RSS
All articles

February 06, 2013 08:49 Red Hat: Security update for MySQL

0

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. A stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon. A flaw was found in the way MySQL calculated the key length when creating a sort order index for certain queries. An authenticated database user could use this flaw to crash the mysqld daemon.

Updated packages are available from ftp.redhat.com.

February 06, 2013 08:47 Red Hat: Security update for the Linux kernel

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Xen hypervisor implementation did not perform range checking on the guest provided values in multiple hypercalls. A privileged guest user could use this flaw to trigger long loops, leading to a denial of service It was found that when running a 32-bit binary that uses a large number of shared libraries, one of the libraries would always be loaded at a predictable address in memory. An attacker could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. A flaw was found in the way the Linux kernel’s IPv6 implementation handled overlapping, fragmented IPv6 packets. A remote attacker could potentially use this flaw to bypass protection mechanisms (such as a firewall or intrusion detection system (IDS)) when sending network packets to a target system.

Updated packages are available from ftp.redhat.com.

February 06, 2013 08:45 Ubuntu: Security update for PHP

0

It was discovered that PHP incorrectly handled the openssl_encrypt function when used with an empty string. An attacker could use this flaw to cause PHP to disclose arbitrary memory contents and possibly expose sensitive information.

Updated packages are available from security.ubuntu.com.

February 06, 2013 08:42 Ubuntu: Security update for MySQL

0

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Updated packages are available from security.ubuntu.com.

February 04, 2013 07:59 Ubuntu: Security update for Vino

0

It was discovered that Vino incorrectly transmitted clipboard activity before authenticating the remote connection. A remote attacker could connect to Vino and monitor clipboard activity.

Updated packages are available from security.ubuntu.com.

February 04, 2013 07:58 Debian: Security update for movabletype

0

An input sanitation problem has been found in upgrade functions of movabletype-opensource, a web-based publishing platform. Using carefully crafted requests to the mt-upgrade.cgi file, it would be possible to inject OS command and SQL queries.

Updated packages are available from security.debian.org.

February 04, 2013 07:57 Red Hat: Security update for Vino

0

Vino is a Virtual Network Computing (VNC) server for GNOME. It allows remote users to connect to a running GNOME session using VNC. It was found that Vino transmitted all clipboard activity on the system running Vino to all clients connected to port 5900, even those who had not authenticated. A remote attacker who is able to access port 5900 on a system running Vino could use this flaw to read clipboard data without authenticating. Two out-of-bounds memory read flaws were found in the way Vino processed client framebuffer requests in certain encodings. An authenticated client could use these flaws to send a specially-crafted request to Vino, causing it to crash.

In certain circumstances, the vino-preferences dialog box incorrectly indicated that Vino was only accessible from the local network. This could confuse a user into believing connections from external networks are not allowed (even when they are allowed). With this update, vino-preferences no longer displays connectivity and reachable information. There was no warning that Universal Plug and Play (UPnP) was used to open ports on a user’s network router when the “Configure network automatically to accept connections” option was enabled (it is disabled by default) in the Vino preferences. This update changes the option’s description to avoid the risk of a UPnP router configuration change without the user’s consent.

Updated packages are available from ftp.redhat.com.

February 04, 2013 07:55 Debian: Security update for Ganglia

0

Insufficient input sanitization in Ganglia, a web based monitoring system, could lead to remote PHP script execution with permissions of the user running the web browser.

Updated packages are available from security.debian.org.

February 04, 2013 07:53 Ubuntu: Security update for the Linux kernel

0

Jon Howell reported a flaw in KVM (Kernel-based virtual machine) subsystem’s handling of the XSAVE CPU feature. On hosts without the XSAVE CPU feature, using qemu userspace, an unprivileged local attacker could exploit this flaw to crash the system. A flaw was discovered in handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. Florian Weimer discovered that hypervkvpd was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit.

Updated packages are available from security.ubuntu.com.

February 01, 2013 09:24 Ubuntu: Security update for Linux kernel

0

Jon Howell reported a flaw in the Linux kernel’s KVM (Kernel-based virtual machine) subsystem’s handling of the XSAVE CPU feature. On hosts without the XSAVE CPU feature, using qemu userspace, an unprivileged local attacker could exploit this flaw to crash the system. A flaw was discovered in the Linux kernel’s handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. Florian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit.

Updated packages are available from security.ubuntu.com.

February 01, 2013 09:23 Ubuntu: Security update for RPM

0

It was discovered that RPM incorrectly handled certain package headers. If a user or automated system were tricked into installing a specially crafted RPM package, an attacker could cause RPM to crash, resulting in a denial of service, or possibly execute arbitrary code.

Updated packages are available from security.ubuntu.com.

February 01, 2013 09:22 Ubuntu: Security update for RPM

0

It was discovered that RPM incorrectly handled signature checking. An attacker could create a specially-crafted rpm with an invalid signature which could pass the signature validation check.

Updated packages are available from security.ubuntu.com.

February 01, 2013 09:21 Debian: Security update for Rails

0

An interpretation conflict can cause the Active Record component of Rails, a web framework for the Ruby programming language, to truncate queries in unexpected ways. This may allow attackers to elevate their privileges.

Updated packages are available from security.debian.org.

February 01, 2013 09:19 Ubuntu: Security update for OpenJDK

0

It was discovered that OpenJDK 7’s security mechanism could be bypassed via Java applets. If a user were tricked into opening a malicious website, a remote attacker could exploit this to perform arbitrary code execution as the user invoking the program.

Updated packages are available from security.ubuntu.com.

February 01, 2013 09:18 Ubuntu: Security update for QEMU

0

It was discovered that QEMU incorrectly handled certain e1000 packet sizes. In certain environments, an attacker may use this flaw in combination with large packets to cause a denial of service or execute arbitrary code in the guest.

Updated packages are available from security.ubuntu.com.

January 30, 2013 14:00 Debian: Security update for QEMU

0

It was discovered that the e1000 emulation code in QEMU does not enforce frame size limits in the same way as the real hardware does. This could trigger buffer overflows in the guest operating system driver for that network card, assuming that the host system does not discard such frames (which it will by default).

Updated packages are available from security.debian.org.

January 30, 2013 13:59 Ubuntu: Security update for Linux kernel

0

Jon Howell reported a flaw in the Linux kernel’s KVM (Kernel-based virtual machine) subsystem’s handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. A flaw was discovered in the Linux kernel’s handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents.

Updated packages are available from security.ubuntu.com.

January 30, 2013 13:58 Ubuntu: Security update for nss

0

Two intermediate CA certificates were mis-issued by the TURKTRUST certificate authority. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.

Updated packages are available from security.ubuntu.com.

January 30, 2013 13:57 Ubuntu: Security update for FreeType

0

Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed BDF font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.

Updated packages are available from security.ubuntu.com.

January 30, 2013 13:55 Ubuntu: Security update for Tomcat

0

It was discovered that Tomcat incorrectly performed certain security constraint checks in the FORM authenticator. A remote attacker could possibly use this flaw with a specially-crafted URI to bypass security constraint checks. It was discovered that Tomcat incorrectly handled requests that lack a session identifier. A remote attacker could possibly use this flaw to bypass the cross-site request forgery protection. It was discovered that Tomcat incorrectly handled sendfile and HTTPS when the NIO connector is used. A remote attacker could use this flaw to cause Tomcat to stop responsing, resulting in a denial of service.

Updated packages are available from security.ubuntu.com.

January 28, 2013 08:05 Debian: Security update for Asterisk

0

Several vulnerabilities were discovered in Asterisk, a PBX and telephony toolkit, that allow remote attackers to perform denial of service attacks.

Updated packages are available from security.debian.org.

January 28, 2013 08:04 Ubuntu: Security update for ProFTPd

0

It has been discovered that in ProFTPd, an FTP server, an attacker on the same physical host as the server may be able to perform a symlink attack allowing to elevate privileges in some configurations.

Updated packages are available from security.ubuntu.com.

January 28, 2013 08:02 Ubuntu: Security update for the Linux kernel

0

A flaw was discovered in the Linux kernel’s handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents.

Updated packages are available from security.ubuntu.com.

January 28, 2013 08:01 Ubuntu: Security update for GnuPG

0

KB Sriram discovered that GnuPG incorrectly handled certain malformed keys. If a user or automated system were tricked into importing a malformed key, the GnuPG keyring could become corrupted.

Updated packages are available from security.ubuntu.com.

January 28, 2013 07:58 Debian: Security update for Rails

0

It was discovered that Rails, the Ruby web application development framework, performed insufficient validation on input parameters, allowing unintended type conversions. An attacker may use this to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on the application.

Updated packages are available from security.debian.org.

January 25, 2013 09:17 Debian: Security update for Emacs

0

Paul Ling discovered that Emacs insufficiently restricted the evaluation of Lisp code if enable-local-variables is set to “safe”.

Updated packages are available from security.debian.org.

January 25, 2013 09:16 Red Hat: Security update for flash-plugin

0

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed in the Adobe Security bulletin APSB13-01, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.

Updated packages are available from ftp.redhat.com.

January 25, 2013 09:13 Ubuntu: Security update for Firefox

0

Security researchers discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Abhishek Arya discovered several user-after-free and buffer overflows in Firefox. An attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. A stack buffer was discovered in Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox.

Masato Kinugawa discovered that Firefox did not always properly display URL values in the address bar. A remote attacker could exploit this to conduct URL spoofing and phishing attacks. Atte Kettunen discovered that Firefox did not properly handle HTML tables with a large number of columns and column groups. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Jerry Baker discovered that Firefox did not always properly handle threading when performing downloads over SSL connections. An attacker could exploit this to cause a denial of service via application crash.

Olli Pettay and Boris Zbarsky discovered flaws in the Javacript engine of Firefox. An attacker could cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Jesse Ruderman discovered a flaw in the way Firefox handled plugins. If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections to conduct clickjacking attacks. Jesse Ruderman discovered an information leak in Firefox. An attacker could exploit this to reveal memory address layout which could help in bypassing ASLR protections.

An integer overflow was discovered in the Javascript engine, leading to a heap-based buffer overflow. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit this to execute code with the privileges of the user invoking Firefox. Sviatoslav Chagaev discovered that Firefox did not properly handle XBL files with multiple XML bindings with SVG content. An attacker could cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Mariusz Mlynski discovered two flaws to gain access to privileged chrome functions. An attacker could possibly exploit this to execute code with the privileges of the user invoking Firefox.

Several use-after-free issues were discovered in Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit this to execute code with the privileges of the user invoking Firefox. Two intermediate CA certificates were mis-issued by the TURKTRUST certificate authority. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.

Updated packages are available from security.ubuntu.com.

January 25, 2013 09:11 Red Hat: Security update for Firefox

0

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A flaw was found in the way Chrome Object Wrappers were implemented. Malicious content could be used to cause Firefox to execute arbitrary code via plug-ins installed in Firefox.

A flaw in the way Firefox displayed URL values in the address bar could allow a malicious site or user to perform a phishing attack. An information disclosure flaw was found in the way certain JavaScript functions were implemented in Firefox. An attacker could use this flaw to bypass Address Space Layout Randomization (ASLR) and other security restrictions.

Updated packages are available from ftp.redhat.com.

January 25, 2013 09:09 Red Hat: Security update for Thunderbird

0

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Chrome Object Wrappers were implemented. Malicious content could be used to cause Thunderbird to execute arbitrary code via plug-ins installed in Thunderbird.

A flaw in the way Thunderbird displayed URL values could allow malicious content or a user to perform a phishing attack. An information disclosure flaw was found in the way certain JavaScript functions were implemented in Thunderbird. An attacker could use this flaw to bypass Address Space Layout Randomization (ASLR) and other security restrictions.

Updated packages are available from ftp.redhat.com.

Screenshot

Project Spotlight

gjots

A note jotter that organizes ideas, notes, and facts in a heirarchy.

Screenshot

Project Spotlight

Kigo M4V Converter for Mac

Convert protected M4V files to MP4, MOV, iPod, iPhone, or Audio format.