Electronic Frontier Foundation Media Release - Presidential Votes Miscast on E-voting Machines Across the Country. Voters from at least half a dozen states reported that touch-screen voting machines had incorrectly recorded their choices, including for president.
801f5c3f4e63747cba6eb681b9c7e8f4Debian Security Advisory DSA 526-1 - Two vulnerabilities in Webmin 1.140 allow remote attackers to bypass access control rules and the ability to brute force IDs and passwords.
f98bc76967af75a555c98a9b04824a06Debian Security Advisory DSA 522-1 - A format string vulnerability in super has been discovered that allows specified users to execute commands with root privileges. This vulnerability could potentially be exploited by a local user to execute arbitrary code with root privileges.
31ed2b5523f6c725de48978b62dfb03fDebian Security Advisory DSA 513-1 - Jaguar discovered a format string vulnerability in log2mail, whereby a user able to log a specially crafted message to a logfile monitored by log2mail (for example, via syslog) could cause arbitrary code to be executed with the privileges of the log2mail process. Versions below 0.2.5.2 are affected.
fd5e806abf0c91e09db3b7b823489f87Debian Security Advisory DSA 510-1 - jaguar discovered a format string vulnerability in jftpgw, an FTP proxy program, whereby a remote user could potentially cause arbitrary code to be executed with the privileges of the jftpgw server process, which runs as user nobody by default.
abeaaf252e7640c0ef709f46ea2e206fDebian Security Advisory DSA 509-1 - Steve Kemp discovered a vulnerability in xatitv, one of the programs in the gatos package. If an administrator removes the default configuration file, a local attacker can escalate to root privileges.
8e513db87dd560ae68c5ed832e87a45fDebian Security Advisory DSA 508-1 - Jaguar discovered a vulnerability in one component of xpcd, a PhotoCD viewer. xpcd-svga, part of xpcd which uses svgalib to display graphics on the console, would copy user-supplied data of arbitrary length into a fixed-size buffer in the pcd_open function.
230dc02db9771dfbfeb854cb7f69cf59Debian Security Advisory DSA 485-1 - Max Vozeler discovered two format string vulnerabilities in ssmtp, a simple mail transport agent. Untrusted values in the functions die() and log_event() were passed to printf-like functions as format strings. These vulnerabilities could potentially be exploited by a remote mail relay to gain the privileges of the ssmtp process (including potentially root).
090d773304038d2b9d541039560b759dDebian Security Advisory DSA 484-1 - Steve Kemp discovered a vulnerability in xonix, a game, where an external program was invoked while retaining setgid privileges. A local attacker could exploit this vulnerability to gain gid games.
9693a21027f500ff242c8194b200b1d1Debian Security Advisory DSA 378-1 - Two vulnerabilities have been found in the Mah-Jong server version 1.4 and below. One enables a remote attacker to gain privileges of the user running the server while the other leads to a denial of service.
66045611104a0bbf829c88a2662df3e4
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed