binutils security update

CentOS Errata and Security Advisory CESA-2005:659 An updated binutils package that fixes several bugs and minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Binutils is a collection of utilities used for the...

Debian DSA-813-1 : centericq - several vulnerabilities

Several problems have been discovered in libgadu which is also part of centericq, a text-mode multi-protocol instant messenger client. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2369 Multiple integer signedness errors may allow remote attackers...

[Full-disclosure] [SECURITY] [DSA 813-1] New centericq packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 813-1 [email protected] http://www.debian.org/security/ Martin Schulze September 15th, 2005 http://www.debian.org/security/faq -...

DSA-813-1 centericq - several

Bulletin has no description...

gaim

New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix some security issues. including: AIM/ICQ away message buffer overflow AIM/ICQ non-UTF-8 filename crash Gadu-Gadu memory alignment bug Sites that use GAIM should upgrade to the new version. More details about...

USN-168-1: Gaim vulnerabilities

Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR the module that handles various instant messaging protocols like ICQ. A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8...

USN-162-1: ekg and Gadu library vulnerabilities

Marcin Owsiany and Wojtek Kaniewski discovered that some contributed scripts contrib/ekgh, contrib/ekgnv.sh, and contrib/getekg.sh in the ekg package created temporary files in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the...

Debian DSA-769-1 : gaim - memory alignment bug

Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in libgadu from ekg, console Gadu Gadu client, an instant messaging program which is included in gaim, a multi-protocol instant messaging client, as well. This can not be exploited on the x86 architecture but on others,...

[SECURITY] [DSA 769-1] New gaim packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 769-1 [email protected] http://www.debian.org/security/ Martin Schulze July 29th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 769-1] New gaim packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 769-1 [email protected] http://www.debian.org/security/ Martin Schulze July 29th, 2005 http://www.debian.org/security/faq -...

DSA-769-1 gaim - memory alignment bug

Bulletin has no description...

CVE-2005-2370

CVE-2005-2370 refers to memory alignment errors in libgadu, exploited by processing an incoming message to trigger a denial of service on architectures such as SPARC. The vulnerability affects the libgadu-based components used by programs like ekg (before 1.6rc2) and Gaim (before 1.5.0), among ot...

CVE-2005-2370

Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service bus error on certain architectures such as SPARC via an incoming message...

CVE-2005-2370

Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service bus error on certain architectures such as SPARC via an incoming message...

security flaw

Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service bus error on certain architectures such as SPARC via an incoming message...

libgadu -- multiple vulnerabilities

Wojtek Kaniewski reports: Multiple vulnerabilities have been found in libgadu, a library for handling Gadu-Gadu instant messaging protocol. It is a part of ekg, a Gadu-Gadu client, but is widely used in other clients. Also some of the user contributed scripts were found to behave in an insecure...

glibc, nptl, nscd security update

CentOS Errata and Security Advisory CESA-2005:256 Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The GNU libc packages known as glibc contain the standard C libraries used by...

Low: Red Hat Security Advisory: glibc security update

Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The GNU libc packages known as glibc contain the standard C libraries used by applications. It was discovered that the use of LDDEBUG...

Smail 3.2.0.120 - Remote Heap Overflow

/ 0 smail preparseaddress1 heap bof remote root exploit infamous42md AT hotpop DOT com Shouts: BMF, wipe with the left, eat with the right Notes: You can't have any characters in overflow buffer that isspace returns true for. The shellcode is clear of them, but if your return address or retloc ha...

irssi - potential remote crash

irssi 0.8.9 release fixes a vulnerability that allows normal IRC users to remotely crash another user's irssi client, provided that either of these conditions is met: a irssi is running on an architecture that requires memory alignmentation ie. not x86 b "gui print text" signal is being used by...