Buffer overflow in das_watchdog 0.9.0 allows local users to execute arbitrary code with root privileges via a large string in the XAUTHORITY environment variable.
Monthly Archives: April 2015
CVE-2015-3293 (fortimail)
FortiMail 5.0.3 through 5.2.3 allows remote administrators to obtain credentials via the “diag debug application httpd” command.
Ubuntu Security Notice USN-2569-1
Ubuntu Security Notice 2569-1 – Apport incorrectly handled the crash reporting feature. A local attacker could use this issue to gain elevated privileges.
Debian Security Advisory 3224-1
Debian Linux Security Advisory 3224-1 – Abhishek Arya discovered a buffer overflow in the MakeBigReq macro provided by libx11, which could result in denial of service or the execution of arbitrary code.
HP Security Bulletin HPSBOV03318 1
HP Security Bulletin HPSBOV03318 1 – Potential security vulnerabilities have been identified with HP SSL for OpenVMS. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilities. Revision 1 of this advisory.
Red Hat Security Advisory 2015-0803-01
Red Hat Security Advisory 2015-0803-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel’s Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. An integer overflow flaw was found in the way the Linux kernel’s Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file could possibly use this flaw to escalate their privileges on the system.
Dell Threat Report Claims 100 Percent Increase in SCADA Attacks
Dell released its annual threat report yesterday, ringing the alarm bells on point-of-sale and industrial control system attack in 2014 and beyond.
Google Fixes Dozens of Bugs in Chrome 42
Google has released Chrome 42, a major security upgrade to the browser that includes patches for 45 vulnerabilities. The latest version of Chrome carries with it fixes for a number of high-severity bugs, including a cross-origin bypass in the HTML parser. That vulnerability earned an anonymous security researcher a reward of $7,500 from Google. In all, […]
Re: several issues in SQLite (+ catching up on several other bugs)
Posted by Paul Vixie on Apr 14
Michal Zalewski wrote:
thanks for this work, and this report.
if anyone has a pointy-haired-boss who wonders about the impact of this
disclosure, i offer:
several issues in SQLite (+ catching up on several other bugs)
Posted by Michal Zalewski on Apr 14
SQLite is probably the most popular embedded database in use today; it
is also known for being very well-tested and robust.
Because of its versatility, SQLite sometimes finds use as the
mechanism behind SQL-style query APIs that are exposed between
privileged execution contexts and less-trusted code. One example of
this is the WebDB / WebSQL mechanism available in some browsers; in
this setting, vulnerabilities in the SQLite parser can open up…