USN-18-1: zip vulnerability

HexView discovered a buffer overflow in the zip package. The overflow is triggered by creating a ZIP archive of files with very long path names. This vulnerability might result in execution of arbitrary code with the privileges of the user who calls zip. This flaw may lead to privilege escalation...

acroread5 -- mailListIsPdf() buffer overflow vulnerability

An iDEFENSE Security Advisory reports: Remote exploitation of a buffer overflow in version 5.09 of Adobe Acrobat Reader for Unix could allow for execution of arbitrary code. The vulnerability specifically exists in a the function mailListIsPdf. This function checks if the input file is an email...

CVE-2004-0408

Buffer overflow in the childservice function in the ident2 ident daemon allows remote attackers to execute arbitrary code...

security flaw

The BMP image processor for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service infinite loop via a crafted BMP file...

Moderate: Red Hat Security Advisory: rsync security update

An updated rsync package that fixes a path sanitizing bug is now available. The rsync program synchronizes files over a network. Versions of rsync up to and including version 2.6.2 contain a path sanitization issue. This issue could allow an attacker to read or write files outside of the rsync...

CVE-2002-1159

Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak...

CVE-2002-1391

Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument...

CVE-2002-1392

faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges...

CVE-2003-0021

The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence...

CVE-2003-0022

Removed by vendor...

CVE-2004-0523

Multiple buffer overflows in krb5anametolocalname for MIT Kerberos 5 krb5 1.3.3 and earlier allow remote attackers to execute arbitrary code as root...

CVE-2004-0778

CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned...

rsync -- path sanitizing vulnerability

An rsync security advisory reports: There is a path-sanitizing bug that affects daemon mode in all recent rsync versions including 2.6.2 but only if chroot is disabled. The bug may allow a remote user to access files outside of an rsync module's configured path with the privileges configured for...

Solaris 7 (sparc) : 107441-03

SunOS 5.7: /usr/bin/mailx patch. Date this patch was last updated by Sun : Nov/09/01 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

CVE-2004-0536

Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email report...

CVE-2004-0405

CVS before 1.11 allows CVS clients to read arbitrary files via .. dot dot sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180...

CVE-2004-0422

flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack...

exim buffer overflow when verify = header_syntax is used

A remote exploitable buffer overflow has been discovered in exim when verify = headersyntax is used in the configuration file. This does not affect the default configuration...

CVE-2004-0381

mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file...

CVE-2004-0149

Multiple buffer overflows in xboing before 2.4 allow local users to gain privileges...