Red Hat Security Advisory 2012-0061-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: It was found that permissions were not checked properly in the Linux kernel when handling the /proc/[pid]/mem writing functionality. A local, unprivileged user could use this flaw to escalate their privileges. Refer to Red Hat Knowledgebase article DOC-69129, linked to in the References, for further information.
e40b8b8aaddc8e2fe581d83de354223aa3949157644b6f2661a2d8f354618f40
Red Hat Security Advisory 2012-0062-01 - The t1lib library allows you to rasterize bitmaps from PostScript Type 1 fonts. Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics files. If a specially-crafted font file was opened by an application linked against t1lib, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An invalid pointer dereference flaw was found in t1lib. A specially-crafted font file could, when opened, cause an application linked against t1lib to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
a926a8831f5e655d16df1e35d4dd911ee1b2e36511144fac9a380ee7434eb26a
Red Hat Security Advisory 2012-0060-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. A double free flaw was discovered in the policy checking code in OpenSSL. A remote attacker could use this flaw to crash an application that uses OpenSSL by providing an X.509 certificate that has specially-crafted policy extension data.
626386dc502d12fc29e4780f91473a6509e4ce82830fd07413d30317383f9ba0
Red Hat Security Advisory 2012-0058-01 - The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
d4d1780461ee1cfaa9d79baa47a009d2377c5860a1e2cf3da7318da99a2c5585
Red Hat Security Advisory 2012-0059-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. An information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection.
637d4b3792e367e77118dadf6e654fba56f63a5136cbc78f5b4bd3c1b6efa812
Ubuntu Security Notice 1346-1 - Dan Fandrich discovered that curl incorrectly handled URLs containing embedded or percent-encoded control characters. If a user or automated system were tricked into processing a specially crafted URL, arbitrary data could be injected.
0b171085fe24790e993a5cb1a612f7517c2b818e647d6a61a9fbb85732a32b7d
The Joomla Jesubmit component suffers from a shell upload vulnerability.
29af3fc4b0a2b9a9d16ad59beb1c5c43ec83ab4061b5971281917734046c5f7a
This is a brief whitepaper called A Backdoor in the Next Generation Active Directory.
dd040be0d2bdc00e6d0cbeedaaf496611de0e99e0335d67ebeebc9aaca01a674
Stoneware WebNetwork6 suffers from cross site request forgery and cross site scripting vulnerabilities.
ac0ef67138ba1a287f0c436322ad782d25a6ed168c6ee0e5da1cae3818db9078
Local root exploit for Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms that leverages a flaw in the compat_alloc_user_space functions.
52fc8b565f2f099df29e7cd463956b7151a8c113162ee3862f5988242751213f
Local root exploit that affects Linux kernel versions up to 2.6.18. It takes advantage of a flaw in the udp_sendmsg function.
5f8fab9df021ada7f06193064a65502d568ab2c8b92783556af8c144bc279b53
Ultimate Locator suffers from a remote SQL injection vulnerability.
429137160b75a3f7b44e26a49eca96e4b881cd161ab809fadbc9afb392402d56
Alkon Consulting Group suffers from a remote SQL injection vulnerability.
a551f13148cf96a084c9c8bebc5a521b641d35550dd9f4e83a519b39ca931098
DataArmor versions 3.0.10 and above and DriveArmor versions 3.0.0 and above suffer from restricted environment breakout, privilege escalation and full disk encryption vulnerabilities.
b41ef1f168f30852ea4d0d4812fadcaa0d376c38f648c6c50c2dac11f4b25ebe
UltraPlayer version 2.112 stack buffer overflow exploit that creates a malicious .m3u file that will trigger a reverse shell.
96294503f8bfddc167c2244a8894cb4cb8d4325bf34e9db7b30dd6d1cc1a5420
UltraPlayer version 2.112 local crash exploit that creates a malicious .avi file.
9f43265703ad1b56d80101b2fa1124c6d41e5f3b00ba5fb5e1b81d34b128b091
The Nuit Du Hack Call For Papers has been announced. It will be held June 23rd, 2012 at the Disneyland Paris Conference Centre.
a0f919adae1a937df9ef4d9001bdfa8f3d03517f6313946efff965263f7b0f8a
Ubuntu Security Notice 1343-1 - Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Thunderbird or execute arbitrary code as the user that invoked Thunderbird. Aki Helin discovered a crash in the YARR regular expression library that could be triggered by javascript in web content. Various other issues were also addressed.
b320552fd3ebcdce074815e44c55cd3a05de20c7d4838165adb6112d9accbbbf
Ubuntu Security Notice 1345-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.
c5e2c5ccabf794f03dfb9229198594f7253ed79ba331f08d1ef2aa77b46bb0dd
Ubuntu Security Notice 1344-1 - Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system.
b59d95f9f986e002c805f641ed404a6ad915b27e325adde2cf5cd116b992ac73
glFusion CMS version 1.2.2 suffers from shell upload and remote SQL injection vulnerabilities.
ad6bb126a05811ea0372f50995944d0c7147bd0aaab64e41a724c0997e704a2d
Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
2cd563268ad9d548cc3b7f95e276dc7556b79d410ef730c9500bb9188a4e6032
The Joomla Advert component suffers from a remote SQL injection vulnerability.
81cab28625f0eb9d311e7f4d3861afb736dfd548b50019d0ac273dc6b5ad4e1d
The Joomla Welcome component suffers from a local file inclusion vulnerability.
0590bb0049f025aaa2b5ea192496b02b6887354ffada0aba32cad18400dd4e11
The Joomla Funny News component suffers from a local file inclusion vulnerability.
74e908aafa50d33d30058118b6764f1dbb9ba0264712adca05a55644718eaf10