Secunia Security Advisory - A security issue has been reported in virt-v2v, which can be exploited by malicious, local users to bypass certain security restrictions.
7f59d202fb51e6ee10a9245a230b9dcc213a9401c405ebe62d204ce292109fadSecunia Security Advisory - Red Hat has issued an update for glibc. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
6c0d54fc46461740d241e86a62709ace86c90c1e68e6b2f65d39d83172eefdf9Secunia Security Advisory - Red Hat has issued an update for virt-v2v. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.
180fc017c821300a72d07cc34c32a230d5a9670998a43d8f15c256a76d3f6e06Secunia Security Advisory - A security issue has been reported in acpid, which can be exploited by malicious, local users to disclose potentially sensitive information.
a3d27f4ffc79163100ea3ca2b54f4196defb119bb5d77ea17cccd9315506f144Secunia Security Advisory - A vulnerability has been discovered in Traq, which can be exploited by malicious people to bypass certain security restrictions.
6431b86ea008fba113701e1550941a5ed7d6d3a10095b6c8a416df3adf150a60Secunia Security Advisory - A vulnerability has been reported in the s2Member plugin for WordPress, which can be exploited by malicious users to bypass certain security restrictions.
89cb91ed286049a2345f57a3cd9d633fe9d7ba9ff3908e2bcee90e7adb825cadSecunia Security Advisory - Debian has issued an update for openjdk-6. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, and compromise a vulnerable system.
8162f658f68b9943f7d2d01bd0cdcb1fed00617e64cde9e8a8cbcc7e52361ac5Secunia Security Advisory - Ubuntu has issued an update for linux-ti-omap4. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
8dbaaa0ef4ca0334e24e6c3b5b179aaad93ebd8b29ea55a017db0b3341cee57cSecunia Security Advisory - A vulnerability has been reported in Etomite, which can be exploited by malicious people to conduct cross-site scripting attacks.
9912e575d47f44aad3da107ecc1841f3f408b3503a97454c39cec6a0c40c06e1Secunia Security Advisory - SUSE has issued an update for xorg-x11-libs. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
a86c2821945aee90ec0100884d0d19dfac8d55e311b76a6f25101d045346c9bbSecunia Security Advisory - A vulnerability has been reported in multiple Intel products, which can be exploited my malicious, local users to gain escalated privileges.
8c7c47009d64fb04470cf3b5227ac1ba92afebb228af8eee0f32461e7555a9e6Secunia Security Advisory - Multiple vulnerabilities have been reported in Opera, where one has an unknown impact and others can be exploited by malicious people to bypass certain security features, disclose potentially sensitive information, and hijack a user's session.
9412bfb7e9e1629df331918ab66b0b7bbd41c9d794a1380d1c4b770b81b46b54Secunia Security Advisory - Red Hat has issued an update for tomcat6. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose sensitive information, bypass certain security restrictions, or cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information and bypass certain security restrictions.
65ee4ebcea2824b20175ed990adfa30b33c1e99fec0df11faac95f9083ca9e76Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the source code release.
6352a7f68b6f325e14965c399357591a7967cf3f94b01e84c3b50cc40feebb1dOstinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the Windows binary release.
f5253935e65bded169b9eb1520383ec1ef681017576cffd49e913ce86360e776Debian Linux Security Advisory 2360-1 - This is an advance notice that security support for Debian GNU/Linux 5.0 (code name "lenny") will be terminated in two months.
c41661221a62e02216a4a8976dbfd65eae2f8389365edc4fd775a5e7b05a0962Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the Mac OS X release.
b7e6bb1ee16faf6bfd26776d9d1ff947783c70e5a3d0cad08b8fa740360e6131MIT krb5 Security Advisory 2011-007 - In releases krb5-1.9 and later, the KDC can crash due to a null pointer dereference in code that handles TGS (Ticket Granting Service) requests. The trigger condition is trivial to produce using unmodified client software, but requires the ability to authenticate as a principal in the KDC's realm.
4ca042a5da054adcd94232f80427d3eb47e18bef1cfb4b02d416b3b522988c17This Metasploit module exploits a stack-based buffer overflow in Ability Server 2.34. Ability Server fails to check input size when parsing STOR and APPE commands, which leads to a stack based buffer overflow. This plugin uses the STOR command. The vulnerability has been confirmed on version 2.34 and has also been reported in version 2.25 and 2.32. Other versions may also be affected.
2f42268540b9e7a1b27be7be2665ffceb81143ab10130f7b317339dcd4c523c5Ubuntu Security Notice 1288-1 - It was discovered that the 2.6.35 and earlier Linux kernel does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) in applications that require a separate namespace per connection, like vsftpd. This update adjusts vsftpd to only use network namespaces on kernels that are known to be not affected.
b6fa8f8d04a036dd6872e1f5e1d5f95c59df9f7d97a38bfac368ad75d2547cc4Red Hat Security Advisory 2011-1791-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. An input validation flaw was found in the way Squid calculated the total number of resource records in the answer section of multiple name server responses. An attacker could use this flaw to cause Squid to crash. Users of squid should upgrade to this updated package, which contains a backported patch to correct this issue. After installing this update, the squid service will be restarted automatically.
9462f28ff2caece7931bb6bc345528dd2407fca7d2940e8d4d8ed21ebb083998Red Hat Security Advisory 2011-1790-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed certain TGS requests. A remote, authenticated attacker could use this flaw to crash the KDC via a specially-crafted TGS request.
600a23f94d8d538936ba2fa387701973abd9cd00e5bd7b0d998aaff3751e10f7Red Hat Security Advisory 2011-1777-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. A flaw was found in the way qemu-kvm handled VSC_ATR messages when a guest was configured for a CCID USB smart card reader in passthrough mode. An attacker able to connect to the port on the host being used for such a device could use this flaw to crash the qemu-kvm process on the host or, possibly, escalate their privileges on the host.
f437ff73654ec441c37ee0a258656d8a2c9469e20690c2704d525a4c711b0de4Red Hat Security Advisory 2011-1749-03 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. An off-by-one error, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XML files. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
eead364c20b8882241bccb8d72225a276f21d753a5bf3d9380c0d34f4174d01eRed Hat Security Advisory 2011-1741-03 - The php-pear package contains the PHP Extension and Application Repository, a framework and distribution system for reusable PHP components. It was found that the "pear" command created temporary files in an insecure way when installing packages. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary files accessible to the victim running the "pear install" command.
dbfac6f4435ff85bfd6210a7625899b4a31e607ba5721367e2bb450b57f0e40e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed