GLSA 200407-21: Samba: Multiple buffer overflows

Gentoo 2529 Published by Philipp Esselbach 0

A Samba update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Samba: Multiple buffer overflows
Date: July 29, 2004
Bugs: #57962
ID: 200407-21

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Two buffer overflows vulnerabilities were found in Samba, potentially allowing the remote execution of arbitrary code.

GLSA 200407-20: Subversion: Vulnerability

Gentoo 2529 Published by Philipp Esselbach 0

A subversion update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Low
Title: Subversion: Vulnerability in mod_authz_svn
Date: July 26, 2004
Bugs: #57747
ID: 200407-20

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Users with write access to parts of a Subversion repository may bypass read restrictions in mod_authz_svn and read any part of the repository they wish.

GLSA 200407-19: Pavuk: Digest authentication helper buffer

Gentoo 2529 Published by Philipp Esselbach 0

A Pavuk update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Pavuk: Digest authentication helper buffer overflow
Date: July 26, 2004
ID: 200407-19

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Pavuk contains a bug that can allow an attacker to run arbitrary code.

GLSA 200407-18: mod_ssl: Format string vulnerability

Gentoo 2529 Published by Philipp Esselbach 0

A mod_ssl update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: mod_ssl: Format string vulnerability
Date: July 22, 2004
Bugs: #57379
ID: 200407-18

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A bug in mod_ssl may allow a remote attacker to execute arbitrary code when Apache is configured to use mod_ssl and mod_proxy.

GLSA 200407-17 - l2tpd: Buffer overflow

Gentoo 2529 Published by Philipp Esselbach 0

A l2tpd update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: l2tpd: Buffer overflow
Date: July 22, 2004
Bugs: #53009
ID: 200407-17

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A buffer overflow in l2tpd could lead to remote code execution. It is not known whether this bug is exploitable.

GLSA 200407-16 - Linux Kernel

Gentoo 2529 Published by Philipp Esselbach 0

A kernel update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Linux Kernel: Multiple DoS and permission vulnerabilities
Date: July 22, 2004
Bugs: #56171, #56479
ID: 200407-16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Multiple permission vulnerabilities have been found in the Linux kernel, allowing an attacker to change the group IDs of files mounted on a remote filesystem (CAN-2004-0497), as well as an issue in 2.6 series kernels which allows /proc permissions to be bypassed.

A context sharing vulnerability in vserver-sources is also handled by this advisory as well as CAN-2004-0447, CAN-2004-0496 and CAN-2004-0565. Patched, or updated versions of these kernels have been released and details are included along with this advisory.

GLSA 200407-14: Unreal Tournament 2003/2004

Gentoo 2529 Published by Philipp Esselbach 0

An Unreal Tournament 2003/2004 security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Unreal Tournament 2003/2004: Buffer overflow in 'secure'
queries
Date: July 19, 2004
Bugs: #54726
ID: 200407-14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Game servers based on the Unreal engine are vulnerable to remote code execution through malformed 'secure' queries.

GLSA 200407-12 - Linux Kernel

Gentoo 2529 Published by Philipp Esselbach 0

An updated Linux Kernel is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Linux Kernel: Remote DoS vulnerability with IPTables TCP
Handling
Date: July 14, 2004
Bugs: #55694
ID: 200407-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A flaw has been discovered in 2.6 series Linux kernels that allows an attacker to send a malformed TCP packet, causing the affected kernel to possibly enter an infinite loop and hang the vulnerable machine.

GLSA 200407-11 - wv: Buffer overflow vulnerability

Gentoo 2529 Published by Philipp Esselbach 0

A wv update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: wv: Buffer overflow vulnerability
Date: July 14, 2004
Bugs: #56595
ID: 200407-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A buffer overflow vulnerability exists in the wv library that can allow an attacker to execute arbitrary code with the privileges of the user running the vulnerable application.

GLSA 200407-09 - MoinMoin: Group ACL bypass

Gentoo 2529 Published by Philipp Esselbach 0

A MoinMoin update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: MoinMoin: Group ACL bypass
Date: July 11, 2004
Bugs: #53126
ID: 200407-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

MoinMoin contains a bug allowing a user to bypass group ACLs (Access Control Lists).

GLSA 200407-08 - Ethereal: Multiple security problems

Gentoo 2529 Published by Philipp Esselbach 0

A ethereal update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Ethereal: Multiple security problems
Date: July 09, 2004
Bugs: #56423
ID: 200407-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Multiple vulnerabilities including one buffer overflow exist in Ethereal, which may allow an attacker to run arbitrary code or crash the program.

GLSA 200407-07 - Shorewall : Insecure temp file handling

Gentoo 2529 Published by Philipp Esselbach 0

A Shorewall update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Shorewall : Insecure temp file handling
Date: July 08, 2004
Bugs: #55675
ID: 200407-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Shorewall contains a bug in the code handling the creation of temporary files and directories. This can allow a non-root user to overwrite arbitrary system files.

GLSA 200407-05 - XDM ignores requestPort setting

Gentoo 2529 Published by Philipp Esselbach 0

A XDM update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Low
Title: XFree86, X.org: XDM ignores requestPort setting
Date: July 05, 2004
Bugs: #53226
ID: 200407-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

XDM will open TCP sockets for its chooser, even if the DisplayManager.requestPort setting is set to 0. This may allow authorized users to access a machine remotely via X, even if the administrator has configured XDM to refuse such connections.

GLSA 200407-03 - Apache 2: Remote denial of service attack

Gentoo 2529 Published by Philipp Esselbach 0

An Apache 2 update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Apache 2: Remote denial of service attack
Date: July 04, 2004
Bugs: #55441
ID: 200407-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A bug in Apache may allow a remote attacker to perform a Denial of Service attack. With certain configurations this could lead to a heap based buffer overflow.

GLSA 200407-02 - Linux Kernel: Multiple vulnerabilities

Gentoo 2529 Published by Philipp Esselbach 0

An updated Linux Kernel is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200407-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Linux Kernel: Multiple vulnerabilities
Date: July 03, 2004
Bugs: #47881, #49637, #53804, #54976, #55698
ID: 200407-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Multiple vulnerabilities have been found in the Linux kernel used by GNU/Linux systems. Patched, or updated versions of these kernels have been released and details are included in this advisory.

GLSA 200406-22 - Pavuk: Remote buffer overflow

Gentoo 2529 Published by Philipp Esselbach 0

A Pavuk update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Pavuk: Remote buffer overflow
Date: June 30, 2004
ID: 200406-22

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Pavuk contains a bug potentially allowing an attacker to run arbitrary code.

GLSA 200406-21 - mit-krb5: Multiple buffer overflows in krb5

Gentoo 2529 Published by Philipp Esselbach 0

A mit-krb5 update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: mit-krb5: Multiple buffer overflows in
krb5_aname_to_localname
Date: June 29, 2004
Bugs: #52744
ID: 200406-21

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

mit-krb5 contains multiple buffer overflows in the function krb5_aname_to_localname(). This could potentially lead to a complete remote system compromise.

Previous Page

Next Page

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...