Mandriva Linux Security Advisory : cyrus-imapd (MDVSA-2011:149)

Multiple vulnerabilities has been discovered and corrected in cyrus-imapd : Stack-based buffer overflow in the splitwildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command...

Mandriva Update for rpm MDVA-2011:057 (rpm)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for rpm MDVA-2011:057 (rpm)

Check for the Version of rpm OpenVAS Vulnerability Test Mandriva Update for rpm MDVA-2011:057 rpm Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

MDVA-2011:057 : rpm

It was discovered the xz v5.0.0 lzma changes in MDVSA-2011:143 were incomplete. This advisory upgrades the xz package to the 5.0.3 version and the spec-helper package to the 0.30.5 version to be able to handle lzma files. Packages for 2009.0 are provided as of the Extended Maintenance Program...

Mandriva Linux Security Advisory : samba (MDVSA-2011:148)

Multiple vulnerabilities has been discovered and corrected in samba/cifs-utils : smbfs in Samba 3.5.8 and earlier attempts to use 1 mount.cifs to append to the /etc/mtab file and 2 umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, whic...

Mandriva Linux Security Advisory : openssl (MDVSA-2011:136)

A vulnerability was discovered and corrected in openssl : The elliptic curve cryptography ECC subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm ECDSA is used for the ECDHEECDSA cipher suite, does not properly implement curves over binary fields, which...

Mandriva Linux Security Advisory : openssl (MDVSA-2011:137)

Multiple vulnerabilities has been discovered and corrected in openssl : The elliptic curve cryptography ECC subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm ECDSA is used for the ECDHEECDSA cipher suite, does not properly implement curves over binary...

Mandriva Linux Security Advisory : dhcp (MDVSA-2011:128)

Multiple vulnerabilities has been discovered and corrected in dhcp : The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service daemon exit via a crafted DHCP packet CVE-2011-2748. The server in IS...

Mandriva Update for dhcp MDVSA-2011:128 (dhcp)

Check for the Version of dhcp OpenVAS Vulnerability Test Mandriva Update for dhcp MDVSA-2011:128 dhcp Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Linux Security Advisory : mozilla (MDVSA-2011:127)

Security issues were identified and fixed in mozilla firefox and thunderbird : Mozilla developers and community members identified and fixed several memory safety bugs in the browser engine used in Firefox 3.6 and other Mozilla-based products. Some of these bugs showed evidence of memory corrupti...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2011:126)

Multiple vulnerabilities were discovered and corrected in java-1.6.0-openjdk : Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start applications...

Mandriva Linux Security Advisory : clamav (MDVSA-2011:122)

A vulnerability has been discovered and corrected in clamav : Off-by-one error in the clihmscan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service daemon crash via an e-mail message that is not properly handled during certain hash...

Mandriva Update for curl MDVSA-2011:116 (curl)

Check for the Version of curl OpenVAS Vulnerability Test Mandriva Update for curl MDVSA-2011:116 curl Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Update for libsndfile MDVSA-2011:119 (libsndfile)

Check for the Version of libsndfile OpenVAS Vulnerability Test Mandriva Update for libsndfile MDVSA-2011:119 libsndfile Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Mandriva Linux Security Advisory : bind (MDVSA-2011:115)

A vulnerability was discovered and corrected in bind : Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service named daemon crash via a crafted UPDATE request CVE-2011-2464. Packages...

Mandriva Linux Security Advisory : blender (MDVSA-2011:112)

Multiple vulnerabilities have been identified and fixed in blender : oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an...

Mandriva Linux Security Advisory : gimp (MDVSA-2011:103)

Multiple vulnerabilities was discovered and fixed in gimp : Stack-based buffer overflow in the 'LIGHTING EFFECTS LIGHT' plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Position field in a plug...

Mandriva Linux Security Advisory : rdesktop (MDVSA-2011:102)

A vulnerability has been identified and fixed in rdesktop : Directory traversal vulnerability in the diskcreate function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. dot dot in a pathname CVE-2011-159...

Mandriva Linux Security Advisory : dovecot (MDVSA-2011:101)

A vulnerability has been identified and fixed in dovecot : lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '' NUL characters in header names, which allows remote attackers to cause a denial of service daemon crash or mailbox...

Mandriva Linux Security Advisory : cyrus-imapd (MDVSA-2011:100)

A vulnerability has been identified and fixed in cyrus-imapd : The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is process...