Mandriva Linux Security Advisory 2010-198 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. These include memory disclosure, denial of service, NULL pointer dereference and privilege escalation issues.
9b5198e025901d7e83cb9d7ed6a8a856074baa405387532a1558ef7da79896f5
Ubuntu Security Notice 1002-2 - USN-1002-1 fixed vulnerabilities in PostgreSQL. This update provides the corresponding update for Ubuntu 10.10. It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege escalation.
085a6581138140094c3a3e7e5218e13c206bda65a3d3ed3d068b202fda63e0ba
Ubuntu Security Notice 1003-1 - It was discovered that OpenSSL incorrectly handled return codes from the bn_wexpand function calls. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. It was discovered that OpenSSL incorrectly handled certain private keys with an invalid prime. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. The default compiler options for affected releases should reduce the vulnerability to a denial of service.
b2e715ef6350c014f2ef81d22da60aa3be6b6ec9f0721564b45fce3833ccb3a8
Ubuntu Security Notice 1002-1 - It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege escalation.
d38447e625136f99a89cecd34849184cf00b07d42061e2c9072142a231c9438c
Visual Synapse HTTP server suffers from a directory traversal vulnerability.
038f38bdf4e7117803ec5bc6d22f030c1807fe0e79f28bb04eb182d7d342adfb
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
f3245eea6c63f8271309ec0e19713906d8cbec8278a5dd9bc25b21e63493ae10
libc/glob(3) suffers from a resource exhaustion vulnerability. Proof of concept code included. Affected includes OpenBSD 4.7, NetBSD 5.0.2, FreeBSD 7.3/8.1, Oracle Sun Solaris 10 and GNU Libc (glibc).
0fe71b6c891ef4cf59d9008f85704335ab1de299aa1ecc8f4f06ae19461af5cd
xWeblog version 2.2 suffers from a remote SQL injection vulnerability.
8643efd51e38d75481766b28531e836163d65c18f2c844aa1ee8213d43c8c046
Adobe Reader version 9.3.4 is vulnerable to multiple memory corruption vulnerabilities. By sending specially crafted PDF files it is possible to cause memory corruption in the 3difr and AcroRd32.dll modules. Both issues trigger a null pointer condition which results in an access violation. The issue in AcroRd32.dll is triggered when Adobe Reader is closed.
8cc088f240fc45c266a250afb545cea36a5bbe247a4e721a59aa2a79ae7d9a37
This shell script takes in a md5 sum and uses various online cracking resources to try and figure out what was hashed.
b4bde0e95d3672d6aed81e49a5aa2f7653d49d7b9b0fce5ca6c48c4dddb8ae3b
The Joomla Lurm component suffers from a remote file inclusion vulnerability.
c798d1cbdb22f152a28b8bd6c936a82b28aa77f627e846a09f05d0e5a0f4b403
The Joomla Picasa2 component suffers from a local file inclusion vulnerability.
d9a82f924418130b64f5ae0233801712dad5665af836941b8425d3eccc74a4f5
The Joomla Jeformcr component suffers from a local file inclusion vulnerability.
85a8a5289f334c23cc2fa7f75e1dc8527dfd8d072f937043429b999db34b25c6
The Joomla JCS component suffers from a remote file inclusion vulnerability.
dda225cbfdfcdcc3cd7386333663c1d8f093c903de62c95cd1954507ab155ffd