Gentoo Linux Security Advisories
GLSA 200407-15 (normal) - Opera: Multiple spoofing vulnerabilities
Opera contains three vulnerabilities, allowing an attacker to impersonate legitimate websites with URI obfuscation or to spoof websites with frame injection.
Opera contains three vulnerabilities, allowing an attacker to impersonate legitimate websites with URI obfuscation or to spoof websites with frame injection.
GLSA 200407-14 (high) - Unreal Tournament 2003/2004: Buffer overflow in 'secure' queries
Game servers based on the Unreal engine are vulnerable to remote code execution through malformed 'secure' queries.
Game servers based on the Unreal engine are vulnerable to remote code execution through malformed 'secure' queries.
GLSA 200407-13 (high) - PHP: Multiple security vulnerabilities
Multiple security vulnerabilities, potentially allowing remote code execution, were found and fixed in PHP.
Multiple security vulnerabilities, potentially allowing remote code execution, were found and fixed in PHP.
GLSA 200407-12 (high) - Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling
A flaw has been discovered in 2.6 series Linux kernels that allows an attacker to send a malformed TCP packet, causing the affected kernel to possibly enter an infinite loop and hang the vulnerable machine.
A flaw has been discovered in 2.6 series Linux kernels that allows an attacker to send a malformed TCP packet, causing the affected kernel to possibly enter an infinite loop and hang the vulnerable machine.
GLSA 200407-11 (normal) - wv: Buffer overflow vulnerability
A buffer overflow vulnerability exists in the wv library that can allow an attacker to execute arbitrary code with the privileges of the user running the vulnerable application.
A buffer overflow vulnerability exists in the wv library that can allow an attacker to execute arbitrary code with the privileges of the user running the vulnerable application.
GLSA 200407-10 (normal) - rsync: Directory traversal in rsync daemon
Under specific conditions, the rsync daemon is vulnerable to a directory traversal allowing to write files outside a sync module.
Under specific conditions, the rsync daemon is vulnerable to a directory traversal allowing to write files outside a sync module.
GLSA 200407-09 (normal) - MoinMoin: Group ACL bypass
MoinMoin contains a bug allowing a user to bypass group ACLs (Access Control Lists).
MoinMoin contains a bug allowing a user to bypass group ACLs (Access Control Lists).
GLSA 200407-08 (high) - Ethereal: Multiple security problems
Multiple vulnerabilities including one buffer overflow exist in Ethereal, which may allow an attacker to run arbitrary code or crash the program.
Multiple vulnerabilities including one buffer overflow exist in Ethereal, which may allow an attacker to run arbitrary code or crash the program.
GLSA 200407-07 (normal) - Shorewall : Insecure temp file handling
Shorewall contains a bug in the code handling the creation of temporary files and directories. This can allow a non-root user to overwrite arbitrary system files.
Shorewall contains a bug in the code handling the creation of temporary files and directories. This can allow a non-root user to overwrite arbitrary system files.
GLSA 200407-06 (normal) - libpng: Buffer overflow on row buffers
libpng contains a buffer overflow vulnerability potentially allowing an attacker to perform a Denial of Service attack or even execute arbitrary code.
libpng contains a buffer overflow vulnerability potentially allowing an attacker to perform a Denial of Service attack or even execute arbitrary code.
GLSA 200407-05 (low) - XFree86, X.org: XDM ignores requestPort setting
XDM will open TCP sockets for its chooser, even if the DisplayManager.requestPort setting is set to 0. This may allow authorized users to access a machine remotely via X, even if the administrator has configured XDM to refuse such connections.
XDM will open TCP sockets for its chooser, even if the DisplayManager.requestPort setting is set to 0. This may allow authorized users to access a machine remotely via X, even if the administrator has configured XDM to refuse such connections.
GLSA 200407-04 (normal) - Pure-FTPd: Potential DoS when maximum connections is reached
Pure-FTPd contains a bug potentially allowing a Denial of Service attack when the maximum number of connections is reached.
Pure-FTPd contains a bug potentially allowing a Denial of Service attack when the maximum number of connections is reached.
GLSA 200407-03 (normal) - Apache 2: Remote denial of service attack
A bug in Apache may allow a remote attacker to perform a Denial of Service attack. With certain configurations this could lead to a heap based buffer overflow.
A bug in Apache may allow a remote attacker to perform a Denial of Service attack. With certain configurations this could lead to a heap based buffer overflow.
GLSA 200407-02 (high) - Linux Kernel: Multiple vulnerabilities
Multiple vulnerabilities have been found in the Linux kernel used by GNU/Linux systems. Patched, or updated versions of these kernels have been released and details are included in this advisory.
Multiple vulnerabilities have been found in the Linux kernel used by GNU/Linux systems. Patched, or updated versions of these kernels have been released and details are included in this advisory.
GLSA 200407-01 (normal) - Esearch: Insecure temp file handling
The eupdatedb utility in esearch creates a file in /tmp without first checking for symlinks. This makes it possible for any user to create arbitrary files.
The eupdatedb utility in esearch creates a file in /tmp without first checking for symlinks. This makes it possible for any user to create arbitrary files.
GLSA 200406-22 (high) - Pavuk: Remote buffer overflow
Pavuk contains a bug potentially allowing an attacker to run arbitrary code.
Pavuk contains a bug potentially allowing an attacker to run arbitrary code.
GLSA 200406-21 (high) - mit-krb5: Multiple buffer overflows in krb5_aname_to_localname
mit-krb5 contains multiple buffer overflows in the function krb5_aname_to_localname(). This could potentially lead to a complete remote system compromise.
mit-krb5 contains multiple buffer overflows in the function krb5_aname_to_localname(). This could potentially lead to a complete remote system compromise.
GLSA 200406-20 (normal) - FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling
FreeS/WAN, Openswan, strongSwan and Super-FreeS/WAN contain two bugs when authenticating PKCS#7 certificates. This could allow an attacker to authenticate with a fake certificate.
FreeS/WAN, Openswan, strongSwan and Super-FreeS/WAN contain two bugs when authenticating PKCS#7 certificates. This could allow an attacker to authenticate with a fake certificate.
GLSA 200406-19 (low) - giFT-FastTrack: remote denial of service attack
There is a vulnerability where a carefully crafted signal sent to the giFT-FastTrack plugin will cause the giFT daemon to crash.
There is a vulnerability where a carefully crafted signal sent to the giFT-FastTrack plugin will cause the giFT daemon to crash.
GLSA 200406-18 (normal) - gzip: Insecure creation of temporary files
gzip contain a bug potentially allowing an attacker to execute arbitrary commands.
gzip contain a bug potentially allowing an attacker to execute arbitrary commands.
« Previous 1 ... 182 183 184 185 186 ... 190 Next »
Also available in: Atom