|
|
|
google unix.com
|
|||||||
| Forums | Register | Forum Rules | Links | Albums | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
| Security Advisories (RSS) UNIX and Linux Security Advisories Via RSS News |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| USN-709-1: tar vulnerability | iBot | Security Advisories (RSS) | 0 | 01-15-2009 06:10 PM |
| USN-579-1: Qt vulnerability | iBot | Security Advisories (RSS) | 0 | 02-21-2008 10:30 AM |
| S-164: Tk Vulnerability | iBot | Security Advisories (RSS) | 0 | 02-11-2008 05:10 PM |
| S-121: VFS Vulnerability | iBot | Security Advisories (RSS) | 0 | 01-17-2008 07:10 PM |
| A Sad Day for Smarty Jones! | Neo | What's on Your Mind? | 8 | 06-23-2004 12:26 AM |
 |
Powered by 
|
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
|
|
06-24-2009
|
|||||
|
|||||
|
USN-791-3: Smarty vulnerability
Referenced CVEs:
CVE-2009-1669 Description: =========================================================== Ubuntu Security Notice USN-791-3 June 24, 2009 smarty vulnerability CVE-2009-1669 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.04: smarty 2.6.22-1ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that Smarty did not correctly filter certain math inputs. A remote attacker using Smarty via a web service could exploit this to execute subsets of shell commands as the web server user. More... |
|
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Hybrid Mode
