LinuxSecurity.com

Ubuntu: 981-1: libwww-perl vulnerability

31.08.2010 11:43 LinuxSecurity.com: It was discovered that libwww-perl incorrectly filtered filenames suggestedby Content-Disposition headers. If a user were tricked into downloading afile from a malicious site, a remote attacker could overwrite hidden filesin the user's directory.

Debian: 2100-1: openssl: double free

30.08.2010 16:45 LinuxSecurity.com: George Guninski discovered a double free in the ECDH code of the OpenSSL crypto library, which may lead to denial of service and potentially the execution of arbitrary code.

Mandriva: 2010:165: libHX

30.08.2010 16:00 LinuxSecurity.com: A vulnerability has been found and corrected in libHX: Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service via a string that

Red Hat: 2010:0661-01: kernel: Important Advisory

30.08.2010 13:09 LinuxSecurity.com: Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having

Red Hat: 2010:0660-01: kernel: Important Advisory

30.08.2010 12:43 LinuxSecurity.com: Updated kernel packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 5.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having

Red Hat: 2010:0659-01: httpd: Moderate Advisory

30.08.2010 12:42 LinuxSecurity.com: Updated httpd packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate

Mandriva: 2010:164: phpmyadmin

30.08.2010 12:27 LinuxSecurity.com: A vulnerability has been found and corrected in phpmyadmin: It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages .

Mandriva: 2010:163: phpmyadmin

30.08.2010 12:03 LinuxSecurity.com: Multiple vulnerabilities has been found and corrected in phpmyadmin: The setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file. Combined with the ability to save files on the

Debian: : openoffice.org: buffer overflows

30.08.2010 07:27 LinuxSecurity.com: Charlie Miller has discovered two vulnerabilities in OpenOffice.org Impress, which can be exploited by malicious people to compromise a user's system and execute arbitrary code.

Debian: 2098-1: typo3-src: Multiple vulnerabilities

29.08.2010 08:35 LinuxSecurity.com: Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: cross-site Scripting, open redirection, SQL injection, broken authentication and session management, insecure randomness, information disclosure and arbitrary code

Debian: 2097-1: phpmyadmin: insufficient input sanitisi

29.08.2010 08:27 LinuxSecurity.com: Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems:

Slackware: 2010-240-01: gnupg2: Security Update

28.08.2010 16:24 LinuxSecurity.com: New gnupg2 packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue.

Slackware: 2010-240-02: httpd: Security Update

28.08.2010 16:24 LinuxSecurity.com: New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue.

Slackware: 2010-240-06: xorg-server: Security Update

28.08.2010 16:21 LinuxSecurity.com: New xorg-server packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue.

Slackware: 2010-240-05: pidgin: Security Update

28.08.2010 16:21 LinuxSecurity.com: New pidgin packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues.