===
Ubuntu Security Notice USN-686-1 December 04, 2008
awstats vulnerability
CVE-2008-3714
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.
[EMAIL PROTECTED]:~$ clamscan -V
ClamAV 0.94.1/8713/Tue Dec 2 14:59:31 2008
>From http://securitytracker.com/alerts/2008/Dec/1021296.html:
Version(s): prior to 0.94.2
Description: A vulnerability was reported in Clam AntiVirus. A remote user can
cause denial of service conditions on the ta
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2008:236
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: PHP ZipArchive::extractTo() Directory Traversal Vulnerability
Release Date: 2008/12/04
Last Modified:
Title
-
DDIVRT-2008-18 Orb Denial of Service
Severity
Medium
Date Discovered
---
October 21st 2008
Discovered By
-
Digital Defense, Inc. Vulnerability Research Team
Credit: Steven James and [EMAIL PROTECTED]
Vulnerability Description
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1680-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Florian Weimer
December 04, 2008
#
Joomla Component GameQ
#
#
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Virtual Security Research, LLC.
http://www.vsecurity.com/
Security Advisory
-
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Advisory Name: Java We
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
###
UPR Security Notice UPRSN-08_01 December 04, 2008
several vulnerabilities
###
Ubuntu Privacy Remix (UPR), based on Ubuntu 8
Hello Thierry!
Your saying above that this attack works if "Initialise and script
ActiveX control not marked as safe" is ENABLED.
This Saved XSS hole works even with this option disabled (i.e. with default
settings). But when we want to use ActiveX in our code (e.g. for Code
Execution attack),
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA-1681-1[EMAIL PROTECTED]
http://www.debian.org/security/ Dann Frazier, Alexander Prinsier
December 04, 2008 htt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDefense Security Advisory 12.02.08
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 02, 2008
I. BACKGROUND
The Sun Java JRE is Sun's implementation of the Java runtime. For more
information, see the vendor's site found at the following li
#
Joomla Component mydyngallery
#
#
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDefense Security Advisory 12.02.08
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 02, 2008
I. BACKGROUND
Java Web Start (JWS) is a framework built by Sun that is used to run
Java applications outside of the browser. It is distributed wi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDefense Security Advisory 12.02.08
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 02, 2008
I. BACKGROUND
Pack200 is a compression method introduced by Sun in the 1.5 release of
the JRE. It is used to compress Jar files, and is optimized
Already discovered:
http://packetstormsecurity.org/0806-exploits/joomlagameq-sql.txt
6d9a99abd76c7d48c68ea5c98d952844 The Joomla GameQ component versions 4.0 and
below suffer from a SQL injection vulnerability. Authored By mailto:His0k4.hlm[at]gmail.com";>His0k4
On Thu, Dec 04, 2008 at 08:20
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2008:237
http://www.mandriva.com/security/
===
Ubuntu Security Notice USN-687-1 December 04, 2008
nfs-utils vulnerability
CVE-2008-4552
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDefense Security Advisory 12.02.08
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 02, 2008
I. BACKGROUND
The Sun Java JRE is Sun's implementation of the Java runtime. For more
information, see the vendor's site found at the following li
19 matches
Mail list logo