Gentoo Linux Security Advisories

GLSA 200403-05 (normal) - UUDeview MIME Buffer Overflow
A specially-crafted MIME file (.mim, .uue, .uu, .b64, .bhx, .hqx, and .xxe extensions) may cause UUDeview to crash or execute arbitrary code.
GLSA 200403-04 (normal) - Multiple security vulnerabilities in Apache 2
A memory leak in mod_ssl allows a remote denial of service attack against an SSL-enabled server via plain HTTP requests. Another flaw was found when arbitrary client-supplied strings can be written to the error log, allowing the exploit of certain terminal emulators. A third flaw exists with the mod_disk_cache module.
GLSA 200403-03 (normal) - Multiple OpenSSL Vulnerabilities
Three vulnerabilities have been found in OpenSSL via a commercial test suite for the TLS protocol developed by Codenomicon Ltd.
GLSA 200403-02 (high) - Linux kernel do_mremap local privilege escalation vulnerability
A critical security vulnerability has been found in recent Linux kernels by Paul Starzetz of iSEC Security Research which allows for local privilege escalations.
GLSA 200403-01 (normal) - Libxml2 URI Parsing Buffer Overflow Vulnerabilities
A buffer overflow has been discovered in libxml2 versions prior to 2.6.6 which may be exploited by an attacker allowing the execution of arbitrary code.
GLSA 200402-07 (normal) - Clam Antivirus DoS vulnerability
Oliver Eikemeier has reported a vulnerability in Clam AV, which can be exploited by a malformed uuencoded message causing a denial of service for programs that rely on the clamav daemon, such as SMTP daemons.
GLSA 200402-06 (normal) - Updated kernel packages fix the AMD64 ptrace vulnerability
A vulnerability has been discovered by in the ptrace emulation code for AMD64 platforms when eflags are processed, allowing a local user to obtain elevated priveleges.
GLSA 200402-05 (normal) - phpMyAdmin < 2.5.6-rc1: possible attack against export.php
A vulnerability in phpMyAdmin which was not properly verifying user generated input could lead to a directory traversal attack.
GLSA 200402-04 (normal) - Gallery 1.4.1 and below remote exploit vulnerability
The Gallery developers have discovered a potentially serious security flaw in Gallery 1.3.1, 1.3.2, 1.3.3, 1.4 and 1.4.1 which can allow a remote exploit of your webserver.
GLSA 200402-03 (normal) - Monkeyd Denial of Service vulnerability
A bug in get_real_string() function allows for a Denial of Service attack to be launched against the webserver.
GLSA 200402-02 (high) - XFree86 Font Information File Buffer Overflow
Exploitation of a buffer overflow in the XFree86 Project Inc.'s XFree86 X Window System allows local attackers to gain root privileges.
GLSA 200402-01 (normal) - PHP setting leaks from .htaccess files on virtual hosts
If the server configuration "php.ini" file has "register_globals = on" and a request is made to one virtual host (which has "php_admin_flag register_globals off") and the next request is sent to the another virtual host (which does not have the setting) global variables may leak and may be used to exploit the site.
GLSA 200401-04 (normal) - GAIM 0.75 Remote overflows
Various overflows in the handling of AIM DirectIM packets was revealed in GAIM that could lead to a remote compromise of the IM client.
GLSA 200401-03 (low) - Apache mod_python Denial of Service vulnerability
Apache's mod_python module could crash the httpd process if a specific, malformed query string was sent.
GLSA 200401-02 (low) - Honeyd remote detection vulnerability via a probe packet
Identification of Honeyd installations allows an adversary to launch attacks specifically against Honeyd. No remote root exploit is currently known.
GLSA 200401-01 (high) - Linux kernel do_mremap() local privilege escalation vulnerability
A critical security vulnerability has been found in recent Linux kernels which allows for local privelege escalation.
GLSA 200312-08 (high) - CVS: possible root compromise when using CVS pserver
A possible root compromise exists for CVS pservers.
GLSA 200312-07 (low) - Two buffer overflows in lftp
Two buffer overflow problems are found in lftp that, in case the user visits a malicious ftp server, could lead to malicious code being executed.
GLSA 200312-06 (translation missing: en, label_glsa_medium) - XChat: malformed dcc send request denial of service
A bug in XChat could allow malformed dcc send requests to cause a denial of service.
GLSA 200312-05 (translation missing: en, label_glsa_minimal) - GnuPG: ElGamal signing keys compromised and format string vulnerability
A bug in GnuPG allows ElGamal signing keys to be compromised, and a format string bug in the gpgkeys_hkp utility may allow arbitrary code execution.

« Previous 1 ... 160 161 162 163 Next »

Also available in: Atom

Thank you!