10832 matches found
USN-1106-1: NSS vulnerabilities
It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could exploit these to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. These certificates were marked as explicitly not trusted to prevent their...
USN-1105-1: Linux kernel vulnerabilities
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075 Dan Rosenberg discovered that the socket filters did not correctly...
USN-1104-1: FFmpeg vulnerabilities
Cesar Bernardini and Felipe Andres Manzano discovered that FFmpeg incorrectly handled certain malformed flic files. If a user were tricked into opening a crafted flic file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of...
USN-1103-1: tex-common vulnerability
Mathias Svensson discovered that the tex-common package contains an insecure shellescapecommands configuration item. If a user or automated system were tricked into opening a specially crafted TeX file, a remote attacker could execute arbitrary code with user privileges...
USN-1102-1: tiff vulnerability
Martin Barbella discovered that the thunder aka ThunderScan decoder in the TIFF library incorrectly handled an unexpected BitsPerSample value. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privilege...
USN-1101-1: Qt vulnerabilities
It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could exploit these to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. These were placed on the certificate blocklist to prevent their misuse...
USN-1100-1: OpenLDAP vulnerabilities
It was discovered that OpenLDAP did not properly check forwarded authentication failures when using a consumer server and chain overlay. If OpenLDAP were configured in this manner, an attacker could bypass authentication checks by sending an invalid password to a consumer server. CVE-2011-1024 It...
USN-1099-1: GDM vulnerability
Sebastian Krahmer discovered that GDM GNOME Display Manager did not properly drop privileges when handling the cache directories used to store users' dmrc and face icon files. This could allow a local attacker to change the ownership of arbitrary files, thereby gaining root privileges...
USN-1098-1: vsftpd vulnerability
It was discovered that vsftpd incorrectly handled certain glob expressions. A remote authenticated user could use a crafted glob expression to cause vftpd to consume all resources, leading to a denial of service...
USN-1097-1: Tomcat vulnerabilities
It was discovered that the Tomcat SecurityManager did not properly restrict the working directory. An attacker could use this flaw to read or write files outside of the intended working directory. CVE-2010-3718 It was discovered that Tomcat did not properly escape certain parameters in the Manage...
USN-1096-1: Subversion vulnerability
Philip Martin discovered that the Subversion moddavsvn module for Apache did not properly handle certain requests containing a lock token. A remote attacker could use this flaw to cause the service to crash, leading to a denial of service...
USN-1095-1: Quagga vulnerabilities
It was discovered that Quagga incorrectly parsed certain malformed extended communities. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. CVE-2010-1674 It was discovered that Quagga resets BGP sessions when encountering malformed ASPATHLIMIT...
USN-1094-1: Libvirt vulnerability
Petr Matousek discovered that libvirt did not always honor read-only connections. An attacker who is authorized to connect to the libvirt daemon could exploit this to cause a denial of service via application crash...
USN-1093-1: Linux Kernel vulnerabilities (Marvell Dove)
Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. CVE-2010-3904 Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service...
USN-1092-1: Linux Kernel vulnerabilities
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075, CVE-2010-4077 Dan Rosenberg discovered that the socket filters did not...
USN-1091-1: Firefox and Xulrunner vulnerabilities
It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could use these to perform a machine-in-the-middle attack. These were placed on the certificate blocklist to prevent their misuse...
USN-1090-1: Linux kernel vulnerabilities
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075 Dan Rosenberg discovered that the SCSI subsystem did not correctly validat...
USN-1089-1: Linux kernel vulnerabilities
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075, CVE-2010-4076, CVE-2010-4077 Dan Rosenberg discovered that the socket...
USN-1079-3: OpenJDK 6 vulnerabilities
USN-1079-2 fixed vulnerabilities in OpenJDK 6 for armel ARM architectures in Ubuntu 9.10 and Ubuntu 10.04 LTS. This update fixes vulnerabilities in OpenJDK 6 for armel ARM architectures for Ubuntu 10.10. Original advisory details: It was discovered that untrusted Java applets could create domain...
USN-1088-1: Kerberos vulnerability
Cameron Meadors discovered that the MIT Kerberos 5 Key Distribution Center KDC daemon is vulnerable to a double-free condition if the Public Key Cryptography for Initial Authentication PKINIT capability is enabled. This could allow a remote attacker to cause a denial of service...
USN-1085-2: tiff regression
USN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream fixes were incomplete and created problems for certain CCITTFAX4 files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Sauli Pahlman discovered that the TIFF library incorrectl...
USN-1079-2: OpenJDK 6 vulnerabilities
USN-1079-1 fixed vulnerabilities in OpenJDK 6 for non-armel ARM architectures. This update provides the corresponding updates for OpenJDK 6 for use with the armel ARM architectures. In order to build the armel ARM OpenJDK 6 update for Ubuntu 10.04 LTS, it was necessary to rebuild binutils and...
USN-1087-1: libvpx vulnerability
Chris Evans discovered that libvpx did not properly perform bounds checking. If an application using libvpx opened a specially crafted WebM file, an attacker could cause a denial of service...
USN-1086-1: Linux kernel (EC2) vulnerabilities
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075 Dan Rosenberg discovered that the socket filters did not correctly...
USN-1049-2: Firefox and Xulrunner regression
USN-1049-1 fixed vulnerabilities in Firefox and Xulrunner. That update introduced a regression where some Java applets would fail to load. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff...
USN-1085-1: tiff vulnerabilities
Sauli Pahlman discovered that the TIFF library incorrectly handled invalid tdstripbytecount fields. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. This issue only affected Ubunt...
USN-1084-1: avahi vulnerability
It was discovered that Avahi incorrectly handled empty UDP packets. A remote attacker could send a specially-crafted packet and cause Avahi to hang, resulting in a denial of service...
USN-1050-1: Thunderbird vulnerabilities
Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the...
USN-1049-1: Firefox and Xulrunner vulnerabilities
Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the...
USN-1083-1: Linux kernel vulnerabilities
Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. CVE-2010-3904 Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service...
USN-1080-2: Linux kernel vulnerabilities
Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not...
USN-1082-1: Pango vulnerabilities
Marc Schoenefeld discovered that Pango incorrectly handled certain Glyph Definition GDEF tables. If a user were tricked into displaying text with a specially-crafted font, an attacker could cause Pango to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS and 9.10...
USN-1081-1: Linux kernel vulnerabilities
It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-3698 Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could...
USN-1080-1: Linux kernel vulnerabilities
Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not...
USN-1079-1: OpenJDK 6 vulnerabilities
It was discovered that untrusted Java applets could create domain name resolution cache entries, allowing an attacker to manipulate name resolution within the JVM. CVE-2010-4448 It was discovered that the Java launcher did not did not properly setup the LDLIBRARYPATH environment variable. A local...
USN-1078-1: Logwatch vulnerability
Dominik George discovered that logwatch did not properly sanitize log file names that were passed to the shell as part of a command. If a remote attacker were able to generate specially crafted filenames for example, via Samba logging, they could execute arbitrary code with root privileges...
USN-1074-2: Linux kernel vulnerabilities
Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. CVE-2010-3904 Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service...
USN-1077-1: FUSE vulnerabilities
It was discovered that FUSE would incorrectly follow symlinks when checking mountpoints under certain conditions. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service...
USN-1076-1: ClamAV vulnerability
It was discovered that the Microsoft Office processing code in libclamav improperly handled certain Visual Basic for Applications VBA data. This could allow a remote attacker to craft a document that could crash clamav or possibly execute arbitrary code. In the default installation, attackers wou...
USN-1075-1: Samba vulnerability
Volker Lendecke discovered that Samba incorrectly handled certain file descriptors. A remote attacker could send a specially crafted request to the server and cause Samba to crash or hang, resulting in a denial of service...
USN-1074-1: Linux kernel vulnerabilities
Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2009-4895 Dan Rosenberg discovered that the MOVEEXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only...
USN-1073-1: Linux kernel vulnerabilities
Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dan Jacobson discovered that ThinkPad video output was not correctly...
USN-1072-1: Linux kernel vulnerabilities
Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dave Chinner discovered that the XFS filesystem did not correctly order...
USN-1071-1: Linux kernel vulnerabilities
Tavis Ormandy discovered that the Linux kernel did not properly implement exception fixup. A local attacker could exploit this to crash the kernel, leading to a denial of service. CVE-2010-3086 Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signednes...
USN-1070-1: Bind vulnerability
It was discovered that Bind incorrectly handled IXFR transfers and dynamic updates while under heavy load when used as an authoritative server. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service...
USN-1069-1: Mailman vulnerabilities
It was discovered that Mailman did not properly sanitize certain fields, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to...
USN-1068-1: Aptdaemon vulnerability
Sergey Nizovtsev discovered that Aptdaemon incorrectly filtered certain arguments when using its D-Bus interface. A local attacker could use this flaw to bypass security restrictions and view sensitive information by reading arbitrary files...
USN-1066-1: Django vulnerabilities
It was discovered that Django did not properly validate HTTP requests that contain an X-Requested-With header. An attacker could exploit this vulnerability to perform cross-site request forgery CSRF attacks. CVE-2011-0696 It was discovered that Django did not properly sanitize its input when...
USN-1067-1: Telepathy Gabble vulnerability
It was discovered that Gabble did not verify the from field of google jingleinfo updates. This could allow a remote attacker to perform machine-in-the-middle attacks MITM on streamed media...
USN-1064-1: OpenSSL vulnerability
Neel Mehta discovered that incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. This could allow a remote attacker to cause a crash and denial of service by triggering invalid memory accesses...