===
Ubuntu Security Notice USN-1008-3 October 23, 2010
libvirt update
https://launchpad.net/bugs/665182
===
A security issue affects the following Ubuntu releases:
Ubuntu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:212
http://www.mandriva.com/security/
Folks,
I thought you might enjoy the slides of a talk about IPv6 security I
gave last week at LACNOG (http://www.lacnog.org). The slides are
available at:
http://www.gont.com.ar/talks/lacnog2010/fgont-lacnog2010-ipv6-security.pdf
They are also available at the LACNOG 2010 web site
Hi,
I found XSS on Aardvark Topsites PHP system.
Dork: Powered by Aardvark Topsites SQL Queries
XSS PoC:
site_path/index.php?a=searchq=%22%20onmouseover%3dalert(String.fromCharCode(88,83,83))%20par%3d%22
Can use POST to effect the email, title, u and url parameters
either on the same way.
Tested
The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads
---
Cześć, This advisory describes CVE-2010-3856, an addendum to CVE-2010-3847.
Please see http://seclists.org/fulldisclosure/2010/Oct/257
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:211
http://www.mandriva.com/security/
Bug Fixed
http://sourceforge.net/projects/infinix/
===
Ubuntu Security Notice USN-1009-1 October 22, 2010
glibc, eglibc vulnerabilities
CVE-2010-3847, CVE-2010-3856
===
A security issue affects the following Ubuntu releases: