Mandriva Linux Security Advisory 2010-198 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. These include memory disclosure, denial of service, NULL pointer dereference and privilege escalation issues.
9b5198e025901d7e83cb9d7ed6a8a856074baa405387532a1558ef7da79896f5Ubuntu Security Notice 1002-2 - USN-1002-1 fixed vulnerabilities in PostgreSQL. This update provides the corresponding update for Ubuntu 10.10. It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege escalation.
085a6581138140094c3a3e7e5218e13c206bda65a3d3ed3d068b202fda63e0baUbuntu Security Notice 1003-1 - It was discovered that OpenSSL incorrectly handled return codes from the bn_wexpand function calls. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. It was discovered that OpenSSL incorrectly handled certain private keys with an invalid prime. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. The default compiler options for affected releases should reduce the vulnerability to a denial of service.
b2e715ef6350c014f2ef81d22da60aa3be6b6ec9f0721564b45fce3833ccb3a8Ubuntu Security Notice 1002-1 - It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege escalation.
d38447e625136f99a89cecd34849184cf00b07d42061e2c9072142a231c9438cVisual Synapse HTTP server suffers from a directory traversal vulnerability.
038f38bdf4e7117803ec5bc6d22f030c1807fe0e79f28bb04eb182d7d342adfbThe Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
f3245eea6c63f8271309ec0e19713906d8cbec8278a5dd9bc25b21e63493ae10libc/glob(3) suffers from a resource exhaustion vulnerability. Proof of concept code included. Affected includes OpenBSD 4.7, NetBSD 5.0.2, FreeBSD 7.3/8.1, Oracle Sun Solaris 10 and GNU Libc (glibc).
0fe71b6c891ef4cf59d9008f85704335ab1de299aa1ecc8f4f06ae19461af5cdxWeblog version 2.2 suffers from a remote SQL injection vulnerability.
8643efd51e38d75481766b28531e836163d65c18f2c844aa1ee8213d43c8c046Adobe Reader version 9.3.4 is vulnerable to multiple memory corruption vulnerabilities. By sending specially crafted PDF files it is possible to cause memory corruption in the 3difr and AcroRd32.dll modules. Both issues trigger a null pointer condition which results in an access violation. The issue in AcroRd32.dll is triggered when Adobe Reader is closed.
8cc088f240fc45c266a250afb545cea36a5bbe247a4e721a59aa2a79ae7d9a37This shell script takes in a md5 sum and uses various online cracking resources to try and figure out what was hashed.
b4bde0e95d3672d6aed81e49a5aa2f7653d49d7b9b0fce5ca6c48c4dddb8ae3bThe Joomla Lurm component suffers from a remote file inclusion vulnerability.
c798d1cbdb22f152a28b8bd6c936a82b28aa77f627e846a09f05d0e5a0f4b403The Joomla Picasa2 component suffers from a local file inclusion vulnerability.
d9a82f924418130b64f5ae0233801712dad5665af836941b8425d3eccc74a4f5The Joomla Jeformcr component suffers from a local file inclusion vulnerability.
85a8a5289f334c23cc2fa7f75e1dc8527dfd8d072f937043429b999db34b25c6The Joomla JCS component suffers from a remote file inclusion vulnerability.
dda225cbfdfcdcc3cd7386333663c1d8f093c903de62c95cd1954507ab155ffd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed