Ubuntu Security Notice 509-1 - The Linux 2.6 kernel series suffers from multiple vulnerabilities. A flaw in the sysfs_readdir function allowed a local user to cause a denial of service by dereferencing a NULL pointer. A buffer overflow was discovered in the random number generator. In environments with granular assignment of root privileges, a local attacker could gain additional privileges. A flaw was discovered in the usblcd driver. A local attacker could cause large amounts of kernel memory consumption, leading to a denial of service. It was discovered that certain setuid-root processes did not correctly reset process death signal handlers. A local user could manipulate this to send signals to processes they would not normally have access to. The Direct Rendering Manager for the i915 driver could be made to write to arbitrary memory locations. An attacker with access to a running X11 session could send a specially crafted buffer and gain root privileges. It was discovered that the aacraid SCSI driver did not correctly check permissions on certain ioctls. A local attacker could cause a denial of service or gain privileges.
739b16d5c2a6a6a15dde4c79a2547109bddace7cde6d485d1b7a618484a247e2
iDefense Security Advisory 08.30.07 - Remote exploitation of multiple buffer overflow vulnerabilities in Yahoo Inc.'s Yahoo! Messenger 8.1 allows attackers to execute arbitrary code with the privileges of the currently logged in user. iDefense has confirmed the existence of this vulnerability in version 8.1 of Yahoo Instant Messenger. Previous versions are suspected to be vulnerable as well.
85f0ed1aa30224aa168277475b87bf25b92562e627754f083ac6c72aa51e3f32
A cross site scripting vulnerability existed in http://research.microsoft.com/. This has been fixed.
409254e5087d3ad4fe4be1cf31a829e511b67470a2a46a88ec330b7dccb728b3
Secunia Security Advisory - HP has acknowledged a vulnerability in HP Tru64 UNIX and HP Internet Express for Tru64 UNIX, which can be exploited by malicious people to poison the DNS cache.
878e52aa3e5bcf9c3b01ab52c79cff764e835ca6ef394c1a32ba48a3ef6f7f98
Secunia Security Advisory - Red Hat has issued an update for mysql. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
1367ce133f8de6baf49f0254cf2e39ff7dfea17ab7f1c073fb2a56afedf13c1e
Secunia Security Advisory - David Sopas Ferreira has reported some vulnerabilities in ACG News, which can be exploited by malicious people to conduct SQL injection attacks.
c6ff4691da00cfac02d605deb0dcb5a82774c7a209e182f87f432da82f9604e0
Secunia Security Advisory - Some vulnerabilities have been reported in PHP, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions.
a5ae16c79d308f646f389cb785c3b553ae85ee8a5bfe3d4e39d5231c03c7870c
Secunia Security Advisory - R00T[ATI] has discovered a vulnerability in NMDeluxe, which can be exploited by malicious people to conduct SQL injection attacks.
e56b7c47fd586be457230df76a9b0451d1a7cdfe46893eaa3cd5cb54097d9317
Secunia Security Advisory - Micha Lenk has reported a security issue in Backup Manager, which can be exploited by malicious, local users to disclose sensitive information.
4e7fced8e91b7b82f47a2c48d61a77d780a30df48d1798d47cdcdc01ed79ed86
SUSE Security Announcement - The Opera web-browser allows an attacker to execute arbitrary code by providing an invalid pointer to a virtual function in JavaScript. This bug can be exploited automatically when a user visits a web-site that contains the attacker's JavaScript code.
6d7da325dc91c81b2493fec61eab287fa40d5a1fccbc184831ba43fa853d678f
Absolute Poll Manager XE version 4.1 suffers from cross site scripting vulnerabilities.
dd60be87a868c6cd25e099acaae441d93d12fcd935587ae8c4b87d7202dd04ca
VMWware suffers from a poor guest isolation design.
e34dca01aaf832d2fa675dfd14bd66bec79bc94f49d2c237202424a01a6d8b9f
Secunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in Doomsday, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
ba04fa18866b678d1237ff862e5117e5ff6be7c41ddd3e1ebf198dd67502a89a
Secunia Security Advisory - Ubuntu has acknowledged a vulnerability in tcp-wrappers, which can be exploited by malicious people to bypass certain security restrictions.
eaa93a525798cc3f388cf40fa75a2ef437faa1a8560951c31a9862bdc12ec9aa
Secunia Security Advisory - A vulnerability has been reported in Yahoo! Messenger, which can be exploited by malicious people to compromise a user's system.
ac3d30f9125e7033214ae97897b6c73968c2c8199356101c532fd17eb07f1546
Secunia Security Advisory - Edi Strosar has discovered a security issue in multiple eScan products, which can be exploited by malicious, local users to gain escalated privileges.
67d7e81f29f1b005a7abb9523dd250467a322071275da4f60ef64c80ff0551b1
Secunia Security Advisory - Debian has issued an update for lighttpd. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
408e6be0293aab7d34526f7f51e53e6a7980f42bcd97752518a0312187a3b419
Secunia Security Advisory - GoLd_M has discovered two vulnerabilities in Pakupaku CMS, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
e8f69c133e993f87f6b3456200b7c2e848143a67f33f5f9614c41966c3d279e2
Secunia Security Advisory - Some vulnerabilities have been reported in Firebird, where some have unknown impact and others can be exploited by malicious users to cause a DoS (Denial of Service).
88e4362e1068beff462b3f2c100cea40653fb9f3ba4ba54dc06e7a22d809b15a
Secunia Security Advisory - Some security issues with unknown impact have been reported in SSHKeychain.
0fffe97262a0ef56a055bf6b98a5a9d6e680953c8ce7b2f9b6e26caa256cc1df
Secunia Security Advisory - Some vulnerabilities have been reported in the Python tarfile module, which can be exploited by malicious people to compromise a vulnerable system.
58f8e156d2b46d2a1a475e5304f2aad0000488054c231e6cef799c96da1c3530
Secunia Security Advisory - SUSE has issued an update for opera. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise vulnerable system.
7e2bf8e4cdaff35089884c00d2b19ca8f739575b6fb39265c947c336d083c137
Secunia Security Advisory - A vulnerability has been reported in the Apache mod_proxy module, which can be exploited by malicious people to cause a DoS (Denial of Service).
a69a4ddb989893d1dd1a11b6d78c4d7444efa99d6ffdca21d4d6beef86c1e713
Secunia Security Advisory - Some vulnerabilities have been reported in Cisco Unified CallManager and Unified Communications Manager (CUCM), which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
8d8fe0e539c93c7e66e5c6c7948714c759ae7abb714106def51ca7303070e598
Secunia Security Advisory - Debian has issued an update for postfix-policyd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
97af567f0e72564295ee72f1d6ac7c2ca27bbdd7b370a592d501e9c7e12e6b1e