-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 2206-1secur...@debian.org
http://www.debian.org/security/ Martin Schulze
March 29th, 2011
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
VMware Security Advisory
Advisory ID: VMSA-2011-0006
Synopsis: VMware vmrun utility local privilege escalation
Issue date:2011-03-29
===
Ubuntu Security Notice USN-1098-1March 29, 2011
vsftpd vulnerability
CVE-2011-0762
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu
Class Input Validation Error
CVE
Remote Yes
Local No
Published Mar 30 2011 11:00AM
Credit Dionach
Vulnerable Grapecity DataDynamics Report Library 1.6.1871.61 and earlier
Grapecity's DataDynamics Report Library is prone to a cross-site scripting
vulnerability
===
Ubuntu Security Notice USN-1097-1March 29, 2011
tomcat6 vulnerabilities
CVE-2010-3718, CVE-2011-0013, CVE-2011-0534
===
A security issue affects the following Ubuntu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:055
http://www.mandriva.com/security/
So, essentially this threat can be removed by simply deleting the
install directory, which is common practice when installing web
applications?
On Tue, Mar 29, 2011 at 10:03 AM, cseye...@yahoo.com wrote:
#
===
Ubuntu Security Notice USN-1096-1March 29, 2011
subversion vulnerability
CVE-2011-0715
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2207-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
March 30, 2011
===
Ubuntu Security Notice USN-1094-1March 29, 2011
libvirt vulnerability
CVE-2011-1146
===
A security issue affects the following Ubuntu releases:
Ubuntu 9.10
Ubuntu 10.04
Ridiculous! I've been talking about this for some time, the actual
list of vulnerable files follows:
wp-admin\admin-functions.php
wp-admin\includes\admin.php
wp-admin\includes\class-ftp-pure.php
wp-admin\includes\class-ftp-sockets.php
wp-admin\includes\class-wp-filesystem-direct.php
===
Ubuntu Security Notice USN-1095-1March 29, 2011
quagga vulnerabilities
CVE-2010-1674, CVE-2010-1675
===
A security issue affects the following Ubuntu releases:
Ubuntu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco Security Advisory: Cisco Secure Access Control System Unauthorized
Password Change Vulnerability
Advisory ID: cisco-sa-20110330-acs
Revision 1.0
For Public Release 2011 March 30 1600 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco Security Advisory: Cisco Network Access Control Guest Server
System Software Authentication Bypass Vulnerability
Advisory ID: cisco-sa-20110330-nac
Revison 1.0
For Public Release 2011 March 30 1600 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:056
http://www.mandriva.com/security/
Seems like most of the vulnerabilities from the last couple days are
not actual software issues, but problems with configuration of the
server or just not following the directions provided by the vendor.
If that is our measure for vulnerability, I can show about 10 for the
wristwatch I am
My point-of-view is that anything can be made insecure. The
WordPress issue is avoidable by just configuring the server to common
standards of not displaying errors in a production environment. That
seems pretty simple. I can see instances where I would want the
software to reveal the path if
17 matches
Mail list logo
