| |
EnGarde Secure Community 3.0.22 Now Available! (Dec 9) |
| |
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668
|
|
|
| |
Debian: polipo denial of service (Feb 19) |
| |
Several denial of service vulnerabilities have been discovered in polipo, a small, caching web proxy. The Common Vulnerabilities and Exposures project identifies the following problems: http://www.linuxsecurity.com/content/view/151740
|
| |
Debian: php5 multiple vulnerabilities (Feb 19) |
| |
Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems: http://www.linuxsecurity.com/content/view/151739
|
| |
Debian: ffmpeg several vulnerabilities (Feb 18) |
| |
Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder, which also provides a range of multimedia libraries used in applications like MPlayer: http://www.linuxsecurity.com/content/view/151736
|
| |
Debian: xulrunner several vulnerabilities (Feb 18) |
| |
Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: http://www.linuxsecurity.com/content/view/151734
|
| |
Debian: kdelibs arbitrary code execution (Feb 17) |
| |
Maksymilian Arciemowicz discovered a buffer overflow in the internal string routines of the KDE core libraries, which could lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/151715
|
| |
Debian: mysql-dfsg-5.0 several (Feb 14) |
| |
Several vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the following problems: http://www.linuxsecurity.com/content/view/151677
|
| |
Debian: Linux 2.6.26 several vulnerabilities (Feb 12) |
| |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: http://www.linuxsecurity.com/content/view/151672
|
| |
Debian: openoffice.org several (Feb 12) |
| |
Several vulnerabilities have been discovered in the OpenOffice.org office suite. The Common Vulnerabilities and Exposures project identifies the following problems: http://www.linuxsecurity.com/content/view/151669
|
| |
Debian: ajaxterm session hijacking (Feb 11) |
| |
It was discovered that ajaxterm, a web-based terminal, generates weak and predictable session IDs, which might be used to hijack a session or cause a denial of service attack on a system that uses ajaxterm. http://www.linuxsecurity.com/content/view/151648
|
|
|
| |
Mandriva: mysql (Feb 19) |
| |
A vulnerabilitiy has been found and corrected in mysql: MySQL is vulnerable to a symbolic link attack when the data home directory contains a symlink to a different filesystem which allows remote authenticated users to bypass intended access restrictions (CVE-2008-7247). The updated packages have been patched to correct these issues. http://www.linuxsecurity.com/content/view/151748
|
| |
Mandriva: blogtk (Feb 19) |
| |
The blogtk package in 2010.0 was crashing on start. This update fixes the problem by updating blogtk to the latest version. Additionally the python-gdata packages are being provided as well due to requirements.
Update:
The MDVA-2010:070 advisory was missing some new dependancies (packages) that prevented blogtk to install using MandrivaUpdate. This advisory provides the missing packages. http://www.linuxsecurity.com/content/view/151747
|
| |
Mandriva: libtheora (Feb 19) |
| |
A vulnerability have been discovered and corrected in libtheora: Integer overflow in libtheora in Xiph.Org Theora before 1.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions (CVE-2009-3389). The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/151746
|
| |
Mandriva: firefox (Feb 19) |
| |
Security issues were identified and fixed in firefox 3.0.x and 3.5.x: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2010-0159). Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer (CVE-2010-0160). Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called (CVE-2009-1571). Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. This is a violation of the same-origin policy and could result in a website running untrusted JavaScript if it assumed the dialogArguments could not be initialized by another site. An anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla (CVE-2009-3988). Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an http://www.linuxsecurity.com/content/view/151741
|
| |
Mandriva: xdg-utils (Feb 18) |
| |
This update enables files to be properly attached when xdg-email is used with Thunderbird as the default mail client. http://www.linuxsecurity.com/content/view/151735
|
| |
Mandriva: dhcp (Feb 18) |
| |
The DHCP client ignores the interface-mtu option set by server. This update fixes the issue. http://www.linuxsecurity.com/content/view/151733
|
| |
Mandriva: kernel (Feb 18) |
| |
Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. (CVE-2009-3080) The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. (CVE-2009-4005) Additionally, the Linux kernel was updated to the stable release 2.6.27.45. To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate
Update:
The nvidia173-kernel x86_64 packages was missing with MDVSA-2010:034 for the Enterprise 5 product. This advisory provides the missing packages. http://www.linuxsecurity.com/content/view/151732
|
| |
Mandriva: mdkonline (Feb 18) |
| |
The new mdkonline packages adds the extended maintenance support to mdkonline. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers as well as for official 2008.0 updates.
Update:
A problem was discovered with unresolved dependancies. This advisory provides the missing packages. http://www.linuxsecurity.com/content/view/151731
|
| |
Mandriva: kernel (Feb 18) |
| |
Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. (CVE-2009-3080) The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. (CVE-2009-4005) Additionally, the Linux kernel was updated to the stable release 2.6.27.45. To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate
Update:
The virtualbox DKMS modules was not provided with MDVSA-2010:034 for the Enterprise 5 product. This advisory provides the missing virtualbox packages. http://www.linuxsecurity.com/content/view/151728
|
| |
Mandriva: pidgin (Feb 18) |
| |
Multiple security vulnerabilities has been identified and fixed in pidgin: Certain malformed SLP messages can trigger a crash because the MSN protocol plugin fails to check that all pieces of the message are set correctly (CVE-2010-0277). In a user in a multi-user chat room has a nickname containing '
' then libpurple ends up having two users with username ' ' in the room, and Finch crashes in this situation. We do not believe there is a possibility of remote code execution (CVE-2010-0420). oCERT notified us about a problem in Pidgin, where a large amount of processing time will be used when inserting many smileys into an IM or chat window. This should not cause a crash, but Pidgin can become unusable slow (CVE-2010-0423). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides pidgin 2.6.6, which is not vulnerable to these issues. http://www.linuxsecurity.com/content/view/151727
|
| |
Mandriva: gnome-screensaver (Feb 17) |
| |
Multiple vulnerabilities has been discovered and corrected in gnome-screensaver: gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended (CVE-2009-4641). gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor (CVE-2010-0414). This update provides gnome-screensaver 2.28.3, which is not vulnerable to these issues. http://www.linuxsecurity.com/content/view/151717
|
| |
Mandriva: netpbm (Feb 17) |
| |
A vulnerability have been discovered and corrected in netpbm: Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value (CVE-2009-4274). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/151716
|
| |
Mandriva: maildrop (Feb 16) |
| |
A vulnerability have been discovered and corrected in maildrop: main.C in maildrop 2.3.0 and earlier, when run by root with the -d option, uses the gid of root for execution of the .mailfilter file in a user's home directory, which allows local users to gain privileges via a crafted file (CVE-2010-0301). The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/151706
|
| |
Mandriva: mandriva-doc (Feb 16) |
| |
Update documentation for MES 5.1 release: - KVM chapter added - Virt-manager chapter added - MMC-Wizard chapter recast - Samba backend warning added - MX configuration in Mandriva Directory Server added http://www.linuxsecurity.com/content/view/151705
|
| |
Mandriva: eject (Feb 16) |
| |
The eject package shipped in Mandriva Linux 2009.0, 2009.1, 2010.0 contains a bug which will lead to a failure when ejecting a DVD which has space characters within its name. The updated package fixes this problem. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. http://www.linuxsecurity.com/content/view/151703
|
| |
Mandriva: blogtk (Feb 16) |
| |
The blogtk package in 2010.0 was crashing on start. This update fixes the problem by updating blogtk to the latest version. Additionally the python-gdata packages are being provided as well due to requirements. http://www.linuxsecurity.com/content/view/151699
|
| |
Mandriva: mandriva-release (Feb 16) |
| |
The new mandriva-release packages adds extended maintainance access support. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. http://www.linuxsecurity.com/content/view/151698
|
| |
Mandriva: drakconf (Feb 16) |
| |
The new drakconf packages adds extended maintainance access support to drakconf. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers as well as for official 2008.0 updates. http://www.linuxsecurity.com/content/view/151692
|
| |
Mandriva: mdkonline (Feb 16) |
| |
The new mdkonline packages adds the extended maintenance support to mdkonline. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. http://www.linuxsecurity.com/content/view/151691
|
| |
Mandriva: drakxtools (Feb 16) |
| |
Some bugs were found in drakxtools code dropping privileges to display help or other web pages. This updates make it more reliable on 2009.0 and 2009.1, and make it actually drop privileges on 2008.0. Additionally it fixes drakbug on 2008.0 to actually open the bug when launching the browser. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. http://www.linuxsecurity.com/content/view/151690
|
| |
Mandriva: fetchmail (Feb 16) |
| |
A vulnerability have been discovered and corrected in fetchmail: The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an SSL X.509 certificate containing non-printable characters with the high bit set, which triggers a heap-based buffer overflow during escaping (CVE-2010-0562). This update provides fetchmail 6.3.14, which is not vulnerable to this issue. http://www.linuxsecurity.com/content/view/151689
|
| |
Mandriva: drakxtools (Feb 16) |
| |
Allow to use ddf1 raid and to manage unpartitionned dmraid. It also offers to install onto dmraid or existing lvm without using manual partitionning.
Update:
drakx-installer-stage2 packages was missing with the MDVA-2010:062 advisory. The missing packages being provided with this advisory. http://www.linuxsecurity.com/content/view/151688
|
| |
Mandriva: mandriva-release (Feb 15) |
| |
Add the extended maintainance access support for 2008.0 http://www.linuxsecurity.com/content/view/151687
|
| |
Mandriva: pptp-linux (Feb 15) |
| |
The pptp-linux packages in Mandriva Linux 2009.0, MES5, 2009.1 and 2010.0 try to call /bin/ip instead of /sbin/ip. The updated packages fix this issue. http://www.linuxsecurity.com/content/view/151684
|
| |
Mandriva: totem (Feb 15) |
| |
The youtube plugin in totem has stopped working. This was caused by changes on the youtube web site. This new version updates to those changes to make youtube playback in totem work again. http://www.linuxsecurity.com/content/view/151683
|
| |
Mandriva: drakxtools (Feb 15) |
| |
Allow to use ddf1 raid and to manage unpartitionned dmraid. It also offers to install onto dmraid or existing lvm without using manual partitionning. http://www.linuxsecurity.com/content/view/151682
|
| |
Mandriva: xfig (Feb 15) |
| |
The predrawn figure library in xfig could not be accessed by non-root users because of incorrect permissions making the contents of /usr/lib/X11/xfig/Libraries readable only by root. This update corrects the problematic permissions. http://www.linuxsecurity.com/content/view/151681
|
| |
Mandriva: openoffice.org-voikko (Feb 14) |
| |
The previous update of openoffice.org missed openoffice.org-voikko, causing upgrade problems for Finnish users. This update provides openoffice.org-voikko for openoffice.org 3.1.1. http://www.linuxsecurity.com/content/view/151678
|
| |
Mandriva: msec (Feb 12) |
| |
msec in Mandriva Linux 2009.1 and 2010.0 would not carry out the chkrootkit check correctly if the chkrootkit package was uninstalled after the test has been run at least once. This update fixes the issue. http://www.linuxsecurity.com/content/view/151671
|
| |
Mandriva: webmin (Feb 12) |
| |
This advisory updates webmin to the latest version 1.500, fixing several bugs and a cross-site scripting issue which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors (CVE-2009-4568). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. http://www.linuxsecurity.com/content/view/151670
|
| |
Mandriva: mandriva-release (Feb 12) |
| |
Update for mandriva-release for 5.1 release of Mandriva Enterprise Server 5. http://www.linuxsecurity.com/content/view/151658
|
| |
Mandriva: nuface (Feb 11) |
| |
Update to new version. Fix many bugs and add functionalities for nuface interface. http://www.linuxsecurity.com/content/view/151650
|
| |
Mandriva: openoffice.org (Feb 11) |
| |
This updates provides a new OpenOffice.org version 3.1.1. It holds security and bug fixes described as follow: An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow (CVE-2009-0200). A heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to table parsing (CVE-2009-0201). A heap-based buffer overflow allows remote attackers to execute arbitrary code via a crafted EMF file (CVE-2009-2139). Multiple heap-based buffer overflows allow remote attackers to execute arbitrary code via a crafted EMF+ file (CVE-2009-2140). OpenOffice's xmlsec uses a bundled Libtool which might load .la file in the current working directory allowing local users to gain privileges via a Trojan horse file. For enabling such vulnerability xmlsec has to use --enable-crypto_dl building flag however it does not, although the fix keeps protected against this threat whenever that flag had been enabled (CVE-2009-3736). Further this update provides following bug fixes: OpenOffice.org is not properly configure to use the xdg-email functionality of the FreeDesktop standard (#52195). As the template desktop icons are not properly set, it's not presented under the context menu of applications like Dolphin (#56439). The Firefox plugin which enables viewing of OpenOffice documents inside the browser was not enabled. http://www.linuxsecurity.com/content/view/151647
|
| |
Mandriva: samba (Feb 11) |
| |
This is a maintenance update of samba in order to support Windows 7 hosts integration in Samba domain. Additionally on 2009.0 and MES5 samba has been upgraded from 3.2.15 to 3.3.10 which brings many upstream fixes besides those that mainly conserns Windows 7 interoperabilities. http://www.linuxsecurity.com/content/view/151646
|
|
|
| |
RedHat: acroread security and bug fix update (Feb 18) |
| |
Updated acroread packages that fix two security issues and a bug are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/151729
|
| |
RedHat: pidgin (Feb 18) |
| |
Updated pidgin packages that fix three security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/151730
|
| |
RedHat: firefox (Feb 17) |
| |
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/151720
|
| |
RedHat: seamonkey (Feb 17) |
| |
Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/151721
|
| |
RedHat: mysql (Feb 16) |
| |
Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/151704
|
| |
RedHat: mysql (Feb 16) |
| |
Updated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/151702
|
| |
RedHat: kernel (Feb 16) |
| |
Updated kernel packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/151701
|
| |
RedHat: NetworkManager (Feb 16) |
| |
Updated NetworkManager packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/151700
|
| |
RedHat: flash-plugin (Feb 12) |
| |
An updated Adobe Flash Player package that fixes a security issue is now available for Red Hat Enterprise Linux 3 and 4 Extras. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/151661
|
| |
RedHat: openoffice.org (Feb 12) |
| |
Updated openoffice.org packages that correct multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/151660
|
| |
RedHat: flash-plugin (Feb 12) |
| |
An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/151659
|
|
|
| |
SuSE: Linux kernel (Feb 18) |
| |
http://www.linuxsecurity.com/content/view/151737
|
| |
SuSE: Linux kernel (Feb 15) |
| |
http://www.linuxsecurity.com/content/view/151680
|
| |
SuSE: postfix (Feb 15) |
| |
http://www.linuxsecurity.com/content/view/151679
|
|
|
| |
Ubuntu: XML-RPC for C and C++ vulnerabilities (Feb 18) |
| |
USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for XML-RPC for C and C++. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. (CVE-2009-2625, CVE-2009-3720) It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. (CVE-2009-3560) http://www.linuxsecurity.com/content/view/151738
|
| |
Ubuntu: Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities (Feb 17) |
| |
Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0159) Orlando Barrera II discovered a flaw in the Web Workers implementation of Firefox. If a user were tricked into posting to a malicious website, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0160) Alin Rad Pop discovered that Firefox's HTML parser would incorrectly free memory under certain circumstances. If the browser could be made to access these freed memory objects, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1571) Hidetake Jo discovered that the showModalDialog in Firefox did not always honor the same-origin policy. An attacker could exploit this to run untrusted JavaScript from other domains. (CVE-2009-3988) Georgi Guninski discovered that the same-origin check in Firefox could be bypassed by utilizing a crafted SVG image. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0162) http://www.linuxsecurity.com/content/view/151718
|
| |
Ubuntu: Firefox 3.0 and Xulrunner 1.9 vulnerabilities (Feb 17) |
| |
Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0159) Orlando Barrera II discovered a flaw in the Web Workers implementation of Firefox. If a user were tricked into posting to a malicious website, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0160) Alin Rad Pop discovered that Firefox's HTML parser would incorrectly free memory under certain circumstances. If the browser could be made to access these freed memory objects, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1571) Hidetake Jo discovered that the showModalDialog in Firefox did not always honor the same-origin policy. An attacker could exploit this to run untrusted JavaScript from other domains. (CVE-2009-3988) Georgi Guninski discovered that the same-origin check in Firefox could be bypassed by utilizing a crafted SVG image. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0162) http://www.linuxsecurity.com/content/view/151719
|
| |
Ubuntu: Squid vulnerabilities (Feb 16) |
| |
It was discovered that Squid incorrectly handled certain auth headers. A remote attacker could exploit this with a specially-crafted auth header and cause Squid to go into an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 8.10, 9.04 and 9.10. (CVE-2009-2855) It was discovered that Squid incorrectly handled certain DNS packets. A remote attacker could exploit this with a specially-crafted DNS packet and cause Squid to crash, resulting in a denial of service. (CVE-2010-0308) http://www.linuxsecurity.com/content/view/151694
|
| |
Ubuntu: Ruby vulnerabilities (Feb 16) |
| |
Emmanouel Kellinis discovered that Ruby did not properly handle certain string operations. An attacker could exploit this issue and possibly execute arbitrary code with application privileges. (CVE-2009-4124) Giovanni Pellerano, Alessandro Tanasi, and Francesco Ongaro discovered that Ruby did not properly sanitize data written to log files. An attacker could insert specially-crafted data into log files which could affect certain terminal emulators and cause arbitrary files to be overwritten, or even possibly execute arbitrary commands. (CVE-2009-4492) It was discovered that Ruby did not properly handle string arguments that represent large numbers. An attacker could exploit this and cause a denial of service. This issue only affected Ubuntu 9.10. (CVE-2009-1904) http://www.linuxsecurity.com/content/view/151693
|
| |
Ubuntu: Tomcat vulnerabilities (Feb 11) |
| |
It was discovered that Tomcat did not correctly validate WAR filenames or paths when deploying. A remote attacker could send a specially crafted WAR file to be deployed and cause arbitrary files and directories to be created, overwritten, or deleted. http://www.linuxsecurity.com/content/view/151649
|
|
|
| |
Pardus: Samba: Insecure wide links Default (Feb 14) |
| |
Kingcope has discovered a weakness in Samba, which can be exploited by malicious people to bypass certain security restrictions and disclose sensitive information. http://www.linuxsecurity.com/content/view/151674
|
| |
Pardus: Qemu: Multiple Vulnerabilities (Feb 14) |
| |
Multiple vulnerabilities have been fixed in Qemu, which can be exploited by malicious people to cause denial of service (application crash) or potentially compromise a vulnerable system. http://www.linuxsecurity.com/content/view/151675
|
| |
Pardus: Sun-Java: Insecure Directory (Feb 14) |
| |
A vulnerability has been fixed in Sun-java, which can be exploited by malicious people to execute arbitrary code via changing sun java binaries. http://www.linuxsecurity.com/content/view/151676
|
Only registered users can write comments.
Please login or register.
