Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
9f52d9df65a617bc701d9cdbdad4bd0c5941999c8b81dfbacb8f61f8b2e1eb71Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.
1085235659d66a4e8b278a57cced928a440107b3303d518858024a65d6b9c3d9Red Hat Security Advisory 2011-1265-01 - The IBM 1.4.2 SR13-FP10 Java release includes the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. Detailed vulnerability descriptions are linked from the IBM "Security alerts" page, listed in the References section. Note: The RHSA-2011:0870 java-1.4.2-ibm-sap update did not, unlike the erratum text stated, provide a complete fix for the CVE-2011-0311 issue.
8f327346a6a38d9ce57e851d3a4fb72e07d4dd11ac3e51c75fb6dadb6e7c0f1bWordPress KNR Author List Widget plugin versions 2.0.0 and below suffer from a remote SQL injection vulnerability.
e56ca7fe4ef4d77b633410aa3b3d45772ba960968d78dbe54b0136d89b45c31eRed Hat Security Advisory 2011-1264-01 - The gstreamer-plugins packages contain plug-ins used by the GStreamer streaming-media framework to support a wide variety of media formats. An integer overflow flaw, a boundary error, and multiple off-by-one flaws were found in various ModPlug music file format library modules, embedded in GStreamer. An attacker could create specially-crafted music files that, when played by a victim, would cause applications using GStreamer to crash or, potentially, execute arbitrary code. All users of gstreamer-plugins are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, all applications using GStreamer must be restarted for the changes to take effect.
04e95c07aaa0f241d819930e561a233b545d0726752ae1b9c9e6d3bc00530555Red Hat Security Advisory 2011-1212-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the Linux kernel's Stream Control Transmission Protocol implementation. A remote attacker could send a specially-crafted SCTP packet to a target system, resulting in a denial of service. A flaw in the Linux kernel's client-side NFS Lock Manager implementation could allow a local, unprivileged user to cause a denial of service.
9c2edb7d23d2cfd9d86f0a74a4081f4a0dd2945dee2ad9e4a1c6c515861935c7Mandriva Linux Security Advisory 2011-132 - Multiple vulnerabilities have been identified and fixed in pidgin. These issues include a null pointer dereference and a memory access bypass.
ad6b3bb86b06bf57743125e82eda7d9b486606bd08789f5fc6e8c2b16278b957Debian Linux Security Advisory 2301-1 - Several vulnerabilities have been discovered in Rails, the Ruby web application framework.
b334f5cf62cfb6b04e216ea9085ae454d58013cd546c3daa75b90f34636c3ee0Debian Linux Security Advisory 2300-2 - Several unauthorized SSL certificates have been found in the wild issued for the DigiNotar Certificate Authority, obtained through a security compromise with said company. Debian, like other software distributors, has as a precaution decided to disable the DigiNotar Root CA by default in the NSS crypto libraries.
a8523c0d5511a75e62c5239ae7c4ac1bb144833ea9aad42fd23ec3b7b56f7d06GeoClassifieds Lite version 2.0.x suffers from cross site scripting and remote SQL injection vulnerabilities.
beaaac1a35007bb8eeb9a2b42abbf6056add229495bb26c892e7a37fa96af8f6PlaySMS version 0.9.5.2 suffers from a remote file inclusion vulnerability.
049d929227d9b1ba69f2be7c46c93737841bda264acecb9025eeb86fa0fd2db9DVD X Player version 5.5 Pro buffer overflow SEH overwrite exploit that spawns a shell on port 8080.
411ee2842b51ec572d84c97f03c5448321c4898cdbe96297b0f908e53b407c18Debian Linux Security Advisory 2298-2 - The apache2 upgrade from DSA-2298-1 has caused a regression that prevented some video players from seeking in video files served by Apache HTTPD. This update fixes this bug.
51b6b4eee4d7a7cda38072d288735549753afffbc83cb18032cb72174b97cf1cMantisBT version 1.2.7 suffers from cross site scripting and local file inclusion vulnerabilities.
f93ea1f9463f54e352b0762b7f966c8a53d16c2feee1c1340bc0337cc98100a2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed