Ubuntu: 1917-1: Linux kernel vulnerability
Jul31
on July 31, 2013
at 9:51 pm
Posted In: Uncategorized
(Jul 29) The system could be made to crash or run programs as an administrator.
Comment
Posts Tagged vulnerability
163 results.
Ubuntu: 1919-1: Linux kernel vulnerability
Jul30
on July 30, 2013
at 9:38 pm
Posted In: Uncategorized
(Jul 29) The system could be made to crash or run programs as an administrator.
Ubuntu: 1914-1: Linux kernel vulnerability
Jul30
on July 30, 2013
at 9:38 pm
Posted In: Uncategorized
(Jul 29) The system could be made to crash or run programs as an administrator.
(Jul 27) Maxim Shudrak and the HP Zero Day Initiative reported a denial of service vulnerability in BIND, a DNS server. A specially crafted query that includes malformed rdata can cause named daemon to terminate with an assertion failure while rejecting the malformed query. [More…]
(Jul 2) libvirt could be made to crash if it received specially crafted networktraffic.
Ubuntu: 1896-1: Module::Signature perl module vulnerability
Jul03
on July 3, 2013
at 6:28 pm
Posted In: Uncategorized
(Jul 3) Module::Signature could be made to run programs if it verified a signature.
(Jul 2) libcurl could be made to crash or run programs as your login if it receivedspecially crafted input.
cPanel Security Disclosure: TSR-2013-0007
Jun27
on June 27, 2013
at 8:05 am
Posted In: Uncategorized
Important: cPanel Security Disclosure TSR-2013-0007 The following disclosure covers the Targeted Security Release 2013-06-26. Each vulnerability is assigned an internal case number which is reflected below. Information regarding the cPanel Security Level rankings can be found here:http://go.cpanel.net/securitylevels Case 71193 Summary Local cPanel users are able to take over ownership of …
(Jun 24) Timo Sirainen discovered that cURL, an URL transfer library, is prone to a heap overflow vulnerability due to bad checking of the input data in the curl_easy_unescape function. [More…]
Debian: 2708-1: fail2ban: denial of service
Jun17
on June 17, 2013
at 4:25 pm
Posted In: Uncategorized
(Jun 16) Krzysztof Katowicz-Kowalewski discovered a vulnerability in fail2ban, a log monitoring and system which can act on attack by preventing hosts to connect to specified services using the local firewall. [More…]
Further information on the Plesk 9.0 to 9.2.3 phppath vulnerability
Jun14
on June 14, 2013
at 4:43 am
Posted In: Uncategorized
Here is some further information on the Plesk 9.0 to 9.2.3 phppath
vulnerability that came from further investigation. The flaw is in 9.0 to
9.2.3, but can move forward to later versions on Ubuntu and Debian with certain
non-typical upgrade paths that do not include sequential updating to 9.5.x. See
here for more details: http://kb.parallels.com/116241. Fixes are already issued.
(Jun 13) Alexandru Cornea discovered a vulnerability in libdbus caused by an implementation bug in _dbus_printf_string_upper_bound(). This vulnerability can be exploited by a local user to crash system services that use libdbus, causing denial of service. Depending on the dbus [More…]
Debian: 2705-1: pymongo: denial of service
Jun11
on June 11, 2013
at 3:58 pm
Posted In: Uncategorized
(Jun 10) Jibbers McGee discovered that pymongo, a high-performance schema-free document-oriented data store, is prone to a denial-of-service vulnerability. An attacker can remotely trigger a NULL pointer dereference causing MongoDB [More…]
Debian: 2704-1: mesa: out of bounds access
Jun10
on June 10, 2013
at 4:06 pm
Posted In: Uncategorized
(Jun 9) It was discovered that applications using the mesa library, a free implementation of the OpenGL API, may crash or execute arbitrary code due to an out of bounds memory access in the library. This vulnerability only affects systems with Intel chipsets. [More…]
Ubuntu: 1860-1: libxinerama vulnerability
Jun10
on June 10, 2013
at 3:25 pm
Posted In: Uncategorized
(Jun 5) Several security issues were fixed in libxinerama.
(Jun 5) Several security issues were fixed in libxcursor.
(Jun 5) Several security issues were fixed in libxfixes.
(Jun 5) Several security issues were fixed in libxext.
(Jun 5) Several security issues were fixed in libxres.
(Jun 5) Several security issues were fixed in libxxf86vm.
In the June 2013 survey we received responses from 672,985,183 sites, 148k more than last month. Both Microsoft and Google grew slightly this month, gaining 0.5 percentage points of market share. Microsoft’s web server, IIS, now serves 17.22% of the world’s websites, down from a historic high of 37% which it reached in October 2007. Microsoft […]
Debian: 2702-1: telepathy-gabble: TLS verification bypass
Jun05
on June 5, 2013
at 3:33 pm
Posted In: Uncategorized
(Jun 3) Maksim Otstavnov discovered that the Wocky submodule used by telepathy-gabble, the Jabber/XMPP connection manager for the Telepathy framework, does not respect the tls-required flag on legacy Jabber servers. A network intermediary could use this vulnerability to bypass [More…]
Ubuntu: 1844-1: Linux kernel vulnerability
Jun01
on June 1, 2013
at 2:12 pm
Posted In: Uncategorized
(May 30) The system could be made to crash or run programs as an administrator ifit received specially crafted network traffic.
Ubuntu: 1846-1: Linux kernel vulnerability
Jun01
on June 1, 2013
at 2:12 pm
Posted In: Uncategorized
(May 30) The system could be made to crash or run programs as an administrator ifit received specially crafted network traffic.
Ubuntu: 1847-1: Linux kernel vulnerability
May31
on May 31, 2013
at 2:04 pm
Posted In: Uncategorized
(May 30) The system could be made to crash or run programs as an administrator ifit received specially crafted network traffic.
Debian: 2694-1: spip: privilege escalation
May28
on May 28, 2013
at 2:25 pm
Posted In: Uncategorized
(May 26) A privilege escalation vulnerability has been found in SPIP, a website engine for publishing, which allows anyone to take control of the website. [More…]
Ubuntu: 1825-1: Linux kernel vulnerability
May21
on May 21, 2013
at 12:56 pm
Posted In: Uncategorized
(May 15) The system could be made to run programs as an administrator.
Ubuntu: 1827-1: Linux kernel vulnerability
May20
on May 20, 2013
at 12:41 pm
Posted In: Uncategorized
(May 15) The system could be made to run programs as an administrator.
Ubuntu: 1826-1: Linux kernel vulnerability
May20
on May 20, 2013
at 12:41 pm
Posted In: Uncategorized
(May 15) The system could be made to run programs as an administrator.
(May 7) libxml2 could be made to crash or run programs if it opened a speciallycrafted file.