These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-19-1: squid vulnerabilities

Recently, two Denial of Service vulnerabilities have been discovered in squid, a WWW proxy cache. Insufficient input validation in the NTLM authentication handler allowed a remote attacker to crash the service by sending a specially crafted NTLMSSP packet. Likewise, due to an insufficient validation of ASN.1 headers, a remote attacker…

7 November 2004 | ubuntu-4.10

USN-18-1: zip vulnerability

HexView discovered a buffer overflow in the zip package. The overflow is triggered by creating a ZIP archive of files with very long path names. This vulnerability might result in execution of arbitrary code with the privileges of the user who calls zip. This flaw may lead to privilege escalation on systems which automatically create ZIP archives…

6 November 2004 | ubuntu-4.10

USN-17-1: passwd vulnerability

Martin Schulze and Steve Grubb discovered a flaw in the authentication input validation of the “chfn” and “chsh” programs. This allowed logged in users with an expired password to change their real name and their login shell without having to change their password. This flaw cannot lead to privilege escalation and does not allow to modify account…

5 November 2004 | ubuntu-4.10

USN-16-1: perl vulnerabilities

Recently, Trustix Secure Linux discovered some vulnerabilities in the perl package. The utility “instmodsh”, the Perl package “PPPort.pm”, and several test scripts (which are not shipped and only used during build) created temporary files in an insecure way, which could allow a symlink attack to create or overwrite arbitrary files with…

3 November 2004 | ubuntu-4.10

USN-15-1: lvm10 vulnerability

Recently, Trustix Secure Linux discovered a vulnerability in a supplemental script of the lvm10 package. The program “lvmcreate_initrd” created a temporary directory in an insecure way, which could allow a symlink attack to create or overwrite arbitrary files with the privileges of the user invoking the program.

2 November 2004 | ubuntu-4.10

USN-14-1: xpdf vulnerabilities

Markus Meissner discovered even more integer overflow vulnerabilities in xpdf, a viewer for PDF files. These integer overflows can eventually lead to buffer overflows. The Common UNIX Printing System (CUPS) uses the same code to print PDF files; tetex-bin uses the code to generate PDF output and process included PDF files. In any case, these…

2 November 2004 | ubuntu-4.10

USN-13-1: groff utility vulnerability

Recently, Trustix Secure Linux discovered a vulnerability in the groff package. The utility “groffer” created a temporary directory in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the user invoking the program.

2 November 2004 | ubuntu-4.10

USN-10-1: XML library vulnerabilities

Several buffer overflows have been discovered in libxml2’s FTP connection and DNS resolution functions. Supplying very long FTP URLs or IP addresses might result in execution of arbitrary code with the privileges of the process using libxml2. Since libxml2 is used in packages like php4-imagick, the vulnerability also might lead to privilege…

30 October 2004 | ubuntu-4.10

USN-12-1: ppp Denial of Service

It has been discovered that ppp does not properly verify certain data structures used in the CBCP protocol. This vulnerability could allow an attacker to cause the pppd server to crash due to an invalid memory access, leading to a denial of service. However, there is no possibility of code execution or privilege escalation.

29 October 2004 | ubuntu-4.10

USN-11-1: libgd2 vulnerabilities

Several buffer overflows have been discovered in libgd’s PNG handling functions. If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image. Most importantly, this library is commonly used in PHP. One possible target would be a PHP driven photo…

29 October 2004 | ubuntu-4.10