IPv6 security guru fields question Although he acknowledges that businesses have yet to embrace IPv6, security guru Scott Hogg says that doesn’t mean IT executives can ignore the security problems that the next generation Internet protocol can present. After all, he notes, operating systems such as Microsoft Vista and Linux are already IPv6 capable and [...]
Posts Tagged ‘Linux’
A packet challenge and how I solved it, (Thu, May 7th)
A packet challenge and how I solved it, (Thu, May 7th) Yesterday morning (EDT in the US), our friend Chris Christianson twittered the following: 4500 0036 308b 0000 4001 0000 7f00 0001 7f00 0001 0800 89f3 5a27 0200 3173 7432 444d 6d65 6765 7473 4153 7461 7262 7563 6b73 6361 7264 I didn’t see it [...]
A packet challenge and how I solved it, (Thu, May 7th)
A packet challenge and how I solved it, (Thu, May 7th) Yesterday morning (EDT in the US), our friend Chris Christianson twittered the following: 4500 0036 308b 0000 4001 0000 7f00 0001 7f00 0001 0800 89f3 5a27 0200 3173 7432 444d 6d65 6765 7473 4153 7461 7262 7563 6b73 6361 7264 I didn’t see it [...]
Pango vulnerability
[USN-773-1] Pango vulnerability <!– Envelope-to: email@address Delivery-date: Thu, 07 May 2009 19:57:05 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M28mH-0000qt-JK for email@address; Thu, 07 May 2009 19:57:05 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 93D78237176; Thu, 7 May 2009 12:28:53 -0600 (MDT) Mailing-List: contact [...]
MPFR vulnerability
[USN-772-1] MPFR vulnerability <!– Envelope-to: email@address Delivery-date: Thu, 07 May 2009 19:44:03 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M28Zf-0000de-4D for email@address; Thu, 07 May 2009 19:44:03 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 206FB237149; Thu, 7 May 2009 12:28:41 -0600 (MDT) Mailing-List: contact [...]
libmodplug vulnerabilities
[USN-771-1] libmodplug vulnerabilities <!– Envelope-to: email@address Delivery-date: Thu, 07 May 2009 19:32:44 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M28Oi-0000Sy-FZ for email@address; Thu, 07 May 2009 19:32:44 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 76C57236FD9; Thu, 7 May 2009 12:28:28 -0600 (MDT) Mailing-List: contact [...]
New Linux 2.6.18 packages fix several vulnerabilities
[SECURITY] [DSA 1794-1] New Linux 2.6.18 packages fix several vulnerabilities <!– Envelope-to: email@address Delivery-date: Thu, 07 May 2009 15:02:40 +0100 Received: from outgoing.securityfocus.com ([205.206.231.26] helo=outgoing2.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M24BL-00049p-Qi for email@address; Thu, 07 May 2009 15:02:40 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id 8A1CE143CB2; Thu, 7 [...]
Linux Kernel ‘parisc_show_stack()’ Local Denial of Service Vulnerability
Vuln: Linux Kernel ‘parisc_show_stack()’ Local Denial of Service Vulnerability Linux Kernel ‘parisc_show_stack()’ Local Denial of Service Vulnerability URL: http://www.securityfocus.com/bid/32636
Linux Kernel ‘drivers/char/agp/generic.c’ Local Information Disclosure Vulnerability
Vuln: Linux Kernel ‘drivers/char/agp/generic.c’ Local Information Disclosure Vulnerability Linux Kernel ‘drivers/char/agp/generic.c’ Local Information Disclosure Vulnerability URL: http://www.securityfocus.com/bid/34673
New Linux 2.6.18 packages fix several vulnerabilities
[SECURITY] [DSA 1794-1] New Linux 2.6.18 packages fix several vulnerabilities Posted by dann frazier on May 6 ———————————————————————- Debian Security Advisory DSA-1794-1 security_at_debian.org www.debian.org/security/ dann frazier May 6, 2009 www.debian.org/security/faq … URL: http://seclists.org/fulldisclosure/2009/May/0053.html
1527 (kernel)
CVE-2009-1527 (kernel) Race condition in the ptrace_attach function in kernel/ptrace.c in the Linux kernel before 2.6.30-rc4 allows local users to gain privileges via a PTRACE_ATTACH ptrace call during an exec system call that is launching a setuid application, related to locking an incorrect cred_exec_mutex object. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1527
1184 (kernel)
CVE-2009-1184 (kernel) The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue [...]
apache
[ MDVSA-2009:102 ] apache Posted by security_at_mandriva.com on May 01 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:102 http://www.mandriva.com/security/ _______________________________________________________________________ Package :… URL: http://seclists.org/fulldisclosure/2009/May/0004.html
udev
[ MDVSA-2009:104 ] udev Posted by security_at_mandriva.com on May 01 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:104 http://www.mandriva.com/security/ _______________________________________________________________________ Package :… URL: http://seclists.org/fulldisclosure/2009/Apr/0316.html
Adobe confirms new flaw, recommends turning off JavaScript
Adobe confirms new flaw, recommends turning off JavaScript Adobe on Tuesday confirmed that its popular Reader and Acrobat software contains another zero-day vulnerability. The bug, first reported in an advisory on Security Focus, impacts all supported versions of Reader and Acrobat on the Windows, Macintosh and Linux platforms. Proof-of-concept code is circulating on the internet, [...]
