Fedora update for curl
Verfasst von Stefan unter Bugs / Fehlermeldungen am Mittwoch 10. März 2010
Fedora update for curl
SECUNIA ADVISORY ID: SA38843
VERIFY ADVISORY: http://secunia.com/advisories/38843/
DESCRIPTION: Fedora has issued an update for curl. This fixes a security issue, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
For more information: SA38427
SOLUTION: Apply updated packages via the yum utility (“yum [...]
Linux Kernel Video Output Status Denial of Service
Verfasst von Stefan unter Bugs / Fehlermeldungen am Mittwoch 10. März 2010
Linux Kernel Video Output Status Denial of Service
SECUNIA ADVISORY ID: SA38863
VERIFY ADVISORY: http://secunia.com/advisories/38863/
DESCRIPTION: A security issue has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The security issue is caused due to an error while reading the status of video output devices [...]
Fedora update for bournal
Verfasst von Stefan unter Bugs / Fehlermeldungen am Mittwoch 10. März 2010
Fedora update for bournal
SECUNIA ADVISORY ID: SA38814
VERIFY ADVISORY: http://secunia.com/advisories/38814/
DESCRIPTION: Fedora has issued an update for bournal. This fixes multiple security issues, which can be exploited by malicious, local users to disclose sensitive information and to perform certain actions with escalated privileges.
For more information: SA38554 SA38723
SOLUTION: Apply updated packages via the yum utility (“yum update [...]
SpamAssassin Milter Plugin Shell Command Injection
Verfasst von Stefan unter Bugs / Fehlermeldungen am Mittwoch 10. März 2010
SpamAssassin Milter Plugin Shell Command Injection
SECUNIA ADVISORY ID: SA38840
VERIFY ADVISORY: http://secunia.com/advisories/38840/
DESCRIPTION: A vulnerability has been discovered in the SpamAssassin Milter Plugin, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to input not being properly sanitised in the “mlfi_envrcpt” function in spamass-milter.cpp before using it in a [...]
TikiWiki CMS/Groupware Multiple Vulnerabilities
Verfasst von Stefan unter Bugs / Fehlermeldungen am Mittwoch 10. März 2010
TikiWiki CMS/Groupware Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA38896
VERIFY ADVISORY: http://secunia.com/advisories/38896/
DESCRIPTION: Some vulnerabilities have been reported in TikiWiki CMS/Groupware, one of which has an unspecified impact and others that can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct SQL injection attacks.
1) Certain unspecified input is not properly sanitised [...]
Juniper Networks Secure Access “row” Cross-Site Scripting Vulnerability
Verfasst von Stefan unter Bugs / Fehlermeldungen am Mittwoch 10. März 2010
Juniper Networks Secure Access “row” Cross-Site Scripting Vulnerability
SECUNIA ADVISORY ID: SA38841
VERIFY ADVISORY: http://secunia.com/advisories/38841/
DESCRIPTION: Niels Heinen has reported a vulnerability in Juniper Networks Secure Access, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed to the “row” parameter in editbk.cgi is not properly sanitised before being returned to the user. This [...]
Eshbel Priority Cross-Site Scripting Vulnerability
Verfasst von Stefan unter Bugs / Fehlermeldungen am Mittwoch 10. März 2010
Eshbel Priority Cross-Site Scripting Vulnerability
SECUNIA ADVISORY ID: SA38787
VERIFY ADVISORY: http://secunia.com/advisories/38787/
DESCRIPTION: Yaniv Miron has reported a vulnerability in Eshbel Priority, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed via the URL is not properly sanitised before being returned to the user within the marketgate/PriHtml.dll script. This can be exploited to [...]
Samba “CAP_DAC_OVERRIDE” File Permissions Security Bypass
Verfasst von Stefan unter Bugs / Fehlermeldungen am Mittwoch 10. März 2010
Samba “CAP_DAC_OVERRIDE” File Permissions Security Bypass
SECUNIA ADVISORY ID: SA38804
VERIFY ADVISORY: http://secunia.com/advisories/38804/
DESCRIPTION: A vulnerability has been reported in Samba, which can be exploited by malicious users to bypass certain security restrictions.
The vulnerability is caused due Samba processes inheriting the “CAP_DAC_OVERRIDE” capability flag, which can be exploited to e.g. read and write to files without having [...]
Debian update for typo3-src
Verfasst von Stefan unter Bugs / Fehlermeldungen am Mittwoch 10. März 2010
Debian update for typo3-src
SECUNIA ADVISORY ID: SA38892
VERIFY ADVISORY: http://secunia.com/advisories/38892/
DESCRIPTION: Debian has issued an update for typo3-src. This fixes a security issue and some vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information and conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks and bypass certain security [...]
HP Performance Insight Arbitrary Command Execution Vulnerability
Verfasst von Stefan unter Bugs / Fehlermeldungen am Mittwoch 10. März 2010
HP Performance Insight Arbitrary Command Execution Vulnerability
SECUNIA ADVISORY ID: SA38899
VERIFY ADVISORY: http://secunia.com/advisories/38899/
DESCRIPTION: A vulnerability has been reported in HP Performance Insight, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an unspecified error and can be exploited to execute arbitrary commands.
The vulnerability is reported in version [...]
