Debian Security Advisory 1719-2 - Changes in DSA-1719-1 caused GNUTLS to reject X.509v1 certificates as CA root certificates by default, as originally described in the documentation. However, it turned out that there is still significant use of historic X.509v1 CA root certificates, so this constitutes an unacceptable regression. This update reverses this part of the changes in DSA-1719-1. Note that the X.509v1 certificate format does not distinguish between server and CA certificates, which means that an X.509v1 server certificates is implicitly converted into a CA certificate when added to the trust store (which was the reason for the change in DSA-1719-1).
92873edc4e79ecccf66227b800620956Secunia Security Advisory - Fedora has issued an update for mldonkey. This fixes a vulnerability, which can be exploited by malicious people to disclose sensitive information.
e001bade50faca9c5a2dbf8014da47a6Mandriva Linux Security Advisory 2009-060 - A security vulnerability has been identified and fixed in nfs-utils, which caused TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions. The updated packages have been patched to prevent this.
797e6287ed71d645595fdcc2d7c933c8Mandriva Linux Security Advisory 2009-059 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current X-Chat working directory. This update provides fix for that vulnerability.
7274b4efdabde5a46185ad99bba0cb04POP Peeper version 3.4.0.0 suffers from an UIDL command related remote buffer overflow vulnerability in the client.
d82d9e1b78eb2f986cdcd9e2b58b442eSHOUTcast version 1.9.8 suffers from a user-agent related cross site scripting vulnerability.
e628376b60bd850827bd0e16b6567120VMware Security Advisory - A heap-based buffer overflow was discovered in the way ed, the GNU line editor, processed long file names. An attacker could create a file with a specially-crafted name that could possibly execute an arbitrary code when opened in the ed editor.
75617133ef80ad3c7604cda09531c539Ubuntu Security Notice USN-725-1 - It was discovered that Kmail did not adequately prevent execution of arbitrary code when a user clicked on a URL to an executable within an HTML mail. If a user clicked on a malicious URL and chose to execute the file, a remote attacker could execute arbitrary code with user privileges. This update changes KMail's behavior to instead launch a helper program to view the file if the user chooses to execute such a link.
0eda36c8c9e6e1e1f71a69879a36c78fDebian Security Advisory 1728-1 - It was discovered that dkim-milter, an implementation of the DomainKeys Identified Mail protocol, may crash during DKIM verification if it encounters a specially-crafted or revoked public key record in DNS.
f17daccbfabfb3c44ec2f31e493e904dMandriva Linux Security Advisory 2009-058 - Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file. Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame. Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable. This update provides Wireshark 1.0.6, which is not vulnerable to these issues.
df009a77b440818d40a16a5c4e1bd4f4Secunia Security Advisory - Some vulnerabilities have been reported in PHP, where some have an unknown impact an others can potentially be exploited by malicious people to disclose sensitive information or cause a DoS (Denial of Service).
d9b3ce970dd4c980a5840d785fd451bfSecunia Security Advisory - Debian has issued an update for python-crypto. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
4500a0dd568da19a456801534a369810Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes a weakness, some security issues, and some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), bypass certain security restrictions, and potentially gain escalated privileges.
2862fe6edc50abc7e3d33d447e72a524Secunia Security Advisory - Fedora has issued an update for python-crypto. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
cfd8403cb688817a070c88e7ec98859bSecunia Security Advisory - Fedora has issued an update for optipng. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
56f71e90b0cc37d01ad5b8e66525b120Secunia Security Advisory - Fedora has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library.
e3441bb588fae96c105a1e28b331e06bSecunia Security Advisory - Justin C. Klein Keane has discovered a vulnerability in the Taxonomy Theme module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
b6097eb7ab218e282fc9c10f81e13442Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes a security issue, which can be exploited by malicious people to compromise a vulnerable system.
1d1d9ecc202b4c0ee8bb060de7dc116bSecunia Security Advisory - Nortel has acknowledged a vulnerability in some Nortel products, which can be exploited by malicious people to conduct spoofing attacks.
be0245bc5a8d9354db20236ffcb0a4f4Secunia Security Advisory - A vulnerability has been discovered in Coppermine Photo Gallery, which can be exploited by malicious people to conduct cross-site request forgery attacks.
55a2ed344987bc3472cc16200782c85cSecunia Security Advisory - A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
14285706b90476fc20646915978b7a2dSecunia Security Advisory - A vulnerability has been reported in vbDrupal, which can be exploited by malicious people to disclose potentially sensitive information.
29707fffd5cd8ccc4e1a55daaf33bba7Secunia Security Advisory - A vulnerability has been discovered in Internet Download Manager, which can be exploited by malicious people to compromise a user's system.
b5f24b0becf060cf615c536e6430f324Secunia Security Advisory - Oliver Greiter has reported a vulnerability in Libero, which can be exploited by malicious people to conduct cross-site scripting attacks.
c5cdbe9d97d20d68cca4433e5ea6a0c8Secunia Security Advisory - Some vulnerabilities have been reported in various Etoshop products, which can be exploited by malicious people to conduct SQL injection attacks.
f41926318f719f0448712cc9a4b4bb8e
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed