Ubuntu Security Notice 509-1 - The Linux 2.6 kernel series suffers from multiple vulnerabilities. A flaw in the sysfs_readdir function allowed a local user to cause a denial of service by dereferencing a NULL pointer. A buffer overflow was discovered in the random number generator. In environments with granular assignment of root privileges, a local attacker could gain additional privileges. A flaw was discovered in the usblcd driver. A local attacker could cause large amounts of kernel memory consumption, leading to a denial of service. It was discovered that certain setuid-root processes did not correctly reset process death signal handlers. A local user could manipulate this to send signals to processes they would not normally have access to. The Direct Rendering Manager for the i915 driver could be made to write to arbitrary memory locations. An attacker with access to a running X11 session could send a specially crafted buffer and gain root privileges. It was discovered that the aacraid SCSI driver did not correctly check permissions on certain ioctls. A local attacker could cause a denial of service or gain privileges.
739b16d5c2a6a6a15dde4c79a2547109bddace7cde6d485d1b7a618484a247e2iDefense Security Advisory 08.30.07 - Remote exploitation of multiple buffer overflow vulnerabilities in Yahoo Inc.'s Yahoo! Messenger 8.1 allows attackers to execute arbitrary code with the privileges of the currently logged in user. iDefense has confirmed the existence of this vulnerability in version 8.1 of Yahoo Instant Messenger. Previous versions are suspected to be vulnerable as well.
85f0ed1aa30224aa168277475b87bf25b92562e627754f083ac6c72aa51e3f32A cross site scripting vulnerability existed in http://research.microsoft.com/. This has been fixed.
409254e5087d3ad4fe4be1cf31a829e511b67470a2a46a88ec330b7dccb728b3Secunia Security Advisory - HP has acknowledged a vulnerability in HP Tru64 UNIX and HP Internet Express for Tru64 UNIX, which can be exploited by malicious people to poison the DNS cache.
878e52aa3e5bcf9c3b01ab52c79cff764e835ca6ef394c1a32ba48a3ef6f7f98Secunia Security Advisory - Red Hat has issued an update for mysql. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
1367ce133f8de6baf49f0254cf2e39ff7dfea17ab7f1c073fb2a56afedf13c1eSecunia Security Advisory - David Sopas Ferreira has reported some vulnerabilities in ACG News, which can be exploited by malicious people to conduct SQL injection attacks.
c6ff4691da00cfac02d605deb0dcb5a82774c7a209e182f87f432da82f9604e0Secunia Security Advisory - Some vulnerabilities have been reported in PHP, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions.
a5ae16c79d308f646f389cb785c3b553ae85ee8a5bfe3d4e39d5231c03c7870cSecunia Security Advisory - R00T[ATI] has discovered a vulnerability in NMDeluxe, which can be exploited by malicious people to conduct SQL injection attacks.
e56b7c47fd586be457230df76a9b0451d1a7cdfe46893eaa3cd5cb54097d9317Secunia Security Advisory - Micha Lenk has reported a security issue in Backup Manager, which can be exploited by malicious, local users to disclose sensitive information.
4e7fced8e91b7b82f47a2c48d61a77d780a30df48d1798d47cdcdc01ed79ed86SUSE Security Announcement - The Opera web-browser allows an attacker to execute arbitrary code by providing an invalid pointer to a virtual function in JavaScript. This bug can be exploited automatically when a user visits a web-site that contains the attacker's JavaScript code.
6d7da325dc91c81b2493fec61eab287fa40d5a1fccbc184831ba43fa853d678fAbsolute Poll Manager XE version 4.1 suffers from cross site scripting vulnerabilities.
dd60be87a868c6cd25e099acaae441d93d12fcd935587ae8c4b87d7202dd04caVMWware suffers from a poor guest isolation design.
e34dca01aaf832d2fa675dfd14bd66bec79bc94f49d2c237202424a01a6d8b9fSecunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in Doomsday, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
ba04fa18866b678d1237ff862e5117e5ff6be7c41ddd3e1ebf198dd67502a89aSecunia Security Advisory - Ubuntu has acknowledged a vulnerability in tcp-wrappers, which can be exploited by malicious people to bypass certain security restrictions.
eaa93a525798cc3f388cf40fa75a2ef437faa1a8560951c31a9862bdc12ec9aaSecunia Security Advisory - A vulnerability has been reported in Yahoo! Messenger, which can be exploited by malicious people to compromise a user's system.
ac3d30f9125e7033214ae97897b6c73968c2c8199356101c532fd17eb07f1546Secunia Security Advisory - Edi Strosar has discovered a security issue in multiple eScan products, which can be exploited by malicious, local users to gain escalated privileges.
67d7e81f29f1b005a7abb9523dd250467a322071275da4f60ef64c80ff0551b1Secunia Security Advisory - Debian has issued an update for lighttpd. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
408e6be0293aab7d34526f7f51e53e6a7980f42bcd97752518a0312187a3b419Secunia Security Advisory - GoLd_M has discovered two vulnerabilities in Pakupaku CMS, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
e8f69c133e993f87f6b3456200b7c2e848143a67f33f5f9614c41966c3d279e2Secunia Security Advisory - Some vulnerabilities have been reported in Firebird, where some have unknown impact and others can be exploited by malicious users to cause a DoS (Denial of Service).
88e4362e1068beff462b3f2c100cea40653fb9f3ba4ba54dc06e7a22d809b15aSecunia Security Advisory - Some security issues with unknown impact have been reported in SSHKeychain.
0fffe97262a0ef56a055bf6b98a5a9d6e680953c8ce7b2f9b6e26caa256cc1dfSecunia Security Advisory - Some vulnerabilities have been reported in the Python tarfile module, which can be exploited by malicious people to compromise a vulnerable system.
58f8e156d2b46d2a1a475e5304f2aad0000488054c231e6cef799c96da1c3530Secunia Security Advisory - SUSE has issued an update for opera. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise vulnerable system.
7e2bf8e4cdaff35089884c00d2b19ca8f739575b6fb39265c947c336d083c137Secunia Security Advisory - A vulnerability has been reported in the Apache mod_proxy module, which can be exploited by malicious people to cause a DoS (Denial of Service).
a69a4ddb989893d1dd1a11b6d78c4d7444efa99d6ffdca21d4d6beef86c1e713Secunia Security Advisory - Some vulnerabilities have been reported in Cisco Unified CallManager and Unified Communications Manager (CUCM), which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
8d8fe0e539c93c7e66e5c6c7948714c759ae7abb714106def51ca7303070e598Secunia Security Advisory - Debian has issued an update for postfix-policyd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
97af567f0e72564295ee72f1d6ac7c2ca27bbdd7b370a592d501e9c7e12e6b1e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed