Ubuntu: 1917-1: Linux kernel vulnerability
(Jul 29) The system could be made to crash or run programs as an administrator.
(Jul 29) The system could be made to crash or run programs as an administrator.
(Jul 29) The system could be made to crash or run programs as an administrator.
(Jul 29) The system could be made to crash or run programs as an administrator.
(Jul 27) Maxim Shudrak and the HP Zero Day Initiative reported a denial of service vulnerability in BIND, a DNS server. A specially crafted query that includes malformed rdata can cause named daemon to terminate with an assertion failure while rejecting the malformed query. [More…]
(Jul 2) libvirt could be made to crash if it received specially crafted networktraffic.
(Jul 3) Module::Signature could be made to run programs if it verified a signature.
(Jul 2) libcurl could be made to crash or run programs as your login if it receivedspecially crafted input.
Important: cPanel Security Disclosure TSR-2013-0007 The following disclosure covers the Targeted Security Release 2013-06-26. Each vulnerability is assigned an internal case number which is reflected below. Information regarding the cPanel Security Level rankings can be found here:http://go.cpanel.net/securitylevels Case 71193 Summary Local cPanel users are able to take over ownership of …
(Jun 24) Timo Sirainen discovered that cURL, an URL transfer library, is prone to a heap overflow vulnerability due to bad checking of the input data in the curl_easy_unescape function. [More…]
(Jun 16) Krzysztof Katowicz-Kowalewski discovered a vulnerability in fail2ban, a log monitoring and system which can act on attack by preventing hosts to connect to specified services using the local firewall. [More…]
Here is some further information on the Plesk 9.0 to 9.2.3 phppath
vulnerability that came from further investigation. The flaw is in 9.0 to
9.2.3, but can move forward to later versions on Ubuntu and Debian with certain
non-typical upgrade paths that do not include sequential updating to 9.5.x. See
here for more details: http://kb.parallels.com/116241. Fixes are already issued.
(Jun 13) Alexandru Cornea discovered a vulnerability in libdbus caused by an implementation bug in _dbus_printf_string_upper_bound(). This vulnerability can be exploited by a local user to crash system services that use libdbus, causing denial of service. Depending on the dbus [More…]
(Jun 10) Jibbers McGee discovered that pymongo, a high-performance schema-free document-oriented data store, is prone to a denial-of-service vulnerability. An attacker can remotely trigger a NULL pointer dereference causing MongoDB [More…]
(Jun 9) It was discovered that applications using the mesa library, a free implementation of the OpenGL API, may crash or execute arbitrary code due to an out of bounds memory access in the library. This vulnerability only affects systems with Intel chipsets. [More…]
(Jun 5) Several security issues were fixed in libxinerama.
(Jun 5) Several security issues were fixed in libxcursor.
(Jun 5) Several security issues were fixed in libxfixes.
(Jun 5) Several security issues were fixed in libxext.
(Jun 5) Several security issues were fixed in libxres.
(Jun 5) Several security issues were fixed in libxxf86vm.
In the June 2013 survey we received responses from 672,985,183 sites, 148k more than last month. Both Microsoft and Google grew slightly this month, gaining 0.5 percentage points of market share. Microsoft’s web server, IIS, now serves 17.22% of the world’s websites, down from a historic high of 37% which it reached in October 2007. Microsoft […]
(Jun 3) Maksim Otstavnov discovered that the Wocky submodule used by telepathy-gabble, the Jabber/XMPP connection manager for the Telepathy framework, does not respect the tls-required flag on legacy Jabber servers. A network intermediary could use this vulnerability to bypass [More…]
(May 30) The system could be made to crash or run programs as an administrator ifit received specially crafted network traffic.
(May 30) The system could be made to crash or run programs as an administrator ifit received specially crafted network traffic.
(May 30) The system could be made to crash or run programs as an administrator ifit received specially crafted network traffic.
(May 26) A privilege escalation vulnerability has been found in SPIP, a website engine for publishing, which allows anyone to take control of the website. [More…]
(May 15) The system could be made to run programs as an administrator.
(May 15) The system could be made to run programs as an administrator.
(May 15) The system could be made to run programs as an administrator.
(May 7) libxml2 could be made to crash or run programs if it opened a speciallycrafted file.
60 queries. 8.75 mb Memory usage. 1.289 seconds.