Debian Linux Security Advisory 2359-1 - It was discovered that Mojarra, an implementation of JavaServer Faces, evaluates untrusted values as EL expressions if includeViewParameters is set to true.
0e5bf51ca44b6f7e187052037f792c15ea68a6d17dae41a04935fd68c0e2d375Red Hat Security Advisory 2011-1635-03 - The Common UNIX Printing System provides a portable printing layer for UNIX operating systems. A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the "lp" user.
fe5f2da378d6df165af1406df4d08d0fd5b4ea9f6d02822b8213d9c409c860c9WebIndia Hosting suffers from cross site scripting and remote SQL injection vulnerabilities.
c2d539837c5d45e4f31332e145f4d666606789acf6bc6052bc9ebd5f81cc5c16Red Hat Security Advisory 2011-1615-03 - virt-v2v is a tool for converting and importing virtual machines to libvirt-managed KVM, or Red Hat Enterprise Virtualization. Using virt-v2v to convert a guest that has a password-protected VNC console to a KVM guest removed that password protection from the converted guest: after conversion, a password was not required to access the converted guest's VNC console. Now, converted guests will require the same VNC console password as the original guest. Note that when converting a guest to run on Red Hat Enterprise Virtualization, virt-v2v will display a warning that VNC passwords are not supported.
4cfafc694f99791c85631f43a8bc9cc2ffa82ea42b18afb9e0a4a2bcc179f193HP Security Bulletin HPSBMU02726 SSRT100685 2 - A potential security vulnerability has been identified with HP Operations Agent and Performance Agent for AIX, HP-UX, Linux, and Solaris. The vulnerability could be locally exploited to gain unauthorized access to a directory. Revision 2 of this advisory.
e3b77030422b1ae26708b2862a059cf1daa398e2be964d4cf66e62d570f8001bRed Hat Security Advisory 2011-1581-03 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was found that Ruby did not reinitialize the PRNG after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes. A flaw was found in the Ruby SecureRandom module. When using the SecureRandom.random_bytes class, the PRNG state was not modified after forking a child process. This could eventually lead to SecureRandom.random_bytes returning the same string more than once. An attacker keeping track of the strings returned by one child process could use this flaw to predict the strings SecureRandom.random_bytes would return in other child processes.
766668de266f9a5e422759c80977180b1e7d1da61b84b183a2a86e73c010afd6Red Hat Security Advisory 2011-1580-03 - The resource-agents package contains a set of scripts to interface with several services to operate in a High Availability environment for both Pacemaker and rgmanager service managers. It was discovered that certain resource agent scripts set the LD_LIBRARY_PATH environment variable to an insecure value containing empty path elements. A local user able to trick a user running those scripts to run them while working from an attacker-writable directory could use this flaw to escalate their privileges via a specially-crafted dynamic library.
76b9d260e2212ac0676410bf96ddadbac1b1f6a01a5448c80f8bb5634a12d824Red Hat Security Advisory 2011-1536-03 - Sos is a set of tools that gather information about system hardware and configuration. The sosreport utility incorrectly included Certificate-based Red Hat Network private entitlement keys in the resulting archive of debugging information. An attacker able to access the archive could use the keys to access Red Hat Network content available to the host. This issue did not affect users of Red Hat Network Classic. This updated sos package also includes numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory.
319511f57bf9b34678128a47e155a02243a2e0a00b701e9326eb7f88f9dfcfd7Red Hat Security Advisory 2011-1534-03 - The nfs-utils packages provide a daemon for the kernel Network File System server, and related tools such as the mount.nfs, umount.nfs, and showmount programs. A flaw was found in the way nfs-utils performed IP based authentication of mount requests. In configurations where a directory was exported to a group of systems using a DNS wildcard or NIS netgroup, an attacker could possibly gain access to other directories exported to a specific host or subnet, bypassing intended access restrictions.
9b129da860f95d764c403043ebfdc653e1db519628a3bbf478c5ea0b24ac8cc4Red Hat Security Advisory 2011-1533-04 - Red Hat Identity Management is a centralized authentication, identity management and authorization solution for both traditional and cloud based enterprise environments. It integrates components of the Red Hat Directory Server, MIT Kerberos, Red Hat Certificate System, NTP and DNS. It provides web browser and command-line interfaces. Its administration tools allow an administrator to quickly install, set up, and administer a group of domain controllers to meet the authentication and identity management requirements of large scale Linux and UNIX deployments. A Cross-Site Request Forgery flaw was found in Red Hat Identity Management. If a remote attacker could trick a user, who was logged into the management web interface, into visiting a specially-crafted URL, the attacker could perform Red Hat Identity Management configuration changes with the privileges of the logged in user.
0e823f1a2ae89e3334938c90bcec4ce2eb598bf36bbbf703ea7582c3e523706cRed Hat Security Advisory 2011-1532-03 - Kexec allows for booting a Linux kernel from the context of an already running kernel. Kdump used the SSH "StrictHostKeyChecking=no" option when dumping to SSH targets, causing the target kdump server's SSH host key not to be checked. This could make it easier for a man-in-the-middle attacker on the local network to impersonate the kdump SSH target server and possibly gain access to sensitive information in the vmcore dumps. mkdumprd created initrd files with world-readable permissions. A local user could possibly use this flaw to gain access to sensitive information, such as the private SSH key used to authenticate to a remote server when kdump was configured to dump to an SSH target.
7edcdcb7d3b2a7e1c5773868285783715345a11be979edfe68066b0d7a413c8cRed Hat Security Advisory 2011-1531-03 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. It was found that qemu-kvm did not properly drop supplemental group privileges when the root user started guests from the command line with the "-runas" option. A qemu-kvm process started this way could use this flaw to gain access to files on the host that are accessible to the supplementary groups and not accessible to the primary group.
16923c194b532ddc6c8d7a2dcc4465a1625af19775eb04b43ffaf4553809d229Red Hat Security Advisory 2011-1530-03 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The proc file system could allow a local, unprivileged user to obtain sensitive information or possibly cause integrity issues. Non-member VLAN packet handling for interfaces in promiscuous mode and also using the be2net driver could allow an attacker on the local network to cause a denial of service.
0ea0d8d1bd62a748fefde36e3fb68a6860a5459a3012b4b4223b673f37abf7b8Red Hat Security Advisory 2011-1526-03 - The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. A flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. It was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file.
8fcb821effd2130157bef6f3b9ef23b06ccb0069c78542c7e2046126393556b5WordPress Pretty Link plugin version 1.5.2 suffers from a cross site scripting vulnerability.
83307ac43a7caabbcb70c0af07c51412f9682fd79f7a75337f6ad274f9b5747eSMF Portal version 1.1.15 suffers from a shell upload vulnerability.
78c8044fefabad72132f022d457ae6c0d678948a27156f141f450bb37613fbfcEPractize Labs spamming software appears to have a file write backdoor.
8838e9546b81ee8f81053596ed558c554ca8961c81dcf5402ccfd386d23ea503Whitepaper called Web Backdoors - Attack, Evasion and Detection. This paper provides insight on common web back doors and how simple manipulations could make them undetectable by AV and other security suits. It explains a few techniques that could be used to render undetectable and unnoticed backdoors inside web applications.
b1a5cd53ac0ba93fa6ae8a95e647a33652ee817065946819d8fc813efa6fdce6AlstraSoft EPay Enterprise version 4.0 suffers from a remote blind SQL injection vulnerability.
745883b54cf35eb9a6ff37a0e2b066386de511bfab315dfe1540bfe765e96982Five Star Review suffers from a remote SQL injection vulnerability.
e83b9c8d6762064692816070fcdd575675e49ea9d3206f90e9142e19decd38aaPHP Calendars suffers from a remote SQL injection vulnerability in eventdisplay.php.
6dbc3c89fc5ecc6c8a971227682ff2f6c10804afee2c3c1be7410020919b7f94Secunia Security Advisory - A weakness has been discovered in Mozilla Firefox, which can be exploited by malicious people to disclose sensitive information.
b7e3c73b4747b16d1e461e4bd792a1a83ac6f9e5e04c6389223ab2b30357dae6Secunia Security Advisory - A vulnerability has been discovered in EPractize Labs Subscription Manager, which can be exploited by malicious people to compromise a vulnerable system.
fcb92a958f7e825def7a96fd008976c9e602223cf374b2f8f965bdb0ba877ce0Secunia Security Advisory - A weakness has been discovered in Google Chrome, which can be exploited by malicious people to disclose sensitive information.
bc043b460e9b8b5fa7973713f296f437064f8e0bab69477ed0c25ff9ff68f597Secunia Security Advisory - A weakness has been discovered in Opera, which can be exploited by malicious people to disclose sensitive information.
52f45dc0f74460d671cf526d7dee71f947ac25bab78b04514f5472be968c94a4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed