[Bug 245769] [NEW] [CVE-2008-2955, -2956, -2957] Pidgin denial of service vulnerabilities

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: pidgin CVE-2008-2955 description: "Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message

[Bug 245769] Re: [CVE-2008-2955, -2956, -2957] Pidgin denial of service vulnerabilities

Adding CVE links: CVE-2008-2955, CVE-2008-2956, CVE-2008-2957 -- [CVE-2008-2955, -2956, -2957] Pidgin denial of service vulnerabilities https://bugs.launchpad.net/bugs/245769 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bug

[Bug 245770] [NEW] [CVE-2008-2927] MSN integer overflow in Pidgin

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: pidgin CVE-2008-2927 is a remote buffer overflow vulnerability in the MSN protocol handler. Apparently it can lead to arbitrary code execution. It's not yet in the public vulnerability databases, so p

[Bug 245770] Re: [CVE-2008-2927] MSN integer overflow in Pidgin

Adding a CVE reference: CVE-2008-2927 -- [CVE-2008-2927] MSN integer overflow in Pidgin https://bugs.launchpad.net/bugs/245770 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com http

[Bug 245770] Re: [CVE-2008-2927] MSN integer overflow in Pidgin

Here is a description from the Red Hat bug: "An integer overflow in Pidgin's MSN protocol handler could allow malformed SLP message to cause an integer overflow, which could result in arbitrary code execution. This flaw is only exploitable by individuals who can message a user, which is controlle

[Bug 245774] [NEW] Wireshark 1.0.1 fixes multiple vulnerabilities

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: wireshark Wireshark 1.0.1 fixes multiple security issues in the previous releases. * The GSM SMS dissector could crash * The PANA and KISMET dissectors could force Wireshark to quit unexpectedly * Th

[Bug 235829] Security implications of this crash

On Fri, Jun 27, 2008 at 23:08, Kees Cook wrote: > > Thanks for the bug report. This is actually not a security problem, but > rather an unusual looking crash in the heap, and has already been > reported. I am marking this as a duplicate. Please feel free to report > any other issues you might fi

[Bug 245934] [NEW] [CVE-2008-2371] Heap overflow in PCRE leading to arbitrary code execution

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-2371 description from Debian security advisory DSA-1602-1: "Tavis Ormandy discovered that PCRE, the Perl-Compatible Regular Expression library, may encounter a heap overflow condition when compiling certain regul

[Bug 253767] [NEW] [CVE-2008-3230] ffmpeg crash in lavf demuxer via a crafted GIF file

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: ffmpeg CVE-2008-3230 description: "The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly related to gstreamer, as de

[Bug 253767] Re: [CVE-2008-3230] ffmpeg crash in lavf demuxer via a crafted GIF file

Hmm, I can't add a reference to the Gnome bug, so I'll paste it here along with another link: http://bugzilla.gnome.org/show_bug.cgi?id=542643 http://www.openwall.com/lists/oss-security/2008/07/13/3 -- [CVE-2008-3230] ffmpeg crash in lavf demuxer via a crafted GIF file https://bugs.launchpad.net

[Bug 253782] [NEW] [CVE-2008-3215] ClamAV Petite DoS not fixed until 0.93.3

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: clamav CVE-2008-3215 description: "libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory ac

[Bug 224945] Re: [SRU] memory leaks in apache2 when running mod_ssl

** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-1678 -- [SRU] memory leaks in apache2 when running mod_ssl https://bugs.launchpad.net/bugs/224945 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs maili

[Bug 253787] [NEW] [CVE-2008-2931] Local privilege escalation in Linux (do_change_type() in fs/namespace.c)

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: linux-source-2.6.20 CVE-2008-2931 description: "The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which

[Bug 245774] Re: Wireshark 1.0.1 fixes multiple vulnerabilities

Here are the CVE numbers for the vulnerabilities fixed in Wireshark 1.0.1: CVE-2008-3137 (GSM SMS dissector) CVE-2008-3138 (PANA and KISMET dissectors) CVE-2008-3139 (RTMPT dissector) CVE-2008-3141 (RMI dissector) CVE-2008-3140 (syslog dissector) Wireshark 1.0.2 fixes another vulnerability: http:/

[Bug 253804] [NEW] Possible SVG vulnerability affecting Firefox, evince, eog, Gimp and more

*** This bug is a security vulnerability *** Public security bug reported: There's an exploit published on July 8, 2008 at http://www.milw0rm.com/exploits/6029 that says: "Malicious SVG file DoS The following applications were tested in their latest revisions: Firefox's "browse for file, previe

Re: [Bug 253804] Re: Possible SVG vulnerability affecting Firefox, evince, eog, Gimp and more

On Fri, Aug 1, 2008 at 05:01, Kees Cook wrote: > I cannot reproduce this on any of the linked packages. Have you seen > actual crashes? No, I didn't test it at all because I've got only one machine and it's in production use right now. I will post an update if I can reproduce it. I've also posted

[Bug 253804] Re: Possible SVG vulnerability affecting Firefox, evince, eog, Gimp and more

** Description changed: - There's an exploit published on July 8, 2008 at + There's an proof-of-concept exploit published on July 8, 2008 at http://www.milw0rm.com/exploits/6029 that says: "Malicious SVG file DoS The following applications were tested in their latest revisions: Firef

[Bug 253804] Re: Possible SVG vulnerability affecting Firefox, evince, eog, Gimp and more

** Description changed: - There's an proof-of-concept exploit published on July 8, 2008 at + There's an alleged proof-of-concept exploit published on July 8, 2008 at http://www.milw0rm.com/exploits/6029 that says: "Malicious SVG file DoS The following applications were tested in their

[Bug 322196] [NEW] Untrusted search path vulnerability in Python and multiple other programs

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: python2.5 There's an interesting bug (or feature?) in Python 2.5 and earlier that affects multiple applications using Python. The bug allows local or user-assisted remote arbitrary code execution. Her

[Bug 322196] Re: Untrusted search path vulnerability in Python and multiple other programs

Adding CVE references: CVE-2008-5983, CVE-2008-5984, CVE-2008-5985, CVE-2008-5986, CVE-2008-5987, CVE-2009-0314, CVE-2009-0315, CVE-2009-0316, CVE-2009-0317, CVE-2009-0318 ** Also affects: python2.4 (Ubuntu) Importance: Undecided Status: New ** Also affects: dia (Ubuntu) Importance

[Bug 322196] Re: Untrusted search path vulnerability in Python and multiple other programs

According to these links (provided by Jan Lieskovsky in the thread referenced above), Python 2.6 is affected as well. http://www.openwall.com/lists/oss-security/2009/01/28/5 https://bugzilla.redhat.com/show_bug.cgi?id=482814#c1 ** Description changed: - Binary package hint: python2.5 - - There'

[Bug 321460] Re: alacarte crashed with SIGSEGV in g_closure_invoke()

I failed to reproduce this crash on my Hardy, so there's little point in testing it on Intrepid. -- alacarte crashed with SIGSEGV in g_closure_invoke() https://bugs.launchpad.net/bugs/321460 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 339834] [NEW] CVE-2009-0653: OpenSSL does not verify the Basic Constraints for an intermediate CA-signed certificate

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: openssl CVE-2009-0653 description from the NVD: "OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the c

[Bug 128932] Re: Google Suggest drop-down list too narrow in Firefox

In Firefox 3.0 this bug is alleviated by the feature that allows you to change the width of the search field manually. However, there is no reason why you should expand the search field manually every time you enter a query that triggers long suggestions, and then revert its size to leave room for

[Bug 275560] [NEW] Gnome Screensaver should optionally disable audio input and output

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: gnome-screensaver This is an enhancement request related to a low-risk security vulnerability. Nothing serious but still would be nice to have this implemented. Currently you can password-protect you

[Bug 246292] [NEW] [CVE-2008-2950] libpoppler uninitialized pointer leads to arbitrary code execution

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-2950 description from the oCERT advisory #2008-007: "The poppler PDF rendering library suffers a memory management bug which leads to arbitrary code execution. The vulnerability is present in the Page class cons

[Bug 246292] Re: [CVE-2008-2950] libpoppler uninitialized pointer leads to arbitrary code execution

Adding a CVE reference: CVE-2008-2950 -- [CVE-2008-2950] libpoppler uninitialized pointer leads to arbitrary code execution https://bugs.launchpad.net/bugs/246292 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing l

[Bug 246702] [NEW] [CVE-2008-1447] Randomize DNS query source ports to prevent cache poisoning

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: bind9 Debian issued three security advisories related to the possibility of DNS cache poisoning in Bind 9 (DSA-1603), Bind 8 (DSA-1604) and the libc stub resolver (DSA-1605). Here is the description

[Bug 246818] [NEW] [CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: ruby1.8 CVE-2008-2376 description: "Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or po

[Bug 246819] [NEW] [CVE-2008-2374] Vulnerability in the SDP client functionality in BlueZ

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-2374 description: "src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP serv

[Bug 247438] [NEW] Possible vulnerability in libavformat

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: ffmpeg There is a possible security vulnerability in file psxstr.c of the libavformat library. Please see http://www.openwall.com/lists/oss-security/2008/07/09/9 for the details. ** Affects: ffmpeg

[Bug 247438] Re: Possible vulnerability in libavformat

** Bug watch added: roundup.mplayerhq.hu/roundup/ffmpeg/ #311 https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311 ** Also affects: ffmpeg via https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311 Importance: Unknown Status: Unknown -- Possible vulnerability in libavformat https:/

[Bug 247445] [NEW] Package managers vulnerable to replay and endless data attacks

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: apt apt and possibly other Ubuntu package managers capable of downloading packages are vulnerable to two kinds of attacks. 1. Replay attack, where an attacker, by operating a malicious mirror or by

[Bug 247445] Re: Package managers vulnerable to replay and endless data attacks

See also this post in the CERT vulnerability analysis blog: http://www.cert.org/blogs/vuls/2008/07/using_package_managers.html They have assigned a vulnerability number to this issue (VU#230187) but it doesn't seem to be public yet. -- Package managers vulnerable to replay and endless data atta

[Bug 235912] Re: [CVE-2008-1105] Samba: boundary failure when parsing SMB responses

DSA 1590-1: http://www.debian.org/security/2008/dsa-1590 (link not functioning yet) ** Bug watch added: Debian Bug tracker #483410 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483410 ** Also affects: samba (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483410 Importanc

[Bug 236762] [NEW] [CVE-2008-2419] Firefox JSframe heap corruption vulnerability

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: firefox CVE-2008-2419 description: "Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code by trigger

[Bug 236769] [NEW] [CVE-2008-1922] Multiple buffer overflows in sarg

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: sarg CVE-2008-1922 description: "Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a crafted Squid log file." http://cve.mit

[Bug 232150] Re: Multiple vulnerabilities in libvorbis 1.2.0 [CVE-2008-1419, CVE-2008-1420, CVE-2008-1423]

Debian advisory: http://www.debian.org/security/2008/dsa-1591 ** Bug watch added: Debian Bug tracker #482518 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518 ** Also affects: libvorbis (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518 Importance: Unknown

[Bug 237229] [NEW] [CVE-2008-2119] Remote Crash Vulnerability in SIP channel driver when run in pedantic mode

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: asterisk CVE-2008-2119 description from the upstream advisory AST-2008-008: "During pedantic SIP processing the From header value is passed to the ast_uri_decode function to be decoded. In two instan

[Bug 275560] Re: Gnome Screensaver should optionally disable audio input and output

** Bug watch added: GNOME Bug Tracker #554438 http://bugzilla.gnome.org/show_bug.cgi?id=554438 ** Also affects: gnome-screensaver via http://bugzilla.gnome.org/show_bug.cgi?id=554438 Importance: Unknown Status: Unknown ** Description changed: Binary package hint: gnome-screensa

[Bug 251304] Re: Pidgin XMPP TLS/SSL Man in the Middle attack

On Fri, Aug 8, 2008 at 02:11, Steven M. Christey wrote: > > On Tue, 5 Aug 2008, Josh Bressers wrote: > >> http://developer.pidgin.im/ticket/6500 >> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492434 > > Use CVE-2008-3532, to be updated later. > > - Steve ** CVE added: http://www.cve.mitre.o

[Bug 256617] [NEW] [CVE-2008-3546] PATH buffer overflow in diff_addremove(), diff_change functions() in git leading to arbitrary code execution

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: git-core CVE-2008-3546 description: "Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a

[Bug 256621] [NEW] [CVE-2008-3459] OpenVPN vulnerability allows arbitrary command execution via crafted configuration

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: openvpn CVE-2008-3459 description: "Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via craft

[Bug 256621] Re: [CVE-2008-3459] OpenVPN vulnerability allows arbitrary command execution via crafted configuration

Adding CVE reference: CVE-2008-3459 -- [CVE-2008-3459] OpenVPN vulnerability allows arbitrary command execution via crafted configuration https://bugs.launchpad.net/bugs/256621 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-

[Bug 256617] Re: [CVE-2008-3546] PATH buffer overflow in diff_addremove(), diff_change functions() in git leading to arbitrary code execution

Adding CVE reference: CVE-2008-3546 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-3546 ** Summary changed: - [CVE-2008-3546] PATH buffer overflow in diff_addremove(), diff_change functions() in git leading to arbitrary code execution + [CVE-2008-3546] PATH buffer overflo

[Bug 256624] [NEW] [CVE-2008-3444] Firefox 3.0.1 crash via a crafted but well-formed web page

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: firefox-3.0 CVE-2008-3444 description: "The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application cr

[Bug 256624] Re: [CVE-2008-3444] Firefox 3.0.1 crash via a crafted but well-formed web page

Adding CVE reference: CVE-2008-3444 ** Bug watch added: Mozilla Bugzilla #448564 https://bugzilla.mozilla.org/show_bug.cgi?id=448564 ** Also affects: firefox via https://bugzilla.mozilla.org/show_bug.cgi?id=448564 Importance: Unknown Status: Unknown -- [CVE-2008-3444] Firefox 3.

[Bug 253787] Re: [CVE-2008-2931] Local privilege escalation in Linux (do_change_type() in fs/namespace.c)

Changed affected package from linux-source-2.6.20 to linux as per . ** Also affects: linux (Ubuntu) Importance: Undecided Status: New ** Changed in: linux-source-2.6.20 (Ubuntu) Status: New => Invalid -- [CVE-20

[Bug 256632] [NEW] [CVE-2008-3272, -3496, -3534, -3535] Multiple vulnerabilities in the Linux kernel

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-3272 preliminary description: "The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is

[Bug 256632] Re: [CVE-2008-3272, -3496, -3534, -3535] Multiple vulnerabilities in the Linux kernel

Adding CVE references: CVE-2008-3272, CVE-2008-3496, CVE-2008-3534, CVE-2008-3535 ** Also affects: linux-source-2.6.15 (Ubuntu) Importance: Undecided Status: New -- [CVE-2008-3272, -3496, -3534, -3535] Multiple vulnerabilities in the Linux kernel https://bugs.launchpad.net/bugs/256632

[Bug 256621] Re: [CVE-2008-3459] OpenVPN vulnerability allows arbitrary command execution via crafted configuration

** Also affects: openvpn (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493488 Importance: Unknown Status: Unknown -- [CVE-2008-3459] OpenVPN vulnerability allows arbitrary command execution via crafted configuration https://bugs.launchpad.net/bugs/256621 You received

[Bug 253787] Re: [CVE-2008-2931] Local privilege escalation in Linux (do_change_type() in fs/namespace.c)

On Mon, Aug 11, 2008 at 21:38, Leann Ogasawara wrote: > > [...] Also, you had correctly > opened this against the 2.6.20 kernel source. It's only for bugs > against 2.6.24 or later that they will target the "linux" package. If so, please update the wiki page at

[Bug 243481] [NEW] [CVE-2008-2827] rmtree() in Perl 5.10 vulnerable to symlink attacks

Public bug reported: Binary package hint: perl CVE-2008-2827 description: "The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different v

[Bug 243487] [NEW] Evolution vulnerability via HTML frames

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: evolution Juan Pablo Lopez Yacubian reported the following vulnerability to Bugtraq: http://www.securityfocus.com/archive/1/493686/30/0/threaded ** Affects: evolution (Ubuntu) Importance: Undeci

[Bug 243488] [NEW] Rhythmbox vulnerability via a crafted playlist file

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: rhythmbox Juan Pablo Lopez Yacubian reported the following vulnerability to Bugtraq: http://www.securityfocus.com/archive/1/493683/30/0/threaded ** Affects: rhythmbox (Ubuntu) Importance: Undeci

[Bug 241419] [NEW] [CVE-2008-2750] Remote vulnerability in pppol2tp_recvmsg() in Linux

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-2750 description: "The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial of service (kernel heap memory corruption and system

[Bug 241421] [NEW] [CVE-2008-2719] nasm vulnerability (DoS and possible arbitrary code execution)

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: nasm CVE-2008-2719 description: "Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possi

[Bug 240549] Re: fetchmail denial of service CVE-2008-2711

Trying to link this bug to CVE-2008-2711 (the web UI for that doesn't seem to work). ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-2711 -- fetchmail denial of service CVE-2008-2711 https://bugs.launchpad.net/bugs/240549 You received this bug notification because you are a

[Bug 241419] Re: [CVE-2008-2750] Remote vulnerability in pppol2tp_recvmsg() in Linux

CVE-2008-2750 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-2750 -- [CVE-2008-2750] Remote vulnerability in pppol2tp_recvmsg() in Linux https://bugs.launchpad.net/bugs/241419 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed t

[Bug 241421] Re: [CVE-2008-2719] nasm vulnerability (DoS and possible arbitrary code execution)

CVE-2008-2719 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-2719 -- [CVE-2008-2719] nasm vulnerability (DoS and possible arbitrary code execution) https://bugs.launchpad.net/bugs/241421 You received this bug notification because you are a member of Ubuntu Bugs, which is s

Re: [Bug 240549] Re: fetchmail denial of service CVE-2008-2711

On Fri, Jun 20, 2008 at 03:18, Emanuele Gentili wrote: > http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2711 I meant using the link "Link to CVE" in the Actions menu on the left which adds an appropriate reference to this bug's metadata and makes it findable in the Launchpad CVE tracker

[Bug 134370] Re: [Gutsy, Hardy] Video doesn't play in XV video players

I also experience this bug. ATI RV350 AP [Radeon 9600], free driver (radeon), Ubuntu 8.04 with latest recommended and security updates. Tested using totem and gst-launch. If you (the developers) need more information from the testers to investigate and fix this bug, I'll try to help. Just let me k

[Bug 239129] Re: [CVE-2008-0960] Multiple SNMP implementations HMAC authentication spoofing

** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-0960 -- [CVE-2008-0960] Multiple SNMP implementations HMAC authentication spoofing https://bugs.launchpad.net/bugs/239129 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubun

[Bug 192745] Re: Net-SNMP tries to read the obsolete /etc/sensors.conf

** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-0960 -- Net-SNMP tries to read the obsolete /etc/sensors.conf https://bugs.launchpad.net/bugs/192745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs

[Bug 239129] Re: [CVE-2008-0960] Multiple SNMP implementations HMAC authentication spoofing

A fix for net-snmp is in Intrepid: net-snmp (5.4.1~dfsg-7.1ubuntu2) intrepid; urgency=low * SECURITY UPDATE: HMAC authentication spoofing. * debian/patches/51_CVE-2008-0960.patch: fixes HMAC authentication spoofing. * debian/patches/52_use_right_config_file.patch: Use the right configuratio

[Bug 241892] [NEW] [CVE-2008-2292] Buffer overflow in __snprint_value() in snmp_get

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-2292 description: "Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and po

[Bug 232150] [NEW] Multiple vulnerabilities in libvorbis 1.2.0 [CVE-2008-1419, CVE-2008-1420, CVE-2008-1423]

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-1419 description: "Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an in

[Bug 190218] Re: Please sync netpbm-free 2:10.0-11.1 (main) from Debian unstable (main)

** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-0554 -- Please sync netpbm-free 2:10.0-11.1 (main) from Debian unstable (main) https://bugs.launchpad.net/bugs/190218 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -

[Bug 232156] [NEW] [CVE-2008-0554] Buffer overflow in readImageData() in giftopnm.c leads to arbitrary code execution

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-0554 description: "Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly

[Bug 217682] Re: Partitioner hangs at 47% when creating encrypted swap partition

*** This bug is a duplicate of bug 148560 *** https://bugs.launchpad.net/bugs/148560 ** This bug is no longer a duplicate of bug 154502 partitioner crashes with random encryption key. ** This bug has been marked a duplicate of bug 148560 installer hangs with encryption and random passwo

[Bug 154502] Re: partitioner crashes with random encryption key.

*** This bug is a duplicate of bug 148560 *** https://bugs.launchpad.net/bugs/148560 I think this is not related to partman-md. It's more likely to be related to partman-crypto, partman-crypto-dm and debian-installer. I'll leave the bug as New in partman-md because I'm not sure what partman-md

[Bug 229953] [NEW] [CVE-2008-2142] Emacs 21 will automatically execute .flc (fast lock) files

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: emacs21 CVE-2008-2142 description: "Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files are edited within Emacs, which allows user-assisted

[Bug 229964] [NEW] [CVE-2008-0166] Predictable random number generator in openssl

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: openssl CVE-2008-0166 description from Debian security advisory DSA 1571-1: "Luciano Bello discovered that the random number generator in Debian's openssl package is predictable. This is caused by a

[Bug 229951] Re: CVE-2008-0166: predictable random number generator

** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-0166 -- CVE-2008-0166: predictable random number generator https://bugs.launchpad.net/bugs/229951 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs maili

[Bug 222592] Re: [CVE-2008-1102] Blender imb_loadhdr() buffer overflow

** Bug watch added: Gentoo Bugzilla #219008 http://bugs.gentoo.org/show_bug.cgi?id=219008 ** Also affects: gentoo via http://bugs.gentoo.org/show_bug.cgi?id=219008 Importance: Unknown Status: Unknown -- [CVE-2008-1102] Blender imb_loadhdr() buffer overflow https://bugs.launchpad.

[Bug 227345] Re: [CVE-2008-1103] Multiple temporary files vulnerabilities

Fixed by Gentoo in GLSA 200805-12 . -- [CVE-2008-1103] Multiple temporary files vulnerabilities https://bugs.launchpad.net/bugs/227345 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubun

[Bug 229964] Re: [CVE-2008-0166] Predictable random number generator in openssl

*** This bug is a duplicate of bug 229951 *** https://bugs.launchpad.net/bugs/229951 This has been fixed by USN-612-1, I think. http://www.ubuntu.com/usn/usn-612-1 -- [CVE-2008-0166] Predictable random number generator in openssl https://bugs.launchpad.net/bugs/229964 You received this bug n

[Bug 230620] [NEW] [CVE-2008-2109] Denial of service via the ID3_FIELD_TYPE_STRINGLIST field

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-2109 description: "field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU consumption) via an ID3_FIELD_TYPE_STRINGLIST field that ends in '\0', which trigge

[Bug 127960] Re: Unresponsive script dialog usability problems

I can reproduce this in Firefox 3.0.1 from Hardy (package version 3.0.1+build1+nobinonly-0ubuntu0.8.04.3) with the above test case. ** Also affects: firefox-3.0 (Ubuntu) Importance: Undecided Status: New ** Attachment added: "Firefox 3.0.1 screenshot" http://launchpadlibrarian.net/16

[Bug 257949] [NEW] [CVE-2008-2420] stunnel incorrect OCSP validation vulnerability

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: stunnel4 CVE-2008-2420 description: "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access

[Bug 258162] [NEW] Postfix local privilege escalation via hardlinked symlinks

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: postfix Wietse Venema posted an advisory about this to Bugtraq. Excerpt: "Sebastian Krahmer of SuSE has found a privilege escalation problem. On some systems an attacker can hardlink a root-owned sym

[Bug 258172] [NEW] mktemp-generated filenames insufficiently random when too short

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: mktemp mktemp produces filenames that are partly not random, possibly allowing to mount a local attack. Please see the discussion in Debian bug http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=49519

[Bug 258180] [NEW] [CVE-2008-3276] Linux kernel dccp_setsockopt_change() integer overflow

*** This bug is a security vulnerability *** Public security bug reported: Eugene Teo of Red Hat Security Response Team wrote: "An integer overflow flaw was found in the Linux kernel dccp_setsockopt_change() function. The vulnerability exists due to a lack of sanitisation performed on a user-con

[Bug 206071] Re: overflow in reports with long DNS names

Is this CVE-2008-2357? http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2357 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-2357 ** This bug has been flagged as a security issue -- overflow in reports with long DNS names https://bugs.launchpad.net/bugs/206071 You received thi

[Bug 228193] Re: rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]

What about the releases before Intrepid? ** Changed in: rdesktop (Ubuntu) Status: Fix Released => Fix Committed -- rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803] https://bugs.launchpad.net/bugs/228193 You received this bug notification because you are a membe

[Bug 235901] [NEW] [CVE-2008-1804] Snort IP fragment TTL evasion vulnerability

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: snort CVE-2008-1804 description: "Remote exploitation of a design error vulnerability in Snort [...] could allow an attacker to bypass filter rules. Due to a design error vulnerability, Snort does n

[Bug 235904] [NEW] [CVE-2008-1878] Inadequate bounds checking in the NES Sound Format (NSF) demuxer

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-1878 description: "Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and earlier allows remote attackers to cause a denial of service (crash) and poss

[Bug 235909] [NEW] [CVE-2008-1767] Buffer overflow in libxslt

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-1767 description: "It was discovered that libxslt, an XSLT processing runtime library, could be coerced into executing arbitrary code via a buffer overflow when an XSL style sheet file with a long XSLT "transform

[Bug 235912] [NEW] [CVE-2008-1105] Samba: boundary failure when parsing SMB responses

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: samba CVE-2008-1105 description: "Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a craft

[Bug 235913] [NEW] [CVE-2008-0891, CVE-2008-1672] OpenSSL denial of service vulnerabilities (crashes)

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: openssl CVE-2008-0891 description: "Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (cras

[Bug 235913] Re: [CVE-2008-0891, CVE-2008-1672] OpenSSL denial of service vulnerabilities (crashes)

See also: http://cert.fi/haavoittuvuudet/2008/advisory-openssl.html -- [CVE-2008-0891, CVE-2008-1672] OpenSSL denial of service vulnerabilities (crashes) https://bugs.launchpad.net/bugs/235913 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubun

[Bug 235915] [NEW] [CVE-2008-2426] imlib2 PNM and XPM buffer overflows

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-2426 description: "1) A boundary error exists within the "load()" function in src/modules/loaders/loader_pnm.c when processing the header of a PNM image file. This can be exploited to cause a stack-based buffer o

[Bug 251304] Re: Pidgin XMPP TLS/SSL Man in the Middle attack

** Bug watch added: Debian Bug tracker #492434 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492434 ** Also affects: pidgin (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492434 Importance: Unknown Status: Unknown -- Pidgin XMPP TLS/SSL Man in the Middle attack

[Bug 247445] Re: Package managers vulnerable to replay and endless data attacks

** Bug watch added: Debian Bug tracker #491374 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=491374 ** Also affects: debian via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=491374 Importance: Unknown Status: Unknown -- Package managers vulnerable to replay and endless data

[Bug 237956] [NEW] [CVE-2008-1108, CVE-2008-1109] Evolution iCalendar buffer overflows

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: evolution CVE-2008-1108 description: "Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is disabled, allows remote attackers to execute arbitrary code via a long timezone string in

[Bug 235915] Re: [CVE-2008-2426] imlib2 PNM and XPM buffer overflows

** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-2426 -- [CVE-2008-2426] imlib2 PNM and XPM buffer overflows https://bugs.launchpad.net/bugs/235915 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mail

[Bug 238089] [NEW] [CVE-2008-2363] Heap overflow in PartsBatch class via .nzb files

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: pan CVE-2008-2363 description: "The PartsBatch class in Pan 0.132 and earlier does not properly manage the data structures for Parts batches, which allows remote attackers to cause a denial of servic

[Bug 238524] [NEW] [CVE-2008-1673, CVE-2008-2358] Linux heap overflows potentially leading to remote arbitrary code execution

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-1673 description: "Wei Wang from McAfee reported a potential heap overflow in the ASN.1 decode code that is used by the SNMP NAT and CIFS subsystem. Exploitation of this issue may lead to arbitrary code execution

[Bug 238524] Re: [CVE-2008-1673, CVE-2008-2358] Linux heap overflows potentially leading to remote arbitrary code execution

More information is being published: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1673 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2358 -- [CVE-2008-1673, CVE-2008-2358] Linux heap overflows potentially leading to remote arbitrary code execution https://bugs.launchpad.net/bugs/238524 You receiv

[Bug 238925] [NEW] [CVE-2008-2152] Integer overflow in rtl_allocateMemory() in OpenOffice.org

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: openoffice.org CVE-2008-2152 description: "A security vulnerability in the custom memory allocation function from OpenOffice.org may lead to heap overflows and allow a remote unprivileged user who pr

  1   2   3   4   >