[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 13.1 and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/mozilla-thunderbird-3.0.9-i686-1.txz: Upgraded. This upgrade fixes some more security bugs. For more information, see:...

CVE-2010-3365

Mistelix 0.31 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

DEBIAN-CVE-2010-3364

The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

DEBIAN-CVE-2010-3381

The 1 tangerine and 2 tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

DEBIAN-CVE-2010-3385

TuxGuitar 1.2 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

CVE-2010-3362

lastfm 1.5.4 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

CVE-2010-3365

Mistelix 0.31 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

CVE-2010-3360

Hipo 0.6.1 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

CVE-2010-3350

bareFTP 0.3.4 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

UBUNTU-CVE-2010-3393

magics-config in Magics++ 2.10.0 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

Mozilla unsafe library loading flaw

A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan hor...

CVE-2010-2368

Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory...

[slackware-security] sudo redo

New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a directory permissions issue. These replacement packages restore the correct permissions to /var. Here are the details from the Slackware 13.1 ChangeLog:...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 12.2, 13.0, 13.1, and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/mozilla-firefox-3.6.9-i686-1.txz: Upgraded. This fixes some security issues. For more information, see:...

Adobe InDesign Insecure Library Loading Vulnerability (Windows)

This host is installed with Adobe InDesign and is prone to insecure library loading vulnerability. OpenVAS Vulnerability Test $Id: gbadobeindesigninsecurelibloadvulnwin.nasl 5263 2017-02-10 13:45:51Z teissa $ Adobe InDesign Insecure Library Loading Vulnerability Windows Authors: Antu Sanadi...

TechSmith Snagit Insecure Library Loading Vulnerability

This host is installed with TechSmith Snagit and is prone to insecure library loading vulnerability. OpenVAS Vulnerability Test $Id: gbtechsmithsnagitinsecurelibloadvuln.nasl 5364 2017-02-20 13:26:07Z cfi $ TechSmith Snagit Insecure Library Loading Vulnerability Authors: Sooraj KS Copyright:...

Wireshark File Opening Insecure Library Loading Vulnerability (Windows)

This host is installed with Wireshark and is prone to insecure library loading vulnerability. OpenVAS Vulnerability Test $Id: secpodwiresharkinsecurelibloadvulnwin.nasl 5401 2017-02-23 09:46:07Z teissa $ Wireshark File Opening Insecure Library Loading Vulnerability Windows Authors: Antu Sanadi...

DEBIAN-CVE-2010-2945

The default configuration of SLiM before 1.3.2 places ./ dot slash at the beginning of the defaultpath option, which might allow local users to gain privileges via a Trojan horse program in the current working directory, related to slim.conf and cfg.cpp...

CVE-2010-2945

The default configuration of SLiM before 1.3.2 places ./ dot slash at the beginning of the defaultpath option, which might allow local users to gain privileges via a Trojan horse program in the current working directory, related to slim.conf and cfg.cpp...

CVE-2010-2945

The default configuration of SLiM before 1.3.2 places ./ dot slash at the beginning of the defaultpath option, which might allow local users to gain privileges via a Trojan horse program in the current working directory, related to slim.conf and cfg.cpp...