Gentoo Linux Security Advisories
GLSA 200407-23 (normal) - SoX: Multiple buffer overflows
SoX contains two buffer overflow vulnerabilities in the WAV header parser code.
SoX contains two buffer overflow vulnerabilities in the WAV header parser code.
GLSA 200407-22 (normal) - phpMyAdmin: Multiple vulnerabilities
Multiple vulnerabilities in phpMyAdmin may allow a remote attacker with a valid user account to alter configuration variables and execute arbitrary PHP code.
Multiple vulnerabilities in phpMyAdmin may allow a remote attacker with a valid user account to alter configuration variables and execute arbitrary PHP code.
GLSA 200407-21 (high) - Samba: Multiple buffer overflows
Two buffer overflows vulnerabilities were found in Samba, potentially allowing the remote execution of arbitrary code.
Two buffer overflows vulnerabilities were found in Samba, potentially allowing the remote execution of arbitrary code.
GLSA 200407-20 (low) - Subversion: Vulnerability in mod_authz_svn
Users with write access to parts of a Subversion repository may bypass read restrictions in mod_authz_svn and read any part of the repository they wish.
Users with write access to parts of a Subversion repository may bypass read restrictions in mod_authz_svn and read any part of the repository they wish.
GLSA 200407-19 (normal) - Pavuk: Digest authentication helper buffer overflow
Pavuk contains a bug that can allow an attacker to run arbitrary code.
Pavuk contains a bug that can allow an attacker to run arbitrary code.
GLSA 200407-18 (normal) - mod_ssl: Format string vulnerability
A bug in mod_ssl may allow a remote attacker to execute arbitrary code when Apache is configured to use mod_ssl and mod_proxy.
A bug in mod_ssl may allow a remote attacker to execute arbitrary code when Apache is configured to use mod_ssl and mod_proxy.
GLSA 200407-17 (high) - l2tpd: Buffer overflow
A buffer overflow in l2tpd could lead to remote code execution. It is not known whether this bug is exploitable.
A buffer overflow in l2tpd could lead to remote code execution. It is not known whether this bug is exploitable.
GLSA 200407-16 (high) - Linux Kernel: Multiple DoS and permission vulnerabilities
Multiple permission vulnerabilities have been found in the Linux kernel, allowing an attacker to change the group IDs of files mounted on a remote filesystem (CAN-2004-0497), as well as an issue in 2.6 series kernels which allows /proc permissions to be bypassed. A context sharing vulnerability in vserver-sources is also handled by this advisory as well as CAN-2004-0447, CAN-2004-0496 and CAN-2004-0565. Patched, or updated versions of these kernels have been released and details are included along with this advisory.
Multiple permission vulnerabilities have been found in the Linux kernel, allowing an attacker to change the group IDs of files mounted on a remote filesystem (CAN-2004-0497), as well as an issue in 2.6 series kernels which allows /proc permissions to be bypassed. A context sharing vulnerability in vserver-sources is also handled by this advisory as well as CAN-2004-0447, CAN-2004-0496 and CAN-2004-0565. Patched, or updated versions of these kernels have been released and details are included along with this advisory.
GLSA 200407-15 (normal) - Opera: Multiple spoofing vulnerabilities
Opera contains three vulnerabilities, allowing an attacker to impersonate legitimate websites with URI obfuscation or to spoof websites with frame injection.
Opera contains three vulnerabilities, allowing an attacker to impersonate legitimate websites with URI obfuscation or to spoof websites with frame injection.
GLSA 200407-14 (high) - Unreal Tournament 2003/2004: Buffer overflow in 'secure' queries
Game servers based on the Unreal engine are vulnerable to remote code execution through malformed 'secure' queries.
Game servers based on the Unreal engine are vulnerable to remote code execution through malformed 'secure' queries.
GLSA 200407-13 (high) - PHP: Multiple security vulnerabilities
Multiple security vulnerabilities, potentially allowing remote code execution, were found and fixed in PHP.
Multiple security vulnerabilities, potentially allowing remote code execution, were found and fixed in PHP.
GLSA 200407-12 (high) - Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling
A flaw has been discovered in 2.6 series Linux kernels that allows an attacker to send a malformed TCP packet, causing the affected kernel to possibly enter an infinite loop and hang the vulnerable machine.
A flaw has been discovered in 2.6 series Linux kernels that allows an attacker to send a malformed TCP packet, causing the affected kernel to possibly enter an infinite loop and hang the vulnerable machine.
GLSA 200407-11 (normal) - wv: Buffer overflow vulnerability
A buffer overflow vulnerability exists in the wv library that can allow an attacker to execute arbitrary code with the privileges of the user running the vulnerable application.
A buffer overflow vulnerability exists in the wv library that can allow an attacker to execute arbitrary code with the privileges of the user running the vulnerable application.
GLSA 200407-10 (normal) - rsync: Directory traversal in rsync daemon
Under specific conditions, the rsync daemon is vulnerable to a directory traversal allowing to write files outside a sync module.
Under specific conditions, the rsync daemon is vulnerable to a directory traversal allowing to write files outside a sync module.
GLSA 200407-09 (normal) - MoinMoin: Group ACL bypass
MoinMoin contains a bug allowing a user to bypass group ACLs (Access Control Lists).
MoinMoin contains a bug allowing a user to bypass group ACLs (Access Control Lists).
GLSA 200407-08 (high) - Ethereal: Multiple security problems
Multiple vulnerabilities including one buffer overflow exist in Ethereal, which may allow an attacker to run arbitrary code or crash the program.
Multiple vulnerabilities including one buffer overflow exist in Ethereal, which may allow an attacker to run arbitrary code or crash the program.
GLSA 200407-07 (normal) - Shorewall : Insecure temp file handling
Shorewall contains a bug in the code handling the creation of temporary files and directories. This can allow a non-root user to overwrite arbitrary system files.
Shorewall contains a bug in the code handling the creation of temporary files and directories. This can allow a non-root user to overwrite arbitrary system files.
GLSA 200407-06 (normal) - libpng: Buffer overflow on row buffers
libpng contains a buffer overflow vulnerability potentially allowing an attacker to perform a Denial of Service attack or even execute arbitrary code.
libpng contains a buffer overflow vulnerability potentially allowing an attacker to perform a Denial of Service attack or even execute arbitrary code.
GLSA 200407-05 (low) - XFree86, X.org: XDM ignores requestPort setting
XDM will open TCP sockets for its chooser, even if the DisplayManager.requestPort setting is set to 0. This may allow authorized users to access a machine remotely via X, even if the administrator has configured XDM to refuse such connections.
XDM will open TCP sockets for its chooser, even if the DisplayManager.requestPort setting is set to 0. This may allow authorized users to access a machine remotely via X, even if the administrator has configured XDM to refuse such connections.
GLSA 200407-04 (normal) - Pure-FTPd: Potential DoS when maximum connections is reached
Pure-FTPd contains a bug potentially allowing a Denial of Service attack when the maximum number of connections is reached.
Pure-FTPd contains a bug potentially allowing a Denial of Service attack when the maximum number of connections is reached.
« Previous 1 ... 165 166 167 168 169 ... 173 Next »
Also available in: Atom