Mandriva Linux Security Advisory 2012-153 - ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. The updated packages have been patched to correct this issue.
4f56142c97f654375514ad63bec348cf7fcda3463f1302a10bbd3b3b4d0e920bphpFreeChat version 1.4 suffers from multiple cross site scripting vulnerabilities.
1b82a33a3e1e68375da09a67b32f8842cbefe9c87c225ad7a5b1c2ad22258452It appears that multiple cross site scripting vulnerabilities were discovered in PayPal.com.
f5239e9a4f5906c6ed51aa1c2f017f03fb91b576f0133a33b8ab8219f2ba8a70HP Security Bulletin HPSBUX02814 SSRT100930 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
daea6262b35ede00cc6ea4afff92b3016cca3de4edbdea737563cd870dfaf98dMandriva Linux Security Advisory 2012-155 - builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1. The updated packages have been patched to correct this issue.
5333e966d5561d2f6d4f4fb9e29e14c3c973d25ae843e13ad80971d6adca9f61Mandriva Linux Security Advisory 2012-156 - The STARTTLS implementation in INN's NNTP server for readers, nnrpd, before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a plaintext command injection attack, a similar issue to CVE-2011-0411. The updated packages have been upgraded to inn 2.5.3 which is not vulnerable to this issue.
7b717cf5b8b12f1a506884f1d256dfa24c8600abecd7922df8fd47ef4ba351cfProjectPier versions 0.8.8 and below suffers from a remote shell upload vulnerability.
d1e036a79a1b141620ded93726111ef41fa82aa390f1904f6586e24f31fa9180TP-LINK TD-W8151N 150Mbps wireless N ADSL+2 modem router suffers from a cross site request forgery vulnerability.
427ec14298c7ccdd86476a0829cf8b76602d498105b951c45aba638947ed5cb6Zenphoto version 1.4.3.2 suffers from a cross site scripting vulnerability.
c313654cf06a5459638e4cb26e414198c80c70942da3bd786c488538808104e7PhpTax version 0.8 suffers from a remote code execution vulnerability.
d0d6e0e1685582da24a6399ab9398b69b943a0fb2d14f8839ddf5d959307e3d4Handshakes Professional version 4.1 suffers from a remote SQL injection vulnerability.
35b955a7d870227ad43152ccc8657154fedddb89d144cf08d642e76d7ee49adaMandriva Linux Security Advisory 2012-152 - A nameserver can be caused to exit with a REQUIRE exception if it can be induced to load a specially crafted resource record. The updated packages have been upgraded to bind 9.7.6-P3 which is not vulnerable to this issue.
2cf9b6c302121d09799cfca10fd3daa0848066166bab005970866bfc05c36ee9HP Security Bulletin HPSBST02818 SSRT100960 - A potential security vulnerability has been identified with HP IBRIX X9000 Storage. The vulnerability could be remotely exploited to allow disclosure of information. Revision 1 of this advisory.
b7b3d0ad2afa96c5b7579c9669be83c47320e22350efbc480cf52991159750beDartWebserver.Dll, an HTTP server by Dart Communications, suffers from a stack overflow vulnerability. Versions 1.9 and below are affected. Proof of concept code included.
305223063ea1f05d0ded3e552a5555e23607589feed9ca8044b36a03554ae90fUbuntu Security Notice 1593-1 - Raphael Geissert discovered that the debdiff.pl tool incorrectly handled shell metacharacters. If a user or automated system were tricked into processing a specially crafted filename, a remote attacher could possibly execute arbitrary code. Raphael Geissert discovered that the dscverify tool incorrectly escaped arguments to external commands. If a user or automated system were tricked into processing specially crafted files, a remote attacher could possibly execute arbitrary code. Various other issues were also addressed.
ec651cf782fb4bbbdfc9b355b2fecd968076fd80a2673975c5f2b01a87ae7680Ubuntu Security Notice 1592-1 - Niels Heinen discovered that the urllib and urllib2 modules would process Location headers that specify a redirection to file: URLs. A remote attacker could exploit this to obtain sensitive information or cause a denial of service. This issue only affected Ubuntu 11.04. It was discovered that SimpleHTTPServer did not use a charset parameter in the Content-Type HTTP header. An attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 users. This issue only affected Ubuntu 11.04. Various other issues were also addressed.
165afa6d34f225319c4c04de9f89e067f082131a627aa45b978829b0872fee6aUbuntu Security Notice 1591-1 - Alec Warner discovered that xdiagnose improperly handled temporary files in welcome.py when creating user-initiated archive files. While failsafeX does not use the vulnerable code, this update removes this functionality to protect any 3rd party applications which import the vulnerable code. In the default Ubuntu installation, this should be prevented by the Yama link restrictions.
3eabd5363fef22c6c11e2984bf6e0c15834748751d39ecf5983b6c261c1aee04Red Hat Security Advisory 2012-1325-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. A flaw was found in the way QEMU handled VT100 terminal escape sequences when emulating certain character devices. A guest user with privileges to write to a character device that is emulated on the host using a virtual console back-end could use this flaw to crash the qemu-kvm process on the host or, possibly, escalate their privileges on the host.
944168e949627ab2a24f35e55778352642902fc4e44ebfab3c03a60103a92ae1Red Hat Security Advisory 2012-1326-01 - FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. A buffer overflow flaw was discovered in the way radiusd handled the expiration date field in X.509 client certificates. A remote attacker could possibly use this flaw to crash radiusd if it were configured to use the certificate or TLS tunnelled authentication methods.
70a19dbabc6d30e54441d66d15c19693d64c004fb8a4a6f9dd6727ebbc4c84f9Red Hat Security Advisory 2012-1323-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way socket buffers requiring TSO were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, the network card could repeatedly reset itself. A remote attacker could use this flaw to cause a denial of service.
138689503f54b2b703c6ddcfa9fc632b12e89775867a7c41ea37be710e7773a4Red Hat Security Advisory 2012-1327-01 - FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. A buffer overflow flaw was discovered in the way radiusd handled the expiration date field in X.509 client certificates. A remote attacker could possibly use this flaw to crash radiusd if it were configured to use the certificate or TLS tunnelled authentication methods.
454c976a62ef2a4670826aba9370b1a8b1e174fddc48b951051e98adbcca9689Red Hat Security Advisory 2012-1324-01 - The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. A flaw was found in the way socket buffers requiring TSO were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, the network card could repeatedly reset itself. A remote attacker could use this flaw to cause a denial of service.
da77b0226da5f8fad9bc5d61c7d33660a436daf8ef35f2d553f433e2cd073e28Ubuntu Security Notice 1589-1 - It was discovered that positional arguments to the printf() family of functions were not handled properly in the GNU C Library. An attacker could possibly use this to cause a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code. It was discovered that multiple integer overflows existed in the strtod(), strtof() and strtold() functions in the GNU C Library. An attacker could possibly use this to trigger a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
73731eada13fddfe11578fc5d8c3b527a24161804876367868406d482b646990Ubuntu Security Notice 1590-1 - It was discovered that QEMU incorrectly handled certain VT100 escape sequences. A guest user with access to an emulated character device could use this flaw to cause QEMU to crash, or possibly execute arbitrary code on the host.
2f4a48df39c34c1e17c872a0649f0c680158ab4cbab47d1918aa15775146a20fSmall-CMS version 1.0 suffers from authentication bypass and remote SQL injection vulnerabilities.
f6e3e1d365a67112d375c748e978fe5cdcb63a6a8abc5ccbe6ebc04c6d00c265
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed