Ubuntu Security Notice USN-808-1 - Micha Krause discovered that Bind did not correctly validate certain dynamic DNS update packets. An unauthenticated remote attacker could send specially crafted traffic to crash the DNS server, leading to a denial of service.
321adf8642de15d5ade0593a9fc17f483a670db20ed3b6b6722571deb78f5934
Debian Security Advisory 1846-1 - Matt T. Yourst discovered an issue in the kvm subsystem. Local users with permission to manipulate /dev/kvm can cause a denial of service (hang) by providing an invalid cr3 value to the KVM_SET_SREGS call.
b94adbef572be3d44e0873584f7f7586c9c04d22eb8bc147d2906e2ff0190454
The FAQ Manager module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.
c67161a57e4dcd8e1bffe24875c6cf44dc5bee095970b1f2b0875173e00c42a1
The EventsCalendar module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.
03aadd779aea7a2473ae5acbe7b07a1a9884e3b929c1fc7390a5f23588f26783
The Directory module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.
1498cb20cfdd442dbacf4b1a947895cc66e9eb78a1f615964669357602c5a9b0
The Classified Ads module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.
69f524bea0e7c10cda41eca871dc1ea269a6ec25fdc943557af1da828a038e25
The Blog Writer module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.
1f1038b0b7a594e38e44422291cde8268e15f0fe642cda5bcd9863b3d4dc5fbd
Debian Security Advisory 1845-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, or privilege escalation.
ddce2a1f54158deb8c3002cf6fd5f7f63349871281f4dfeaa4907542189e2839
Debian Security Advisory 1844-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
3e4337776a6b1affbc02de5ed8349b5fee27fdcee9cda24ab22b8932ebc72584
LinksCaffePRO suffers from remote SQL injection and cross site scripting vulnerabilities.
daccd0dddd65bc8092b6d7e7a4e56f8b1669ca3a11261143c59fb7d08a767f2c
ClassifiedsCaffePRO suffers from a cross site scripting vulnerability.
53a80c1bf9de1dd84b0dc1541f5334a6aaac39606e4e4647fa24d36bc741fe90
FreeBSD Security Advisory - When named(8) receives a specially crafted dynamic update message an internal assertion check is triggered which causes named(8) to exit. To trigger the problem, the dynamic update message must contains a record of type "ANY" and at least one resource record set (RRset) for this fully qualified domain name (FQDN) must exist on the server.
63f6e9c33b817f0e2995a59692b493e8ec93d0332cc4781442f1c4b5e3d35798
Ubuntu Security Notice USN-807-1 - Michael Tokarev discovered that the RTL8169 network driver did not correctly validate buffer sizes. A remote attacker on the local network could send specially traffic traffic that would crash the system or potentially grant elevated privileges. Julien Tinnes and Tavis Ormandy discovered that when executing setuid processes the kernel did not clear certain personality flags. A local attacker could exploit this to map the NULL memory page, causing other vulnerabilities to become exploitable. Ubuntu 6.06 was not affected. Matt T. Yourst discovered that KVM did not correctly validate the page table root. A local attacker could exploit this to crash the system, leading to a denial of service. Ubuntu 6.06 was not affected. Ramon de Carvalho Valle discovered that eCryptfs did not correctly validate certain buffer sizes. A local attacker could create specially crafted eCryptfs files to crash the system or gain elevated privileges. Ubuntu 6.06 was not affected.
76e56d56aac365a9fbbf33f82d67fb4d45dbf243bfe856e1d294cc57021817a8
Secunia Security Advisory - A vulnerability has been discovered in the UIajaxIM component for Joomla, which can be exploited by malicious users to conduct script insertion attacks.
d5ce9ebc360eefe888e4221ca46afea031caacc3de6689e287131ff280ac9ef7
Secunia Security Advisory - A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).
351fdfe6331db0306b4d160e5fdddbfc029d764b04d92ee6a6b4244c98445dc7
Secunia Security Advisory - tixxDZ has reported a vulnerability in MPlayer, which can be exploited by malicious people to potentially compromise a user's system.
79c5903edd8c62db16325465ff24170307457e643353197873c1421bed582a7b
Secunia Security Advisory - tixxDZ has reported a vulnerability in VLC Media Player, which can be exploited by malicious people to potentially compromise a user's system.
a8798fb2f32923777e566ba6cce14429a08bb80f13fcc9c639c8b43270370a84
Secunia Security Advisory - Some vulnerabilities have been reported in Cisco Wireless LAN Controllers, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
7058212fa120fb3b92218b90406e394f7d1610848852fa1e5b0e0f471645f35e
Secunia Security Advisory - Platen has discovered a vulnerability in Basilic, which can be exploited by malicious people to conduct cross-site scripting attacks.
c99fd66142a059312721a0bb562b61c10894f22fd95408dfe4fc1f0abdd50fc1
Secunia Security Advisory - Kingcope has discovered a security issue in NcFTPd Server, which can be exploited by malicious users to bypass certain security restrictions.
91a3ebb561ddf6b31a603fd64dbfd01b805f38169cf746bc89d067eafc38af7e
Technical Cyber Security Alert TA09-209A - Microsoft has released out-of-band updates to address critical vulnerabilities in Microsoft Internet Explorer running on most supported versions of Windows. The updates also help mitigate attacks against ActiveX controls developed with vulnerable versions of the Microsoft Active Template Library (ATL).
ff15492f51e1c3ec3ea228997a0e2940c2a7dddf7f3bf187c4c40e15f9d53421
Mandriva Linux Security Advisory 2009-172 - ISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially-crafted DHCP requests to cause the server to stop responding. This update provides fixes for this vulnerability.
48e39060a642bf4ad5cb8769383ababf8543344a7f64bf54d487c6acbfd21677
Mandriva Linux Security Advisory 2009-171 - Tavis Ormandy and Julien Tinnes of the Google Security Team discovered that pulseaudio, when installed setuid root, does not drop privileges before re-executing itself to achieve immediate bindings. This can be exploited by a user who has write access to any directory on the file system containing /usr/bin to gain local root access. The user needs to exploit a race condition related to creating a hard link. This update provides fixes for this vulnerability.
849044bfba62baf25c7bf418a0814ff3799bad71d9160681d6e575fa4b939f3e
Mandriva Linux Security Advisory 2009-170 - Mandriva Security team has identified and fixed a vulnerability in initscripts which could lead to partial wireless password disclosure for WPA/WPA2 passwords of certain length which contained spaces. This update fixes the vulnerability.
1565d56f2db7d5eaae05cc381285e663c59788e86fc1ce87181939fa3cb5d464
Tukanas EasyClassifieds version 1.0 suffers from a remote blind SQL injection vulnerability.
2980569ebddbaade4f399d70cfc2aa316e309a8642bfdb432ba5bc94974e7b49