SUSE CVE-2008-1367

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...

SUSE CVE-2008-3863

Stack-based buffer overflow in the readspecialescape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e aka special escapes processing option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename...

SUSE CVE-2008-3916

Heap-based buffer overflow in the stripescapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege...

SUSE CVE-2008-4100

GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is compatible with the...

SUSE CVE-2008-4551

strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service daemon crash via an IKESAINIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpzexport function in the GNU Multiprecision...

SUSE CVE-2008-5659

The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated again...

SUSE CVE-2009-0581

Memory leak in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted image file...

SUSE CVE-2009-0757

Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent attackers to cause a denial of service crash via the 1 mpfrsnprintf and 2 mpfrvsnprintf functions...

SUSE CVE-2009-1214

GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information...

SUSE CVE-2009-1215

Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file...

SUSE CVE-2009-1415

lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to cause a denial of service application crash and possibly have unspecified other impact via a malformed DSA key that triggers a 1 free of an uninitialized pointe...

SUSE CVE-2009-1417

gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is 1 not yet valid or 2 no longer valid, related to lack of time checks in the gnutlsx509verifycertificate function...

SUSE CVE-2009-2730

libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's 1 Common Name CN or 2 Subject Alternative Name SAN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued b...

SUSE CVE-2009-3736

ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file...

SUSE CVE-2009-4880

Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...

SUSE CVE-2009-5064

ldd in the GNU C Library aka glibc or libc6 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LDTRACELOADEDOBJECTS checks. NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion...

SUSE CVE-2009-5044

contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf.tmp temporary file...

SUSE CVE-2009-5078

contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document...

SUSE CVE-2009-5082

The 1 configure and 2 config.guess scripts in GNU troff aka groff 1.20.1 on Openwall GNU//Linux aka Owl improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file...

SUSE CVE-2010-0296

The encodename macro in misc/mntentr.c in the GNU C Library aka glibc or libc6 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service mtab corruption, or possibly modify mount...