abrt: Race condition in abrt-action-install-debuginfo

abrt-action-install-debuginfo in Automatic Bug Reporting Tool ABRT 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store information about crashes."...

abrt: Arbitrary Python code execution due improper sanitization of the PYTHONPATH environment variable by installing debuginfo packages into cache

Untrusted search path vulnerability in plugins/abrt-action-install-debuginfo-to-abrt-cache.c in Automatic Bug Reporting Tool ABRT 2.0.9 and earlier allows local users to load and execute arbitrary Python modules by modifying the PYTHONPATH environment variable to reference a malicious Python modu...

SuSE 11.1 Security Update : sudo, sudo-debuginfo, sudo-debugsource (SAT Patch Number 6306)

This update fixes a security problem in sudo : Multiple netmask values used in Host / HostList configuration caused any host to be allowed access. CVE-2012-2337 Also a bug in wildcard matching could allow too relaxed matches within subdirectories of the specified path so /usr/bin/ would also matc...

PT-2012-1069 · Kde +3 · Konqueror +4

Name of the Vulnerable Software and Affected Versions: kdelibs versions 4.3.4 kdelibs-devel version 4.3.4 kdelibs-debuginfo version 4.3.4 kdelibs-apidocs version 4.3.4 kdelibs-common version 4.3.4 Description: The issue concerns multiple vulnerabilities in the kdelibs package, which can lead to a...

RedHat Update for tetex RHSA-2012:1201-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

PT-2012-1072 · Gnu +3 · Gimp +3

Name of the Vulnerable Software and Affected Versions: gimp-libs version 2.6.9 gimp-devel-tools version 2.6.9 gimp-help-browser version 2.6.9 gimp-devel version 2.6.9 gimp-debuginfo version 2.6.9 gimp version 2.6.9 gimp version 2.8.x and earlier Description: The issue concerns multiple...

SuSE 10 Security Update : sudo, sudo-debuginfo (ZYPP Patch Number 8134)

This update fixes a security problem in sudo : Multiple netmask values used in Host / HostList configuration caused any host to be allowed access. CVE-2012-2337 Also a bug in wildcard matching could allow too relaxed matches within subdirectories of the specified path so /usr/bin/ would also matc...

SuSE 10 Security Update : pure-ftpd, pure-ftpd-debuginfo (ZYPP Patch Number 7724)

The OES Netware add-ons in pure-ftpd had a security problem and some bugs, which are fixed by this update. A local attacker could overwrite local files when the OES remote server feature of pure-ftpd is enabled due to a directory traversal. CVE-2011-3171 Additionally the following bugs have been...

Medium: krb5

Issue Overview: Multiple NULL pointer dereference and assertion failure flaws were found in the MIT Kerberos KDC when it was configured to use an LDAP Lightweight Directory Access Protocol or Berkeley Database Berkeley DB back end. A remote attacker could use these flaws to crash the KDC...

RedHat Update for xorg-x11-server RHSA-2011:1359-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

PT-2011-1125 · Red Hat · Libvirt-Devel +5

Name of the Vulnerable Software and Affected Versions: libvirt versions prior to 0.9.0 libvirt-debuginfo versions 0.8.1 libvirt-devel versions 0.8.1 libvirt-python versions 0.8.1 libvirt-client versions 0.8.1 Description: The issue affects the libvirt package in Red Hat Enterprise Linux,...

PT-2011-1128 · Red Hat · Selinux-Policy-Minimum +11

Name of the Vulnerable Software and Affected Versions: policycoreutils versions 2.0.83 and earlier policycoreutils-sandbox version 2.0.83 policycoreutils-python version 2.0.83 policycoreutils-debuginfo version 2.0.83 policycoreutils-newrole version 2.0.83 policycoreutils-gui version 2.0.83...

RedHat Update for krb5 RHSA-2010:0926-01

Check for the Version of krb5 OpenVAS Vulnerability Test RedHat Update for krb5 RHSA-2010:0926-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

PT-2010-1062 · Mingw +6 · Mingw32-Libxml2-Debuginfo +8

Name of the Vulnerable Software and Affected Versions: libxml2 versions prior to 2.8.0 mingw32-libxml2 versions 2.7.6 mingw32-libxml2-debuginfo versions 2.7.6 mingw32-libxml2-static versions 2.7.6 Description: The issue concerns multiple vulnerabilities in the libxml2 package, which can lead to...

PT-2010-1046 · Red Hat · Systemtap-Server +9

Name of the Vulnerable Software and Affected Versions: systemtap versions 0.6.2 through 1.3 systemtap-runtime versions 0.6.2 through 1.1 systemtap-testsuite versions 0.6.2 through 1.1 systemtap-client versions 1.1 through 1.2 systemtap-server versions 1.1 systemtap-initscript versions 1.1...

Fedora 11 : systemtap-1.1-1.fc11 (2010-0671)

Fixes CVE-2009-4273 Bugzilla 550172: https://bugzilla.redhat.com/showbug.cgi?id=CVE-2009-4273 New upstream release containing new features and bug fixes: better support for gcc 4.5 richer DWARF debuginfo, new preprocessor conditional for kernel 'CONFIG' testing, improved experimental unprivileged...

Fedora 12 : systemtap-1.1-1.fc12 (2010-0688)

Fixes CVE-2009-4273 Bugzilla 550172: https://bugzilla.redhat.com/showbug.cgi?id=CVE-2009-4273 New upstream release containing new features and bug fixes: better support for gcc 4.5 richer DWARF debuginfo, new preprocessor conditional for kernel 'CONFIG' testing, improved experimental unprivileged...

RHEL 5 : brltty (RHSA-2010:0181)

Updated brltty packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

java-1.6.0-openjdk security update

1:1.6.0.0-1.11.b16.0.1.el5 - Add oracle-enterprise.patch 1:1.6.0.0-1.11.b16.el5 - Remove javaws alternative due to conflict with java-1.6.0-sun's alternatives 1:1.6.0-1.10.b16 - Update to openjdk build b16 - Update to icedtea6-1.6 - Added tzdata-java requirement - Added autoconf and automake buil...

RedHat Update for brltty RHSA-2010:0181-05

Check for the Version of brltty OpenVAS Vulnerability Test RedHat Update for brltty RHSA-2010:0181-05 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...