Archiv für 4. Februar 2010
Debian update for trac-git
Verfasst von Stefan unter Bugs / Fehlermeldungen am Donnerstag 4. Februar 2010
Debian update for trac-git SECUNIA ADVISORY ID: SA38325 VERIFY ADVISORY: http://secunia.com/advisories/38325/ DESCRIPTION: Debian has issued an update for trac-git. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Unspecified input is not properly sanitised before being used as a command line argument. This can be exploited to inject [...]
HP System Management Homepage Cross-Site Scripting Vulnerability
Verfasst von Stefan unter Bugs / Fehlermeldungen am Donnerstag 4. Februar 2010
HP System Management Homepage Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA38341 VERIFY ADVISORY: http://secunia.com/advisories/38341/ DESCRIPTION: Richard Brain has reported a vulnerability in HP System Management Homepage, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the “servercert” parameter in smhui/getuiinfo (when “JS” is set) is not properly sanitised before [...]
iPhone Configuration Profiles Spoofing Security Issue
Verfasst von Stefan unter Bugs / Fehlermeldungen am Donnerstag 4. Februar 2010
iPhone Configuration Profiles Spoofing Security Issue SECUNIA ADVISORY ID: SA38433 VERIFY ADVISORY: http://secunia.com/advisories/38433/ DESCRIPTION: A security issue has been discovered in the iPhone OS, which can be exploited by malicious people to conduct spoofing attacks. The security issue is caused due to an error in the handling of “mobileconfig” files received via the Safari browser. [...]
Drupal ODF Import Module Script Insertion Vulnerability
Verfasst von Stefan unter Bugs / Fehlermeldungen am Donnerstag 4. Februar 2010
Drupal ODF Import Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA38453 VERIFY ADVISORY: http://secunia.com/advisories/38453/ DESCRIPTION: A vulnerability has been reported in the ODF Import module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Unspecified input via imported content is not properly sanitised before being used. This can be exploited [...]
Linux Kernel KVM “pit_ioport_read()” Denial of Service
Verfasst von Stefan unter Bugs / Fehlermeldungen am Donnerstag 4. Februar 2010
Linux Kernel KVM “pit_ioport_read()” Denial of Service SECUNIA ADVISORY ID: SA38405 VERIFY ADVISORY: http://secunia.com/advisories/38405/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users in a KVM guest to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the “pit_ioport_read()” function [...]
Microsoft Releases Advance Notification for February Security Bulletin
Verfasst von Stefan unter Bugs / Fehlermeldungen am Donnerstag 4. Februar 2010
US-CERT Current Activity Microsoft Releases Advance Notification for February Security Bulletin Original release date: February 4, 2010 at 2:26 pm Last revised: February 4, 2010 at 2:26 pm Microsoft has issued a Security Bulletin Advance Notification, indicating that its February release cycle will contain 13 bulletins. Five of them will have a severity rating of [...]
UltraBB “post_id” Cross-Site Scripting Vulnerability
Verfasst von Stefan unter Bugs / Fehlermeldungen am Donnerstag 4. Februar 2010
UltraBB “post_id” Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA38406 VERIFY ADVISORY: http://secunia.com/advisories/38406/ DESCRIPTION: A vulnerability has been reported in UltraBB, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the “post_id” parameter in view_post.php is not properly sanitised before being returned to the user. This can be exploited to [...]
UltraBB “post_id” Cross-Site Scripting Vulnerability
Verfasst von Stefan unter Bugs / Fehlermeldungen am Donnerstag 4. Februar 2010
UltraBB “post_id” Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA38406 VERIFY ADVISORY: http://secunia.com/advisories/38406/ DESCRIPTION: A vulnerability has been reported in UltraBB, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the “post_id” parameter in view_post.php is not properly sanitised before being returned to the user. This can be exploited to [...]
UltraBB “post_id” Cross-Site Scripting Vulnerability
Verfasst von Stefan unter Bugs / Fehlermeldungen am Donnerstag 4. Februar 2010
UltraBB “post_id” Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA38406 VERIFY ADVISORY: http://secunia.com/advisories/38406/ DESCRIPTION: A vulnerability has been reported in UltraBB, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the “post_id” parameter in view_post.php is not properly sanitised before being returned to the user. This can be exploited to [...]
fetchmail SSL Certificate Printing Buffer Overflow Vulnerability
Verfasst von Stefan unter Bugs / Fehlermeldungen am Donnerstag 4. Februar 2010
fetchmail SSL Certificate Printing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA38391 VERIFY ADVISORY: http://secunia.com/advisories/38391/ DESCRIPTION: A vulnerability has been reported in fetchmail, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the “sdump()” function in sdump.c when printing issuer and subject [...]
