Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES - December 1, 2006

TITLE:
Ubuntu update for evince

SECUNIA ADVISORY ID:
SA23183

VERIFY ADVISORY:
http://secunia.com/advisories/23183/

CRITICAL:
Moderately critical

IMPACT:
System access

WHERE:
From remote

OPERATING SYSTEM:
Ubuntu Linux 5.10
http://secunia.com/product/6606/
Ubuntu Linux 6.06
http://secunia.com/product/10611/
Ubuntu Linux 6.10
http://secunia.com/product/12470/

DESCRIPTION:
Ubuntu has issued an update for evince. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

For more information:
SA23111

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/usn-390-1

OTHER REFERENCES:
SA23111:
http://secunia.com/advisories/23111/

Discussion is locked
You are posting a reply to: VULNERABILITIES - December 1, 2006
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES - December 1, 2006
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Mandriva update for GnuPG

In reply to: VULNERABILITIES - December 1, 2006

TITLE:
Mandriva update for GnuPG

SECUNIA ADVISORY ID:
SA23161

VERIFY ADVISORY:
http://secunia.com/advisories/23161/

CRITICAL:
Moderately critical

IMPACT:
System access

WHERE:
From remote

OPERATING SYSTEM:
Mandriva Linux 2007
http://secunia.com/product/12165/
Mandriva Linux 2006
http://secunia.com/product/9020/

DESCRIPTION:
Mandriva has issued an update for GnuPG. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise
a user's system.

For more information:
SA23094

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://www.mandriva.com/security/advisories?name=MDKSA-2006:221

OTHER REFERENCES:
SA23094:
http://secunia.com/advisories/23094/

Collapse -
Mandriva update for libgsf

In reply to: VULNERABILITIES - December 1, 2006

TITLE:
Mandriva update for libgsf

SECUNIA ADVISORY ID:
SA23166

VERIFY ADVISORY:
http://secunia.com/advisories/23166/

CRITICAL:
Moderately critical

IMPACT:
System access

WHERE:
From remote

OPERATING SYSTEM:
Mandriva Linux 2007
http://secunia.com/product/12165/

DESCRIPTION:
Mandriva has issued an update for libgsf. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise
an application using the library.

For more information:
SA23164

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://www.mandriva.com/security/advisories?name=MDKSA-2006:220

OTHER REFERENCES:
SA23164:
http://secunia.com/advisories/23164/

Collapse -
Palm Desktop Software Insecure Permissions

In reply to: VULNERABILITIES - December 1, 2006

TITLE:
Palm Desktop Software Insecure Permissions

SECUNIA ADVISORY ID:
SA23072

VERIFY ADVISORY:
http://secunia.com/advisories/23072/

CRITICAL:
Less critical

IMPACT:
Exposure of sensitive information

WHERE:
Local system

SOFTWARE:
Palm Desktop Software 4.x
http://secunia.com/product/718/

DESCRIPTION:
A security issue has been reported in Palm Desktop Software, which
can be exploited by malicious, local users to disclose sensitive
information.

The security issue is caused to the application storing sensitive
user data in directories inside the application directory with
insecure permissions. This can be exploited to read e.g. other users'
address books, todo lists, and calendar files on the system.

The vulnerability is reported in version 4.1.4. Other versions may
also be affected.

SOLUTION:
Grant only trusted users access to affected systems.

PROVIDED AND/OR DISCOVERED BY:
Richard Amacker

Collapse -
Mandriva update for proftpd

In reply to: VULNERABILITIES - December 1, 2006

TITLE:
Mandriva update for proftpd

SECUNIA ADVISORY ID:
SA23184

VERIFY ADVISORY:
http://secunia.com/advisories/23184/

CRITICAL:
Moderately critical

IMPACT:
System access

WHERE:
From remote

OPERATING SYSTEM:
Mandriva Linux 2007
http://secunia.com/product/12165/
Mandriva Linux 2006
http://secunia.com/product/9020/

DESCRIPTION:
Mandriva has issued an update for proftpd. This fixes some
vulnerabilities, which can be exploited by malicious users and
malicious people to compromise a vulnerable system.

For more information:
SA22803
SA23141

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://www.mandriva.com/security/advisories?name=MDKSA-2006:217-1

OTHER REFERENCES:
SA22803:
http://secunia.com/advisories/22803/

SA23141:
http://secunia.com/advisories/23141/

Collapse -
Debian update for proftpd

In reply to: VULNERABILITIES - December 1, 2006

TITLE:
Debian update for proftpd

SECUNIA ADVISORY ID:
SA23174

VERIFY ADVISORY:
http://secunia.com/advisories/23174/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
From remote

OPERATING SYSTEM:
Debian GNU/Linux 3.1
http://secunia.com/product/5307/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/

DESCRIPTION:
Debian has issued an update for proftpd. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) and by malicious users and malicious people
to potentially compromise a vulnerable system.

For more information:
SA22803
SA22821
SA23141

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://www.us.debian.org/security/2006/dsa-1222

OTHER REFERENCES:
SA22803:
http://secunia.com/advisories/22803/

SA22821:
http://secunia.com/advisories/22821/

SA23141:
http://secunia.com/advisories/23141/

Collapse -
Gentoo update for proftpd

In reply to: VULNERABILITIES - December 1, 2006

TITLE:
Gentoo update for proftpd

SECUNIA ADVISORY ID:
SA23179

VERIFY ADVISORY:
http://secunia.com/advisories/23179/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
From remote

OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/

DESCRIPTION:
Gentoo has issued an update for proftpd. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) and by malicious users and malicious people
to potentially compromise a vulnerable system.

For more information:
SA22803
SA22821
SA23141

SOLUTION:
Update to "net-ftp/proftpd-1.3.0a" or later.

ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200611-26.xml

OTHER REFERENCES:
SA22803:
http://secunia.com/advisories/22803/

SA22821:
http://secunia.com/advisories/22821/

SA23141:
http://secunia.com/advisories/23141/

Collapse -
rPath update for gnupg

In reply to: VULNERABILITIES - December 1, 2006

TITLE:
rPath update for gnupg

SECUNIA ADVISORY ID:
SA23171

VERIFY ADVISORY:
http://secunia.com/advisories/23171/

CRITICAL:
Moderately critical

IMPACT:
System access

WHERE:
From remote

OPERATING SYSTEM:
rPath Linux 1.x
http://secunia.com/product/10614/

DESCRIPTION:
rPath has issued an update for gnupg. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise
a user's system.

For more information:
SA23094

SOLUTION:
Update to "gnupg=/conary.rpath.com@rpl:devel//1/1.4.5-1.1-1"

ORIGINAL ADVISORY:
https://issues.rpath.com/browse/RPL-826

OTHER REFERENCES:
SA23094:
http://secunia.com/advisories/23094/

Collapse -
rPath update for openldap

In reply to: VULNERABILITIES - December 1, 2006

TITLE:
rPath update for openldap

SECUNIA ADVISORY ID:
SA23170

VERIFY ADVISORY:
http://secunia.com/advisories/23170/

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
From remote

OPERATING SYSTEM:
rPath Linux 1.x
http://secunia.com/product/10614/

DESCRIPTION:
rPath has issued an update for openldap. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

For more information:
SA22750

SOLUTION:
Update to:
openldap=/conary.rpath.com@rpl:devel//1/2.2.26-8.5-1
openldap-clients=/conary.rpath.com@rpl:devel//1/2.2.26-8.5-1
openldap-servers=/conary.rpath.com@rpl:devel//1/2.2.26-8.5-1

ORIGINAL ADVISORY:
https://issues.rpath.com/browse/RPL-820

OTHER REFERENCES:
SA22750:
http://secunia.com/advisories/22750/

Collapse -
rPath update for tar

In reply to: VULNERABILITIES - December 1, 2006

TITLE:
rPath update for tar

SECUNIA ADVISORY ID:
SA23173

VERIFY ADVISORY:
http://secunia.com/advisories/23173/

CRITICAL:
Moderately critical

IMPACT:
Manipulation of data

WHERE:
From remote

OPERATING SYSTEM:
rPath Linux 1.x
http://secunia.com/product/10614/

DESCRIPTION:
rPath has issued an update for tar. This fixes a security issue,
which can be exploited by malicious people to overwrite arbitrary
files.

For more information:
SA23115

SOLUTION:
Update to "tar=/conary.rpath.com@rpl:devel//1/1.15.1-7.1-1".

ORIGINAL ADVISORY:
https://issues.rpath.com/browse/RPL-821

OTHER REFERENCES:
SA23115:
http://secunia.com/advisories/23115/

Collapse -
Gentoo update for proftpd

In reply to: VULNERABILITIES - December 1, 2006

TITLE:
Gentoo update for proftpd

SECUNIA ADVISORY ID:
SA23179

VERIFY ADVISORY:
http://secunia.com/advisories/23179/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
From remote

OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/

DESCRIPTION:
Gentoo has issued an update for proftpd. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) and by malicious users and malicious people
to potentially compromise a vulnerable system.

For more information:
SA22803
SA22821
SA23141

SOLUTION:
Update to "net-ftp/proftpd-1.3.0a" or later.

ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200611-26.xml

OTHER REFERENCES:
SA22803:
http://secunia.com/advisories/22803/

SA22821:
http://secunia.com/advisories/22821/

SA23141:
http://secunia.com/advisories/23141/

Collapse -
Apple AirPort Beacon Frame Denial of Service

In reply to: VULNERABILITIES - December 1, 2006

TITLE:
Apple AirPort Beacon Frame Denial of Service

SECUNIA ADVISORY ID:
SA23159

VERIFY ADVISORY:
http://secunia.com/advisories/23159/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From remote

OPERATING SYSTEM:
Apple Macintosh OS X
http://secunia.com/product/96/

DESCRIPTION:
LMH has reported a vulnerability in the Apple AirPort Extreme driver,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

The vulnerability exists due to an error in the handling of beacon
frames and can be exploited to cause a kernel panic.

The vulnerability is reported on an Intel-based MacBook running Mac
OS X 10.4.8 (8L2127) and Apple Airport Extreme Firmware version
0.1.27. Other versions may also be affected.

SOLUTION:
Do not use wireless with affected systems.

PROVIDED AND/OR DISCOVERED BY:
LMH

ORIGINAL ADVISORY:
http://projects.info-pull.com/mokb/MOKB-30-11-2006.html

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

REVIEW

Sublime suburban chariot

High on style and technology, the 2019 Volvo XC90 is an incredibly satisfying everyday crossover.