The OTRS FAQ module suffers from a cross site scripting vulnerability.
22e42064ae8575aeb1a04d081c859fbf0209078c9e5d23d0a639b2d588b15791Belkin Wemo versions prior to WeMo_US_2.00.2176.PVT suffer from an arbitrary firmware upload vulnerability.
87ce1b406dd2592abb929c4664b6ec19f436813a9c618655fd04efa8165bac9dHP System Management Homepage versions 7.1.2 and below include a setuid root smhstart which is vulnerable to a local buffer overflow in the SSL_SHARE_BASE_DIR env variable.
357a44bede2c2741756ca4862ede64872c7d755406c54c4a9748b5b8c68b77efMandriva Linux Security Advisory 2013-049 - An array index error, leading to out-of heap-based buffer read flaw was found in the way net-snmp agent performed entries lookup in the extension table. When certain MIB subtree was handled by the extend directive, a remote attacker having read privilege to the subtree could use this flaw to cause a denial of service via SNMP GET request involving a non-existent extension table entry. The updated packages have been patched to correct this issue.
e1c7d46ac51b21c86ff535d91b4f336eb15651658fcc5feadcef4fff8c1c8935Mandriva Linux Security Advisory 2013-052 - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key. The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the Lucky Thirteen issue. The updated packages have been upgraded to the 1.0.0k version which is not vulnerable to these issues.
45f3e48573ae559cee00727235a6991efe4ffe008121b06d31f87dd310773e8fMandriva Linux Security Advisory 2013-048 - ncpfs 2.2.6 and earlier attempts to use ncpmount to append to the /etc/mtab file and ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors. The updated packages have been patched to correct these issues.
f3631c5fc1eb40f90fb2bc0d9cf75cb49f7c015c051764f695678c32442223c0Mandriva Linux Security Advisory 2013-055 - Infinite and large loops in ANSI MAP, BACapp, Bluetooth HCI, IEEE 802.3, LTP, and R3 dissectors have been fixed in Wireshark. Various other issues have also been addressed. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
50158dbc1509957ea5b55594adaf0d178e91d56e6ed9f76cc060e45ce63180dfMandriva Linux Security Advisory 2013-051 - The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service by periodically making many new TCP connections. The updated packages have been patched to correct thies issue.
acc76cff124d5c2cf17288a23f0fd809095f995c4edbb768a07682ced3f89a18Mandriva Linux Security Advisory 2013-053 - ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the XMKD commands. The updated packages have been patched to correct thies issue.
adc1684b13f3d275d53a23ec11c089edb002db6ab579349343196b25ef406fdcMandriva Linux Security Advisory 2013-054 - A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the IP address and associated netmask listed in the sudoers file or in LDAP. As a result, users authorized to run commands on certain IP networks may be able to run commands on hosts that belong to other networks not explicitly listed in sudoers. sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically-proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch. Sudo before 1.8.6p7 allows a malicious user to run commands via sudo without authenticating, so long as there exists a terminal the user has access to where a sudo command was successfully run by that same user within the password timeout period. The updated packages have been patched to correct these issues.
1c65aaaffdb72581984d2276efcf089189ca0ea9517d048d794210853c4a68caMandriva Linux Security Advisory 2013-050 - Google reported to Mozilla that TURKTRUST, a certificate authority in Mozillas root program, had mis-issued two intermediate certificates to customers. The issue was not specific to Firefox but there was evidence that one of the certificates was used for man-in-the-middle traffic management of domain names that the customer did not legitimately own or control. This issue was resolved by revoking the trust for these specific mis-issued certificates. The rootcerts package has been upgraded to address this flaw and the Mozilla NSS package has been rebuilt to pickup the changes. The TLS implementation in Mozilla Network Security Services does not properly consider timing side-channel attacks on a non-compliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. The NSPR package has been upgraded to the 4.9.5 version due to dependencies of newer NSS. The NSS package has been upgraded to the 3.14.3 version which is not vulnerable to this issue. The sqlite3 update addresses a crash when using svn commit after export MALLOC_CHECK_=3.
6f28f25462373688057eaa4d71d9be8e68c769c5e5d47a46c0bf0334b46cfca6Mandriva Linux Security Advisory 2013-047 - The XSL implementation in libxslt allows remote attackers to cause a denial of service via unspecified vectors. libxslt 1.1.26 and earlier does not properly manage memory, which might allow remote attackers to cause a denial of service via a crafted XSLT expression that is not properly identified during XPath navigation, related to the xsltCompileLocationPathPattern function in libxslt/pattern.c and the xsltGenerateIdFunction function in libxslt/functions.c. libxml2 2.9.0-rc1 and earlier does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. Double free vulnerability in libxslt allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms. The updated packages have been patched to correct these issues.
98161c0b908ae321ff7e41c26e4bb80ca14d2a7fa8b6e59bc0997cca1201e034
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed