Ubuntu Security Notice 3340-1 - Emmanuel Dreyfus discovered that third-party modules using the ap_get_basic_auth_pw function outside of the authentication phase may lead to authentication requirements being bypassed. This update adds a new ap_get_basic_auth_components function for use by third-party modules. Vasileios Panopoulos discovered that the Apache mod_ssl module may crash when third-party modules call ap_hook_process_connection during an HTTP request to an HTTPS port. Various other issues were also addressed.
e9929f4f48d68556f27b3ffbbdf309c5
IBM DB2 versions 9.7, 10.1, 10.5, and 11.1 suffer from a command line process buffer overflow vulnerability.
5d5fdc9afef069a12acc4631e4723b9a
Microsoft Skype versions 7.2, 7.35 and 7.36 suffer from a stack buffer overflow vulnerability.
83bf427e9bb93af672310e8bd506f135
JAD version 1.5.8e-1kali1 suffers from a buffer overflow vulnerability.
2b1879456767fcc7e710df4a24db0153
75 bytes small Linux/x86 shellcode that binds a shell to port 4444. Contains no NULLs.
501256220065b8b18c393c129a24f35f
LAME version 3.99.5 suffers from a II_step_one buffer overflow vulnerability.
a3341973e3bfcb873573a2ccad573a0f
LAME version 3.99.5 suffers from a III_dequantize_sample stack buffer overflow vulnerability.
598e7a87386258e4cc7a05c3337e3bba
NTFS version 3.1 master file table denial of service exploit.
9ff51ea50d574fafdc8b0b679560602a
D-Link DIR-100 suffers from brute force and cross site request forgery vulnerabilities.
b8b887922adc51bf8cd2293906751d38
Whitepaper called Fully Undetectable Malware. Translated to English.
d68cb4f5d9b821df21203ba5a14b4e8a