GLSA 200406-02: tripwire: Format string vulnerability

Gentoo 2529 Published by Philipp Esselbach 0

A tripware update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: tripwire: Format string vulnerability
Date: June 04, 2004
Bugs: #52945
ID: 200406-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A vulnerability allowing arbitrary code execution under certain circumstances has been found.

GLSA 200406-01: Ethereal: Multiple security problems

Gentoo 2529 Published by Philipp Esselbach 0

An Ethereal update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Ethereal: Multiple security problems
Date: June 04, 2004
Bugs: #51022
ID: 200406-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Multiple vulnerabilities including one buffer overflow exist in Ethereal, which may allow an attacker to run arbitrary code or crash the program.

GLSA 200405-25: tla

Gentoo 2529 Published by Philipp Esselbach 0

A tla update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 200405-25:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: tla: Multiple vulnerabilities in included libneon
Date: June 2, 2004
Bugs: #51586
ID: 200405-25:02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Errata
=====

The fixed ebuild proposed in the original version of this Security Advisory did not address all the vulnerabilities of the tla package. All users of the tla package should upgrade to dev-util/tla-1.2-r2. The corrected sections appear below.

GLSA 200405-25: tla: Heap-based buffer overflow

Gentoo 2529 Published by Philipp Esselbach 0

An tla update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-25
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: tla: Heap-based buffer overflow in included libneon
Date: May 30, 2004
Bugs: #51586
ID: 200405-25

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

tla includes a vulnerable version of the neon library.

GLSA 200405-24: MPlayer, xine-lib: vulnerabilities in RTSP

Gentoo 2529 Published by Philipp Esselbach 0

An Mplayer update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-24
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: MPlayer, xine-lib: vulnerabilities in RTSP stream handling
Date: May 28, 2004
Bugs: #49387
ID: 200405-24

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Multiple vulnerabilities, including remotely exploitable buffer overflows, have been found in code common to MPlayer and the xine library.

GLSA 200405-23: Heimdal: Kerberos 4 buffer overflow in kadmin

Gentoo 2529 Published by Philipp Esselbach 0

A Heimdal update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-23
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Heimdal: Kerberos 4 buffer overflow in kadmin
Date: May 27, 2004
Bugs: #50208
ID: 200405-23

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A possible buffer overflow in the Kerberos 4 component of Heimdal has been discovered.

GLSA 200405-21: Midnight Commander

Gentoo 2529 Published by Philipp Esselbach 0

A midnight commander update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Midnight Commander: Multiple vulnerabilities
Date: May 26, 2004
Bugs: #49990
ID: 200405-21

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Multiple security issues have been discovered in Midnight Commander including several buffer overflows and string format vulnerabilities.

GLSA 200405-22: Apache 1.3: Multiple vulnerabilities

Gentoo 2529 Published by Philipp Esselbach 0

An Apache 1.3 update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Apache 1.3: Multiple vulnerabilities
Date: May 26, 2004
Bugs: #51815
ID: 200405-22

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Several security vulnerabilites have been fixed in the latest release of Apache 1.3.

GLSA 200405-20: Insecure Temporary File Creation In MySQL

Gentoo 2529 Published by Philipp Esselbach 0

A MySQL update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Insecure Temporary File Creation In MySQL
Date: May 25, 2004
Bugs: #46242
ID: 200405-20

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Two MySQL utilities create temporary files with hardcoded paths, allowing an attacker to use a symlink to trick MySQL into overwriting important data.

GLSA 200405-16: Multiple XSS Vulnerabilities in SquirrelMail

Gentoo 2529 Published by Philipp Esselbach 0

A SquirrelMail update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 200405-16:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Multiple XSS Vulnerabilities in SquirrelMail
Date: May 25, 2004
Bugs: #49675
ID: 200405-16:02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Errata
=====
The original version of this Security Advisory listed the vulnerable versions incorrectly. Whereas the original GLSA listed vulnerable versions as "

GLSA 200405-19: Opera

Gentoo 2529 Published by Philipp Esselbach 0

An Opera update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Opera telnet URI handler file creation/truncation
vulnerability
Date: May 25, 2004
Bugs: #50857
ID: 200405-19

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A vulnerability exists in Opera's telnet URI handler that may allow a remote attacker to overwrite arbitrary files.

GLSA 200405-18: Buffer Overflow in Firebird

Gentoo 2529 Published by Philipp Esselbach 0

A Firebird has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Buffer Overflow in Firebird
Date: May 23, 2004
Bugs: #20837
ID: 200405-18

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A buffer overflow via environmental variables in Firebird may allow a local user to manipulate or destroy local databases and trojan the Firebird binaries.

GLSA 200405-17: Multiple vulnerabilities in metamail

Gentoo 2529 Published by Philipp Esselbach 0

A metamail update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Multiple vulnerabilities in metamail
Date: May 21, 2004
Bugs: #42133
ID: 200405-17

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Several format string bugs and buffer overflows were discovered in metamail, potentially allowing execution of arbitrary code remotely.

GLSA 200405-16: Multiple XSS Vulnerabilities in SquirrelMail

Gentoo 2529 Published by Philipp Esselbach 0

A SquirrelMail update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Multiple XSS Vulnerabilities in SquirrelMail
Date: May 21, 2004
Bugs: #49675
ID: 200405-16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

SquirrelMail is subject to several XSS and one SQL injection
vulnerability.

GLSA 200405-15: cadaver heap-based buffer overflow

Gentoo 2529 Published by Philipp Esselbach 0

A cadaver update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: cadaver heap-based buffer overflow
Date: May 20, 2004
Bugs: #51461
ID: 200405-15

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

There is a heap-based buffer overflow vulnerability in the neon library used in cadaver, possibly leading to execution of arbitrary code when connected to a malicious server.

GLSA 200405-14: Buffer overflow in Subversion

Gentoo 2529 Published by Philipp Esselbach 0

A Subversion update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Buffer overflow in Subversion
Date: May 20, 2004
Bugs: #51462
ID: 200405-14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

There is a vulnerability in the Subversion date parsing code which may lead to denial of service attacks, or execution of arbitrary code. Both the client and server are vulnerable.

GLSA 200405-13: neon heap-based buffer overflow

Gentoo 2529 Published by Philipp Esselbach 0

A neon update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: neon heap-based buffer overflow
Date: May 20, 2004
Bugs: #51490
ID: 200405-13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A vulnerability potentially allowing remote execution of arbitrary code has been discovered in the neon library.

GLSA 200405-12: CVS heap overflow vulnerability

Gentoo 2529 Published by Philipp Esselbach 0

A CVS update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: CVS heap overflow vulnerability
Date: May 20, 2004
Bugs: #51460
ID: 200405-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

CVS is subject to a heap overflow vulnerability allowing source repository compromise.

GLSA 200405-11: KDE URI Handler Vulnerabilities

Gentoo 2529 Published by Philipp Esselbach 0

A KDE URI Handler update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: KDE URI Handler Vulnerabilities
Date: May 19, 2004
Bugs: #51276
ID: 200405-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Vulnerabilities in KDE URI handlers makes your system vulnerable to various attacks.

GLSA 200405-10: Icecast denial of service vulnerability

Gentoo 2529 Published by Philipp Esselbach 0

An Icecast update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Icecast denial of service vulnerability
Date: May 19, 2004
Bugs: #50935
ID: 200405-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Icecast is vulnerable to a denial of service attack allowing remote users to crash the application.

Previous Page

Next Page

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...