[SECURITY] Fedora 10 Update: kdenetwork-4.3.1-1.fc10

Networking applications, including: kget: downloader manager kopete: chat client kppp: dialer and front end for pppd krdc: a client for Desktop Sharing and other VNC servers krfb: Desktop Sharing server, allow others to access your desktop via VNC...

[SECURITY] Fedora 11 Update: kdenetwork-4.3.1-1.fc11

Networking applications, including: kget: downloader manager kopete: chat client kppp: dialer and front end for pppd krdc: a client for Desktop Sharing and other VNC servers krfb: Desktop Sharing server, allow others to access your desktop via VNC...

CVE-2009-3164

CVE-2009-3164 affects Sun Solaris 10 and OpenSolaris (SNV 01–82, 111–122) when using a Cassini GigaSwift Ethernet Adapter. It is a consequence of an incomplete fix for CVE-2009-2136 in the IPv6/TCP-IP stack, enabling remote attackers to trigger a denial of service (kernel panic) via jumbo frames....

TCP Window Size Enforcement (CVE-2008-4609; CVE-2009-1925; CVE-2009-1926)

TCP/IP is a set of networking protocols that are widely used on the Internet. TCP/IP provides communications across interconnected networks of computers that have diverse hardware architectures and that run various operating systems. Multiple vulnerabilities exist in TCP/IP processing in Microsof...

[SECURITY] Fedora 10 Update: galeon-2.0.7-13.fc10

Galeon is a web browser built around Gecko Mozilla's rendering engine and Necko Mozilla's networking engine. It's a GNOME web browser, designed to take advantage of as many GNOME technologies as makes sense. Galeon was written to do just one thing - browse the web...

Mac OS X 10.5.x < 10.5.8 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.8. Mac OS X 10.5.8 contains security fixes for the following products : - bzip2 - CFNetwork - ColorSync - CoreTypes - Dock - Image RAW - ImageIO - Kernel - launchd - Login Window - MobileMe - Networking - XQuery C Tenab...

elgg <= 1.5 (/_css/js.php) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================= elgg dbname,$mysqldblink 48: if $simplecacheenabled || $override 49: $filename = $dataroot . 'viewssimplecache/' . md5$viewtype . $view; 51: $contents = filegetcontents$filename...

DEFCON: CSRF Attacks Made Easy

LAS VEGAS — The security of social networking sites isn’t as bad as you think. In fact, it’s much worse. Sites such as Twitter, Facebook and others that rely heavily on user-generated content, shared content and aggregation have been the targets of increasingly sophisticated attacks over the last...

Miniweb 2.0 Social Networking XSS

-----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...

[SECURITY] Fedora 10 Update: kdelibs3-3.5.10-13.fc10

Libraries for the K Desktop Environment 3: KDE Libraries included: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, kio Input/Output, networking, kspell spelling checker, jscript javascript, kab addressbook, kimgio image manipulation...

[SECURITY] Fedora 11 Update: kdelibs3-3.5.10-13.fc11

Libraries for the K Desktop Environment 3: KDE Libraries included: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, kio Input/Output, networking, kspell spelling checker, jscript javascript, kab addressbook, kimgio image manipulation...

[SECURITY] Fedora 10 Update: wxGTK-2.8.10-2.fc10

wxWidgets/GTK2 is the GTK2 port of the C++ cross-platform wxWidgets GUI library, offering classes for all common GUI controls as well as a comprehensive set of helper classes for most common application tasks, ranging from networking to HTML display and image manipulation...

[SECURITY] Fedora 11 Update: wxGTK-2.8.10-2.fc11

wxWidgets/GTK2 is the GTK2 port of the C++ cross-platform wxWidgets GUI library, offering classes for all common GUI controls as well as a comprehensive set of helper classes for most common application tasks, ranging from networking to HTML display and image manipulation...

openSUSE Security Update : dbus-1 (dbus-1-717)

The dbus package used a too permissive configuration. Therefore intended access control for some services was not applied CVE-2008-4311. The new configuration denies access by default. Some dbus services may break due to this setting and need an updated configuration as well. With the previous...

Toward Privacy-Aware OpenSocial Applications

Kun Liu from IBM Research discusses the potential for developing privacy-aware social networking applications through the measurement and monitoring of privacy risks...

Koobface Worm Infections Exploding

By Stefan Tanase, Kaspersky Lab, Romania In June, we saw an explosive rise in the number of Koobface modifications – the number of variants we detected jumped from 324 at the end of May to nearly 1000 by the end of June. And this weekend brought another flood, bringing us up to 1049 at the time o...

Authentication flaw

Unspecified vulnerability in the TCP/IP networking stack in Sun Solaris 10, and OpenSolaris snv01 through snv82 and snv111 through snv117, when a Cassini GigaSwift Ethernet Adapter aka CE interface is used, allows remote attackers to cause a denial of service panic via vectors involving jumbo...

CVE-2009-2136

CVE-2009-2136 affects Sun Solaris 10 and OpenSolaris (various snv builds) when the Cassini GigaSwift Ethernet Adapter interface is used. The issue is an unspecified vulnerability in the TCP/IP networking stack that allows a remote attacker to cause a denial of service (panic) via vectors involvin...

[SECURITY] Fedora 9 Update: galeon-2.0.7-11.fc9

Galeon is a web browser built around Gecko Mozilla's rendering engine and Necko Mozilla's networking engine. It's a GNOME web browser, designed to take advantage of as many GNOME technologies as makes sense. Galeon was written to do just one thing - browse the web...

Month of Twitter Bugs Coming in July

A security researcher who specializes in browser and Web 2.0 vulnerabilities plans to use the month of July to expose serious vulnerabilities in the Twitter ecosystem. The Month of Twitter Bugs, a project which launches on July 1, is the handiwork of Aviv Raff. It will disclose a combination of...