It was discovered that Wget did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. [More...]
Arand Nash discovered that applications linked to GLib (e.g. Nautilus)did not correctly copy symlinks. If a user copied symlinks with GLib,the symlink target files would become world-writable, allowing localattackers to gain access to potentially sensitive information. [More...]
Dyon Balding discovered flaws in the way OpenOffice.org handled tables. Ifa user were tricked into opening a specially crafted Word document, aremote attacker might be able to execute arbitrary code with userprivileges. (CVE-2009-0200, CVE-2009-0201) [More...]
J. David Hester discovered that Samba incorrectly handled users that lack home directories when the automated [homes] share is enabled. An authenticated user could connect to that share name and gain access to the whole filesystem. (CVE-2009-2813) [More...]
It was discovered that the ACL plugin in Dovecot would incorrectly handle negative access rights. An attacker could exploit this flaw to access the Dovecot server, bypassing the indended access restrictions. This only affected Ubuntu 8.04 LTS. (CVE-2008-4577) [More...]
Miroslav Lichvar discovered that Newt incorrectly handled rendering in a text box. An attacker could exploit this and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. [More...]
It was discovered that WebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-0945) [More...]
Joe Orton discovered that neon did not correctly handle SSL certificateswith zero bytes in the Common Name. A remote attacker could exploit thisto perform a man in the middle attack to view sensitive information oralter encrypted communications. [More...]
It was discovered that PostgreSQL could be made to unload and reload analready loaded module by using the LOAD command. A remote authenticatedattacker could exploit this to cause a denial of service. This issue didnot affect Ubuntu 6.06 LTS. (CVE-2009-3229) [More...]
It was discovered that KDE did not properly handle certificates with NULLcharacters in the Subject Alternative Name field of X.509 certificates. Anattacker could exploit this to perform a man in the middle attack to viewsensitive information or alter encrypted communications. [More...]
It was discovered that FreeRADIUS did not correctly handle certain malformed attributes. A remote attacker could exploit this flaw and cause the FreeRADIUS server to crash, resulting in a denial of service. [More...]
Drew Yao discovered several flaws in the way OpenEXR handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1720, CVE-2009-1721) [More...]
Dan Kaminsky discovered OpenSSL would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation. [More...]
It was discovered that Qt did not properly handle certificates with NULLcharacters in the Subject Alternative Name field of X.509 certificates. Anattacker could exploit this to perform a man in the middle attack to viewsensitive information or alter encrypted communications. (CVE-2009-2700) [More...]
Several flaws were discovered in the Firefox browser and JavaScriptengines. If a user were tricked into viewing a malicious website, a remoteattacker could cause a denial of service or possibly execute arbitrary codewith the privileges of the user invoking the program. (CVE-2009-3070,CVE-2009-3071, CVE-2009-3072, CVE-2009-3074, CVE-2009-3075) [More...]
Russell Senior discovered that the system authentication moduleselection mechanism for PAM did not safely handle an empty selection.If an administrator had specifically removed the default list of modulesor failed to chose a module when operating debconf in a very unlikelynon-default configuration, PAM would allow any authentication attempt, [More...]
USN-810-1 fixed vulnerabilities in NSS. Jozsef Kadlecsik noticed thatthe new libraries on amd64 did not correctly set stack memory flags,and caused applications using NSS (e.g. Firefox) to have an executablestack. This reduced the effectiveness of some defensive securityprotections. This update fixes the problem. [More...]
IvAin Arce, Pablo HernAin Jorge, Alejandro Pablo Rodriguez, MartAn Coco, Alberto SoliAto Testa and Pablo Annetta discovered that Dnsmasq did not properly validate its input when processing TFTP requests for files with long names. A remote attacker could cause a denial of service or execute arbitrary code with user privileges. Dnsmasq runs as the 'dnsmasq' user by [More...]
It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. (CVE-2009-0217) [More...]
It was discovered that libvorbis did not correctly handle certain malformed ogg files. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could execute arbitrary code with the user's privileges. (CVE-2009-2663) [More...]
