Find the information you need for your favorite open source distribution .
It was discovered that the XML HMAC signature system did notcorrectly check certain lengths. If an attacker sent a truncatedHMAC, it could bypass authentication, leading to potential privilegeescalation. (CVE-2009-0217) [More...]
USN-813-1 fixed vulnerabilities in apr. This update provides the corresponding updates for apr-util.
USN-813-1 fixed vulnerabilities in apr. This update provides thecorresponding updates for apr as provided by Apache on Ubuntu 6.06 LTS.
Matt Lewis discovered that apr did not properly sanitize its input whenallocating memory. If an application using apr processed crafted input, aremote attacker could cause a denial of service or potentially executearbitrary code as the user invoking the application. [More...]
Matt Lewis discovered that Subversion did not properly sanitize its inputwhen processing svndiff streams, leading to various integer and heapoverflows. If a user or automated system processed crafted input, a remoteattacker could cause a denial of service or potentially execute arbitrarycode as the user processing the input. [More...]
Juan Pablo Lopez Yacubian discovered that Firefox did not properly displayinvalid URLs. If a user were tricked into accessing a malicious website, anattacker could exploit this to spoof the location bar, such as in aphishing attack. Furthermore, if the malicious website had a valid SSLcertificate, Firefox would display the spoofed page as trusted. [More...]
USN-810-1 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS.
Moxie Marlinspike discovered that NSS did not properly handle regularexpressions in certificate names. A remote attacker could create aspecially crafted certificate to cause a denial of service (via applicationcrash) or execute arbitrary code as the user invoking the program.(CVE-2009-2404) [More...]
Micha Krause discovered that Bind did not correctly validate certaindynamic DNS update packets. An unauthenticated remote attacker couldsend specially crafted traffic to crash the DNS server, leading to adenial of service. [More...]
Michael Tokarev discovered that the RTL8169 network driver did notcorrectly validate buffer sizes. A remote attacker on the local networkcould send specially traffic traffic that would crash the system orpotentially grant elevated privileges. (CVE-2009-1389) [More...]
It was discovered that Python incorrectly handled certain arguments in the imageop module. If an attacker were able to pass specially crafted arguments through the crop function, they could execute arbitrary code with user privileges. For Python 2.5, this issue only affected Ubuntu 8.04 LTS. (CVE-2008-4864) [More...]
Several flaws were discovered in the Firefox browser and JavaScriptengines. If a user were tricked into viewing a malicious website, a remoteattacker could cause a denial of service or possibly execute arbitrary codewith the privileges of the user invoking the program. (CVE-2009-2462,CVE-2009-2463, CVE-2009-2464, CVE-2009-2465, CVE-2009-2466, CVE-2009-2469) [More...]
It was discovered that Ruby did not properly validate certificates. An attacker could exploit this and present invalid or revoked X.509 certificates. (CVE-2009-0642)
Tavis Ormandy and Yorick Koster discovered that PulseAudio did notsafely re-execute itself. A local attacker could exploit this to gainroot privileges.
It was discovered that the DHCP client as included in dhcp3 did not verifythe length of certain option fields when processing a response from an IPv4dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to amalicious dhcp server, a remote attacker could cause a denial of service orexecute arbitrary code as the user invoking the program, typically the [More...]
It was discovered that mod_proxy_http did not properly handle a large amount of streamed data when used as a reverse proxy. A remote attacker could exploit this and cause a denial of service via memory resource consumption. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. (CVE-2009-1890) [More...]
Tielei Wang and Tom Lane discovered that the TIFF library did not correctly handle certain malformed TIFF images. If a user or automated system were tricked into processing a malicious image, an attacker could execute arbitrary code with the privileges of the user invoking the program. [More...]
It was discovered that the D-Bus library did not correctly validate signatures. If a local user sent a specially crafted D-Bus key, they could spoof a valid signature and bypass security policies.
It was discovered that irssi did not properly check the length of stringswhen processing WALLOPS messages. If a user connected to an IRC networkwhere an attacker had IRC operator privileges, a remote attacker couldcause a denial of service. [More...]
It was discovered that the TIFF library did not correctly handle certain malformed TIFF images. If a user or automated system were tricked into processing a malicious image, a remote attacker could cause an application linked against libtiff to crash, leading to a denial of service. [More...]
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
