|
Find the information you need for your favorite open source distribution
 To browse through our weekly Linux Advisory Watch newsletters, click here.
|
|
|
Posted by Benjamin D. Thomas
|
|
It was discovered that OpenSSL was vulnerable to a double-free
when using TLS server extensions. A remote attacker could send a
crafted packet and cause a denial of service via application crash
in applications linked against OpenSSL. Ubuntu 8.04 LTS does not
compile TLS server extensions by default. (CVE-2008-0891)
It was discovered that OpenSSL could dereference a NULL pointer.
If a user or automated system were tricked into connecting to a
malicious server with particular cipher suites, a remote attacker
could cause a denial of service via application crash.
(CVE-2008-1672)
|
|
|
Posted by Benjamin D. Thomas
|
|
It was discovered that the ALSA /proc interface did not write the
correct number of bytes when reporting memory allocations. A local
attacker might be able to access sensitive kernel memory, leading to
a loss of privacy. (CVE-2007-4571) |
|
|
Posted by Benjamin D. Thomas
|
|
A weakness has been discovered in the random number generator used
by OpenSSL on Debian and Ubuntu systems. As a result of this
weakness, certain encryption keys are much more common than they
should be, such that an attacker could guess the key through a
brute-force attack given minimal knowledge of the system. This
particularly affects the use of encryption keys in OpenSSH, OpenVPN
and SSL certificates.
|
|
|
Posted by Benjamin D. Thomas
|
|
Samba developers discovered that nmbd could be made to overrun
a buffer during the processing of GETDC logon server requests.
When samba is configured as a Primary or Backup Domain Controller,
a remote attacker could send malicious logon requests and possibly
cause a denial of service. (CVE-2007-4572)
Alin Rad Pop of Secunia Research discovered that Samba did not
properly perform bounds checking when parsing SMB replies. A remote
attacker could send crafted SMB packets and execute arbitrary code.
(CVE-2008-1105)
|
|
|
Posted by Benjamin D. Thomas
|
|
It was discovered that the MIT-SHM extension of X.org did not correctly
validate the location of memory during an image copy. An authenticated
attacker could exploit this to read arbitrary memory locations within X,
exposing sensitive information. (CVE-2008-1379)
|
|
|
Posted by Benjamin D. Thomas
|
|
USN-612-3 addressed a weakness in OpenSSL certificate and key
generation in OpenVPN by introducing openssl-blacklist to aid in
detecting vulnerable private keys. This update enhances the
openssl-vulnkey tool to check Certificate Signing Requests, accept
input from STDIN, and check moduli without a certificate.
It was also discovered that additional moduli are vulnerable if
generated with OpenSSL 0.9.8g or higher. While it is believed that
there are few of these vulnerable moduli in use, this update
includes updated RSA-1024 and RSA-2048 blacklists. RSA-512
blacklists are also included in the new openssl-blacklist-extra
package.
|
|
|
Posted by Benjamin D. Thomas
|
|
USN-612-3 addressed a weakness in OpenSSL certificate and key
generation in OpenVPN by adding checks for vulnerable certificates
and keys to OpenVPN. A regression was introduced in OpenVPN when
using TLS with password protected certificates which caused OpenVPN
to not start when used with applications such as NetworkManager.
|
|
|
<< Start < Prev 4 5 6 Next > End >>
|
| Results 36 - 42 of 356 |
