Archiv für 13. März 2010
ATutor Multiple Script Insertion Vulnerabilities
Verfasst von Stefan unter Bugs / Fehlermeldungen am Samstag 13. März 2010
ATutor Multiple Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA38906 VERIFY ADVISORY: http://secunia.com/advisories/38906/ DESCRIPTION: Multiple vulnerabilities have been discovered in ATutor, which can be exploited by malicious users to conduct script insertion attacks. Input passed via “Question” and “Choice” form fields in tools/polls/add.php when creating a poll, via “Type” and “Title” form fields in tools/groups/create_manual.php when [...]
Debian update for linux-2.6
Verfasst von Stefan unter Bugs / Fehlermeldungen am Samstag 13. März 2010
Debian update for linux-2.6 SECUNIA ADVISORY ID: SA38905 VERIFY ADVISORY: http://secunia.com/advisories/38905/ DESCRIPTION: Debian has issued an update for linux-2.6. This fixes a vulnerability and a security issue, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges. For more information: SA37113 [...]
Fedora update for cups
Verfasst von Stefan unter Bugs / Fehlermeldungen am Samstag 13. März 2010
Fedora update for cups SECUNIA ADVISORY ID: SA38927 VERIFY ADVISORY: http://secunia.com/advisories/38927/ DESCRIPTION: Fedora has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA37364 SOLUTION: Apply updated packages via the yum utility (“yum update cups”). ORIGINAL ADVISORY: FEDORA-2010-3761: [...]
Apple Safari Multiple Vulnerabilities
Verfasst von Stefan unter Bugs / Fehlermeldungen am Samstag 13. März 2010
Apple Safari Multiple Vulnerabilities SECUNIA ADVISORY ID: SA38932 VERIFY ADVISORY: http://secunia.com/advisories/38932/ DESCRIPTION: Some vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or compromise a user’s system. 1) A boundary error in ImageIO can be exploited to cause a buffer underflow and [...]
Eros Webkatalog “id” SQL Injection Vulnerability
Verfasst von Stefan unter Bugs / Fehlermeldungen am Samstag 13. März 2010
Eros Webkatalog “id” SQL Injection Vulnerability SECUNIA ADVISORY ID: SA38900 VERIFY ADVISORY: http://secunia.com/advisories/38900/ DESCRIPTION: Easy Laster has reported a vulnerability in Eros Webkatalog, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the “id” parameter in start.php (when “go” is set to “rubrik”) is not properly sanitised before being [...]
