Red Hat Security Advisory 2014-0293-01 - The udisks package provides a daemon, a D-Bus API, and command line utilities for managing disks and storage devices. A stack-based buffer overflow flaw was found in the way udisks handled files with long path names. A malicious, local user could use this flaw to create a specially crafted directory structure that, when processed by the udisks daemon, could lead to arbitrary code execution with the privileges of the udisks daemon. This issue was discovered by Florian Weimer of the Red Hat Product Security Team.
5d90c2ffd8ed8370885c882a091d1e810658d6c9577a1d0b2a5ecd31866b6e27Red Hat Security Advisory 2014-0292-01 - The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was discovered that the 389 Directory Server did not properly handle certain SASL-based authentication mechanisms. A user able to authenticate to the directory using these SASL mechanisms could connect as any other directory user, including the administrative Directory Manager account. This could allow them to modify configuration values, as well as read and write any data the directory holds.
d914aecb3f667424883407c104a1690ef4e20fc9f1cdb411a6df0195c4d01e40Gentoo Linux Security Advisory 201403-4 - A vulnerability in QXmlSimpleReader class can be used to cause a Denial of Service condition. Versions less than 4.8.5-r1 are affected.
0a046802190aeec6c4120dcc9949be12f5b62bb9939471464f8331f6df156f20Mandriva Linux Security Advisory 2014-061 - It was found that comments in /etc/users.oath could prevent one-time-passwords from being invalidated, leaving the OTP vulnerable to replay attacks.
c6a62e06caed23c48a6e9b292f932b46cf045fc9e5a20a667fcfec9e225762a0Mandriva Linux Security Advisory 2014-060 - Imapsync, by default, runs a release check when executed, which causes imapsync to connect to http://imapsync.lamiral.info and send information about the version of imapsync, the operating system and perl. The imapsync package has been patched to disable this feature. In imapsync before 1.584, a certificate verification failure when using the --tls option results in imapsync attempting a cleartext login.
d7179931ea113dcaae71ae75cb498eeb6441d0deded88193dfac9bedc9b4b1b6Mandriva Linux Security Advisory 2014-059 - Multiple vulnerabilities has been discovered and corrected in php. The updated php packages have been upgraded to the 5.5.10 version which is not vulnerable to these issues. The php-xdebug packages has been upgraded to the latest 2.2.4 version that resolves numerous upstream bugs. Additionally, the PECL packages which requires so has been rebuilt for php-5.5.10.
95c04b7ba4395c3bf7ec869d0de9031560db76b9670d4e9962e9d49806fd0456Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
aea64d7045b389cdf46050c3696732076ba95b733bd6138950d20fe7601a557eDebian Linux Security Advisory 2879-1 - It was discovered that libssh, a tiny C SSH library, did not reset the state of the PRNG after accepting a connection. A server mode application that forks itself to handle incoming connections could see its children sharing the same PRNG state, resulting in a cryptographic weakness and possibly the recovery of the private key.
dd19c9d7bfff0001fbdcba76e13bb535fcc99493ea338655b5c902a52dbaadfcMandriva Linux Security Advisory 2014-058 - SSHA processing in freeradius before 2.2.3 runs into a stack-based buffer overflow in the freeradius rlm_pap module if the password source uses an unusually long hashed password.
4abd4790fbbfe3df3a6955b9c9a46d812e0b17d035f4299001798f8b1b631ef1Gentoo Linux Security Advisory 201403-3 - A vulnerability in file could result in Denial of Service. Versions less than 5.17 are affected.
7238fceca009d282fe24eef40c5d8ba46f30cc8ead687650a72876e6c883ae2dUbuntu Security Notice 2147-1 - Beatrice Torracca and Evgeni Golov discovered a buffer overflow in mutt while expanding addresses when parsing email headers. An attacker could specially craft an email to cause mutt to crash, resulting in a denial of service, or possibly execute arbitrary code with the privileges of the user invoking mutt.
c01925d0c822da23c3c5d4616f125e482387423f012d0f69badc2a78a5b733dfSlackware Security Advisory - New mutt packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix a security issue.
a31b046a39e2eab47fb09433678d91991377c09a4e251e8e58c25e8d870cf843PowerArchiver version 14.02.03 creates files with an insecure encryption method even if the user selects a (secure) AES encryption in the GUI. If a user clicks on the "Encrypt Files" and selects "AES 256-bit" for encryption, the outcoming file will not be AES-encrypted. It will instead use the legacy PKZIP encryption, which uses a broken encryption algorithm.
a48e078a1bd32e704a5fbf11c4d4b61c8d037f81b323e1195c53539b587ab28bMandriva Linux Security Advisory 2014-055 - Owncloud versions 5.0.15 and 6.0.2 fix several unspecified security vulnerabilities, as well as many other bugs. See the upstream Changelog for more information.
a9374eda146b1f80a69f3b2e5eb37ffa6b8eccdab53a92eeeb22ce221025494bMandriva Linux Security Advisory 2014-054 - An attacker could send a specially prepared HTML email to OTRS. If he can then trick an agent into following a special link to display this email, JavaScript code would be executed.
f38f3c4f647137a682ee49e87b9dc2300c3024b6fee14b54fa964b479ebcf01dMandriva Linux Security Advisory 2014-053 - When using libssh before 0.6.3, a libssh-based server, when accepting a new connection, forks and the child process handles the request. The RAND_bytes() function of openssl doesn't reset its state after the fork, but simply adds the current process id to the PRNG state, which is not guaranteed to be unique. The most important consequence is that servers using EC or DSA certificates may under certain conditions leak their private key.
e6dd6236b789502029d7c8ea18bc510ccd49917a0dfe6d3408d4f49046a1ed7fMandriva Linux Security Advisory 2014-052 - Remotely exploitable denial of service vulnerability in Net-SNMP, in the Linux implementation of the ICMP-MIB, making the SNMP agent vulnerable if it is making use of the ICMP-MIB table objects. Remotely exploitable denial of service vulnerability in Net-SNMP, in snmptrapd, due to how it handles trap requests with an empty community string when the perl handler is enabled.
5321b6a85466163f258effee601462d0d873c80a7e36fa1ba6faaf05959c81dcMandriva Linux Security Advisory 2014-051 - It was discovered that file before 5.17 contains a flaw in the handling of indirect magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files. Additionally, other well-crafted files might result in long computation times and overlong results. A flaw was found in the way the file utility determined the type of Portable Executable format files, the executable format used on Windows. A malicious PE file could cause the file utility to crash or, potentially, execute arbitrary code. A memory leak in file has also been fixed. The affected packages have been upgraded to the 5.12 version and patched to correct these flaws.
279824ee2cc767c988c6f20272e49c97a4ed11a71b33721f4a621432894306b0Debian Linux Security Advisory 2878-1 - Matthew Daley discovered multiple vulnerabilities in VirtualBox, a x86 virtualisation solution, resulting in denial of service, privilege escalation and an information leak.
3430eb38fed7806d02ed096d88cf8bfeb3d56c7df7fe56b8e7b402feeda30c40Debian Linux Security Advisory 2877-1 - Several vulnerabilities were discovered in the lighttpd web server.
1b636c5aece6a80bb396c37c59b82d4c2b12f55fc71f7bada298470800c1290fUbuntu Security Notice 2146-1 - Sebastien Macke discovered that Sudo incorrectly handled blacklisted environment variables when the env_reset option was disabled. A local attacker could use this issue to possibly run unintended commands by using blacklisted environment variables. In a default Ubuntu installation, the env_reset option is enabled by default. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. It was discovered that the Sudo init script set a date in the past on existing timestamp files instead of using epoch to invalidate them completely. A local attacker could possibly modify the system time to attempt to reuse timestamp files. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. Various other issues were also addressed.
f4ae09f019fdd72e0cba6b61ad62ccd01c25da14dd2aa1176eb434bda38c0d1fMandriva Linux Security Advisory 2014-057 - MediaWiki user Michael M reported that the fix for CVE-2013-4568 allowed insertion of escaped CSS values which could pass the CSS validation checks, resulting in XSS. Chris from RationalWiki reported that SVG files could be uploaded that include external stylesheets, which could lead to XSS when an XSL was used to include JavaScript. During internal review, it was discovered that MediaWiki's SVG sanitization could be bypassed when the XML was considered invalid. During internal review, it was discovered that MediaWiki displayed some information about deleted pages in the log API, enhanced RecentChanges, and user watchlists. Netanel Rubin from Check Point discovered a remote code execution vulnerability in MediaWiki's thumbnail generation for DjVu files. Internal review also discovered similar logic in the PdfHandler extension, which could be exploited in a similar way. MediaWiki before 1.22.3 does not block unsafe namespaces, such as a W3C XHTML namespace, in uploaded SVG files. Some client software may use these namespaces in a way that results in XSS. This was fixed by disallowing uploading SVG files using non-whitelisted namespaces. MediaWiki before 1.22.3 performs token comparison that may be vulnerable to timing attacks. This was fixed by making token comparison use constant time. MediaWiki before 1.22.3 could allow an attacker to perform XSS attacks, due to flaw with link handling in api.php. This was fixed such that it won't find links in the middle of api.php links. MediaWiki has been updated to version 1.22.3, which fixes these issues, as well as several others. Also, the mediawiki-ldapauthentication and mediawiki-math extensions have been updated to newer versions that are compatible with MediaWiki 1.22. Additionally, the mediawiki-graphviz extension has been obsoleted, due to the fact that it is unmaintained upstream and is vulnerable to cross-site scripting attacks. Note: if you were using the instances feature in these packages to support multiple wiki instances, this feature has now been removed. You will need to maintain separate wiki instances manually.
69370204ce4cd8a16085a03afcffcb4b941504c2ffd0f56cd8dde6210167c57bMandriva Linux Security Advisory 2014-056 - It was discovered that the Apache Commons FileUpload package for Java could enter an infinite loop while processing a multipart request with a crafted Content-Type, resulting in a denial-of-service condition. Tomcat 7 includes an embedded copy of the Apache Commons FileUpload package, and was affected as well. Additionally a build problem with maven was discovered, fixed maven packages is also being provided with this advisory.
355d214aa8aa7d687ed7dadbfe5d8fe698ac7a539ac8ac55011a4244d38c3ae9Spring MVC suffers from a cross site scripting vulnerability. When a programmer does not specify the action on the Spring form, Spring automatically populates the action field with the requested uri. An attacker can use this to inject malicious content into the form. Versions 3.0.0 through 3.2.8 and 4.0.0 through 4.0.1 are affected.
5eb5caff637b21acb3508f02276c5259beb463317ea4a478aa07494344d9cac9Drupal Webform Template third party module version 7.x suffers from an access bypass vulnerability.
991b254f50145a2194cdc21de75fc10e6fb2bf1160c173eecc5c4684b19a0e45
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed