[security] un po' di aggiornamenti

filippo[at]linuxelba.org filippo a linuxelba.org
Gio 29 Apr 2004 10:53:08 CEST


[SA11491] Mandrake update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass, Exposure of system information, Exposure
of sensitive information, Privilege escalation, DoS
Released:    2004-04-28

MandrakeSoft has issued updated packages for the kernel. These fix some
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges, gain knowledge of sensitive information, or
cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11491/


 --

[SA11470] Fedora update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, Privilege escalation,
DoS
Released:    2004-04-23

Fedora has issued updated packages for the kernel. These fix various
vulnerabilities, which can be exploited by malicious people to gain
escalated privileges, to cause a DoS (Denial of Service) or gain
knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/11470/


[SA11469] Red Hat update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-04-23

Red Hat has issued updated packages for the kernel. These fix various
vulnerabilities, which can be exploited by malicious users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/11469/


[SA11481] OpenBB Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data
Released:    2004-04-26

Some vulnerabilities have been reported in OpenBB, allowing malicious
people to conduct Cross Site Scripting, SQL injection and script
insertion attacks.

Full Advisory:
http://secunia.com/advisories/11481/

 --
[SA11466] PostNuke Cross Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2004-04-23

Janek Vind has reported some vulnerabilities in PostNuke, allowing
malicious people to conduct Cross Site Scripting attacks.

Full Advisory:
http://secunia.com/advisories/11466/

[SA11480] phpwsBB Reveals Non-Anonymous Labels

Critical:    Not critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2004-04-26

Stephen Adler has reported a security issue in phpwsBB and
phpwsContacts, allowing malicious people to view labels.

Full Advisory:
http://secunia.com/advisories/11480/



===================================

-- 
www.linuxelba.org/filippo

gpg --keyserver keyserver.linux.it  --recv-key  A5CBF6A5




Maggiori informazioni sulla lista security