Ubuntu Security Notice 864-1 - Kernel packages have been updated. It was discovered that the AX.25 network subsystem did not correctly check integer signedness in certain setsockopt calls. Jan Beulich discovered that the kernel could leak register contents to 32-bit processes that were switched to 64-bit mode. Dave Jones discovered that the gdth SCSI driver did not correctly validate array indexes in certain ioctl calls. Eric Dumazet and Jiri Pirko discovered that the TC and CLS subsystems would leak kernel memory via uninitialized structure members. Earl Chew discovered race conditions in pipe handling. There are about a dozen other issues also addressed.
2f9e8bf3729b664a290f690db75777d46200920190578d7da876f4919fea4eaeDebian Linux Security Advisory 1946-1 - It was discovered that belpic, the belgian eID PKCS11 library, does not properly check the result of an OpenSSL function for verifying cryptographic signatures, which could be used to bypass the certificate validation.
9a7f2da7e7d53f16ddc6e60f14bec24b160e4a7c5d4e107b5f68315938a24311Mandriva Linux Security Advisory 2009-224 - Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name. This update provides a solution to this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
fa6727c03f758e0239d74a2c09cded1f47d3b8f5ad4181c778be47b4ac8b4dbfMandriva Linux Security Advisory 2009-223 - Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in simply nested DTD structures, as demonstrated by the Codenomicon XML fuzzing framework. This update provides a solution to this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
ec20b3493610025eeee650a11f31954eace01b2226bdda739015618531fdcb41Mandriva Linux Security Advisory 2009-315 - neon before 0.28.6, when OpenSSL is used, does not properly handle a '\\0' (NUL) character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to these vulnerabilities.
cc5992738d88cb42a2452244ccf0f7315d087a69bb07f9dbedb3d1db74d96636Mandriva Linux Security Advisory 2009-218 - A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
9fd0ff086bb44dc8e359fd8376d752218295138428e54a6bfa310fbfb8ce96a6Mandriva Linux Security Advisory 2009-212 - A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
358cb28343b772c856a944d157b77948108a5b54631268a1ccbe541f63fe6705Mandriva Linux Security Advisory 2009-211 - A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
97f13c48199e07b60361d99f2c70e6d5d028a834e4d0622e76289e5d80e2620cMandriva Linux Security Advisory 2009-208 - libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read. This update provides a solution to this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
cf8565317e881b1da89995fc541f9fefc4bfacd81e66ce2253b631b52f216560Mandriva Linux Security Advisory 2009-213 - A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
253b9fa53a1c05a4c3ee23a4ab7f94b0ba873b10873bbb8e8329d1b7cce2f7aaMandriva Linux Security Advisory 2009-206 - GNU Wget before 1.12 does not properly handle a '\\0' (NUL) character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. This update provides a solution to this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
4d134cb5317746dbabde9ddcb0704cf7d3ebb8c26b5476cc7c3f8d510610cac6Secunia Research has discovered a vulnerability in DevIL, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused by a boundary error within the "GetUID()" function in src-IL/src/il_dicom.c. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted DICOM file in an application using the library. The vulnerability is confirmed in version 1.7.8. Other versions may also be affected.
bef338476ab50b7b135a8f8a62a9fce7233fca04b978409af9cb476cd97ecad5Core FTP Server version 1.0 Build 319 suffers from a remote denial of service vulnerability.
49933519fe2c4b693e105a1f04a807e3dcc61d13f727d9c57e57409cae6b7bd3Ninja is a privilege escalation detection and prevention system for GNU/Linux hosts. While running, it will monitor process activity on the local host, and keep track of all processes running as root. If a process is spawned with UID or GID zero (root), ninja will log necessary information about this process, and optionally kill the process if it was spawned by an unauthorized user.
0be3bda69816beb05a03df470f9d652594aa81dd49baac2bd7ebd2491794712dipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
f7cb936c7aac861d230a972d266df509bb34fb48f4604db48ededd604466416dBM Classifieds Ads suffers from a remote SQL injection vulnerability.
8f0f8a6e4f98db33741739c1e64a3445ae5dbbb5f7416dc0b3571777080b1177Achievo version 1.4.2 suffers from a cross site scripting vulnerability.
ad13c4066a6974de3d00a8e51c5932564f2bd764934024b97340dcf230447093Achievo version 1.4.2 suffers from a remote shell upload vulnerability.
fd1d0f43b6c990452149cbc6a039d9120d789b1241a985a07c1c3dbbaad86a33The libmodplug library is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. Versions prior to 0.8.6 are affected.
3ee534500a7935fc069c9d41bd90bd1c6d8eca00c07e014a3f4f88254b81c7e4Yoast Google Analytics version 3.2.4 for Wordpress suffers from a cross site scripting vulnerability.
2710a8ae487c43fc21d8dd85bdfcba8d0d7987f648fb20651abd8ccd591ca3afInvision Power Board versions 3.0.4 and below suffer from local file inclusion and remote SQL injection vulnerabilities. Versions 2.3.6 and below suffer from a remote SQL injection vulnerability.
efe52ce1957cc2103d4b96559bf90231ce74be94e5635eacb7a3a351c7a0837e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed