Gentoo Linux Security Advisories

GLSA 200405-22 (normal) - Apache 1.3: Multiple vulnerabilities
Several security vulnerabilities have been fixed in the latest release of Apache 1.3.
GLSA 200405-21 (high) - Midnight Commander: Multiple vulnerabilities
Multiple security issues have been discovered in Midnight Commander including several buffer overflows and string format vulnerabilities.
GLSA 200405-20 (normal) - Insecure Temporary File Creation In MySQL
Two MySQL utilities create temporary files with hardcoded paths, allowing an attacker to use a symlink to trick MySQL into overwriting important data.
GLSA 200405-19 (normal) - Opera telnet URI handler file creation/truncation vulnerability
A vulnerability exists in Opera's telnet URI handler that may allow a remote attacker to overwrite arbitrary files.
GLSA 200405-18 (high) - Buffer Overflow in Firebird
A buffer overflow via environmental variables in Firebird may allow a local user to manipulate or destroy local databases and trojan the Firebird binaries.
GLSA 200405-17 (high) - Multiple vulnerabilities in metamail
Several format string bugs and buffer overflows were discovered in metamail, potentially allowing execution of arbitrary code remotely.
GLSA 200405-16 (normal) - Multiple XSS Vulnerabilities in SquirrelMail
SquirrelMail is subject to several XSS and one SQL injection vulnerability.
GLSA 200405-15 (normal) - cadaver heap-based buffer overflow
There is a heap-based buffer overflow vulnerability in the neon library used in cadaver, possibly leading to execution of arbitrary code when connected to a malicious server.
GLSA 200405-14 (normal) - Buffer overflow in Subversion
There is a vulnerability in the Subversion date parsing code which may lead to denial of service attacks, or execution of arbitrary code. Both the client and server are vulnerable.
GLSA 200405-13 (normal) - neon heap-based buffer overflow
A vulnerability potentially allowing remote execution of arbitrary code has been discovered in the neon library.
GLSA 200405-12 (high) - CVS heap overflow vulnerability
CVS is subject to a heap overflow vulnerability allowing source repository compromise.
GLSA 200405-11 (normal) - KDE URI Handler Vulnerabilities
Vulnerabilities in KDE URI handlers makes your system vulnerable to various attacks.
GLSA 200405-10 (normal) - Icecast denial of service vulnerability
Icecast is vulnerable to a denial of service attack allowing remote users to crash the application.
GLSA 200405-09 (high) - ProFTPD Access Control List bypass vulnerability
Version 1.2.9 of ProFTPD introduced a vulnerability that causes CIDR-based Access Control Lists (ACLs) to be treated as "AllowAll", thereby allowing remote users full access to files available to the FTP daemon.
GLSA 200405-08 (high) - Pound format string vulnerability
There is a format string flaw in Pound, allowing remote execution of arbitrary code with the rights of the Pound process.
GLSA 200405-07 (high) - Exim verify=header_syntax buffer overflow
When the verify=header_syntax option is set, there is a buffer overflow in Exim that allows remote execution of arbitrary code.
GLSA 200405-06 (normal) - libpng denial of service vulnerability
A bug in the libpng library can be abused to crash programs making use of that library to decode PNG images.
GLSA 200405-05 (normal) - Utempter symlink vulnerability
Utempter contains a vulnerability that may allow local users to overwrite arbitrary files via a symlink attack.
GLSA 200405-04 (high) - vulnerability when using DAV servers
Several format string vulnerabilities are present in the Neon library included in, allowing remote execution of arbitrary code when connected to an untrusted WebDAV server.
GLSA 200405-03 (high) - ClamAV VirusEvent parameter vulnerability
With a specific configuration (using %f in the VirusEvent parameter), Clam AntiVirus is vulnerable to an attack allowing execution of arbitrary commands.

« Previous 1 ... 141 142 143 144 145 ... 147 Next »

Also available in: Atom

Thank you!