exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

Ubuntu Security Notice 944-1
Posted May 26, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 944-1 - Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon function. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service. (Ubuntu 10.04 was not affected.) Jeff Layton and Dan Rosenberg discovered that the GNU C library did not correctly handle newlines in the mntent family of functions. If a local attacker were able to inject newlines into a mount entry through other vulnerable mount helpers, they could disrupt the system or possibly gain root privileges. Dan Rosenberg discovered that the GNU C library did not correctly validate certain ELF program headers. If a user or automated system were tricked into verifying a specially crafted ELF program, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, overflow, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2008-1391, CVE-2010-0296, CVE-2010-0830
MD5 | c038d4d3917031eaa03e48efb49f418c
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
New Simjacker Attack Exploited In The Wild To Track Users For At Least Two Years
Posted Sep 12, 2019

tags | headline, hacker, privacy, phone
Major Fraud Scheme Exposed By Insecure Database
Posted Sep 12, 2019

tags | headline, database, cybercrime, fraud
UNICEF Leaks Personal Data Of 8,000 Users Via Email Blunder
Posted Sep 12, 2019

tags | headline, privacy, email, data loss
Fin7 Operator Pleads Guilty To Two Counts
Posted Sep 12, 2019

tags | headline, malware, cybercrime, fraud
Weakness In Intel Chips Lets Researchers Steal Encrypted SSH Keystrokes
Posted Sep 11, 2019

tags | headline, privacy, flaw, password, cryptography, intel
Suspected Commonwealth Games DDoS Was Only A Fortnite Update
Posted Sep 11, 2019

tags | headline, denial of service
Secret Service Probing Breach At Federal IT Contractor
Posted Sep 11, 2019

tags | headline, hacker, government, usa
281 People Indicted In Massive Email Fraud Scheme
Posted Sep 11, 2019

tags | headline, government, email, usa, cybercrime, fraud, fbi
The Cyberwar In Yemen
Posted Sep 10, 2019

tags | headline, cyberwar, yemen
Ransomware Disrupts Illinois School District's Systems
Posted Sep 10, 2019

tags | headline, government, malware, usa, fraud, cryptography
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close