Latest Secunia Security Advisories

Filed under
Security

Highly critical

  1. Gentoo update for pound fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
  2. Link

  3. Mandriva update for xpm fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.

Link

Less critical

  1. Gentoo updates for horde, horde-vacation, horde-turba, horde-passwd, horde-nag, horde-mnemo, horde-kronolith, horde-imp, horde-accounts, horde-forwards and horde-chora. These fix a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
  2. Link

  3. Gentoo: A security issue has been reported in phpmyadmin, which can be exploited by malicious, local users to disclose sensitive information.

    The problem is that the file "[version]_create.sql" is left world-readable with the password for the pma user after the installation process.

    Solution:
    Change password for the MySQL pma user (see original advisory) and update to "dev-db/phpmyadmin-2.6.2-r1" or later.

  4. Link

  5. Mandriva update for perl fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges.
  6. Link

  7. Mandriva update for squid fixes two vulnerabilities, which can be exploited by malicious people to gain knowledge of sensitive information or cause a DoS (Denial of Service).
  8. Link