[월:] 2020년 11월

USN-4621-1: netqmail vulnerabilities It was discovered that netqmail did not properly handle certain input. Both remote and local attackers could use this vulnerability to cause netqmail to crash or execute arbitrary code. (CVE-2005-1513, CVE-2005-1514, CVE-2005-1515) It was discovered that netqmail did not properly handle certain input when validating email addresses. An attacker could use this to bypass email address validation. (CVE-2020-3811) It was discovered that netqmail did not properly handle certain input when validating email addresses. An attacker could use this vulnerability to cause netqmail to disclose sensitive information. (CVE-2020-3812) Source: USN-4621-1: netqmail vulnerabilities

USN-4599-3: Firefox regressions USN-4599-1 and USN-4599-2 fixed vulnerabilities in Firefox. The updates introduced various minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the prompt for opening an external application, obtain sensitive information, or execute arbitrary code. Source: USN-4599-3: Firefox regressions

USN-4620-1: phpLDAPadmin vulnerability It was discovered that phpLDAPadmin didn’t properly sanitize before being echoed to the user. A remote attacker could inject arbitrary HTML/Javascript code in a user’s context and cause a crash, resulting in denial of service or potential execution of arbitrary code. Source: USN-4620-1: phpLDAPadmin vulnerability