[USN-1037-1] ifupdown update

2011-01-07 Thread Jamie Strandboge
=== Ubuntu Security Notice USN-1037-1 January 06, 2011 ifupdown update https://launchpad.net/bugs/689892 === A security issue affects the following Ubuntu releases: Ubuntu

[USN-1039-1] AppArmor update

2011-01-07 Thread Jamie Strandboge
=== Ubuntu Security Notice USN-1039-1 January 07, 2011 apparmor update https://launchpad.net/bugs/693082 === A security issue affects the following Ubuntu releases: Ubuntu

[USN-1040-1] Django vulnerabilities

2011-01-07 Thread Jamie Strandboge
=== Ubuntu Security Notice USN-1040-1 January 07, 2011 python-django vulnerabilities CVE-2010-4534, CVE-2010-4535 === A security issue affects the following Ubuntu releases:

[USN-1038-1] dpkg vulnerability

2011-01-07 Thread Kees Cook
=== Ubuntu Security Notice USN-1038-1 January 06, 2011 dpkg vulnerability CVE-2010-1679 === A security issue affects the following Ubuntu releases: Ubuntu 9.10 Ubuntu 10.04

GNU libc/regcomp(3) Multiple Vulnerabilities

2011-01-07 Thread cxib
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [ GNU libc/regcomp(3) Multiple Vulnerabilities ] Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - - Dis.: 01.10.2010 - - Pub.: 07.01.2011 CERT: VU#912279 CVE: CVE-2010-4051 CVE-2010-4052 Affected

Re: Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability

2011-01-07 Thread YGN Ethical Hacker Group
Joomla! Security Team has confirmed that this issue will not be fixed. While noted, your exploit report does not fall within the JSST remit as we no longer support J1.0.x branch (as you are aware and indicate). The vulnerability mentioned is not known to exist in any current supported

McAfee Commandline Updater

2011-01-07 Thread Technion
Product Affected Updater for McAfee Virusscan Command Line 6.0 This product is available attached to this document: https://kc.mcafee.com/corporate/index?page=contentid=KB67513 As far as can be determined, there has only ever been one version of this application. Background It is stated by

call for participation

2011-01-07 Thread chpardhasaradhisarma
nullcon Diwitiya (Second Edition), 25th-26th Feb Goa Early Bird Registration started Limited seats available nullcon,The International Security Conference is an initiative by null – The open security community, a registered non-profit society in India. null is by far the

CUDA drivers/Linux security hole

2011-01-07 Thread gran
Hello, We have recently found serious security breach in CUDA Linux drivers: http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7675-1380-00.htm http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7676-1022+00.htm In brief, driver maps

Web Hacking Database Hijack Online Challenge

2011-01-07 Thread Ivan Buetler
Hi bugtraq list, Do you feel like a free online wargame? Advanced challenge with two steps to the gold nugget. First, hack a web app and then use the gathered information to hijack the database. Test your skills! Try out the January CarGame challenge now. http://www.hacking-lab.com/sh/z0EnyQV