LinuxSecurity.com 		Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: March 20th, 2010
Linux Security Week: March 16th, 2010
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian
Find the information you need for your favorite open source distribution

To browse through our weekly Linux Advisory Watch newsletters, click here.



Debian: 2021-1: spamass-milter: missing input sanitization  22 March 2010 
Posted by Benjamin D. Thomas   
It was discovered a missing input sanitization in spamass-milter, a milter used to filter mail through spamassassin. This allows a remote attacker to inject and execute arbitrary shell commands. [More...]
 
Debian: 2020-1: ikiwiki: insufficient input sanitiza  20 March 2010 
Posted by Benjamin D. Thomas   
Ivan Shmakov discovered that the htmlscrubber component of ikwiki, a wiki compiler, performs insufficient input sanitization on data:image/svg+xml URIs. As these can contain script code this can be used by an attacker to conduct cross-site scripting attacks. [More...]
 
Debian: 2019-1: pango1.0: missing input sanitization  20 March 2010 
Posted by Benjamin D. Thomas   
Marc Schoenefeld discovered an improper input sanitization in Pango, a library for layout and rendering of text, leading to array indexing error. If a local user was tricked into loading a specially-crafted font file in an [More...]
 
Debian: 2018-1: php5: DoS (crash)  18 March 2010 
Posted by Benjamin D. Thomas   
Auke van Slooten discovered that PHP 5, an hypertext preprocessor, crashes (because of a NULL pointer dereference) when processing invalid XML-RPC requests. [More...]
 
Debian: : drbd8: privilege escalation  15 March 2010 
Posted by Benjamin D. Thomas   
A local vulnerability has been discovered in drbd8. Philipp Reisner fixed an issue in the drbd kernel module that allows local users to send netlink packets to perform actions that should be [More...]
 
Debian: 2017-1: pulseaudio: insecure temporary director  15 March 2010 
Posted by Benjamin D. Thomas   
Dan Rosenberg discovered that the PulseAudio sound server creates a temporary directory with a predictable name. This allows a local attacker to create a Denial of Service condition or possibly disclose sensitive information to unprivileged users. [More...]
 
Debian: 2016-1: drupal6: Multiple vulnerabilities  13 March 2010 
Posted by Benjamin D. Thomas   
Several vulnerabilities (SA-CORE-2010-001) have been discovered in drupal6, a fully-featured content management framework. [More...]
 
<< Start < Prev 1 2 3 Next > End >>

Results 1 - 7 of 2249
    
Partner:

 
Latest Features
Vulnerabilities in Web Applications
A Secure Nagios Server
HowTo: Secure your Ubuntu Apache Web Server
Creating Snort Rules with EnGarde
What You Need to Know About Linux Rootkits.
Introduction: Buffer Overflow Vulnerabilities
Network Security Audit (Part II)
Weekend Edition
Google patches 11 vulnerabilities in Chrome days before hacking contest
Revised draft of Cybersecurity Act introduced in Senate
Security updates for Drupal modules
Exploit code with DNS tunnel
What Are the Most Underrated Security Technologies?
Get to the root of security threats
Kernel vulnerabilities discovered in Ubuntu
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2010 Guardian Digital, Inc. All rights reserved.