| |
EnGarde Secure Community 3.0.22 Now Available! (Dec 9) |
| |
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
|
|
|
| |
Debian: 2016-1: drupal6: Multiple vulnerabilities (Mar 13) |
| |
Several vulnerabilities (SA-CORE-2010-001) have been discovered in drupal6, a fully-featured content management framework. [More...]
|
| |
Debian: 2014-1: moin: Multiple vulnerabilities (Mar 12) |
| |
Several vulnerabilities have been discovered in moin, a python clone of WikiWiki. The Common Vulnerabilities and Exposures project identifies the following problems: [More...]
|
| |
Debian: 2013-1: egroupware: Multiple vulnerabilities (Mar 11) |
| |
Nahuel Grisolia discovered two vulnerabilities in Egroupware, a web-based groupware suite: Missing input sanitising in the spellchecker integration may lead to the execution of arbitrary commands and a cross-site scripting vulnerability was discovered in the login page. [More...]
|
| |
Debian: 2012-1: linux-2.6: privilege escalation/denial (Mar 11) |
| |
CVE-2009-3725 Philipp Reisner reported an issue in the connector subsystem which allows unprivileged users to send netlink packets. This [More...]
|
| |
Debian: 2011-1: dpkg: path traversal (Mar 10) |
| |
William Grant discovered that the dpkg-source component of dpkg, the low-level infrastructure for handling the installation and removal of Debian software packages, is vulnerable to path traversal attacks. A specially crafted Debian source package can lead to file modification [More...]
|
| |
Debian: : kvm: privilege escalation/denial (Mar 10) |
| |
Several local vulnerabilities have been discovered in kvm, a full virtualization system. The Common Vulnerabilities and Exposures project identifies the following problems: [More...]
|
| |
Debian: 2009-1: tdiary: insufficient input sanitisi (Mar 9) |
| |
It was discovered that tdiary, a communication-friendly weblog system, is prone to a cross-site scripting vulnerability due to insuficient input sanitising in the TrackBack transmission plugin. [More...]
|
| |
Debian: 2008-1: typo3-src Multiple Vulnerabilities (Mar 8) |
| |
Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked.
|
|
|
| |
Mandriva: 2010:061: ncpfs (Mar 11) |
| |
Multiple vulnerabilities has been found and corrected in ncpfs: sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary [More...]
|
| |
Mandriva: 2010:060: squid (Mar 10) |
| |
A vulnerability has been found and corrected in squid: The htcpHandleTstRequest function in htcp.c in Squid 2.x and 3.0 through 3.0.STABLE23 allows remote attackers to cause a denial of service (crash) via crafted packets to the HTCP port, which triggers [More...]
|
| |
Mandriva: 2010:059: virtualbox (Mar 10) |
| |
A vulnerability has been found and corrected in virtualbox: Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial [More...]
|
| |
Mandriva: 2010:058: php (Mar 9) |
| |
Multiple vulnerabilities has been found and corrected in php: * Improved LCG entropy. (Rasmus, Samy Kamkar) * Fixed safe_mode validation inside tempnam() when the directory path does not end with a /). (Martin Jansen) [More...]
|
| |
Mandriva: 2010:057: apache (Mar 6) |
| |
A vulnerabilitiy has been found and corrected in apache: The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances [More...]
|
|
|
| |
Slackware: 2010-069-01: pidgin: Security Update (Mar 10) |
| |
New pidgin packages are available for Slackware 12.0, 12.1, 12.2, 13.0, and -current to fix denial of service issues. More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database: [More Info...]
|
| |
Slackware: 2010-067-01: httpd: Security Update (Mar 8) |
| |
New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. mod_ssl: A partial fix for the TLS renegotiation prefix injection attack by rejecting any client-initiated renegotiations. mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent [More Info...]
|
|
|
| |
SuSE: 2010-016: Linux kernel (Mar 8) |
| |
The openSUSE 11.0 kernel was updated to fix following security issues: CVE-2009-4020: Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the [More...]
|
|
|
| |
Ubuntu: 907-1: gnome-screensaver vulnerabilities (Mar 8) |
| |
It was discovered that gnome-screensaver did not correctly lock all screenswhen monitors get hotplugged. An attacker with physical access could usethis flaw to gain access to a locked session. (CVE-2010-0285) [More...]
|
|
|
| |
Pardus: 2010-38: Sudo: Privilege Escalation (Mar 9) |
| |
A security issue has been fixed in sudo, which can be exploited by malicious, local users to gain escalated privileges.
|
| |
Pardus: 2010-39: Firefox: Multiple Vulnerabilities (Mar 9) |
| |
Multiple vulnerabilities have been fixed in Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user's system.
|
Only registered users can write comments.
Please login or register.
