GLSA 200503-20: curl: NTLM response buffer overflow

Gentoo 2530 Published by Philipp Esselbach 0

A curl security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: curl: NTLM response buffer overflow
Date: March 16, 2005
Bugs: #82534
ID: 200503-20

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

curl is vulnerable to a buffer overflow which could lead to the execution of arbitrary code.

GLSA 200503-19: MySQL: Multiple vulnerabilities

Gentoo 2530 Published by Philipp Esselbach 0

A MySQL security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: MySQL: Multiple vulnerabilities
Date: March 16, 2005
Bugs: #84819
ID: 200503-19

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

MySQL contains several vulnerabilities potentially leading to the overwriting of local files or to the execution of arbitrary code.

GLSA 200501-38: Perl: rmtree and DBI tmpfile

Gentoo 2530 Published by Philipp Esselbach 0

A Perl security update is availble for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory [UPDATE] GLSA 200501-38:03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Perl: rmtree and DBI tmpfile vulnerabilities
Date: January 26, 2005
Updated: March 15, 2005
Bugs: #75696, #78634, #79685
ID: 200501-38:03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Update
=====

The rmtree race conditions were only partly fixed in the original GLSA. New versions of dev-lang/perl have been released to address the remaining issues (CAN-2005-0448).

The updated sections appear below.

GLSA 200503-18: Ringtone Tools: Buffer overflow

Gentoo 2530 Published by Philipp Esselbach 0

A Ringtone Tools security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Ringtone Tools: Buffer overflow vulnerability
Date: March 15, 2005
Bugs: #74700
ID: 200503-18

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

The Ringtone Tools utilities contain a buffer overflow vulnerability, potentially leading to the execution of arbitrary code.

GLSA 200503-17: libexif: Buffer overflow vulnerability

Gentoo 2530 Published by Philipp Esselbach 0

A libexif security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: libexif: Buffer overflow vulnerability
Date: March 12, 2005
Bugs: #84076
ID: 200503-17

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

libexif fails to validate certain inputs, making it vulnerable to buffer overflows.

GLSA 200503-16: Ethereal: Multiple vulnerabilities

Gentoo 2530 Published by Philipp Esselbach 0

An Ethereal security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Ethereal: Multiple vulnerabilities
Date: March 12, 2005
Bugs: #84547
ID: 200503-16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Multiple vulnerabilities exist in Ethereal, which may allow an attacker to run arbitrary code or crash the program.

GLSA 200503-15: X.org: libXpm vulnerability

Gentoo 2530 Published by Philipp Esselbach 0

A libXpm security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: X.org: libXpm vulnerability
Date: March 12, 2005
Updated: March 12, 2005
Bugs: #83598
ID: 200503-15

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A new vulnerability has been discovered in libXpm, which is included in X.org, that can potentially lead to remote code execution.

GLSA 200503-14: KDE dcopidlng: Insecure temporary file creation

Gentoo 2530 Published by Philipp Esselbach 0

A KDE dcopidlng security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: KDE dcopidlng: Insecure temporary file creation
Date: March 07, 2005
Bugs: #81652
ID: 200503-14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

The dcopidlng script is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

GLSA 200503-13: mlterm: Integer overflow vulnerability

Gentoo 2530 Published by Philipp Esselbach 0

A mlterm security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: mlterm: Integer overflow vulnerability
Date: March 07, 2005
Bugs: #84174
ID: 200503-13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

mlterm is vulnerable to an integer overflow, which could potentially allow the execution of arbitrary code.

GLSA 200503-12: Hashcash: Format string vulnerability

Gentoo 2530 Published by Philipp Esselbach 0

A Hashcash security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Hashcash: Format string vulnerability
Date: March 06, 2005
Bugs: #83541
ID: 200503-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A format string vulnerability in the Hashcash utility could allow an attacker to execute arbitrary code.

GLSA 200503-11: ImageMagick: Filename handling vulnerability

Gentoo 2530 Published by Philipp Esselbach 0

An ImageMagick security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: ImageMagick: Filename handling vulnerability
Date: March 06, 2005
Bugs: #83542
ID: 200503-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A format string vulnerability exists in ImageMagick that may allow an attacker to execute arbitrary code.

GLSA 200503-10: Mozilla Firefox: Various vulnerabilities

Gentoo 2530 Published by Philipp Esselbach 0

A Mozilla Firefox security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Mozilla Firefox: Various vulnerabilities
Date: March 04, 2005
Bugs: #83267
ID: 200503-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Mozilla Firefox is vulnerable to a local file deletion issue and to various issues allowing to trick the user into trusting fake web sites or interacting with privileged content.

GLSA 200503-09: xv: Filename handling vulnerability

Gentoo 2530 Published by Philipp Esselbach 0

a xv security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: xv: Filename handling vulnerability
Date: March 04, 2005
Bugs: #83686
ID: 200503-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

xv contains a format string vulnerability, potentially resulting in the execution of arbitrary code.

GLSA 200503-08: OpenMotif, LessTif

Gentoo 2530 Published by Philipp Esselbach 0

OpenMotif, LessTif security updates are available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: OpenMotif, LessTif: New libXpm buffer overflows
Date: March 04, 2005
Bugs: #83655, #83656
ID: 200503-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A new vulnerability has been discovered in libXpm, which is included in OpenMotif and LessTif, that can potentially lead to remote code execution.

GLSA 200503-07: phpMyAdmin: Multiple vulnerabilities

Gentoo 2530 Published by Philipp Esselbach 0

A phpMyAdmin security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: phpMyAdmin: Multiple vulnerabilities
Date: March 03, 2005
Bugs: #83190, #83792
ID: 200503-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

phpMyAdmin contains multiple vulnerabilities that could lead to command execution, XSS issues and bypass of security restrictions.

GLSA 200503-06: BidWatcher: Format string vulnerability

Gentoo 2530 Published by Philipp Esselbach 0

A BidWatcher security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: BidWatcher: Format string vulnerability
Date: March 03, 2005
Bugs: #82460
ID: 200503-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

BidWatcher is vulnerable to a format string vulnerability, potentially allowing arbitrary code execution.

GLSA 200503-05: xli, xloadimage: Multiple vulnerabilities

Gentoo 2530 Published by Philipp Esselbach 0

A xli, xloadimage security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: xli, xloadimage: Multiple vulnerabilities
Date: March 02, 2005
Bugs: #79762
ID: 200503-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

xli and xloadimage are vulnerable to multiple issues, potentially leading to the execution of arbitrary code.

GLSA 200503-04: phpWebSite: Arbitrary PHP execution

Gentoo 2530 Published by Philipp Esselbach 0

A phpWebSite security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: phpWebSite: Arbitrary PHP execution and path disclosure
Date: March 01, 2005
Bugs: #83297
ID: 200503-04

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Remote attackers can upload and execute arbitrary PHP scripts, another flaw reveals the full path of scripts.

GLSA 200503-02: phpBB: Multiple vulnerabilities

Gentoo 2530 Published by Philipp Esselbach 0

A phpBB security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: phpBB: Multiple vulnerabilities
Date: March 01, 2005
Bugs: #82955
ID: 200503-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Several vulnerabilities allow remote attackers to gain phpBB administrator rights or expose and manipulate sensitive data.

GLSA 200503-01: Qt: Untrusted library search path

Gentoo 2530 Published by Philipp Esselbach 0

A Qt security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Qt: Untrusted library search path
Date: March 01, 2005
Bugs: #75181
ID: 200503-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Qt may load shared libraries from an untrusted, world-writable directory, resulting in the execution of arbitrary code.

Previous Page

Next Page

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...