Ubuntu 6.06 LTS / 8.04 LTS / 8.10 : apt vulnerabilities (USN-762-1)

Alexandre Martani discovered that the APT daily cron script did not check the return code of the date command. If a machine is configured for automatic updates and is in a time zone where DST occurs at midnight, under certain circumstances automatic updates might not be applied and could become...

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : curl vulnerability (USN-726-1)

It was discovered that curl did not enforce any restrictions when following URL redirects. If a user or automated system were tricked into opening a URL to an untrusted server, an attacker could use redirects to gain access to arbitrary files. This update changes curl behavior to prevent followin...

Secunia pushes for standard to patch consumer apps

From DarkReading Kelly Jackson Higgins Danish security firm Secunia is attempting to rally other software vendors to develop an industry-standard tool that automatically updates all applications on a consumer’s PC. Secunia envisions an industry-standard app that runs when a laptop starts up, for...

[USN-762-1] APT vulnerabilities

=========================================================== Ubuntu Security Notice USN-762-1 April 20, 2009 apt vulnerabilities CVE-2009-1300, https://launchpad.net/bugs/356012 =========================================================== A security issue affects the following Ubuntu releases: Ubun...

[Backports-security-announce] Security Update for ejabberd

Gerfried Fuchs uploaded new packages for ejabberd which fixed the following security problems: CVE-2009-0934, Debian BTS 520852 Cross-site scripting XSS vulnerability in ejabberd before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to links and M...

Microsoft Security Bulletin MS09-013 - Critical Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)

Microsoft Security Bulletin MS09-013 - Critical Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution 960803 Published: April 14, 2009 Version: 1.0 General Information Executive Summary This security update resolves one publicly disclosed vulnerability and two privately...

Mandriva Update for drakxtools MDVA-2008:115 (drakxtools)

Check for the Version of drakxtools OpenVAS Vulnerability Test Mandriva Update for drakxtools MDVA-2008:115 drakxtools Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

Mandriva Update for drakxtools MDVA-2008:115 (drakxtools)

Check for the Version of drakxtools OpenVAS Vulnerability Test Mandriva Update for drakxtools MDVA-2008:115 drakxtools Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

curl security update

CentOS Errata and Security Advisory CESA-2009:0341 Updated curl packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. cURL is a tool for getting files...

[SECURITY] Fedora 9 Update: NetworkManager-0.7.0.99-1.fc9

NetworkManager attempts to keep an active network connection available at a ll times. It is intended only for the desktop use-case, and is not intended f or usage on servers. The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. If using ...

Fedora Update for tar FEDORA-2007-1890

Check for the Version of tar OpenVAS Vulnerability Test Fedora Update for tar FEDORA-2007-1890 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

Fedora Update for autofs FEDORA-2007-4532

Check for the Version of autofs OpenVAS Vulnerability Test Fedora Update for autofs FEDORA-2007-4532 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora Update for clamav FEDORA-2008-3358

Check for the Version of clamav OpenVAS Vulnerability Test Fedora Update for clamav FEDORA-2008-3358 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Use Super Bunny to obtain the terminal administrator password-vulnerability warning-the black bar safety net

Everyone engage to the broiler open 3 3 8 9 After the think what not to do? The establishment of the Account will always be administrators findwhy don't you put the Administrator's password. Is the administrator passwordGeneral the server he will always set up automatic landing, the principle is...

Multiple Vulnerabilities Concerning Hitachi Web Server

Overview Hitachi Web Server has vulnerabilities listed below: 1. A vulnerability that allows to roll back the Open SSL version when using the SSL. 2. Cross-site scripting vulnerability in contents created automatically by the Hitachi Web Server. 3. Cross-site scripting vulnerability due to...

Mandrake Security Advisory MDVSA-2009:017 (kdebase)

The remote host is missing an update to kdebase announced via advisory MDVSA-2009:017. OpenVAS Vulnerability Test $Id: mdksa2009017.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:017 kdebase Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

CVE-2009-0068

Interaction error in xdg-open allows remote attackers to execute arbitrary code by sending a file with a dangerous MIME type but using a safe type that Firefox sends to xdg-open, which causes xdg-open to process the dangerous file type through automatic type detection, as demonstrated by...

CVE-2009-0068

CVE-2009-0068 affects the xdg-open component of xdg-utils. The flaw arises from an interaction error where a file sent with a dangerous MIME type but wrapped as a safe type is processed via automatic type detection, enabling remote attackers to execute arbitrary code (demonstrated by overwriting ...

CVE-2009-0068

Interaction error in xdg-open allows remote attackers to execute arbitrary code by sending a file with a dangerous MIME type but using a safe type that Firefox sends to xdg-open, which causes xdg-open to process the dangerous file type through automatic type detection, as demonstrated by...

[SECURITY] Fedora 10 Update: clamav-0.94.2-1.fc10

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...