Mandriva Linux Security Advisory 2012-026 - Multiple vulnerabilities has been discovered and corrected in postgresql. Permissions on a function called by a trigger are not properly checked. SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities. Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file. This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.
58823cceba466692ad13c21cdfd598a07b7adba85c277925ad3952248d6683a2ZipCart version 6.x suffers from an access bypass vulnerability.
0e9f709682d4ce2cc90cfcee885a9245af53e3bf08a6c86a5d9e2949587d7bc2Cool Aid version 6.x suffers from access bypass and cross site scripting vulnerabilities.
ceaebd230146d69ac1a7302356242e64c1ac00d8647db62d251525c7328404fdUbuntu Security Notice 1378-1 - It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32 characters. If a host name was exactly 32 characters, this issue could be exploited by an attacker to spoof the SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Various other issues were also addressed.
15354f617687e5b1aa22fb70189dc40c214e0a0db7ca57569398efa37eb20a24Red Hat Security Advisory 2012-0343-01 - The IBM 1.4.2 SR13-FP11 Java release includes the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit.
016430a2d87fdded37d3c1af086eef2cd6dd0762d89388c1ddf19287ce40fc47Ubuntu Security Notice 1380-1 - The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged user could oops the system causing a denial of service. A bug was discovered in the Linux kernel's calculation of OOM (Out of memory) scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. Various other issues were also addressed.
75b2e946d5ac4bde2cd9ccb2f923e5ac56c71eccf01382aa1830ca8d92bf01c6Ubuntu Security Notice 1379-1 - Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet Group Management Protocol) packets. An unprivileged local user could exploit this flaw to crash the system. A flaw was discovered in the Linux kernel's AppArmor security interface when invalid information was written to it. An unprivileged local user could use this to cause a denial of service on the system. Various other issues were also addressed.
d97988a146bf536d15292678f886a31e40031833fe724ea17074beea34a4a56aDebian Linux Security Advisory 2420-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform.
fa1b83bdce1c8a57ecb30bfd91b17d3c396d3e17e373a4a5a9bbff32d14720f2MediaFront versions 6.x / 7.x suffer from a cross site scripting vulnerability.
a63b9fbc20dc44405b79e7f717e234f5e14aec187385aa611dc39a17d0ed1753Secunia Security Advisory - Avaya has acknowledged two vulnerabilities in Avaya Call Management System, which can be exploited by malicious, local users to disclose system information and cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service).
1f715547c89253da8d1acf4950a3f9501fc0fedfac8ee816b63ee0fa48eb9cb2Secunia Security Advisory - Sony has reported multiple vulnerabilities in WonderDesk SQL, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
7079b5c38c21caaae92f52f361e785a17d6ade637955b191713c7ac2081c3298Secunia Security Advisory - SUSE has issued an update for cvs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
51dbc0f5e146535f78b1d568e3c0a5475b2ed5e8007da5d6cf0a69b072ffa1fcSecunia Security Advisory - Gentoo has issued an update for libvirt. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious, local users in a guest system to bypass certain security restrictions, by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system, and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
556b89308ff00f74c9756615147d96c74dfab8fbdf3c41c72353fa32f4efd0f0Secunia Security Advisory - MustLive has discovered multiple vulnerabilities in Webglimpse, which can be exploited by malicious people to conduct cross-site scripting attacks.
97b0f88939acf8f7e2233e36715f7c71095beb856abaa0632de454e11bfaa14eSecunia Security Advisory - Debian has issued an update for puppet. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
7bdb040ffabea26ad611a128e4287ef2f96081058bdc69148c5c26f063ecff66Secunia Security Advisory - Sense of Security has reported a security issue in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions.
bdd99dccd465ec4c59bbf42bc1f0b06ef8b4944a9f0c632126074ac0519348ffSecunia Security Advisory - A vulnerability has been reported in lknSupport, which can be exploited by malicious people to conduct cross-site scripting attacks.
eb7b1ffed316bd18c82a004117834672f5a6455e69dc07f21084922744a61c25Secunia Security Advisory - Ubuntu has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
5d0215c01c9edb4b5c3a8e211043e07c71158a977ef76f88cd36cc1ae486071aSecunia Security Advisory - Debian has issued an update for postgresql-8.4. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct spoofing attacks and manipulate certain data.
a356c8dfd2f4d3f04c9117ec71a4866cdca24f61e881128702b7ae0a4d0216bbSecunia Security Advisory - Ubuntu has issued an update for ruby. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
b4994517a0533c9e5d9f8913133d8955543ede2b7852f647a9e66fcb38167277Secunia Security Advisory - SUSE has issued an update for java-1_6_0-openjdk. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
430f12fd7e6c4b6f2addc7b56d95efe378247b6eb4aee7270b920c64fa15205dSecunia Security Advisory - A vulnerability has been reported in Sagem F@st 2604, which can be exploited by malicious people to conduct cross-site request forgery attacks.
4931ce691f51e6ca1b08cbc8b5155dadfd5dcc6e99d44670860333e7cbed9f56Secunia Security Advisory - SecPod Research Team has discovered two vulnerabilities in NetDecision, which can be exploited by malicious people to disclose potentially sensitive information and potentially compromise a vulnerable system.
0c05eb30dd680a077471b22af71f1a8501656adf27031733edee442aa3359a9dSecunia Security Advisory - Sense of Security has reported a security issue and a vulnerability in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks.
9d55a5c4cc119aba5c9ab9d76cce3f9611f9d1be5e38cbfe9ee8fc2efafed802Secunia Security Advisory - Sense of Security has reported a security issue in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions.
52fd7d90f18e1af4afd57abcfc7e0a98cc2f675e2689ddcf564d0e2a43c57ede
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed