Ubuntu Security Notice 509-1 - The Linux 2.6 kernel series suffers from multiple vulnerabilities. A flaw in the sysfs_readdir function allowed a local user to cause a denial of service by dereferencing a NULL pointer. A buffer overflow was discovered in the random number generator. In environments with granular assignment of root privileges, a local attacker could gain additional privileges. A flaw was discovered in the usblcd driver. A local attacker could cause large amounts of kernel memory consumption, leading to a denial of service. It was discovered that certain setuid-root processes did not correctly reset process death signal handlers. A local user could manipulate this to send signals to processes they would not normally have access to. The Direct Rendering Manager for the i915 driver could be made to write to arbitrary memory locations. An attacker with access to a running X11 session could send a specially crafted buffer and gain root privileges. It was discovered that the aacraid SCSI driver did not correctly check permissions on certain ioctls. A local attacker could cause a denial of service or gain privileges.
71d8853d53804ac2aa9e5b6ad74a2932iDefense Security Advisory 08.30.07 - Remote exploitation of multiple buffer overflow vulnerabilities in Yahoo Inc.'s Yahoo! Messenger 8.1 allows attackers to execute arbitrary code with the privileges of the currently logged in user. iDefense has confirmed the existence of this vulnerability in version 8.1 of Yahoo Instant Messenger. Previous versions are suspected to be vulnerable as well.
44bf2944288480d2f88cd559b0d9ab27A cross site scripting vulnerability existed in http://research.microsoft.com/. This has been fixed.
9956c839a73047e0ea608902bdcd1dc1Secunia Security Advisory - HP has acknowledged a vulnerability in HP Tru64 UNIX and HP Internet Express for Tru64 UNIX, which can be exploited by malicious people to poison the DNS cache.
433b3c840c5ca9002e61f88aeb9d041dSecunia Security Advisory - Red Hat has issued an update for mysql. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
0029030599e99eeff262a28aa41c9823Secunia Security Advisory - David Sopas Ferreira has reported some vulnerabilities in ACG News, which can be exploited by malicious people to conduct SQL injection attacks.
802772a63475cc47fa4ff8b10ddd9b95Secunia Security Advisory - Some vulnerabilities have been reported in PHP, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions.
4d9e26617afcf2b65884e778cb00801cSecunia Security Advisory - R00T[ATI] has discovered a vulnerability in NMDeluxe, which can be exploited by malicious people to conduct SQL injection attacks.
7fc4cd41223c6cf92c220b13e43e4e91Secunia Security Advisory - Micha Lenk has reported a security issue in Backup Manager, which can be exploited by malicious, local users to disclose sensitive information.
bbf94fe08ec4861329f9905c64d71024SUSE Security Announcement - The Opera web-browser allows an attacker to execute arbitrary code by providing an invalid pointer to a virtual function in JavaScript. This bug can be exploited automatically when a user visits a web-site that contains the attacker's JavaScript code.
67d50149e61c18e0f82a4f187d83b23eAbsolute Poll Manager XE version 4.1 suffers from cross site scripting vulnerabilities.
1caee24a2fb021f6add15739ee80febfVMWware suffers from a poor guest isolation design.
6f1db85eb6f7a1f8d6ed25f9064ddba3Secunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in Doomsday, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
9332c883dec2cfd2946b56bc1d7d8f40Secunia Security Advisory - Ubuntu has acknowledged a vulnerability in tcp-wrappers, which can be exploited by malicious people to bypass certain security restrictions.
8e9c8028448cc5316157bb18442c66e6Secunia Security Advisory - A vulnerability has been reported in Yahoo! Messenger, which can be exploited by malicious people to compromise a user's system.
fd5e5126c8b73940124202153b0436a5Secunia Security Advisory - Edi Strosar has discovered a security issue in multiple eScan products, which can be exploited by malicious, local users to gain escalated privileges.
3d71dcdfc403f4a0823f8e664e13995fSecunia Security Advisory - Debian has issued an update for lighttpd. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
0e8f57725f9825d2104ecfee158727efSecunia Security Advisory - GoLd_M has discovered two vulnerabilities in Pakupaku CMS, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
ac476bd4d7bfd6706d43e91e1b508354Secunia Security Advisory - Some vulnerabilities have been reported in Firebird, where some have unknown impact and others can be exploited by malicious users to cause a DoS (Denial of Service).
2b52f53a96e3c36bcdaf2bf4ea9c8adbSecunia Security Advisory - Some security issues with unknown impact have been reported in SSHKeychain.
cca423119e31ac57daaa79468badd5f9Secunia Security Advisory - Some vulnerabilities have been reported in the Python tarfile module, which can be exploited by malicious people to compromise a vulnerable system.
fb9fc7602f2f3c3d35776746d48a4db4Secunia Security Advisory - SUSE has issued an update for opera. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise vulnerable system.
0087c1229ea59f81299a397f3cd18a75Secunia Security Advisory - A vulnerability has been reported in the Apache mod_proxy module, which can be exploited by malicious people to cause a DoS (Denial of Service).
d13452ae9a6ca5a59a4838db58c41f9bSecunia Security Advisory - Some vulnerabilities have been reported in Cisco Unified CallManager and Unified Communications Manager (CUCM), which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
2fa3d44cc98567d031399a3773c95ee9Secunia Security Advisory - Debian has issued an update for postfix-policyd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
6828a44e39a60d361c34e7337d15db03
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed