Ubuntu Security Notice 469-2 - USN-469-1 fixed vulnerabilities in the Mozilla Thunderbird email client. The updated Thunderbird version broken compatibility with the Enigmail plugin. This update corrects the problem.
8e1b261ceeef6cffcc178f44f558988397050cac9c40d5173daa90ae2fd5c21aUbuntu Security Notice 506-1 - Dmitry V. Levin discovered that tar did not correctly detect the ".." file path element when unpacking archives. If a user or an automated system were tricked into unpacking a specially crafted tar file, arbitrary files could be overwritten with user privileges.
868c0f350de5b4d960f77c146c0e2ec1baa6f2d02c50b7efa5fd193b353ecbe1Ubuntu Security Notice 505-1 - Ulf Harnhammar discovered that vim does not properly sanitize the "helptags_one()" function when running the "helptags" command. By tricking a user into running a crafted help file, a remote attacker could execute arbitrary code with the user's privileges.
a4ff9395ae549536c4373cde02a1f6dfa2a8967393ffff174cbba478f7413dd9Ubuntu Security Notice 504-1 - Hendrik Tews discovered that emacs21 did not correctly handle certain GIF images. By tricking a user into opening a specially crafted GIF, a remote attacker could cause emacs21 to crash, resulting in a denial of service.
11cd24608a369bf7a41e1e1e2666b5f5a34b6b0e08c44b43c785488e4dc695c4Mandriva Linux Security Advisory - Some vulnerabilities have been discovered and corrected in the Linux 2.6 kernel.
bd907ca4046ec2b9bc817fc56fcfddf665817aff608e918a3d9bab59365e0a2cDebian Security Advisory 1360-1 - Sebastian Krahmer discovered that rsync, a fast remote file copy program, contains an off-by-one error which might allow remote attackers to execute arbitrary code via long directory names.
74f553eec7a2a98a9851fbbff445718f40e163d808ce11ca719cef1ab0c7da3aDebian Security Advisory 1359-1 - It was discovered that dovecot, a secure mail server that supports mbox and maildir mailboxes, when configured to use non-system-user spools and compressed folders, may allow directory traversal in mailbox names.
c99de84de3a6624d35babd146e78279a4e2f271c2e0f1153e521dba567842d3aNuhe is a rule based log monitoring system which is capable of taking action when rules are matched against log activity. By default, Nuhe runs in the background (as a daemon), but it can also be used in the foreground in a log analyzer mode.
3d9720b47639bd4a14472212b5e2ab97d57c1f145acd63f6510c329e4952a795PHPNuke-Clan versions 4.2.0 and below suffer from a remote file inclusion vulnerability in mvcw_conver.php.
d902c7d6f4d26a071f434fa42d3846f7e2b0c228356933296a24626c68f374fbVWar versions 1.5.0 R15 and below suffer from a remote file inclusion vulnerability in mvcw.php.
6193e784ed80e4a150ca5d9f0ef5e6d49d9e4c5e6e90fb5ed6b9bcf095b4e515DL PayCart version 1.01 blind SQL injection exploit that makes use of viewitem.php.
31cf9749fded416a6d81aa454484de67f9c53701f4ce9a565d07b556f11bb403Secunia Security Advisory - wushi has reported a vulnerability in MSN Messenger, which can be exploited by malicious people to compromise a user's system.
2b5d5922e87016387d7f49822d88e0b246430fc1ef9c7adac3ec3eedf0da6a3cSecunia Security Advisory - bannedit has reported a vulnerability in BitchX, which can potentially be exploited by malicious people to compromise a user's system.
9f514395285036f63359b92b9bdd522bd17bc97420516e666e2c6dbf91d92472Secunia Security Advisory - Joshua Morin has reported a vulnerability in Dynamic Picture Frame, which can be exploited by malicious people to conduct cross-site scripting attacks.
7a2edb97aab339c920a32888358274eaacc6ec9aae962b61c70a175b0d7bc39dSecunia Security Advisory - Some vulnerabilities have been reported in Timbuktu Pro, which can be exploited by malicious users and malicious people to compromise a vulnerable system.
fa05c22a1bc2e4054695bd3167a821b6e9aef736d02676342f0e30544a9da381Secunia Security Advisory - seppi has reported a vulnerability in VMWare Workstation, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
6f905299d24fb5a51f7d4898e66b772ff215774a9014046ecdbf633d8a0a397aSecunia Security Advisory - seppi has reported a vulnerability in BufferZone, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
adf0713d37078854325573e198a302b8f7e02044814d0d5ecebedd0ad1ecbd3fSecunia Security Advisory - A vulnerability has been reported in Subversion, which can be exploited by malicious people to compromise a user's system.
e51366d4fcb05d02a0f580a453f8bf2abcc9676d65165a27136fdb0ca06de321Secunia Security Advisory - Amit Klein has reported a vulnerability in BIND, which can be exploited by malicious people to poison the DNS cache.
f09ceb1bac443cf73bd61ca42b0c41564996067dbc364632edf350e831e79079Secunia Security Advisory - A vulnerability has been reported in TortoiseSVN, which can be exploited by malicious people to compromise a user's system.
7671a84e32d13c0b073fae9069ec7a62204a65a68badc472f6045f456c5d5257Secunia Security Advisory - Joshua Morin has discovered two vulnerabilities in PhpGedView, which can be exploited by malicious people to conduct cross-site scripting attacks.
e6231c6815b397599b76e3d9cd659a830f8ac2ba7e8c4c6582ac1f3ffd4b6a86
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed