[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 81470 Download | Alert*

USN-1045-1 fixed vulnerabilities in FUSE. This update to util-linux adds support for new options required by the FUSE update. Original advisory details: It was discovered that FUSE could be tricked into incorrectly updating the mtab file when mounting filesystems. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service.

Sebastian Krahmer discovered that GDM did not properly drop privileges when handling the cache directories used to store users" dmrc and face icon files. This could allow a local attacker to change the ownership of arbitrary files, thereby gaining root privileges.

exim4: Exim mail transfer agent Exim could be made to run arbitrary code under some conditions.

foomatic-filters: OpenPrinting printer support - filters An attacker could send crafted input to Foomatic and cause it to run programs as the "lp" user.

update-manager: GNOME application that manages apt updates - update-notifier: Daemon which notifies about package updates Update Manager could be made to overwrite files as the administrator.

lightdm: Display Manager Several security issues were fixed in Light Display Manager.

A vulnerability have been discovered in Mandriva bash package, which could allow a malicious user to hide files from the ls command, or garble its output by crafting files or directories which contain special characters or escape sequences . This update fixes the issue by disabling the display of control characters by default. Additionally, this update fixes the unsafe file creation in bash-doc sa ...

A vulnerability has been found and corrected in gdm: GNOME Display Manager 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a dmrc or face icon file under /var/cache/gdm/ . The updated packages have been patched to correct this issue.

Multiple vulnerabilities was discovered and corrected in silc-toolkit: Multiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the silc_client_add_client, silc_client_update_client, ...

senddoc uses temporary files in a insecure way which enables local attackers to overwrite arbitrary files by using a symlink attack . This update provides fix for that vulnerability. Update: Further this update is a rebuild against xulrunner 1.9.0.6.


Pages:      Start    8014    8015    8016    8017    8018    8019    8020    8021    8022    8023    8024    8025    8026    8027    ..   8146

© SecPod Technologies