Electronic Frontier Foundation Media Release - Presidential Votes Miscast on E-voting Machines Across the Country. Voters from at least half a dozen states reported that touch-screen voting machines had incorrectly recorded their choices, including for president.
98a100dacfc7c8f55898504fcce685353f2fd3e7b663c971e024f8729301ad7cDebian Security Advisory DSA 526-1 - Two vulnerabilities in Webmin 1.140 allow remote attackers to bypass access control rules and the ability to brute force IDs and passwords.
694a2ef6d53bed289850b8d6f2c1bb2f1bf3c36d715e32c5b082cee265bcc4e3Debian Security Advisory DSA 522-1 - A format string vulnerability in super has been discovered that allows specified users to execute commands with root privileges. This vulnerability could potentially be exploited by a local user to execute arbitrary code with root privileges.
78c7e1bf65152d505c10fbb236ca5fba4a3cc83b2737cffa0bc5add027d86b91Debian Security Advisory DSA 513-1 - Jaguar discovered a format string vulnerability in log2mail, whereby a user able to log a specially crafted message to a logfile monitored by log2mail (for example, via syslog) could cause arbitrary code to be executed with the privileges of the log2mail process. Versions below 0.2.5.2 are affected.
c85dc5d8cb9ffa868064522f567e6bdf09245a30952b161c8ed87e9348f0d01aDebian Security Advisory DSA 510-1 - jaguar discovered a format string vulnerability in jftpgw, an FTP proxy program, whereby a remote user could potentially cause arbitrary code to be executed with the privileges of the jftpgw server process, which runs as user nobody by default.
f55238d5fd6e9e9d981a76a2e1dc889b92861edfce10fd634692ef07f9ada8e8Debian Security Advisory DSA 509-1 - Steve Kemp discovered a vulnerability in xatitv, one of the programs in the gatos package. If an administrator removes the default configuration file, a local attacker can escalate to root privileges.
3ce34d6d1e5e9badae4bd01e62d08cce72041031812e1163569eaca982b69ca5Debian Security Advisory DSA 508-1 - Jaguar discovered a vulnerability in one component of xpcd, a PhotoCD viewer. xpcd-svga, part of xpcd which uses svgalib to display graphics on the console, would copy user-supplied data of arbitrary length into a fixed-size buffer in the pcd_open function.
933ad9aa3641a27d6c66de69c8de545087b7ec673c070c7da435f57c70450c89Debian Security Advisory DSA 485-1 - Max Vozeler discovered two format string vulnerabilities in ssmtp, a simple mail transport agent. Untrusted values in the functions die() and log_event() were passed to printf-like functions as format strings. These vulnerabilities could potentially be exploited by a remote mail relay to gain the privileges of the ssmtp process (including potentially root).
dbb0ababf09e05e0182a9e13cbee4381b08e05056c33cc77cc8e03612c4fa654Debian Security Advisory DSA 484-1 - Steve Kemp discovered a vulnerability in xonix, a game, where an external program was invoked while retaining setgid privileges. A local attacker could exploit this vulnerability to gain gid games.
95a2e6f0eb8456498067248b6ff0d47a81a32f4f950f5e93366646d58927a210Debian Security Advisory DSA 378-1 - Two vulnerabilities have been found in the Mah-Jong server version 1.4 and below. One enables a remote attacker to gain privileges of the user running the server while the other leads to a denial of service.
e161375ef6c09ff61f2b741e2582fbe332bd1e3fe1defc1ddc1487c6dd51bda2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed