Ubuntu Security Notice 1992-1 - An information leak was discovered in the Linux kernel when reading broadcast messages from the notify_policy interface of the IPSec key_socket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory.
fee2014bd298fc59f037cb42a0648e8986000f07a2494dd7c010b2a81e15e98fUbuntu Security Notice 1999-1 - Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.
46dfbbb3131e008fbc18c11154dae6142610f2973f8a2894f93585d6defc7ba8Ubuntu Security Notice 1998-1 - An information leak was discovered in the Linux kernel when reading broadcast messages from the notify_policy interface of the IPSec key_socket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory. Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of the Linux kernel. A physically proximate attacker could exploit this flaw to execute arbitrary code or cause a denial of service (heap memory corruption) via a specially crafted device that provides an invalid Report ID. Various other issues were also addressed.
6fe1ea254476a5b155997999ca06779d4d5cc86acc30e3d6c9312115df1ff8e8Ubuntu Security Notice 1997-1 - Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.
b4163dd4a3d390dd6e4e06d33615c68368b4f3bb18f9e7317255408e917671a0A stack-based buffer overflow and a kernel memory disclosure vulnerability have been discovered in the system call handlers of the camera driver for Android.
5e4baafc3b719ae7fddd0675ed808b960988f0436701a0308d0d5005f17017a3Debian Linux Security Advisory 2783-1 - Several vulnerabilities were discovered in Rack, a modular Ruby webserver interface.
3c392a1375e3aa987daddb2c193f9928f448bd6e8ece3459581735e59e24c6f5Debian Linux Security Advisory 2781-1 - A cryptographic vulnerability was discovered in the pseudo random number generator in python-crypto.
6695a6576586dea915a7c65e935fc8c86b16417e40a9f3b27fa899ac2231fddfRed Hat Security Advisory 2013-1448-01 - Red Hat JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. A flaw was found in the way the DiskFileItem class handled NULL characters in file names. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process.
03fa7e52d5b3150d12a62cd92687cd74e25829acb9a583514ad4089323ece6f9Red Hat Security Advisory 2013-1447-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine. The class loader did not properly check the package access for non-public proxy classes. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine.
a4a9467ade7fa361d330fec6175a9960c1af594161dadf75c30566556438330aUbuntu Security Notice 1991-1 - It was discovered that the GNU C Library incorrectly handled the strcoll() function. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. It was discovered that the GNU C Library incorrectly handled multibyte characters in the regular expression matcher. An attacker could use this issue to cause a denial of service. It was discovered that the GNU C Library incorrectly handled large numbers of domain conversion results in the getaddrinfo() function. An attacker could use this issue to cause a denial of service. Various other issues were also addressed.
9a3faf4d014c0ecc32760724cade9dbcc4a41d949e21274c41bba46d64866b9fDebian Linux Security Advisory 2782-1 - Multiple security issues have been discovered in PolarSSL, a lightweight crypto and SSL/TLS library.
97680e92d317bf31d647c5abadc604617e0328ccc9f37594fbd9fec713ac66a5Slackware Security Advisory - New hplip packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix security issues. Related CVE Numbers: CVE-2013-4325.
d51789595e74cd6d927413448faf207d8b136de73fc3d59e6680590ccc5769c8Slackware Security Advisory - New libtiff packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Related CVE Numbers: CVE-2012-2088,CVE-2012-2113,CVE-2012-4447,CVE-2012-4564,CVE-2013-1960,CVE-2013-1961,CVE-2013-4231,CVE-2013-4232,CVE-2013-4244.
8efbfdf677fa9982c5f47aeec194dfc0fddb0fe6852beca1661e63d8b3687b4bApache Sling versions 1.1.2 and below suffer from an open redirect vulnerability.
ee270abce05743ee02362386f6d83b6a0c357df5e869edb7ce72edc6ced89f5bglibc version 2.5 suffers from a crash bug due to relocation types.
163fcff7cbfeb2e0da5ae7c5f567ee8309c8399af6b50ef32484366325637dfcVMware Security Advisory 2013-0012 - VMware has updated vCenter Server, vCenter Server Appliance (vCSA), vSphere Update Manager (VUM), ESXi and ESX to address multiple security vulnerabilities.
f12f7718cd809d06b660ac50220f6d10a650005791eca8e30c22bada4c7bb911Debian Linux Security Advisory 2780-1 - This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component.
997866fcbe06e5a0d3d671cad421d631798c370aa8d68534717d905391eee5f0Mandriva Linux Security Advisory 2013-256 - Apache mod_fcgid before version 2.3.9 fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
d20d575cf387a12cb1f1fe8d514bb5a5a16afb37a8356c7288310330372f7c28Mandriva Linux Security Advisory 2013-255 - A security flaw was found in the way Clutter, an open source software library for creating rich graphical user interfaces, used to manage translation of hierarchy events in certain circumstances. Physically proximate attackers could use this flaw for example to obtain unauthorized access to gnome-shell session right after system resume.
318c161bad22c9578dac995bb0cc50a71769a4b20ec80a826c602730c6f8d7ccMandriva Linux Security Advisory 2013-254 - Remotely exploitable buffer overflow in ospf_api.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2. Note: We have worked around this vulnerability by disabling the ospf_api and ospfclient features, which did not provide useful functionality.
0eb2cd82b2ff838ef4aa7c6c1c69bfa24d50a5ce038cbd73a1f91cf1c12c3ccdMandriva Linux Security Advisory 2013-252 - A non-privileged user who was able to run jobs or login to a node which ran pbs_server or pbs_mom, could submit arbitrary jobs to a pbs_mom daemon to queue and run the job, which would run as root.
87c892b0b1b0a63846d8440441847718da90b4e6dd6559a8e5add5f37afae24dMandriva Linux Security Advisory 2013-251 - A buffer overflow vulnerability has been discovered in Aircrack-ng. A remote attacker could entice a user to open a specially crafted dump file using Aircrack-ng, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
9f962c6db1691c45e7d78d3ba814af35373f15b3e5781028fde68b9a4696daabMandriva Linux Security Advisory 2013-253 - Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code.
0a2884cd915d053154e7234d410fd1981f2e9addf730ab07f929b35a77ceddd2Bugzilla Security Advisory - Multiple cross site scripting and cross site request forgery vulnerabilities have been discovered and addressed in various versions of Bugzilla.
943bffbd4c59491956254e396c5dddc10c25b0b775de07d14bd90dac0cbf7118Apache has announced the release of the Struts 2.3.15.3 framework which addresses multiple security issues including a broken access control.
298a85c71d878d7cffa115e7f986c8ab93495c936ad88dded1f9d2a6aa07d358
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed