Secunia Security Advisory - Debian has issued an update for request-tracker3.8. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, conduct SQL injection attacks, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, and compromise a vulnerable system.
3e0e8f92e166e441e29a725abef3584eDebian Linux Security Advisory 2480-1 - Several vulnerabilities were discovered in Request Tracker, an issue tracking system.
91cf3c458efc7119cf62e3311412f636Debian Linux Security Advisory 2479-1 - Jueri Aedla discovered an off-by-one in libxml2, which could result in the execution of arbitrary code.
9282bb237d5b7b043dfa59345223b853Debian Linux Security Advisory 2478-1 - It was discovered that sudo misparsed network masks used in Host and Host_List stanzas. This allowed the execution of commands on hosts, where the user would not be allowed to run the specified command.
0fb35332f786e3a43d2bfaed445f35b4Secunia Security Advisory - Debian has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
aae8916f7b49d081cd0d88caa37466f5Secunia Security Advisory - Debian has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.
8dc4488111930a690046e8cd56a07d0dDebian Linux Security Advisory 2476-1 - intrigeri discovered a format string error in pidgin-otr, an off-the-record messaging plugin for Pidgin.
39567a080fdf7c8102925cb89088175aDebian Linux Security Advisory 2477-1 - Several vulnerabilities have been discovered in Sympa, a mailing list manager, that allow to skip the scenario-based authorization mechanisms. This vulnerability allows to display the archives management page, and download and delete the list archives by unauthorized users.
dcf5471efc3b58750527fba26e39e8beSecunia Security Advisory - Debian has issued an update for pidgin-otr. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
e060e302c89fcbeae1cdb75e8d29ad21Secunia Security Advisory - Debian has issued an update for sympa. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
4a0836c9e3c18f33f69d3702cf172e62Debian Linux Security Advisory 2475-1 - It was discovered that openssl did not correctly handle explicit Initialization Vectors for CBC encryption modes, as used in TLS 1.1, 1.2, and DTLS. An incorrect calculation would lead to an integer underflow and incorrect memory access, causing denial of service (application crash.)
24066964cf360cc9b3b6089933989a2eSecunia Security Advisory - Debian has issued an update for openoffice.org. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
faca2aaf0ccd42866b181c95010bb8a1Secunia Security Advisory - Debian has issued an update for ikiwiki. This fixes two vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks.
1a1d706e991a2eeefe412d55f8b3551aSecunia Security Advisory - Debian has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) of the application using the library.
585c49de8c33079ec8144003c02fdfbaDebian Linux Security Advisory 2474-1 - Benencia discovered that ikiwiki, a wiki compiler, does not properly escape the author (and its URL) of certain metadata, such as comments. This might be used to conduct cross-site scripting attacks.
5fad70b2d9815c03d3370ed9ff770604Secunia Security Advisory - Debian has issued an update for gridengine. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
78bae4da48e007079862b235e2200554Debian Linux Security Advisory 2473-1 - Tielei Wang discovered that OpenOffice.org does not allocate a large enough memory region when processing a specially crafted JPEG object, leading to a heap-based buffer overflow and potentially arbitrary code execution.
f586ff1387b7dcf97cc7a30e0702e962Debian Linux Security Advisory 2472-1 - Dave Love discovered that users who are allowed to submit jobs to a Grid Engine installation can escalate their privileges to root because the environment is not properly sanitized before creating processes.
404ac289a0a3e0a879f7482cff2d8767Debian Linux Security Advisory 2457-2 - The updates DSA-2457 and DSA-2458 for Iceweasel and Icedove introduced a regression, which could lead to crashes when interpreting some Javascript statements.
2417851189cde544a4f5663524039cbdDebian Linux Security Advisory 2471-1 - Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/ demuxers for Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV, files could lead to the execution of arbitrary code.
6c97de18208b7f4f350a8691117a2fb1Secunia Security Advisory - Debian has issued an update for wordpress. This fixes a security issue and some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks, bypass certain security restrictions, and compromise a vulnerable system and by malicious people to conduct script insertion and cross-site scripting attacks, disclose sensitive information, and cause a DoS (Denial of Service).
28dec65e0b5298f0fb9dfee700680e7dSecunia Security Advisory - Debian has issued an update for ffmpeg. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library.
21ac0745a82f6e5efd5550a795853a99Secunia Security Advisory - Debian has issued an update for linux-2.6. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
60da3a52f79bd330cf9e6106a4529688Debian Linux Security Advisory 2670-1 - Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from release announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches.
05a792cd9219f8a8c8f7b06ee4bad19dDebian Linux Security Advisory 2469-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
3f1dcfb71fe565dd57795656e6ce3a4e
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed