ubuntu ubuntu linux 8.10 vulnerabilities and exploits

(subscribe to this query)

nm-applet.conf in GNOME NetworkManager prior to 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler.

Ubuntu Ubuntu Linux 6.06 Ubuntu Ubuntu Linux 8.10 Ubuntu Ubuntu Linux 7.10 Ubuntu Ubuntu Linux 8.04

GNOME NetworkManager prior to 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSet...

Ubuntu Ubuntu Linux 8.10

Buffer overflow in enscript prior to 1.6.4 has unknown impact and attack vectors, possibly related to the font escape sequence.

Ubuntu Linux 7.10 Ubuntu Linux 8.04 Ubuntu Linux 8.10 Ubuntu Linux 6.06

pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote malicious users to ...

Canonical Ubuntu Linux 9.04 Canonical Ubuntu Linux 8.10

system-tools-backends prior to 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used by "Users and Groups" in GNOME System Tools, hashes account passwords with 3DES and consequently limits effective password lengths to eight characters, which makes it easier for context-dependent ma...

Ubuntu Linux 8.10

Vim 7.1.314, 6.4, and other versions allows user-assisted remote malicious users to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, ...

Vim Vim Canonical Ubuntu Linux 8.10 Canonical Ubuntu Linux 8.04 Canonical Ubuntu Linux 7.10 Canonical Ubuntu Linux 6.06

1 EDB exploit

Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and previous versions 0.9.8 versions allow remote malicious users to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have seque...

Openssl Openssl Canonical Ubuntu Linux 9.04 Canonical Ubuntu Linux 8.10 Canonical Ubuntu Linux 8.04 Canonical Ubuntu Linux 6.06

Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and previous versions allows user-assisted remote malicious users to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.

Archive\\ \\ Tar Project Canonical Ubuntu Linux 8.04 Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 8.10 Canonical Ubuntu Linux 7.10

The connector layer in the Linux kernel prior to 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges vi...

Linux Linux Kernel Canonical Ubuntu Linux 6.06 Canonical Ubuntu Linux 8.04 Canonical Ubuntu Linux 8.10 Canonical Ubuntu Linux 9.10 Canonical Ubuntu Linux 9.04

Xiph.org libvorbis prior to 1.0 does not properly check for underpopulated Huffman trees, which allows remote malicious users to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function.

Xiph.org Libvorbis 1.0 Canonical Ubuntu Linux 8.04 Canonical Ubuntu Linux 8.10 Canonical Ubuntu Linux 9.04 Canonical Ubuntu Linux 9.10

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook