Ubuntu Security Notice 1197-3 - USN-1197-1 partially addressed an issue with Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update actively distrusts the DigiNotar root certificate as well as several intermediary certificates. Also included in this list of distrusted certificates are the Staat der Nederlanden root certificates. It was discovered that Dutch Certificate Authority DigiNotar, had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor.
47f3b7beea1ebda82bd84a63554db1cecbeaa71f2dd97be15a3817c726e46203Crush FTP 5 APPE command remote blue screen of death proof of concept denial of service exploit.
bcf70a57907415f77afbdef299980957d6a8bf6d358114dbf588fdb06c2a4f0bWordPress Eventify - Simple Events plugin versions 1.7.f and below suffer from a remote SQL injection vulnerability.
02b78185705b63377f46371c9b4fdfee9a8b7e2407f0baa5ef934f7842b1a4d9WordPress SCORM Cloud plugin versions 1.0.6.6 and below suffer from a remote SQL injection vulnerability.
1e5aae1f61dd3e66784f62ee0be79646cc8e19097c3e7ed3be3a9c86aa117e6cShort Fuzzy Rat is a web fuzzing script written in perl. It was inspired by Luca Carettoni's original fuzzing list of 879 attack vectors with 8 levels of recursion.
47d1089c602db79c18a245d91394adc793cb408d0f321f22b72996325a09af03Red Hat Security Advisory 2011-1268-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. The RHSA-2011:1242 Firefox update rendered HTTPS certificates signed by a certain Certificate Authority as untrusted, but made an exception for a select few. This update removes that exception, rendering every HTTPS certificate signed by that CA as untrusted. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.6.22. After installing the update, Firefox must be restarted for the changes to take effect.
e394a1357e1399327b0c72cd1ed1ac714a601d15eba2ab9aa7dc4e55138db061Red Hat Security Advisory 2011-1267-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. The RHSA-2011:1243 Thunderbird update rendered HTTPS certificates signed by a certain Certificate Authority as untrusted, but made an exception for a select few. This update removes that exception, rendering every HTTPS certificate signed by that CA as untrusted. All Thunderbird users should upgrade to this updated package, which resolves this issue. All running instances of Thunderbird must be restarted for the update to take effect.
69aa7adc07bc289eb1af3b0ebabb93ca6e1a697884694c17a9a228c650adf59fOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
e361dc2775733fb84de7b5bf7b504778b772869e8f7bfac0b28b935cbf7380f7WordPress WP Forum Server versions 1.7 and below suffer from a remote SQL injection vulnerability.
4bee72cbf045ce1a2a1bbbaa481e21f5dc13b64910212d95e76946acec4b20d3Secunia Security Advisory - A vulnerability has been reported in Blue Coat Reporter, which can be exploited by malicious people to disclose sensitive information.
8de38d011232cf00be33778d73e4cfbbffde3785cd1a95f4ca7f0c5fb24718d5Secunia Security Advisory - A vulnerability has been discovered in the Tweet old post plugin for WordPress, which can be exploited by malicious users to conduct SQL injection attacks.
b9a85a3781aaf410430fa62144ce52a04224defcb6a35663303a2cea36c7eb87Secunia Security Advisory - Red Hat has issued an update for gstreamer-plugins. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
8aaa567e4762e77c72447f2077da87841777c0c4f43a791778d3dc172a4af7c4Secunia Security Advisory - Fedora has issued an update for rubygem-activesupport. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
7894e386c48b0825fe071024ae77aac9caa44ca27e0228c7e6df40fdb73457aeSecunia Security Advisory - A vulnerability has been reported in Blue Coat Reporter, which can be exploited by malicious people to disclose sensitive information.
e74653336405b260e43e679123ff88e6735c7850053a97f8e3e49949fce54ffeSecunia Security Advisory - NoGe has discovered multiple vulnerabilities in PlaySMS SMS Gateway, which can be exploited by malicious people to compromise a vulnerable system.
6ab49509a40c640f6ad6192624eec440149a593e1e53f02352e63f8095d7f087Secunia Security Advisory - Fedora has issued an update for dhcp. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
72a7a0a5613d9686d1bac8a1a436ac461bc765c96f2f2ba4768307d59ee32f83Secunia Security Advisory - Fedora has issued an update for libsndfile. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.
4c5fedf1df7708f27bb340d87b5bbe6500c2611153cacdc0f89953deb6430e8bSecunia Security Advisory - Two vulnerabilities have been reported in Hastymail2, which can be exploited by malicious people to conduct cross-site scripting attacks.
bc354159f7cadd0fd8cd2d46c268ba930cb94080da52276834a5c40723d5d6dbSecunia Security Advisory - A vulnerability has been reported in OpenFabrics Enterprise Distribution, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
29b6746854c2c4008041dad2c2bcd364f9e26cf4b598696b0e9ec90676bef54eSecunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious, local users in a guest virtual machine and malicious people to cause a DoS.
ae1a266f7ed6e3ef5d08e4bb14160d641e43b1d9749c7f1a3bd3ebe0707dec91Secunia Security Advisory - Two vulnerabilities have been discovered in GnuCash, which can be exploited by malicious people to compromise a user's system.
3e6c5f01ad0af488beb55ceff4a44f926216a4a5d0a46cd5e256a327ad7c5059Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in Zikula Application Framework, which can be exploited by malicious people to conduct cross-site scripting attacks.
d8e715749c636a77236f941919b7d6de92286eb29b0a9c9c62112ecc5cc4fb8cSecunia Security Advisory - Miroslav Stampar has discovered two vulnerabilities in the KNR Author List plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
f639f4d418bc8d5ff3bb02905ce3941ab26a1c53f93f82f14109a1047856774bSecunia Security Advisory - A vulnerability has been discovered in the wpcu3er plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
56d5b491593d8f0e0e5ae67ffc9858ea0fcafad5cbf4b3a9dce0ca1d26b5d838Red Hat Security Advisory 2011-1266-01.xt - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. The RHSA-2011:1244 SeaMonkey update rendered HTTPS certificates signed by a certain Certificate Authority as untrusted, but made an exception for a select few. This update removes that exception, rendering every HTTPS certificate signed by that CA as untrusted. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.
65b993d94bc041a184d5a50dd74cec68450ace5a9cfd84a960c475ca090bd969
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed