5
Mandriva: 2010:122: fastjarview story

http://www.linuxsecurity.com – LinuxSecurity.com: A vulnerability has been discovered and corrected in fastjar: Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a non-initial [More...] (Security)

4
Mandriva: 2010:118: sudoview story

http://www.linuxsecurity.com – LinuxSecurity.com: A vulnerability has been discovered and corrected in sudo: The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users [More...] (Security)

6
Debian: 2062-1: sudo: missing input sanitizationview story

http://www.linuxsecurity.com – LinuxSecurity.com: Anders Kaseorg and Evan Broder discovered a vulnerability in sudo, a program designed to allow a sysadmin to give limited root privileges to users, that allows a user with sudo permissions on certain programs to [More...] (Security)

4
Red Hat: 2010:0488-01: samba and samba3x: Critical Advisoryview story

http://www.linuxsecurity.com – LinuxSecurity.com: Updated samba and samba3x packages that fix one security issue are now available for Red Hat Enterprise Linux 3, 4, and 5, and Red Hat Enterprise Linux 4.7, 5.3, and 5.4 Extended Update Support. [More...] (Security)

6
Pardus: 2010-80: Sudo: Privilege Escalationview story

http://www.linuxsecurity.com – LinuxSecurity.com: A vulnerability has been fixed in sudo which can be exploited to allow local users to gain privileges. (Security)

6
Pardus: 2010-76: Python: Multiple Vulnerabilitiesview story

http://www.linuxsecurity.com – LinuxSecurity.com: Multiple incorrect buffer overflow checks which can be used to cause denial of service in audioop module have been fixed. (Security)

5
Pardus: 2010-78: Samba: Denial of Serviceview story

http://www.linuxsecurity.com – LinuxSecurity.com: A vulnerability has been fixed within in the Samba Smbd daemon which allows an attacker to trigger an uninitialized variable read by sending a specific 'Sessions Setup AndX' query. Successful exploitation of the issue will result in a denial of service. (Security)

6
Pardus: 2010-79: Mono: Cross Site Scriptingview story

http://www.linuxsecurity.com – LinuxSecurity.com: A default configuration of ASP.NET in Mono which allows Cross Site Scripting (XSS) attacks have been fixed. (Security)

5
Pardus: 2010-81: Tiff: Integer Overflowview story

http://www.linuxsecurity.com – LinuxSecurity.com: Multiple integer overflows have been fixed in tiff which can be used by malicious people to execute arbitrary code. (Security)

5
Red Hat: 2010:0470-01: flash-plugin: Critical Advisoryview story

http://www.linuxsecurity.com – LinuxSecurity.com: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3 and 4 Extras. The Red Hat Security Response Team has rated this update as having critical [More...] (Security)

6
GLSA 201006-21 (High): unrealircdview story

http://security.gentoo.org – UnrealIRCd: Multiple vulnerabilities (Security)

6
SuSE: 2010-024: flash playerview story

http://www.linuxsecurity.com – LinuxSecurity.com: Adobe Flash Player was updated to fix multiple critical security vulnerabilities which allow an attacker to remotely execute arbitrary code or to cause a denial of service. The Flash Plugin was upgraded to version 10.1.53.64. The following CVE numbers have been assigned: [More...] (Security)