Debian Linux Security Advisory 1985-1 - It was discovered that sendmail, a Mail Transport Agent, does not properly handle a '\\0' character in a Common Name (CN) field of an X.509 certificate. This allows an attacker to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority.
079a17fa8d5d399fecb93c8957fd2d86Debian Linux Security Advisory 1983-1 - Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to the execution of arbitrary code or denial of service.
6c3925f2818ab2c48c430789bc1e69cbDebian Linux Security Advisory 1984-1 - It was discovered that libxerces2-java, a validating XML parser for Java, does not properly process malformed XML files. This vulnerability could allow an attacker to cause a denial of service while parsing a malformed XML file.
a80f738930c7386a753dea29dd143d93Debian Linux Security Advisory 1841-2 - A bug in git-core caused the security update in DSA 1841 to fail to build on a number of architectures Debian supports. This update corrects the bug and releases builds for all supported architectures.
12a9627559eb36cab0f41ca64eaf92adSecunia Security Advisory - A security issue has been reported in Symantec Altiris Notification Server, which can be exploited by malicious, local users to disclose sensitive information.
eeb73d68c7bd4ac85ccb5e303eae5ad3Secunia Security Advisory - Fedora has issued an update for bltk. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
3612af94a4b123e9e52293baa6c4752aSecunia Security Advisory - A vulnerability has been reported in multiple Hitachi products, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
e78f7b597e89a00cf0922400ccae2af3Secunia Security Advisory - Two vulnerabilities have been reported in ircd-ratbox, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
1c8df7e426058be8c227de44eda01a08Secunia Security Advisory - Debian has issued an update for ircd-hybrid and ircd-ratbox. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
e9eb85d9d5e6096dbc7730569a3c081eSecunia Security Advisory - A vulnerability has been reported in IRCD-hybrid, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
9214f166371c60c61837edaff4f69d24Secunia Security Advisory - A vulnerability has been reported in oftc-hybrid, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
8e9d4a6329d261eacce9a5ca907e7072Secunia Security Advisory - Ubuntu has issued an update for samba. This fixes a security issue, which can be exploited by malicious, local users to disclose potentially sensitive information and potentially gain escalated privileges.
98e9ea1c57ec91405f0eb9b22e0600dbDebian Linux Security Advisory 1982-1 - Julien Cristau discovered that hybserv, a daemon running IRC services for IRCD-Hybrid, is prone to a denial of service attack via the commands option.
678871e6c326ebcc674f9f842488b0cfMandriva Linux Security Advisory 2010-029 - The rootcerts package was added in Mandriva in 2005 and was meant to be updated when necessary. The provided rootcerts packages has been upgraded using the latest certdata.txt file from the mozilla cvs repdata.txt file. The rootcerts package provides the /etc/pki/tls/certs/ca-bundle.crt file which most softwares in Mandriva, and where applicable is sharing such as KDE, curl, pidgin, neon, and more. The mozilla nss library has consequently been rebuilt to pickup these changes and are also being provided.
3d67fd7196559417c415a15d780d6703Debian Linux Security Advisory 1968-2 - It was discovered that pdns-recursor, the PowerDNS recursive name server, contains a cache poisoning vulnerability which may allow attackers to trick the server into serving incorrect DNS data (CVE-2009-4010).
206a48ca48247cafa78ec670f4c0480dUbuntu Security Notice 892-1 - Ronald Volgers discovered that FUSE did not correctly check mount locations. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service.
8d6d9887d42f1d9e81abcc3b43ffd594Debian Linux Security Advisory 1981-2 - The latest DSA for maildrop introduced two regressions. The maildrop program stopped working when invoked as a non-root user, such as with postfix. Also, the lenny version dropped a dependency on the courier-authlib package.
00664f6329ad84b6d0353790886ea97bUbuntu Security Notice 893-1 - Ronald Volgers discovered that the mount.cifs utility, when installed as a setuid program, suffered from a race condition when verifying user permissions. A local attacker could trick samba into mounting over arbitrary locations, leading to a root privilege escalation.
6d7694cdc9b4cf486e8c305a1e883f1eDebian Linux Security Advisory 1981-1 - Christoph Anton Mitterer discovered that maildrop, a mail delivery agent with filtering abilities, is prone to a privilege escalation issue that grants a user root group privileges.
d71498bde7e9b947d97c068eb038aff8Ubuntu Security Notice 891-1 - It was discovered that lintian did not correctly validate certain filenames when processing input. If a user or an automated system were tricked into running lintian on a specially crafted set of files, a remote attacker could execute arbitrary code with user privileges.
1a2a6112f1845b7aa041854dc1d14266Debian Linux Security Advisory 1980-1 - David Leadbeater discovered an integer underflow that could be triggered via the LINKS command and can lead to a denial of service or the execution of arbitrary code (CVE-2009-4016). This issue affects both, ircd-hybrid and ircd-ratbox.
6abd38406438648094718cf58d2701ebSecunia Security Advisory - A security issue has been reported in FUSE (File System in Userspace), which can be exploited by malicious, local users to cause a DoS (Denial of Service).
4fc9edff134416c76f974164a613c852Secunia Security Advisory - Some vulnerabilities have been discovered in NovaBoard, which can be exploited by malicious people to conduct SQL injection attacks.
eb8ae368085a2d8c52c4db465d3d6002Secunia Security Advisory - Ubuntu has issued an update for fuse. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
9a16128d5a8184e69d3e420a8450d37cSecunia Security Advisory - A security issue has been reported in Samba, which can be exploited by malicious, local users to disclose potentially sensitive information and potentially gain escalated privileges.
159dd9a328ff8553ddf38c268d0271b4
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed