Ubuntu Essential and Critical Security Patch Updates - Page 352
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
It was discovered that Mako incorrectly filtered single-quote characters when performing html filtering. An attacker could utilize this to perform cross-site scripting attacks.
It was discovered that libMikMod incorrectly handled songs with different channel counts. If a user were tricked into opening a crafted song file, an attacker could cause a denial of service. (CVE-2007-6720) [More...]
It was discovered that libHX incorrectly handled certain parameters to the HX_split function. An attacker could use this flaw to cause a denial of service or possibly execute arbitrary code with the privileges of the user. [More...]
Stefan Cornelius discovered that libgdiplus incorrectly handled certain image files. If a user or automated system were tricked into opening a crafted image file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. [More...]
It was discovered that Avahi incorrectly handled certain mDNS query packets when the reflector feature is enabled, which is not the default configuration on Ubuntu. A remote attacker could send crafted mDNS queries and perform a denial of service on the server and on the network. This issue only affected Ubuntu 8.04 LTS and 9.04. (CVE-2009-0758) [More...]
Jima discovered that quassel would respond to a single privmsgcontaining multiple CTCP requests with multiple NOTICEs, possiblyresulting in a denial of service against the IRC connection.
USN-860-1 introduced a partial workaround to Apache that disabled client initiated TLS renegotiation in order to mitigate CVE-2009-3555. USN-990-1 introduced the new RFC5746 renegotiation extension in openssl, and completely resolves the issue. [More...]
Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds backported support for the new RFC5746 renegotiation extension and will use it when both the [More...]
Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc requests. An attacker could exploit this issue to cause the PHP server to crash, resulting in a denial of service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397) [More...]
USN-986-1 fixed vulnerabilities in bzip2. dpkg statically links against libbz2 and needed to be rebuilt to use the updated libbz2.
USN-986-1 fixed a vulnerability in bzip2. This update provides the corresponding update for ClamAV.
An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program. [More...]
Ben Hawkes discovered that the Linux kernel did not correctly validatememory ranges on 64bit kernels when allocating memory on behalf of 32bitsystem calls. On a 64bit system, a local attacker could perform maliciousmulticast getsockopt calls to gain root privileges. (CVE-2010-3081) [More...]
USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem.
USN-975-1 fixed vulnerabilities in Firefox and Xulrunner. Some users reported stability problems under certain circumstances. This update fixes the problem.
Andrew Bartlett discovered that Samba did not correctly validate the length when parsing SIDs. A remote attacker could send a specially crafted request to the server and cause a denial of service, or possibly execute arbitrary code with the privileges of the Samba service (smbd). [More...]
Several dangling pointer vulnerabilities were discovered in Thunderbird. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. (CVE-2010-2760, CVE-2010-2767, CVE-2010-3167) [More...]
Several dangling pointer vulnerabilities were discovered in Firefox. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2760, CVE-2010-2767, CVE-2010-3167) [More...]
Alasdair MacGregor discovered that mountall created a udev rule filewith world-writable permissions. A local attacker could exploit thisunder certain conditions to cause udev to execute arbitrary commands asthe root user. [More...]
It was discovered that LFTP incorrectly filtered filenames suggested by Content-Disposition headers. If a user or automated system were tricked into downloading a file from a malicious site, a remote attacker could create the file with an arbitrary name, such as a dotfile, and possibly run arbitrary code. [More...]