Gentoo Linux Security Advisories
GLSA 200404-03 (high) - Tcpdump Vulnerabilities in ISAKMP Parsing
There are multiple vulnerabilities in tcpdump and libpcap related to parsing of ISAKMP packets.
There are multiple vulnerabilities in tcpdump and libpcap related to parsing of ISAKMP packets.
GLSA 200404-02 (high) - KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability
KDE-PIM may be vulnerable to a remote buffer overflow attack that may allow unauthorized access to an affected system.
KDE-PIM may be vulnerable to a remote buffer overflow attack that may allow unauthorized access to an affected system.
GLSA 200404-01 (normal) - Insecure sandbox temporary lockfile vulnerabilities in Portage
A flaw has been found in the temporary file handling algorithms for the sandboxing code used within Portage. Lockfiles created during normal Portage operation of portage could be manipulated by local users resulting in the truncation of hard linked files; causing a Denial of Service attack on the system.
A flaw has been found in the temporary file handling algorithms for the sandboxing code used within Portage. Lockfiles created during normal Portage operation of portage could be manipulated by local users resulting in the truncation of hard linked files; causing a Denial of Service attack on the system.
GLSA 200403-14 (high) - Multiple Security Vulnerabilities in Monit
A denial of service and a buffer overflow vulnerability have been found in Monit.
A denial of service and a buffer overflow vulnerability have been found in Monit.
GLSA 200403-13 (high) - Remote buffer overflow in MPlayer
MPlayer contains a remotely exploitable buffer overflow in the HTTP parser that may allow attackers to run arbitrary code on a user's computer.
MPlayer contains a remotely exploitable buffer overflow in the HTTP parser that may allow attackers to run arbitrary code on a user's computer.
GLSA 200403-12 (normal) - OpenLDAP DoS Vulnerability
A failed password operation can cause the OpenLDAP slapd server, if it is using the back-ldbm backend, to free memory that was never allocated.
A failed password operation can cause the OpenLDAP slapd server, if it is using the back-ldbm backend, to free memory that was never allocated.
GLSA 200403-11 (normal) - Squid ACL [url_regex] bypass vulnerability
Squid versions 2.0 through to 2.5.STABLE4 could allow a remote attacker to bypass Access Control Lists by sending a specially-crafted URL request containing '%00': in such circumstances; the url_regex ACL may not properly detect the malicious URL, allowing the attacker to effectively bypass the ACL.
Squid versions 2.0 through to 2.5.STABLE4 could allow a remote attacker to bypass Access Control Lists by sending a specially-crafted URL request containing '%00': in such circumstances; the url_regex ACL may not properly detect the malicious URL, allowing the attacker to effectively bypass the ACL.
GLSA 200403-10 (normal) - Fetchmail 6.2.5 fixes a remote DoS
Fetchmail versions 6.2.4 and earlier can be crashed by sending a specially-crafted email to a fetchmail user.
Fetchmail versions 6.2.4 and earlier can be crashed by sending a specially-crafted email to a fetchmail user.
GLSA 200403-09 (high) - Buffer overflow in Midnight Commander
A remotely-exploitable buffer overflow in Midnight Commander allows arbitrary code to be run on a user's computer
A remotely-exploitable buffer overflow in Midnight Commander allows arbitrary code to be run on a user's computer
GLSA 200403-08 (normal) - oftpd DoS vulnerability
A remotely-exploitable overflow exists in oftpd, allowing an attacker to crash the oftpd daemon.
A remotely-exploitable overflow exists in oftpd, allowing an attacker to crash the oftpd daemon.
GLSA 200403-07 (high) - Multiple remote overflows and vulnerabilities in Ethereal
Mulitple overflows and vulnerabilities exist in Ethereal which may allow an attacker to crash the program or run arbitrary code.
Mulitple overflows and vulnerabilities exist in Ethereal which may allow an attacker to crash the program or run arbitrary code.
GLSA 200403-06 (normal) - Multiple remote buffer overflow vulnerabilities in Courier
Remote buffer overflow vulnerabilities have been found in Courier-IMAP and Courier MTA. These exploits may allow the execution of abritrary code, allowing unauthorized access to a vulnerable system.
Remote buffer overflow vulnerabilities have been found in Courier-IMAP and Courier MTA. These exploits may allow the execution of abritrary code, allowing unauthorized access to a vulnerable system.
GLSA 200403-05 (normal) - UUDeview MIME Buffer Overflow
A specially-crafted MIME file (.mim, .uue, .uu, .b64, .bhx, .hqx, and .xxe extensions) may cause UUDeview to crash or execute arbitrary code.
A specially-crafted MIME file (.mim, .uue, .uu, .b64, .bhx, .hqx, and .xxe extensions) may cause UUDeview to crash or execute arbitrary code.
GLSA 200403-04 (normal) - Multiple security vulnerabilities in Apache 2
A memory leak in mod_ssl allows a remote denial of service attack against an SSL-enabled server via plain HTTP requests. Another flaw was found when arbitrary client-supplied strings can be written to the error log, allowing the exploit of certain terminal emulators. A third flaw exists with the mod_disk_cache module.
A memory leak in mod_ssl allows a remote denial of service attack against an SSL-enabled server via plain HTTP requests. Another flaw was found when arbitrary client-supplied strings can be written to the error log, allowing the exploit of certain terminal emulators. A third flaw exists with the mod_disk_cache module.
GLSA 200403-03 (normal) - Multiple OpenSSL Vulnerabilities
Three vulnerabilities have been found in OpenSSL via a commercial test suite for the TLS protocol developed by Codenomicon Ltd.
Three vulnerabilities have been found in OpenSSL via a commercial test suite for the TLS protocol developed by Codenomicon Ltd.
GLSA 200403-02 (high) - Linux kernel do_mremap local privilege escalation vulnerability
A critical security vulnerability has been found in recent Linux kernels by Paul Starzetz of iSEC Security Research which allows for local privilege escalations.
A critical security vulnerability has been found in recent Linux kernels by Paul Starzetz of iSEC Security Research which allows for local privilege escalations.
GLSA 200403-01 (normal) - Libxml2 URI Parsing Buffer Overflow Vulnerabilities
A buffer overflow has been discovered in libxml2 versions prior to 2.6.6 which may be exploited by an attacker allowing the execution of arbitrary code.
A buffer overflow has been discovered in libxml2 versions prior to 2.6.6 which may be exploited by an attacker allowing the execution of arbitrary code.
GLSA 200402-07 (normal) - Clam Antivirus DoS vulnerability
Oliver Eikemeier has reported a vulnerability in Clam AV, which can be exploited by a malformed uuencoded message causing a denial of service for programs that rely on the clamav daemon, such as SMTP daemons.
Oliver Eikemeier has reported a vulnerability in Clam AV, which can be exploited by a malformed uuencoded message causing a denial of service for programs that rely on the clamav daemon, such as SMTP daemons.
GLSA 200402-06 (normal) - Updated kernel packages fix the AMD64 ptrace vulnerability
A vulnerability has been discovered by in the ptrace emulation code for AMD64 platforms when eflags are processed, allowing a local user to obtain elevated priveleges.
A vulnerability has been discovered by in the ptrace emulation code for AMD64 platforms when eflags are processed, allowing a local user to obtain elevated priveleges.
GLSA 200402-05 (normal) - phpMyAdmin < 2.5.6-rc1: possible attack against export.php
A vulnerability in phpMyAdmin which was not properly verifying user generated input could lead to a directory traversal attack.
A vulnerability in phpMyAdmin which was not properly verifying user generated input could lead to a directory traversal attack.
« Previous 1 ... 186 187 188 189 190 Next »
Also available in: Atom