1 - 25 of 493 RSS Feed

Files

Ubuntu Security Notice 522-1
Posted Sep 30, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 522-1 - It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes. Moritz Jodeit discovered that OpenSSL's SSL_get_shared_ciphers function did not correctly check the size of the buffer it was writing to. A remote attacker could exploit this to write one NULL byte past the end of an application's cipher list buffer, possibly leading to arbitrary code execution or a denial of service.

tags | advisory, remote, denial of service, arbitrary, local, code execution
systems | linux, ubuntu
advisories | CVE-2007-3108, CVE-2007-5135
MD5 | 81a8377a3cae000f1224491d8f4272e7
Debian Linux Security Advisory 1378-2
Posted Sep 30, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1378-2 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2007-3731, CVE-2007-3739, CVE-2007-3740, CVE-2007-4573, CVE-2007-4849
MD5 | 04adbac7175324943e6ca6d65e6bbeae
Mandriva Linux Security Advisory 2007.190
Posted Sep 30, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerability was discovered in KDM by Kees Huijgen where under certain circumstances and in particular configurations, KDM could be tricked into allowing users to login without a password.

tags | advisory
systems | linux, mandriva
advisories | CVE-2007-4569
MD5 | 9be7857e3066a43ebdd940e6aa5d3048
Ubuntu Security Notice 521-1
Posted Sep 30, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 521-1 - Luigi Auriemma discovered that libmodplug did not properly sanitize its input. A specially crafted AMF file could be used to exploit this situation to cause buffer overflows and possibly execute arbitrary code as the user.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2006-4192
MD5 | bc77e9b2d2f87a175182f634fa4a1e79
Trustix Secure Linux Security Advisory 2007.6
Posted Sep 30, 2007
Authored by Chris Clark | Site isecpartners.com

A vulnerability results from the Net::HTTPS library from Ruby versions 1.8.5 and 1.8.6 failing to validate the name on the SSL certificate against the DNS name requested by the user. By not validating the name, the library allows an attacker to present a cryptographically valid certificate with an invalid CN.

tags | advisory, web, ruby
MD5 | f43ab01ee2c728fcf04ea146cfb06364
Secunia Security Advisory 26964
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - 7jdg has reported a vulnerability in Xunlei Thunder, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 475e7dcdc6b7b30e6f9bd82e49e388ca
Secunia Security Advisory 26973
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tan Chew Keong has discovered a vulnerability in ICEOWS, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 8a1016883f5ea30fc05d3b277ca73940
Secunia Security Advisory 26976
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two security issues have been reported in Sun Java System Access Manager, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, java
MD5 | 5d8b9035895680096e735107b08ab132
Secunia Security Advisory 26977
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for kdebase. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
systems | linux, mandriva
MD5 | 49dcb905c83e0f67a5a7d44e6072e6fb
Secunia Security Advisory 26978
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for the kernel. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), bypass certain security restrictions, or gain escalated privileges.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, debian
MD5 | 4c6d289205eb65c462d39a49f019430d
Secunia Security Advisory 26979
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libmodplug. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
MD5 | 376443262b26d0c2c79cd944a77089a1
Secunia Security Advisory 26980
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rPath has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information.

tags | advisory, kernel, local
MD5 | a261b6a585ed0860a9eb2f873434ad05
Secunia Security Advisory 26981
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for t1lib. This fixes a vulnerability, which can be exploited by malicious users to potentially compromise a vulnerable system.

tags | advisory
systems | linux, mandriva
MD5 | b0d65887aa7b6565fd31fc17549f21fc
Secunia Security Advisory 26982
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for tetex. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, gentoo
MD5 | c0fb21bb259f9eea49e14c9b72039c12
Secunia Security Advisory 26983
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities, security issues, and a weakness have been reported in the Apple iPhone, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or to compromise a vulnerable system.

tags | advisory, denial of service, vulnerability, xss
systems | apple, iphone
MD5 | 16369830f14b7fbe8ee2c5298decf41b
Secunia Security Advisory 26990
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Janek Vind has reported a vulnerability in NukeSentinel, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 4f2af7373159aa45815ce361119118f7
Secunia Security Advisory 26991
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - xoron has discovered a vulnerability in IntegraMOD Nederland(s), which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.

tags | advisory
MD5 | 054ccbec4f9a71e66f6b83626a760138
Secunia Security Advisory 26993
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged some vulnerabilities in IBM Websphere Application server for z/OS, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or by malicious people to conduct cross-site scripting attacks or cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability, xss
MD5 | 59a9b0fa6c202605e5857e35715685bc
Secunia Security Advisory 26995
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, kernel, local
systems | linux, redhat
MD5 | 8bcaf6d09a209d4bbe7fe08c80b3a428
Secunia Security Advisory 26997
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for lighttpd. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, gentoo
MD5 | c41ad6b5fa1523557b20266679f35050
Secunia Security Advisory 27004
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Aipo and Aipo ASP, which can be exploited by malicious people to conduct session fixation attacks.

tags | advisory, asp
MD5 | c114f78531ff8c091f8f662472b3beb4
Secunia Security Advisory 27007
Posted Sep 29, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ronald van den Heetkamp has discovered a weakness in Internet Explorer, which potentially can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | 2a29d5c3f355ab8036d251b0b6c7df91
Gentoo Linux Security Advisory 200709-16
Posted Sep 28, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200709-16 - Mattias Bengtsson and Philip Olausson have discovered a buffer overflow vulnerability in the function fcgi_env_add() in the file mod_fastcgi.c when processing overly long HTTP headers. Versions less than 1.4.18 are affected.

tags | advisory, web, overflow
systems | linux, gentoo
advisories | CVE-2007-4727
MD5 | af386920d4c2d8806df005d9b44aca48
Gentoo Linux Security Advisory 200709-17
Posted Sep 28, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200709-17 - Mark Richters discovered a buffer overflow in the open_sty() function in file mkind.c. Other vulnerabilities have also been discovered in the same file but might not be exploitable. Tetex also includes vulnerable code from GD library (GLSA 200708-05), and from Xpdf. Versions less than 3.0_p1-r4 are affected.

tags | advisory, overflow, vulnerability
systems | linux, gentoo
advisories | CVE-2007-0650, CVE-2007-3387
MD5 | 1d4c037ac593b7240f5499f7f6cdf85b
Debian Linux Security Advisory 1378-1
Posted Sep 28, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1378-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. Evan Teran discovered a potential local denial of service (oops) in the handling of PTRACE_SETREGS and PTRACE_SINGLESTEP requests. Adam Litke reported a potential local denial of service (oops) on powerpc platforms resulting from unchecked VMA expansion into address space reserved for hugetlb pages. Steve French reported that CIFS filesystems with CAP_UNIX enabled were not honoring a process' umask which may lead to unintentionally relaxed permissions. Wojciech Purczynski discovered a vulnerability that can be exploited by a local user to obtain superuser privileges on x86_64 systems. This resulted from improper clearing of the high bits of registers during ia32 system call emulation. This vulnerability is relevant to the Debian amd64 port as well as users of the i386 port who run the amd64 linux-image flavor. Michael Stone reported an issue with the JFFS2 filesystem. Legacy modes for inodes that were created with POSIX ACL support enabled were not being written out to the medium, resulting in incorrect permissions upon remount.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian, osx
advisories | CVE-2007-3731, CVE-2007-3739, CVE-2007-3740, CVE-2007-4573, CVE-2007-4849
MD5 | 5e6dd1cd0082c7a2a3959335b7ea1e1b
Page 1 of 20
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close