Mandriva Linux Security Advisory 2012-079 - A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the IP address and associated netmask listed in the sudoers file or in LDAP. As a result, users authorized to run commands on certain IP networks may be able to run commands on hosts that belong to other networks not explicitly listed in sudoers. The updated packages have been patched to correct this issue.
a82d4f16637b3e9c765adcb020435e6eDebian Linux Security Advisory 2476-1 - intrigeri discovered a format string error in pidgin-otr, an off-the-record messaging plugin for Pidgin.
39567a080fdf7c8102925cb89088175aUbuntu Security Notice 1448-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.
64020a7ad9d2524e8a27f3902d2f9482Ubuntu Security Notice 1447-1 - Juri Aedla discovered that libxml2 contained an off by one error in its XPointer functionality. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program.
e6d4b3305262f0f221a819a63ea048d0Red Hat Security Advisory 2012-0683-01 - The dynamic LDAP back end is a plug-in for BIND that provides back-end capabilities to LDAP databases. It features support for dynamic updates and internal caching that help to reduce the load on LDAP servers. A flaw was found in the way bind-dyndb-ldap handled LDAP query errors. If a remote attacker were able to send DNS queries to a named server that is configured to use bind-dyndb-ldap, they could trigger such an error with a DNS query leveraging bind-dyndb-ldap's insufficient escaping of the LDAP base DN. This would result in an invalid LDAP query that named would retry in a loop, preventing it from responding to other DNS queries. With this update, bind-dyndb-ldap only attempts to retry one time when an LDAP search returns an unexpected error.
0119f80ca91861389e4fb7a59f56c437Red Hat Security Advisory 2012-0681-01 - Apache Tomcat is a servlet container. JBoss Enterprise Web Server includes the Tomcat Native library, providing Apache Portable Runtime support for Tomcat. This update fixes the JBPAPP-4873, JBPAPP-6133, and JBPAPP-6852 bugs. It also resolves multiple flaws that weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks.
29b2cdf894331bd174765b26881055a4Red Hat Security Advisory 2012-0679-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. JBoss Enterprise Web Server includes the Tomcat Native library, providing Apache Portable Runtime support for Tomcat. This update includes bug fixes as documented in JBPAPP-4873 and JBPAPP-6133.
c22e91cd15dc6f6704f39bd8a7b86707Red Hat Security Advisory 2012-0682-01 - Apache Tomcat is a servlet container. JBoss Enterprise Web Server includes the Tomcat Native library, providing Apache Portable Runtime support for Tomcat. This update fixes the JBPAPP-4873, JBPAPP-6133, and JBPAPP-6852 bugs. It also addresses multiple flaws that weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks.
c92823d601c7394a37351bbc1fdf71a9Red Hat Security Advisory 2012-0677-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. CREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.
5589be2ef5de15f4c20bd819d5669875Red Hat Security Advisory 2012-0680-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. JBoss Enterprise Web Server includes the Tomcat Native library, providing Apache Portable Runtime support for Tomcat. This update includes bug fixes as documented in JBPAPP-4873 and JBPAPP-6133.
d18a2fa772b5bfebd2156c7deeff6f9fRed Hat Security Advisory 2012-0676-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A malicious user in the kvm group on the host could use this flaw to crash the host. A flaw was found in the way device memory was handled during guest device removal. Upon successful device removal, memory used by the device was not properly unmapped from the corresponding IOMMU or properly released from the kernel, leading to a memory leak. A malicious user in the kvm group on the host who has the ability to assign a device to a guest could use this flaw to crash the host.
75bbd88324ddd95cff9e55be111b3594Red Hat Security Advisory 2012-0678-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. When configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name.
e1a961e6fbae0168e6ab55161d04fc13Gentoo Linux Security Advisory 201205-3 - Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 19.0.1084.46 are affected.
96e0309ff82e5740a6e39dc10357a93fDebian Linux Security Advisory 2477-1 - Several vulnerabilities have been discovered in Sympa, a mailing list manager, that allow to skip the scenario-based authorization mechanisms. This vulnerability allows to display the archives management page, and download and delete the list archives by unauthorized users.
dcf5471efc3b58750527fba26e39e8beSecunia Security Advisory - Debian has issued an update for pidgin-otr. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
e060e302c89fcbeae1cdb75e8d29ad21Secunia Security Advisory - Debian has issued an update for sympa. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
4a0836c9e3c18f33f69d3702cf172e62Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).
d919903d28e59e09595aa3842d557d52Secunia Security Advisory - Gentoo has issued an update for chromium and v8. This fixes multiple vulnerabilities, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
f06130e00464ffad454e795c86122544Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
e2eb0b9d699616053cac2fb03ef646dcSecunia Security Advisory - Walied Assar has discovered a vulnerability in Resource Hacker, which can be exploited by malicious people to compromise a user's system.
f8d09938fe8b301863a775b278a04a53Secunia Security Advisory - A security issue has been reported in iLunascape for Android, which can be exploited by malicious people to bypass certain security restrictions.
13e91d6e0044c700cd4d599d610de65aSecunia Security Advisory - Henry Hoggard has discovered a vulnerability in the LatestComment plugin for Vanilla Forums, which can be exploited by malicious users to conduct script insertion attacks.
f728c64f727c94f88d9b5613013aa6acSecunia Security Advisory - A security issue and two vulnerabilities have been reported in Elgg, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.
4326940a42c65904cd92ab3a60ec4833Secunia Security Advisory - High-Tech Bridge SA has reported a vulnerability in Serendipity, which can be exploited by malicious people to conduct SQL injection attacks.
10c2dc83291d08627102d90de2ea7a01Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in the JCE component for Joomla!, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.
8cc2fa0510e0cd1769b5c5b1732d005f
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed