Symantec Messaging Gateway version 9.5.3-3 suffers from backdoor account and privilege escalation vulnerabilities.
0037358302ea3ef9e579ea39b29f6aeedaab8ea3fd730436e1fe43363d09f8dc
Ubuntu Security Notice 1167-1 - Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Various other issues were also addressed.
8526a398ece12352476245b529d050abf1036c6d1dbd6b2e79564438cb5f197c
Ubuntu Security Notice 1164-1 - Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Various other issues were also addressed.
4e4395012a3efacb0412aff2ad1192af5495aeffbe292f807d0de267e1af68f2
Ubuntu Security Notice 1111-1 - Multiple vulnerabilities have been addressed in the Linux 2.6 kernel. Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. Nelson Elhage discovered that the kernel did not correctly handle process cleanup after triggering a recoverable kernel bug. Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. Dan Carpenter discovered that the TTPCI DVB driver did not check certain values during an ioctl. Jens Kuehnel discovered that the InfiniBand driver contained a race condition. Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values.
6cec849465bfd640c211a3880a5ba0add1b75c474ec483fdabb902841493d744
Ubuntu Security Notice 1105-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. Dan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. Alan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. Nelson Elhage discovered that the kernel did not correctly handle process cleanup after triggering a recoverable kernel bug. Tavis Ormandy discovered that the install_special_mapping function could bypass the mmap_min_addr restriction.
904a543705cc638bbca74057089fec2151fbc499e81f85373bf328d0ed447cb3
Mandriva Linux Security Advisory 2011-029 - Multiple vulnerabilities have been discovered and fixed in the Linux 2.6 kernel. The X.25 implementation does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed data, a different vulnerability than CVE-2010-4164. The bcm_connect function Broadcast Manager in the Controller Area Network implementation in the Linux creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensitive information about kernel memory use by listing this filename. The install_special_mapping function in mm/mmap.c does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application. Various other issues have also been addressed.
65f216d797172b0ef5fb798cc0c6bfad2e1a9bea20f92874be16068901dbc644
Debian Linux Security Advisory 2153-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
8325ac762b97fadf5ff408a660bd3635c9b9e72fedb6bc2b1aa5b5ae6dbec3e8
Linux kernel local privilege escalation exploit for versions 2.6.37 and below. It leverages three separate vulnerabilities to achieve root including a NULL pointer dereference, being able to assign arbitrary Econet addresses to arbitrary interfaces, and the ability to write a NULL word to an arbitrary kernel address.
90c6bf981c13631f20aedf98e74ee2ce76bde194f9c594a64c300a938f3bfa47