Fedora update for curl

Fedora update for curl
SECUNIA ADVISORY ID: SA38843
VERIFY ADVISORY: http://secunia.com/advisories/38843/
DESCRIPTION: Fedora has issued an update for curl. This fixes a security issue, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
For more information: SA38427
SOLUTION: Apply updated packages via the yum utility (“yum [...]

Keine Kommentare

Linux Kernel Video Output Status Denial of Service

Linux Kernel Video Output Status Denial of Service
SECUNIA ADVISORY ID: SA38863
VERIFY ADVISORY: http://secunia.com/advisories/38863/
DESCRIPTION: A security issue has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The security issue is caused due to an error while reading the status of video output devices [...]

Keine Kommentare

Fedora update for bournal

Fedora update for bournal
SECUNIA ADVISORY ID: SA38814
VERIFY ADVISORY: http://secunia.com/advisories/38814/
DESCRIPTION: Fedora has issued an update for bournal. This fixes multiple security issues, which can be exploited by malicious, local users to disclose sensitive information and to perform certain actions with escalated privileges.
For more information: SA38554 SA38723
SOLUTION: Apply updated packages via the yum utility (“yum update [...]

Keine Kommentare

SpamAssassin Milter Plugin Shell Command Injection

SpamAssassin Milter Plugin Shell Command Injection
SECUNIA ADVISORY ID: SA38840
VERIFY ADVISORY: http://secunia.com/advisories/38840/
DESCRIPTION: A vulnerability has been discovered in the SpamAssassin Milter Plugin, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to input not being properly sanitised in the “mlfi_envrcpt” function in spamass-milter.cpp before using it in a [...]

Keine Kommentare

TikiWiki CMS/Groupware Multiple Vulnerabilities

TikiWiki CMS/Groupware Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA38896
VERIFY ADVISORY: http://secunia.com/advisories/38896/
DESCRIPTION: Some vulnerabilities have been reported in TikiWiki CMS/Groupware, one of which has an unspecified impact and others that can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct SQL injection attacks.
1) Certain unspecified input is not properly sanitised [...]

Keine Kommentare

Juniper Networks Secure Access “row” Cross-Site Scripting Vulnerability

Juniper Networks Secure Access “row” Cross-Site Scripting Vulnerability
SECUNIA ADVISORY ID: SA38841
VERIFY ADVISORY: http://secunia.com/advisories/38841/
DESCRIPTION: Niels Heinen has reported a vulnerability in Juniper Networks Secure Access, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed to the “row” parameter in editbk.cgi is not properly sanitised before being returned to the user. This [...]

Keine Kommentare

Eshbel Priority Cross-Site Scripting Vulnerability

Eshbel Priority Cross-Site Scripting Vulnerability
SECUNIA ADVISORY ID: SA38787
VERIFY ADVISORY: http://secunia.com/advisories/38787/
DESCRIPTION: Yaniv Miron has reported a vulnerability in Eshbel Priority, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed via the URL is not properly sanitised before being returned to the user within the marketgate/PriHtml.dll script. This can be exploited to [...]

Keine Kommentare

Samba “CAP_DAC_OVERRIDE” File Permissions Security Bypass

Samba “CAP_DAC_OVERRIDE” File Permissions Security Bypass
SECUNIA ADVISORY ID: SA38804
VERIFY ADVISORY: http://secunia.com/advisories/38804/
DESCRIPTION: A vulnerability has been reported in Samba, which can be exploited by malicious users to bypass certain security restrictions.
The vulnerability is caused due Samba processes inheriting the “CAP_DAC_OVERRIDE” capability flag, which can be exploited to e.g. read and write to files without having [...]

Keine Kommentare

Debian update for typo3-src

Debian update for typo3-src
SECUNIA ADVISORY ID: SA38892
VERIFY ADVISORY: http://secunia.com/advisories/38892/
DESCRIPTION: Debian has issued an update for typo3-src. This fixes a security issue and some vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information and conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks and bypass certain security [...]

Keine Kommentare

HP Performance Insight Arbitrary Command Execution Vulnerability

HP Performance Insight Arbitrary Command Execution Vulnerability
SECUNIA ADVISORY ID: SA38899
VERIFY ADVISORY: http://secunia.com/advisories/38899/
DESCRIPTION: A vulnerability has been reported in HP Performance Insight, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an unspecified error and can be exploited to execute arbitrary commands.
The vulnerability is reported in version [...]

Keine Kommentare