SILC Client < 1.1.8 Nickname Field Format String Vulnerability

SILC Client/Toolkit is prone to a format string vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE 11 Security Update : MySQL (SAT Patch Number 1114)

the COMCREATEDB and COMDROPDB suffered from format string vulnerabilities. CVE-2009-2446 - the command line client was prone to cross-site scripting XSS attacks CVE-2008-4456 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

SuSE 11 Security Update : Samba (SAT Patch Number 1053)

Fixed a format string vulnerability in smbclient CVE-2009-1886 and a ACL bypass vulnerability in samba. CVE-2009-1888 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...

SuSE9 Security Update : gedit (YOU Patch Number 10253)

Gedit had a format string bug in the filename handling, potentially allowing an attacker to execute arbitrary code. This bug has been fixed. CVE-2005-1686 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

SuSE9 Security Update : libgda (YOU Patch Number 10554)

This update fixes the following security problem: libgda contained two format string bugs in logging routines. Those bugs could potentially indirectly lead to arbitrary code execution via applications that link against libgda and supply data to libgda. CVE-2005-2958 %NASLMINLEVEL 70300 C Tenable...

SuSE9 Security Update : ethereal (YOU Patch Number 12424)

Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities : - crash while loading a Tektronix .rf5 file. CVE-2009-1269 - crash in Check Point High-Availability Protocol CPHAP dissector. CVE-2009-1268 - LDAP dissector could crash on Windows. CVE-2009-1267 - PROFINET format string bug...

SuSE9 Security Update : mailman (YOU Patch Number 11243)

This update of mailman fixes the following security issues : - A malicious user could visit a specially crafted URI and inject an apparent log message into Mailman's error log which might induce an unsuspecting administrator to visit a phishing site. This has been blocked. Thanks to Moritz Nauman...

SuSE9 Security Update : perl-Net-Server (YOU Patch Number 10270)

A format string problem was found in the logging routines of the perl-Net-Server perl module collection. This could lead to a remote attacker being able to crash a server using the perl-Net-Server module. This is tracked by the Mitre CVE ID CVE-2005-1127. %NASLMINLEVEL 70300 C Tenable Network...

SuSE 10 Security Update : MySQL (ZYPP Patch Number 6446)

the COMCREATEDB and COMDROPDB suffered from format string vulnerabilities. CVE-2009-2446 - the command line client was prone to cross-site scripting XSS attacks. CVE-2008-4456 Additionally a problem that sometimes prevented slave hosts from reconnecting to the master server has been fixed...

SuSE9 Security Update : vim and gvim (YOU Patch Number 11722)

This update of Vim addresses a format-string bug in 'helptags'. This bug can be exploited to execute code with the privileges of the user running Vim. CVE-2007-2953 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

SuSE 11 Security Update : silc-toolkit (SAT Patch Number 1282)

This update of slic-toolkit fixes stack-based overflow while encoding a ASN.1 OID CVE-2008-7159 and several format string bugs CVE-2009-3051 / CVE-2008-7160. The probability to exploit this issues to execute arbitrary code is high. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

MySQL: Format string vulnerability by manipulation with database instances (crash)

Multiple format string vulnerabilities in the dispatchcommand function in libmysqld/sqlparse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in a database...

Important: Red Hat Security Advisory: Red Hat Application Stack v2.4 security and enhancement update

Red Hat Application Stack v2.4 is now available. This update fixes several security issues and adds various enhancements. This update has been rated as having important security impact by the Red Hat Security Response Team. Red Hat Application Stack v2.4 is an integrated open source application...

Mandrake Security Advisory MDVSA-2009:234 (silc-toolkit)

The remote host is missing an update to silc-toolkit announced via advisory MDVSA-2009:234. OpenVAS Vulnerability Test $Id: mdksa2009234.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:234 silc-toolkit Authors: Thomas Reinke Copyright: Copyright c 20...

Mandrake Security Advisory MDVSA-2009:234-1 (silc-toolkit)

The remote host is missing an update to silc-toolkit announced via advisory MDVSA-2009:234-1. OpenVAS Vulnerability Test $Id: mdksa20092341.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:234-1 silc-toolkit Authors: Thomas Reinke Copyright: Copyright...

Mandrake Security Advisory MDVSA-2009:235 (silc-toolkit)

The remote host is missing an update to silc-toolkit announced via advisory MDVSA-2009:235. OpenVAS Vulnerability Test $Id: mdksa2009235.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:235 silc-toolkit Authors: Thomas Reinke Copyright: Copyright c 20...

Mandrake Security Advisory MDVSA-2009:235 (silc-toolkit)

The remote host is missing an update to silc-toolkit announced via advisory MDVSA-2009:235. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:234 (silc-toolkit)

The remote host is missing an update to silc-toolkit announced via advisory MDVSA-2009:234. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:234-1 (silc-toolkit)

The remote host is missing an update to silc-toolkit announced via advisory MDVSA-2009:234-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

[Backports-security-announce] Security update for silc-client/silc-toolkit

Jérémy Bobbio uploaded new packages for silc-client/silc-toolkit which fixed the following security problems: DSA 1879-1 Several vulnerabilities have been discovered in the software suite for the SILC protocol, a network protocol designed to provide end-to-end security for conferencing services...