Secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.
7583c1120e911e292f22b4a1d949b32c23518038afd966d527dae87c61565283FreeBSD Security Advisory - BIND servers which are configured to perform DNSSEC validation and which are using managed keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may exhibit unpredictable behavior due to the use of an improperly initialized variable. A remote attacker can trigger a crash of a name server that is configured to use managed keys under specific and limited circumstances. However, the complexity of the attack is very high unless the attacker has a specific network relationship to the BIND server which is targeted.
0e416654c22a1367cdad06ceb1a67ec74bb5ad43931cfbbd4d5e066547480619FreeBSD Security Advisory - An integer overflow in computing the size of IGMPv3 data buffer can result in a buffer which is too small for the requested operation. An attacker who can send specifically crafted IGMP packets could cause a denial of service situation by causing the kernel to crash.
76ae1889e6e180016123dbcd9d01a3c9f96266857a6c54bf55851337ed754719TangoBB version 1.5.0-A3 suffers from a cross site scripting vulnerability.
f14175c8ce177339644aee54e883870979db753dec8cfea37dfd6eec3d7e585dEnano CMS version 1.1.8pl1 suffers from a cross site scripting vulnerability.
77dfeefd90af3bf96609dca951ae09bcd4a7461ee0b4f68b894ccb8f1404c368Ubuntu Security Notice 2512-1 - A race condition was discovered in the Linux kernel's key ring. A local user could cause a denial of service (memory corruption or panic) or possibly have unspecified impact via the keyctl commands. A memory leak was discovered in the ISO 9660 CDROM file system when parsing rock ridge ER records. A local user could exploit this flaw to obtain sensitive information from kernel memory via a crafted iso9660 image. Various other issues were also addressed.
3f262086df87588265dbecbb8ff0843e0cab2865cab84a7edc8442b585a2644fUbuntu Security Notice 2519-1 - Arnaud Le Blanc discovered that the GNU C Library incorrectly handled file descriptors when resolving DNS queries under high load. This may cause a denial of service in other applications, or an information leak. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. It was discovered that the GNU C Library incorrectly handled receiving a positive answer while processing the network name when performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to hang, resulting in a denial of service. Various other issues were also addressed.
1b157586f2ed9c751bb741fa0ea8c7d75c284f263ee1da14e33f7921b5b19b1dUbuntu Security Notice 2520-1 - Peter De Wachter discovered that CUPS incorrectly handled certain malformed compressed raster files. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.
3f5f2c63b03a2f9dbe4401968467d5532e3781909850a2839166ccf5352b25efSlackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.
407ff06d90c59a8b214eeec8314e041b0b6f0f5ceb2a4b26b52d783cf39cdb87Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.
426a955887df36c6e06b11e8e8ba1d757443e38f4c3000e27b92386330b3ed03HP Security Bulletin HPSBUX03273 SSRT101951 1 - Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 1 of this advisory.
5aab20d842919e614bfd9a19d77f48b98667e71e22eb1efe325b37fc6aae6fc1HP Security Bulletin HPSBUX03244 SSRT101885 2 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilities. Revision 2 of this advisory.
81719ce8c50473d36cb9b547bb67ccbdbfa5a288027ec1efce66b01e94779800Debian Linux Security Advisory 3175-1 - Mateusz Kocielski and Marek Kroemeke discovered that an integer overflow in IGMP processing may result in denial of service through malformed IGMP packets.
ea9e04f78948560eddb2bdb3949259597d1c4dd4e55b117f4dc8f77013622547Gentoo Linux Security Advisory 201502-15 - Multiple vulnerabilities have been found in Samba, the worst of which allowing a context-dependent attacker to bypass intended file restrictions, cause a Denial of Service or execute arbitrary code. Versions less than 3.6.25 are affected.
606c956ce8f163cd743c45062fd6201fce247d72cbe7bc650aed2d2440e1861bHP Security Bulletin HPSBUX03162 SSRT101885 1 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilities. Revision 1 of this advisory.
3b577abbcf7d62de97f73a66873026f74337aaa3a3ba1af33c2ec72e49635667Debian Linux Security Advisory 3174-1 - Multiple security issues have been found in Iceweasel, Debian's version implementation errors may lead to the execution of arbitrary code or information disclosure.
f2aeef2c646baed7360233e311642e5726a2abfb936985c262797a5dd2bb5244Debian Linux Security Advisory 3173-1 - It was discovered that libgtk2-perl, a Perl interface to the 2.x series of the Gimp Toolkit library, incorrectly frees memory which GTK+ still holds onto and might access later, leading to denial of service (application crash) or, potentially, to arbitrary code execution.
d6159b0e8d3d7cfd1b0d709e58a87c3f037bcb116d848c4b823df135f71c42ccDebian Linux Security Advisory 3172-1 - Peter De Wachter discovered that CUPS, the Common UNIX Printing System, did not correctly parse compressed raster files. By submitting a specially crafted raster file, a remote attacker could use this vulnerability to trigger a buffer overflow.
ebd69dfa02df9d67e808a099ac41d03253cffb6fe5b9a597cef743fa4ff59105HP Security Bulletin HPSBMU03260 1 - A potential security vulnerability has been identified with HP System Management Homepage running OpenSSL on Linux and Windows. This vulnerability is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
6626a803ddc8c8264f2c7c8eed5352df1f5b48b242c4246b817c9377a12cc3e0Debian Linux Security Advisory 3170-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation.
bd8c99b2ab449bf19ff881a59d02a9213bd109f150a9ca0142efa66f7d734b69Red Hat Security Advisory 2015-0271-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 5.9 will be retired as of March 31, 2015, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 5.9 EUS after March 31, 2015. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date. We encourage customers to plan their migration from Red Hat Enterprise Linux 5.9 to a more recent version of Red Hat Enterprise Linux. As a benefit of the Red Hat subscription model, customers can use their active subscriptions to entitle any system on any currently supported Red Hat Enterprise Linux release.
8038896f796179512f717ee4b21a256a8d422961f9c7b92334dc89e3b1d6ea08Ubuntu Security Notice 2518-1 - A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the guest OS. Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage (TLS) implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization (ASLR) protection mechanism. A local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
03584d0fcffadd6ca49b1e56d0b3d7d9ae8c678d2a96002a23311b725d15ff9aUbuntu Security Notice 2517-1 - A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the guest OS. Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage (TLS) implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization (ASLR) protection mechanism. A local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
c2beb8818a02fe1fe50f205d50c8a8c8098205e9d6db7cb024d6c2c259ec35f5Ubuntu Security Notice 2516-1 - A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the guest OS. Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage (TLS) implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization (ASLR) protection mechanism. A local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
867c10eb1c46d3dd5d476bf47cf8c230ef2d51da96ccd2b529ad846c96b4791bUbuntu Security Notice 2511-1 - A race condition was discovered in the Linux kernel's key ring. A local user could cause a denial of service (memory corruption or panic) or possibly have unspecified impact via the keyctl commands. A memory leak was discovered in the ISO 9660 CDROM file system when parsing rock ridge ER records. A local user could exploit this flaw to obtain sensitive information from kernel memory via a crafted iso9660 image. Various other issues were also addressed.
7bd4627e4660c54ac6b22caade9e093e48948ec10223cf420ba15fb141518649
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed