Section: .. / 1001-advisories /
| /// File Name: |
USN-803-2.txt |
Description:
|
Ubuntu Security Notice 803-2 - USN-803-1 fixed a vulnerability in Dhcp. Due to an error, the patch to fix the vulnerability was not properly applied on Ubuntu 8.10 and higher. Even with the patch improperly applied, the default compiler options reduced the vulnerability to a denial of service. Additionally, in Ubuntu 9.04 and higher, users were also protected by the AppArmor dhclient3 profile. This update fixes the problem. Original advisory details: It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service or execute arbitrary code as the user invoking the program, typically the 'dhcp' user. For users running Ubuntu 8.10 or 9.04, a remote attacker should only be able to cause a denial of service in the DHCP client. In Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3 profile.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 20399 | | Related CVE(s): | CVE-2009-0692 | | Last Modified: | Jan 27 13:55:19 2010 |
| MD5 Checksum: | 59f8411599b6a1bac908489547ac10c6 |
|
| /// File Name: |
USN-876-1.txt |
Description:
|
Ubuntu Security Notice 876-1 - It was discovered that PostgreSQL did not properly handle certificates with NULL characters in the Common Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. It was discovered that PostgreSQL did not properly manage session-local state. A remote authenticated user could exploit this to escalate privileges within PostgreSQL.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 60216 | | Related CVE(s): | CVE-2009-4034, CVE-2009-4136 | | Last Modified: | Jan 3 23:27:01 2010 |
| MD5 Checksum: | ec4f6b7b0f091672355282b553868fcb |
|
| /// File Name: |
USN-877-1.txt |
Description:
|
Ubuntu Security Notice 877-1 - USN-873-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced a regression when using NTLM authentication. This update fixes the problem and added additional stability fixes. We apologize for the inconvenience. Original advisory details: Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 37490 | | Last Modified: | Jan 7 20:07:29 2010 |
| MD5 Checksum: | 338344ef71b3a037f41e18c7b87ca2d0 |
|
| /// File Name: |
USN-878-1.txt |
Description:
|
Ubuntu Security Notice 878-1 - USN-874-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced a regression when using NTLM authentication. This update fixes the problem and added additional stability fixes. We apologize for the inconvenience. Original advisory details: Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack. David Keeler, Bob Clary, and Dan Kaminsky discovered several flaws in third party media libraries. If a user were tricked into opening a crafted media file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 19273 | | Last Modified: | Jan 7 20:08:01 2010 |
| MD5 Checksum: | 852f3cd4fb59eddea4f993974fa9ec97 |
|
| /// File Name: |
USN-879-1.txt |
Description:
|
Ubuntu Security Notice 879-1 - Jeff Blaine, Radoslav Bodo, Jakob Haufe, and Jorgen Wahlsten discovered that the Kerberos Key Distribution Center service did not correctly verify certain network traffic. An unauthenticated remote attacker could send a specially crafted request that would cause the KDC to crash, leading to a denial of service.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 16776 | | Related CVE(s): | CVE-2009-3295 | | Last Modified: | Jan 6 20:30:30 2010 |
| MD5 Checksum: | 72c41d533122e9c8be6c9216c6a7741d |
|
| /// File Name: |
USN-880-1.txt |
Description:
|
Ubuntu Security Notice 880-1 - Stefan Cornelius discovered that GIMP did not correctly handle certain malformed BMP files. If a user were tricked into opening a specially crafted BMP file, an attacker could execute arbitrary code with the user's privileges. Stefan Cornelius discovered that GIMP did not correctly handle certain malformed PSD files. If a user were tricked into opening a specially crafted PSD file, an attacker could execute arbitrary code with the user's privileges. This issue only applied to Ubuntu 8.10, 9.04 and 9.10.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 19482 | | Related CVE(s): | CVE-2009-1570, CVE-2009-3909 | | Last Modified: | Jan 7 13:54:52 2010 |
| MD5 Checksum: | 0b21720c2759ed2461fb39acdc9e6c0d |
|
| /// File Name: |
USN-881-1.txt |
Description:
|
Ubuntu Security Notice 881-1 - It was discovered that Kerberos did not correctly handle invalid AES blocks. An unauthenticated remote attacker could send specially crafted traffic that would crash the KDC service, leading to a denial of service, or possibly execute arbitrary code with root privileges.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 57414 | | Related CVE(s): | CVE-2009-4212 | | Last Modified: | Jan 12 17:41:02 2010 |
| MD5 Checksum: | c5cc3071235d3683b1c35e54ec7d601d |
|
| /// File Name: |
USN-882-1.txt |
Description:
|
Ubuntu Security Notice 882-1 - Maksymilian Arciemowicz discovered that PHP did not properly handle the ini_restore function. An attacker could exploit this issue to obtain random memory contents or to cause the PHP server to crash, resulting in a denial of service. It was discovered that the htmlspecialchars function did not properly handle certain character sequences, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. Stefan Esser discovered that PHP did not properly handle session data. An attacker could exploit this issue to bypass safe_mode or open_basedir restrictions.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 86381 | | Related CVE(s): | CVE-2009-2626, CVE-2009-4142, CVE-2009-4143 | | Last Modified: | Jan 13 21:29:50 2010 |
| MD5 Checksum: | 58014cec2904df5137bfc8f8a0a82992 |
|
| /// File Name: |
USN-883-1.txt |
Description:
|
Ubuntu Security Notice 883-1 - It was discovered that NetworkManager did not ensure that the Certification Authority (CA) certificate file remained present when using WPA Enterprise or 802.1x networks. A remote attacker could use this flaw to spoof the identity of a wireless network and view sensitive information. It was discovered that the connection editor GUI would incorrectly export objects over D-Bus. A local user could read D-Bus signals to view other users' network connection passwords and pre-shared keys.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 4965 | | Related CVE(s): | CVE-2009-4144, CVE-2009-4145 | | Last Modified: | Jan 13 21:30:12 2010 |
| MD5 Checksum: | c2e5c62d4578727cf63f8e041cd759b5 |
|
| /// File Name: |
USN-884-1.txt |
Description:
|
Ubuntu Security Notice 884-1 - It was discovered that OpenSSL did not correctly free unused memory in certain situations. A remote attacker could trigger this flaw in services that used SSL, causing the service to use all available system memory, leading to a denial of service.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 24255 | | Related CVE(s): | CVE-2009-4355 | | Last Modified: | Jan 13 22:14:20 2010 |
| MD5 Checksum: | 023742e1c6937d07d98f216b72fdcf9f |
|
| /// File Name: |
USN-885-1.txt |
Description:
|
Ubuntu Security Notice 885-1 - It was discovered that the Transmission web interface was vulnerable to cross-site request forgery (CSRF) attacks. If a user were tricked into opening a specially crafted web page in a browser while Transmission was running, an attacker could trigger commands in Transmission. This issue affected Ubuntu 9.04. Dan Rosenberg discovered that Transmission did not properly perform input validation when processing torrent files. If a user were tricked into opening a crafted torrent file, an attacker could overwrite files via directory traversal.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 15178 | | Related CVE(s): | CVE-2009-1757, CVE-2010-0012 | | Last Modified: | Jan 14 16:51:23 2010 |
| MD5 Checksum: | b38b0ad9791fc7fbf5dc5590ecdd14c9 |
|
| /// File Name: |
USN-886-1.txt |
Description:
|
Ubuntu Security Notice 886-1 - It was discovered that Pidgin did not properly handle certain topic messages in the IRC protocol handler, enforce the "require TLS/SSL" setting when connecting to certain older Jabber servers, did not properly handle certain SLP invite messages in the MSN protocol handler, did not properly handle certain errors in the XMPP protocol handler, did not properly handle malformed contact-list data in the OSCAR protocol handler and did not properly handle custom smiley requests in the MSN protocol handler.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 21702 | | Related CVE(s): | CVE-2008-2955, CVE-2009-1376, CVE-2009-2703, CVE-2009-3026, CVE-2009-3083, CVE-2009-3085, CVE-2009-3615, CVE-2010-0013 | | Last Modified: | Jan 18 12:14:32 2010 |
| MD5 Checksum: | 0b4090a2dd3eb5bfecd488bb6a25d408 |
|
| /// File Name: |
USN-887-1.txt |
Description:
|
Ubuntu Security Notice 887-1 - Tim Starling discovered that LibThai did not correctly handle long strings. A remote attacker could use specially-formed strings to execute arbitrary code with the user's privileges.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 11703 | | Related CVE(s): | CVE-2009-4012 | | Last Modified: | Jan 18 20:30:14 2010 |
| MD5 Checksum: | 967215637f8b68c6a666ba6ec6dc6613 |
|
| /// File Name: |
USN-888-1.txt |
Description:
|
Ubuntu Security Notice 888-1 - It was discovered that Bind would incorrectly cache bogus NXDOMAIN responses. When DNSSEC validation is in use, a remote attacker could exploit this to cause a denial of service, and possibly poison DNS caches. USN-865-1 provided updated Bind packages to fix a security vulnerability. The upstream security patch to fix CVE-2009-4022 was incomplete and CVE-2010-0290 was assigned to the issue. This update corrects the problem. Michael Sinatra discovered that Bind did not correctly validate certain records added to its cache. When DNSSEC validation is in use, a remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 52900 | | Related CVE(s): | CVE-2009-4022, CVE-2010-0097, CVE-2010-0290 | | Last Modified: | Jan 20 19:16:31 2010 |
| MD5 Checksum: | 8ee9d38fe264c826df92d23f2eb44caf |
|
| /// File Name: |
USN-889-1.txt |
Description:
|
Ubuntu Security Notice 889-1 - It was discovered that gzip incorrectly handled certain malformed compressed files. If a user or automated system were tricked into opening a specially crafted gzip file, an attacker could cause gzip to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Aki Helin discovered that gzip incorrectly handled certain malformed files compressed with the Lempel–Ziv–Welch (LZW) algorithm. If a user or automated system were tricked into opening a specially crafted gzip file, an attacker could cause gzip to crash or possibly execute arbitrary code with the privileges of the user invoking the program.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 8782 | | Related CVE(s): | CVE-2009-2624, CVE-2010-0001 | | Last Modified: | Jan 20 21:19:07 2010 |
| MD5 Checksum: | c7799627db7a3c6dab58ffe6068beed8 |
|
| /// File Name: |
USN-890-1.txt |
Description:
|
Ubuntu Security Notice 890-1 - Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 23902 | | Related CVE(s): | CVE-2009-2625, CVE-2009-3560, CVE-2009-3720 | | Last Modified: | Jan 20 21:23:48 2010 |
| MD5 Checksum: | a0de62100f8b2ecb8205f9262ce11c58 |
|
| /// File Name: |
USN-890-2.txt |
Description:
|
Ubuntu Security Notice 890-2 - USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for the PyExpat module in Python 2.5. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 19346 | | Related CVE(s): | CVE-2009-3560, CVE-2009-3720 | | Last Modified: | Jan 22 03:10:49 2010 |
| MD5 Checksum: | 50d1bea0a0a31a88dc303a2bade68b83 |
|
| /// File Name: |
USN-890-3.txt |
Description:
|
Ubuntu Security Notice 890-3 - USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for the PyExpat module in Python 2.4. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 24827 | | Related CVE(s): | CVE-2009-3560, CVE-2009-3720 | | Last Modified: | Jan 22 18:54:08 2010 |
| MD5 Checksum: | 5bb6274ca915988ea7addb08819f54e2 |
|
| /// File Name: |
USN-890-4.txt |
Description:
|
Ubuntu Security Notice 890-4 - USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for PyXML. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 3263 | | Related CVE(s): | CVE-2009-3560, CVE-2009-3720 | | Last Modified: | Jan 27 09:44:55 2010 |
| MD5 Checksum: | 19f31a335b1b16de92a692597b50b9be |
|
| /// File Name: |
USN-891-1.txt |
Description:
|
Ubuntu Security Notice 891-1 - It was discovered that lintian did not correctly validate certain filenames when processing input. If a user or an automated system were tricked into running lintian on a specially crafted set of files, a remote attacker could execute arbitrary code with user privileges.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 3946 | | Related CVE(s): | CVE-2009-4013, CVE-2009-4014, CVE-2009-4015 | | Last Modified: | Jan 29 17:23:03 2010 |
| MD5 Checksum: | 1a2a6112f1845b7aa041854dc1d14266 |
|
| /// File Name: |
USN-892-1.txt |
Description:
|
Ubuntu Security Notice 892-1 - Ronald Volgers discovered that FUSE did not correctly check mount locations. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 22167 | | Related CVE(s): | CVE-2009-3297 | | Last Modified: | Jan 29 18:29:00 2010 |
| MD5 Checksum: | 8d6d9887d42f1d9e81abcc3b43ffd594 |
|
| /// File Name: |
USN-893-1.txt |
Description:
|
Ubuntu Security Notice 893-1 - Ronald Volgers discovered that the mount.cifs utility, when installed as a setuid program, suffered from a race condition when verifying user permissions. A local attacker could trick samba into mounting over arbitrary locations, leading to a root privilege escalation.
| | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 47293 | | Related CVE(s): | CVE-2009-3297 | | Last Modified: | Jan 29 17:37:52 2010 |
| MD5 Checksum: | 6d7694cdc9b4cf486e8c305a1e883f1e |
|
| /// File Name: |
VMSA-2010-0001.txt |
Description:
|
VMware Security Advisory - Service console packages for Network Security Services (NSS) and NetScape Portable Runtime (NSPR) are updated to versions nss-3.12.3.99.3-1.2157 and nspr-4.7.6-1.2213 respectively. This patch fixes several security issues in the service console packages for NSS and NSPR.
| | Homepage: | http://www.vmware.com/ | | File Size: | 5034 | | Related CVE(s): | CVE-2009-2409, CVE-2009-2408, CVE-2009-2404, CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382 | | Last Modified: | Jan 7 14:33:17 2010 |
| MD5 Checksum: | 35db47ed4bf8e21e78243971ea73fd74 |
|
| /// File Name: |
vmware-insecure.txt |
Description:
|
It appears that the VMWare server installer may fail to set the umask and/or file permissions upon installation.
| | Author: | dd | | File Size: | 1112 | | Last Modified: | Jan 7 13:48:43 2010 |
| MD5 Checksum: | 35e31e570101f4e53cf39aecd7ee90af |
|
| /// File Name: |
vpasp-sqlxss.txt |
Description:
|
VP-ASP suffers from cross site scripting and remote SQL injection vulnerabilities.
| | Author: | CodeScan Labs | | File Size: | 4064 | | Last Modified: | Jan 22 02:33:30 2010 |
| MD5 Checksum: | 17cf7dc8077f7f052f1f6be6e69c3179 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
