Articles / Ubuntu

All articles tagged with Ubuntu

January 30, 2013 13:58 Ubuntu: Security update for nss

0

Two intermediate CA certificates were mis-issued by the TURKTRUST certificate authority. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.

Updated packages are available from security.ubuntu.com.

January 30, 2013 13:57 Ubuntu: Security update for FreeType

0

Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed BDF font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.

Updated packages are available from security.ubuntu.com.

January 30, 2013 13:55 Ubuntu: Security update for Tomcat

0

It was discovered that Tomcat incorrectly performed certain security constraint checks in the FORM authenticator. A remote attacker could possibly use this flaw with a specially-crafted URI to bypass security constraint checks. It was discovered that Tomcat incorrectly handled requests that lack a session identifier. A remote attacker could possibly use this flaw to bypass the cross-site request forgery protection. It was discovered that Tomcat incorrectly handled sendfile and HTTPS when the NIO connector is used. A remote attacker could use this flaw to cause Tomcat to stop responsing, resulting in a denial of service.

Updated packages are available from security.ubuntu.com.

January 28, 2013 08:04 Ubuntu: Security update for ProFTPd

0

It has been discovered that in ProFTPd, an FTP server, an attacker on the same physical host as the server may be able to perform a symlink attack allowing to elevate privileges in some configurations.

Updated packages are available from security.ubuntu.com.

January 28, 2013 08:02 Ubuntu: Security update for the Linux kernel

0

A flaw was discovered in the Linux kernel’s handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents.

Updated packages are available from security.ubuntu.com.

January 28, 2013 08:01 Ubuntu: Security update for GnuPG

0

KB Sriram discovered that GnuPG incorrectly handled certain malformed keys. If a user or automated system were tricked into importing a malformed key, the GnuPG keyring could become corrupted.

Updated packages are available from security.ubuntu.com.

January 25, 2013 09:13 Ubuntu: Security update for Firefox

0

Security researchers discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Abhishek Arya discovered several user-after-free and buffer overflows in Firefox. An attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. A stack buffer was discovered in Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox.

Masato Kinugawa discovered that Firefox did not always properly display URL values in the address bar. A remote attacker could exploit this to conduct URL spoofing and phishing attacks. Atte Kettunen discovered that Firefox did not properly handle HTML tables with a large number of columns and column groups. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Jerry Baker discovered that Firefox did not always properly handle threading when performing downloads over SSL connections. An attacker could exploit this to cause a denial of service via application crash.

Olli Pettay and Boris Zbarsky discovered flaws in the Javacript engine of Firefox. An attacker could cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Jesse Ruderman discovered a flaw in the way Firefox handled plugins. If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections to conduct clickjacking attacks. Jesse Ruderman discovered an information leak in Firefox. An attacker could exploit this to reveal memory address layout which could help in bypassing ASLR protections.

An integer overflow was discovered in the Javascript engine, leading to a heap-based buffer overflow. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit this to execute code with the privileges of the user invoking Firefox. Sviatoslav Chagaev discovered that Firefox did not properly handle XBL files with multiple XML bindings with SVG content. An attacker could cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Mariusz Mlynski discovered two flaws to gain access to privileged chrome functions. An attacker could possibly exploit this to execute code with the privileges of the user invoking Firefox.

Several use-after-free issues were discovered in Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit this to execute code with the privileges of the user invoking Firefox. Two intermediate CA certificates were mis-issued by the TURKTRUST certificate authority. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.

Updated packages are available from security.ubuntu.com.

January 14, 2013 08:56 Ubuntu: Security update for MoinMoin

0

It was discovered that MoinMoin did not properly sanitize its input when processing AnyWikiDraw and TWikiDraw actions. A remote attacker with write access could exploit this to overwrite arbitrary files and execute arbitrary code with the priviliges of the web server (user ‘www-data’). It was discovered that MoinMoin also did not properly sanitize its input when processing the AttachFile action. A remote attacker could exploit this to overwrite files via directory traversal.

Updated packages are available from security.ubuntu.com.

January 11, 2013 17:06 Ubuntu: Security update for the Linux kernel

0

A flaw was discovered in the Linux kernel’s handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

Updated packages are available from security.ubuntu.com.

January 11, 2013 17:05 Ubuntu: Security update for Libav

0

It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

Updated packages are available from security.ubuntu.com.

January 11, 2013 17:05 Ubuntu: Security update for AppArmor

0

Dan Rosenberg discovered that the example AppArmor profile for chromium-browser could be escaped by calling xdg-settings with a crafted environment.

Updated packages are available from security.ubuntu.com.

January 11, 2013 17:04 Ubuntu: Security update for FFmpeg

0

It was discovered that FFmpeg incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

Updated packages are available from security.ubuntu.com.

January 11, 2013 17:03 Ubuntu: Security update for the Linux kernel

0

A flaw was discovered in the Linux kernel’s handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

Updated packages are available from security.ubuntu.com.

January 09, 2013 06:55 Ubuntu: Security update for apport

0

Dan Rosenberg discovered that an application running under an AppArmor profile that allowed unconfined execution of apport-bug could escape confinement by calling apport-bug with a crafted environment. While not a vulnerability in apport itself, this update mitigates the issue by sanitizing certain variables in the apport-bug shell script.

Updated packages are available from security.ubuntu.com.

January 09, 2013 06:52 Ubuntu: Security update for bogofilter

0

Julius Plenz discovered that bogofilter incorrectly handled certain invalid base64 code. By sending a specially crafted email, a remote attacker could exploit this and cause bogofilter to crash, resulting in a denial of service, or possibly execute arbitrary code.

Updated packages are available from security.ubuntu.com.

January 07, 2013 07:46 Ubuntu: Security update for Aptdaemon

0

It was discovered that Aptdaemon incorrectly validated PPA GPG keys when importing from a keyserver. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to install altered package repository GPG keys.

Updated packages are available from security.ubuntu.com.

January 07, 2013 07:43 Ubuntu: Security update for Nova

0

Eric Windisch discovered that Nova did not properly clear LVM-backed images before they were reallocated which could potentially lead to an information leak. This issue only affected setups using libvirt LVM-backed instances.

Updated packages are available from security.ubuntu.com.

January 07, 2013 07:42 Ubuntu: Security update for APT

0

It was discovered that APT set inappropriate permissions on the term.log file. A local attacker could use this flaw to possibly obtain sensitive information. Updated packages are available from security.ubuntu.com.

January 04, 2013 07:47 Ubuntu: Security update for the Linux kernel

0

Zhang Zuotao discovered a bug in the Linux kernel’s handling of overlapping fragments in ipv6. A remote attacker could exploit this flaw to bypass firewalls and initial new network connections that should have been blocked by the firewall.

Updated packages are available from security.ubuntu.com.

January 04, 2013 07:46 Ubuntu: Security update for the Linux kernel

0

Zhang Zuotao discovered a bug in the Linux kernel’s handling of overlapping fragments in ipv6. A remote attacker could exploit this flaw to bypass firewalls and initial new network connections that should have been blocked by the firewall.

Updated packages are available from security.ubuntu.com.

January 02, 2013 07:56 Ubuntu: Security update for MySQL

0

It was discovered that MySQL incorrectly handled certain long arguments. A remote authenticated attacker could use this issue to possibly execute arbitrary code.

Updated packages are available from security.ubuntu.com.

January 02, 2013 07:55 Ubuntu: Security update for GIMP

0

It was discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user’s privileges.

Updated packages are available from security.ubuntu.com.

December 27, 2012 17:25 Ubuntu: Security update for Bind

0

It was discovered that Bind incorrectly handled certain crafted queries when DNS64 was enabled. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.

Updated packages are available from security.ubuntu.com.

December 27, 2012 17:24 Ubuntu: Security update for libxml2

0

It was discovered that libxml2 had a heap-based buffer underflow when parsing entities. If a user or automated system were tricked into processing a specially crafted XML document, applications linked against libxml2 could be made to crash or possibly execute arbitrary code.

Updated packages are available from security.ubuntu.com.

December 27, 2012 17:23 Ubuntu: Security update for LibTIFF

0

It was discovered that LibTIFF incorrectly handled certain malformed images using the DOTRANGE tag. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

Updated packages are available from security.ubuntu.com.

December 19, 2012 19:49 Ubuntu: Security update for Linux kernel

0

Brad Spengler discovered a flaw in the Linux kernel’s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel’s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

Updated packages are available from security.ubuntu.com.

December 19, 2012 19:47 Ubuntu: Security update for Perl

0

It was discovered that the decode_xs function in the Encode module is vulnerable to a heap-based buffer overflow via a crafted Unicode string. An attacker could use this overflow to cause a denial of service. It was discovered that the ‘new’ constructor in the Digest module is vulnerable to an eval injection. An attacker could use this to execute arbitrary code. It was discovered that Perl’s ‘x’ string repeat operator is vulnerable to a heap-based buffer overflow. An attacker could use this to execute arbitrary code.

Ryo Anazawa discovered that the CGI.pm module does not properly escape newlines in Set-Cookie or P3P (Platform for Privacy Preferences Project) headers. An attacker could use this to inject arbitrary headers into responses from applications that use CGI.pm.

Updated packages are available from security.ubuntu.com.

December 19, 2012 19:46 Ubuntu: Security update for Lynx

0

Dan Rosenberg discovered a heap-based buffer overflow in Lynx. If a user were tricked into opening a specially crafted page, a remote attacker could cause a denial of service via application crash, or possibly execute arbitrary code as the user invoking the program. It was discovered that Lynx did not properly verify that an HTTPS certificate was signed by a trusted certificate authority. This could allow an attacker to perform a “man in the middle” (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. This update changes the behavior of Lynx such that self-signed certificates no longer validate. Users requiring the previous behavior can use the FORCE_SSL_PROMPT option in lynx.cfg.

Updated packages are available from security.ubuntu.com.

December 19, 2012 19:43 Ubuntu: Security update for Keystone

0

Vijaya Erukala discovered that Keystone did not properly invalidate EC2-style credentials such that if credentials were removed from a tenant, an authenticated and authorized user using those credentials may still be allowed access beyond the account owner’s expectations. It was discovered that Keystone did not properly implement token expiration. A remote attacker could use this to continue to access an account that is disabled or has a changed password.

Updated packages are available from security.ubuntu.com.

December 17, 2012 17:36 Ubuntu: Security update for libssh

0

Xi Wang and Florian Weimer discovered that libssh incorrectly handled memory. A remote attacker could use this to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code.

Updated packages are available from security.ubuntu.com.

Screenshot

Project Spotlight

JFreeSVG

A fast, lightweight SVG generator for Java.

Screenshot

Project Spotlight

PHP MIME Mail decoder class

A PHP class to decode email messages.