Ubuntu Security Notice 1096-1 - Philip Martin discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain requests containing a lock token. A remote attacker could use this flaw to cause the service to crash, leading to a denial of service.
caf09d37d15cd9024d30be254cdbcd8d0dec859eca34954ae6628f15010273e9
Ubuntu Security Notice 1095-1 - It was discovered that Quagga incorrectly parsed certain malformed extended communities. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. It was discovered that Quagga resets BGP sessions when encountering malformed AS_PATHLIMIT attributes. A remote attacker could use this flaw to disrupt BGP sessions, resulting in a denial of service. This update removes AS_PATHLIMIT support from Quagga. This issue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and 10.10.
ace92018aca8cb5f956fcdd7df537578af7168e4da59950e1a0e8cf32c374692
Ubuntu Security Notice 1094-1 - Petr Matousek discovered that libvirt did not always honor read-only connections. An attacker who is authorized to connect to the libvirt daemon could exploit this to cause a denial of service via application crash.
6dd8ec7382009c91aee9deaa35b3fc69dbaca15baed81f8c368a15c73a863ca6
Secunia Security Advisory - John Leitch has discovered a vulnerability in PyroCMS, which can be exploited by malicious people to conduct script insertion attacks.
f0c0672532564446fcce2c6cd50676d8c652589ecf7decf12faa3fe60718d3eb
Secunia Security Advisory - Luigi Auriemma has reported multiple vulnerabilities in ICONICS GENESIS32 and GENESIS64, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
5d6d4f865f6de3359152e5d6ef149bfb9a71d61d3173febc11bad781a08b421c
Secunia Security Advisory - John Leitch has discovered a vulnerability in Easy File Sharing Web Server, which can be exploited by malicious people to bypass certain security restrictions.
dc281f9cbc65856fdf802bde8e23567d51206e02af065ef79da292cdf1ca2eb4
Secunia Security Advisory - A vulnerability has been discovered in Ays Blog, which can be exploited by malicious people to conduct SQL injection attacks.
6ae7065e60762110eb66aac5141e5b05b642fe79a97bffc2cfe33f057c418d84
Secunia Security Advisory - A vulnerability has been reported in Zend Server, which can be exploited by malicious people to compromise a vulnerable system.
c6242ae912a9e9d43bb13df860b35ee59fbcff606655d7dd0ca8be90b69effa1
Secunia Security Advisory - Debian has issued an update for gdm3. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
0ff975c4e7f16df2b83e9106da93a153886c874db5f745b8770effc034848c53
Secunia Security Advisory - John Leitch has discovered a vulnerability in OrangeHRM, which can be exploited by malicious people to conduct cross-site scripting attacks.
f2676ac65d49e50d31e4a524f1b45832baafe9e8119a72615e132e725111f5b0
Secunia Security Advisory - John Leitch has discovered two vulnerabilities in Claroline, which can be exploited by malicious people to conduct script insertion attacks.
f310c7c014856a0c53d970c3b8f59092156d802f6933883564c55e43fae67926
Secunia Security Advisory - Some vulnerabilities have been reported in Froxlor, which can be exploited by malicious users to conduct script insertion and SQL injection attacks.
8ca5fc48d3010b6251f58bceb96821b1913284488877ce640ea824995a7e4c5b
Secunia Security Advisory - Red Hat has issued an update for gdm. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
8a2c94e25380b49eb5dcc475493242000e228cb6b186cd3acdbd71c05beea6e9
Secunia Security Advisory - Red Hat has issued an update for libvirt. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
0b32a6748ff47b2689255f3e32eb399ee9d284856c1b081642db2026c323bbc2
Debian Linux Security Advisory 2205-1 - Sebastian Krahmer discovered that the gdm3, the GNOME Desktop Manager, does not properly drop privileges when manipulating files related to the logged-in user. As a result, local users can gain root privileges.
fd54d56a30cf7567ea53ed3b6cd7635bfef96b45f84c66c859941eb5f71da7a7
Zero Day Initiative Advisory 11-113 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Zend Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Zend Java Bridge v3.1 component of the Zend Server framework. The javamw.jar service accepts TCP requests on port 10001 by default. With nothing more than the knowledge of the proprietary communication protocol used by the Zend Server Java Bridge, it is possible to send arbitrary Java code to javamw.jar service and remotely execute these commands under the context of the user running the web server process.
9ff00ca55c520c19871b67b0652dabe5ef5cf5dc7e91eb8cfb94fcdee37c8fb0
HP Security Bulletin HPSBMA02649 SSRT100430 - A potential security vulnerability has been identified in HP Diagnostics. The vulnerability could be exploited remotely resulting in cross site scripting (XSS). Revision 1 of this advisory.
30f631099c7afb1885e2844cf768dbc0de0976041218757bcbc4b9364199d99e
Mandriva Linux Security Advisory 2011-054 - Multiple vulnerabilities has been identified and fixed in java-1.6.0-openjdk. The JNLP SecurityManager in IcedTea 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader. Unspecified vulnerability in the Java Runtime Environment in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. Various other issues have also been identified and addressed.
904fc941643717491978f0d993636fcedc72d278bb781afe4417e8ff6ceae8fd
Secunia Security Advisory - Xerox has acknowledged a vulnerability in Xerox WorkCentre, which can be exploited by malicious people to potentially compromise a vulnerable system.
2a8bf329abfb520344cbf799fe5b72dfb53af03e66827d5123e1f358fe1ca587
Secunia Security Advisory - Fedora has issued an update for gnash. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
5cb61d63486caa9c81f08d34b7f73f46b1a11571cf4a0fc74cb79cc263750b3a
Secunia Security Advisory - Fedora has issued an update for libcgroup. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions and gain escalated privileges.
8b6bf09c6843e183949e4b443665e32e618a1e28425973f8649be9d0816a7860
Secunia Security Advisory - A vulnerability has been reported in EMC Data Protection Advisor, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
133ea0faa5afec6ac268ad0164e981f1f8cfd30fd40a39610b029a642ffcd96b
Secunia Security Advisory - Debian has issued an update for imp4. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
0e8cc4cea4a585f22416da20cd5b2d3a5994fb5871235d6c016144ff64850030
Secunia Security Advisory - Ubuntu has issued an update for linux-source. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information and to cause a DoS (Denial of Service).
f6e61bdbe080dc4727704015b2feb464e62b3ad47536139035e67d614eabc0d1
Secunia Security Advisory - Ubuntu has issued an update for linux-mvl-dove. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive and system information, bypass certain security restrictions, and to gain escalated privileges and by malicious, local user and malicious people to cause a DoS (Denial of Service).
adcfa3500682e4d3da28044ef963b5ab334d31cdac4bdb433572008220611180