Computer Security
[EN] securityvulns.ru no-pyccku


apt multiple security vulnerabilities
Published:21.04.2009
Source:
SecurityVulns ID:9860
Type:remote
Threat Level:
4/10
Description:Update problem bacause of unchecked 'date' result. Revoked repository key is incorrectly verified.
Affected:APT : apt 0.7
CVE:CVE-2009-1300 (apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.)
Original documentdocumentUBUNTU, [USN-762-1] APT vulnerabilities (21.04.2009)

git weak permissions
Published:21.04.2009
Source:
SecurityVulns ID:9861
Type:local
Threat Level:
4/10
Description:On the few platforms template files are owned by non-root user.
Affected:GIT : git 1.4
 GIT : git 1.5
 GIT : git 1.6
Original documentdocumentDEBIAN, [SECURITY] [DSA 1777-1] New git-core packages fix privilege escalation (21.04.2009)

SLURM privilege escalation
Published:21.04.2009
Source:
SecurityVulns ID:9862
Type:local
Threat Level:
4/10
Description:Group privileges are not gropped on external program invocation.
Affected:SLURM : SLURM 1.6
Original documentdocumentDEBIAN, [SECURITY] [DSA 1776-1] New slurm-llnl packages fix privilege escalation (21.04.2009)

Trend Micro OfficeScan DoS
Published:21.04.2009
Source:
SecurityVulns ID:9864
Type:remote
Threat Level:
5/10
Description:Crash during virus scanning on large number of folders with long names.
Original documentdocumentjplopezy_(at)_gmail.com, Trend Micro OfficeScan Client - DOS (21.04.2009)
Files:Exploits Trend Micro OfficeScan Client DOS

Addonics NAS Adapter multiple security vulnerabilities
updated since 21.04.2009
Published:03.05.2009
Source:
SecurityVulns ID:9863
Type:local
Threat Level:
5/10
Description:Buffer overflow with HTTP requests, FTP DoS.
Affected:ADDONICS : Addonics NAS Adapter
Original documentdocumentmcyr2_(at)_csc.com, Addonics NAS Adapter FTP Remote Denial of Service (03.05.2009)
 documentmcyr2_(at)_csc.com, Addonics NAS Adapter (bts.cgi) Remote DoS Exploit (post-auth) (21.04.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod