These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.
USN-1367-1: libpng vulnerabilities - 16th February 2012
It was discovered that libpng did not properly verify the embedded profile length of iCCP chunks. An attacker could exploit this to cause a denial of service via application crash. This issue only affected Ubuntu 8.04 LTS. (CVE-2009-5063) Jueri Aedla discovered that libpng did not properly verify the size used ...
USN-1368-1: Apache HTTP Server vulnerabilities - 16th February 2012
It was discovered that the Apache HTTP Server incorrectly handled the SetEnvIf .htaccess file directive. An attacker having write access to a .htaccess file may exploit this to possibly execute arbitrary code. (CVE-2011-3607) Prutha Parikh discovered that the mod_proxy module did not properly interact with the RewriteRule and ProxyPassMatch pattern ...
CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053
USN-1284-2: Update Manager regression - 16th February 2012
USN-1284-1 fixed vulnerabilities in Update Manager. One of the fixes introduced a regression for Kubuntu users attempting to upgrade to a newer Ubuntu release. This update fixes the problem. We apologize for the inconvenience. Original advisory details: David Black discovered that Update Manager incorrectly extracted the downloaded upgrade tarball before ...
USN-1366-1: devscripts vulnerabilities - 15th February 2012
Paul Wise discovered that debdiff did not properly sanitize its input when processing .dsc and .changes files. If debdiff processed a crafted file, an attacker could execute arbitrary code with the privileges of the user invoking the program. (CVE-2012-0210) Raphael Geissert discovered that debdiff did not properly sanitize its input ...
CVE-2012-0210 CVE-2012-0211 CVE-2012-0212
USN-1365-1: Puppet vulnerability - 14th February 2012
It was discovered that Puppet would allow remote ralsh under certain circumstances. An attacker on an authenticated puppet node could exploit this to view or manipulate resources on other Puppet nodes.
USN-1364-1: Linux kernel (OMAP4) vulnerabilities - 13th February 2012
A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. (CVE-2012-0038) Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules ...
CVE-2012-0038 CVE-2012-0055 CVE-2012-0056 CVE-2012-0207
USN-1363-1: Linux kernel vulnerabilities - 13th February 2012
A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual interrupt control is not available a local user could use this to cause a denial of service by starting a timer. (CVE-2011-4622) A flaw was discovered in the XFS filesystem. If a local user mounts a specially ...
CVE-2011-4622 CVE-2012-0038 CVE-2012-0055 CVE-2012-0207
USN-1362-1: Linux kernel vulnerabilities - 13th February 2012
Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user who can mount a FUSE file system could cause a denial of service. (CVE-2011-3353) A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual interrupt control is not available a local user could use ...
CVE-2011-3353 CVE-2011-4622 CVE-2012-0038 CVE-2012-0044
USN-1361-1: Linux kernel vulnerabilities - 13th February 2012
Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user who can mount a FUSE file system could cause a denial of service. (CVE-2011-3353) A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual interrupt control is not available a local user could use ...
CVE-2011-3353 CVE-2011-4622 CVE-2012-0038 CVE-2012-0044
USN-1358-2: PHP regression - 13th February 2012
USN 1358-1 fixed multiple vulnerabilities in PHP. The fix for CVE-2012-0831 introduced a regression where the state of the magic_quotes_gpc setting was not correctly reflected when calling the ini_get() function. We apologize for the inconvenience. Original advisory details: It was discovered that PHP computed hash values for form parameters without ...
USN-1360-1: Firefox vulnerability - 13th February 2012
Andrew McCreight and Olli Pettay discovered a use-after-free vulnerability in the XBL bindings. An attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. (CVE-2012-0452)
USN-1359-1: Tomcat vulnerabilities - 13th February 2012
It was discovered that Tomcat incorrectly performed certain caching and recycling operations. A remote attacker could use this flaw to obtain read access to IP address and HTTP header information in certain cases. This issue only applied to Ubuntu 11.10. (CVE-2011-3375) It was discovered that Tomcat computed hash values for ...
CVE-2011-3375 CVE-2011-4858 CVE-2012-0022
USN-1358-1: PHP vulnerabilities - 9th February 2012
It was discovered that PHP computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. This could allow a remote attacker to cause a denial of service by sending many crafted parameters. (CVE-2011-4885) ATTENTION: this update changes previous PHP behavior by limiting the number of ...
CVE-2011-0441 CVE-2011-4153 CVE-2011-4885 CVE-2012-0057 CVE-2012-0788 CVE-2012-0830CVE-2012-0831
USN-1357-1: OpenSSL vulnerabilities - 9th February 2012
It was discovered that the elliptic curve cryptography (ECC) subsystem in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm (ECDSA) for the ECDHE_ECDSA cipher suite, did not properly implement curves over binary fields. This could allow an attacker to determine private keys via a timing attack. This issue only ...
CVE-2011-1945 CVE-2011-3210 CVE-2011-4108 CVE-2011-4109 CVE-2011-4354 CVE-2011-4576CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 CVE-2012-0050
USN-1350-1: Thunderbird vulnerabilities - 8th February 2012
Jesse Ruderman and Bob Clary discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. (CVE-2012-0442) It ...
CVE-2011-3659 CVE-2011-3670 CVE-2012-0442 CVE-2012-0444 CVE-2012-0449
USN-1353-1: Xulrunnner vulnerabilities - 8th February 2012
Jesse Ruderman and Bob Clary discovered memory safety issues affecting the Gecko Browser engine. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking ...
CVE-2011-3659 CVE-2011-3670 CVE-2012-0442 CVE-2012-0444 CVE-2012-0449
USN-1356-1: Linux kernel (OMAP4) vulnerabilities - 6th February 2012
A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. (CVE-2012-0038) Chen Haogang discovered an integer overflow that could result in memory corruption. A local unprivileged user could use this to crash the ...
CVE-2012-0038 CVE-2012-0044 CVE-2012-0207
USN-1355-3: ubufox and webfav update - 3rd February 2012
USN-1355-1 fixed vulnerabilities in Firefox. This update provides updated ubufox and webfav packages for use with the latest Firefox. Original advisory details: It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents ...
USN-1355-2: Mozvoikko update - 3rd February 2012
USN-1355-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko package for use with the latest Firefox. Original advisory details: It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially ...
USN-1355-1: Firefox vulnerabilities - 3rd February 2012
It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users. (CVE-2012-0450) Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Firefox can ...
CVE-2011-3659 CVE-2012-0442 CVE-2012-0443 CVE-2012-0444 CVE-2012-0445 CVE-2012-0446CVE-2012-0447 CVE-2012-0449 CVE-2012-0450 LP: 923319
USN-1354-1: usbmuxd vulnerability - 1st February 2012
It was discovered that usbmuxd did not correctly perform bounds checking when processing the SerialNumber field of USB devices. An attacker with physical access could use this to crash usbmuxd or potentially execute arbitrary code as the 'usbmux' user.
USN-1352-1: Software Properties vulnerability - 31st January 2012
David Black discovered that Software Properties incorrectly validated server certificates when performing secure connections to download PPA GPG key fingerprints. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to install altered package repository GPG keys.
USN-1351-1: AccountsService vulnerability - 31st January 2012
Hayawardh Vijayakumar discovered that AccountsService incorrectly handled privileges when modifying the language settings on Ubuntu. A local attacker could exploit this issue to modify arbitrary files, and possibly create a denial of service or obtain increased privileges.
USN-1349-1: X.Org vulnerability - 26th January 2012
It was discovered that the X wrapper incorrectly checked certain console permissions when launched by unprivileged users. An attacker connected remotely could use this flaw to start X, bypassing the console permissions check.
USN-1348-1: ICU vulnerability - 26th January 2012
It was discovered that ICU did not properly handle invalid locale data during Unicode conversion. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
USN-1342-1: Linux kernel (Oneiric backport) vulnerability - 25th January 2012
Jüri Aedla discovered that the kernel incorrectly handled /proc/
USN-1347-1: Evince vulnerability - 25th January 2012
It was discovered that Evince did not properly parse AFM font files when processing DVI files. If a user were tricked into opening a specially crafted DVI file, an attacker could cause Evince to crash or potentially execute arbitrary code with the privileges of the user invoking the program. In ...
USN-1263-2: OpenJDK 6 regression - 24th January 2012
USN-1263-1 fixed vulnerabilities in OpenJDK 6. The upstream patch for the chosen plaintext attack on the block-wise AES encryption algorithm (CVE-2011-3389) introduced a regression that caused TLS/SSL connections to fail when using certain algorithms. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Deepak Bhole discovered ...
USN-1346-1: curl vulnerability - 24th January 2012
Dan Fandrich discovered that curl incorrectly handled URLs containing embedded or percent-encoded control characters. If a user or automated system were tricked into processing a specially crafted URL, arbitrary data could be injected.
USN-1345-1: Linux kernel vulnerabilities - 24th January 2012
Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. (CVE-2011-1162) Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) A ...
CVE-2011-1162 CVE-2011-2203 CVE-2011-4110
USN-1344-1: Linux kernel vulnerabilities - 24th January 2012
Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. (CVE-2011-4110)
USN-1343-1: Thunderbird vulnerabilities - 24th January 2012
Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Thunderbird or execute arbitrary code as the user that invoked Thunderbird. (CVE-2011-3660) Aki Helin ...
CVE-2011-3658 CVE-2011-3660 CVE-2011-3661 CVE-2011-3663 CVE-2011-3665 LP: 909599
USN-1341-1: Linux kernel vulnerabilities - 23rd January 2012
Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. (CVE-2011-1162) Dan Rosenberg reported an error in the old ABI compatibility layer of ARM kernels. A local attacker could exploit this flaw to ...
CVE-2011-1162 CVE-2011-1759 CVE-2011-2182 CVE-2011-2203 CVE-2011-4110
USN-1340-1: Linux kernel (Oneiric backport) vulnerabilities - 23rd January 2012
Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain ...
CVE-2011-2203 CVE-2011-4077 CVE-2011-4110 CVE-2011-4132 CVE-2011-4330 CVE-2012-0044
USN-1338-1: Rsyslog vulnerability - 23rd January 2012
Peter Eisentraut discovered that Rsyslog would not properly perform input validation when configured to use imfile. If an attacker were able to craft messages in a file that Rsyslog monitored, an attacker could cause a denial of service. The imfile module is disabled by default in Ubuntu.
USN-1339-1: QEMU vulnerability - 23rd January 2012
Nicolae Mogoreanu discovered that QEMU did not properly verify legacy mode packets in the e1000 network driver. A remote attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. When using QEMU with libvirt or virtualization management ...
USN-1337-1: Linux kernel (Natty backport) vulnerabilities - 23rd January 2012
Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. (CVE-2011-1162) Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) A ...
CVE-2011-1162 CVE-2011-2203 CVE-2011-4110
USN-1336-1: Linux kernel vulnerability - 23rd January 2012
Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain ...
CVE-2011-2203 CVE-2011-4077 CVE-2011-4110 CVE-2011-4132 CVE-2011-4330 CVE-2012-0044CVE-2012-0056
USN-1334-1: libxml2 vulnerabilities - 19th January 2012
It was discovered that libxml2 contained an off by one error. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. ...
CVE-2011-0216 CVE-2011-2821 CVE-2011-2834 CVE-2011-3905 CVE-2011-3919
USN-1335-1: t1lib vulnerabilities - 19th January 2012
Jon Larimer discovered that t1lib did not properly parse AFM fonts. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash or possibly execute arbitrary code with user privileges. (CVE-2010-2642, CVE-2011-0433) Jonathan Brossard discovered that t1lib did not correctly handle ...
CVE-2010-2642 CVE-2011-0433 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554
USN-1333-1: Libav vulnerabilities - 17th January 2012
Steve Manzuik discovered that Libav incorrectly handled certain malformed Matroska files. If a user were tricked into opening a crafted Matroska file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only ...
CVE-2011-3504 CVE-2011-4351 CVE-2011-4352 CVE-2011-4353 CVE-2011-4364 CVE-2011-4579
USN-1332-1: Linux kernel (Maverick backport) vulnerabilities - 12th January 2012
Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. (CVE-2011-1162) Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) A ...
CVE-2011-1162 CVE-2011-2203 CVE-2011-4110
USN-1330-1: Linux kernel (OMAP4) vulnerabilities - 12th January 2012
Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain ...
CVE-2011-2203 CVE-2011-4077 CVE-2011-4110 CVE-2011-4132 CVE-2011-4330 CVE-2012-0044
USN-1329-1: Linux kernel (OMAP4) vulnerability - 12th January 2012
Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user who can mount a FUSE file system could cause a denial of service.
USN-1328-1: Linux kernel (Marvell DOVE) vulnerabilities - 12th January 2012
Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. (CVE-2011-4110)
USN-1326-1: Nova vulnerability - 11th January 2012
Nachi Ueno, Rohit Karajgi, and Venkatesan Ravikumar discovered that when Nova is configured to use the OpenStack API, it would not correctly enforce access controls on certain incoming requests. A remote authenticated attacker could exploit this to change resources of arbitrary tenants.
USN-1324-1: Linux kernel (EC2) vulnerabilities - 11th January 2012
Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. (CVE-2011-4110)
USN-1325-1: Linux kernel (OMAP4) vulnerabilities - 11th January 2012
Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. (CVE-2011-1162) Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) Han-Wen ...
CVE-2011-1162 CVE-2011-2203 CVE-2011-3353 CVE-2011-3359 CVE-2011-4110
USN-1323-1: Linux kernel vulnerabilities - 11th January 2012
Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. (CVE-2011-1162) Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) A ...
CVE-2011-1162 CVE-2011-2203 CVE-2011-3359 CVE-2011-4110
USN-1322-1: Linux kernel vulnerability - 9th January 2012
Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops.
Posts
![SQL Injection Basics - Union Based [Detailed Tutorial]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjQpa2wuMB-m5CXPVf71GUOkfiIOQA8KTyQ-_zfAl0SZa23UBN1QJaO2ZMGRDZlmDJTYf2jJ4ik3Xnj1locc38Yv9l6VMxTWt32s86JtXtLABDn20DRuAcbLPKMb9m2hc6PDmjIjvU-us/s72-c/SQL-Injection-Attack.jpg)
No comments:
Post a Comment