10 matches found
Multiple packages, Multiple vulnerabilities fixed in 2012
Background For more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild. Description Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. EGroupware VTE Layer Four...
Konqueror: Multiple vulnerabilities
Background Konqueror is the KDE web browser and file manager. Description Multiple vulnerabilities have been discovered in Konqueror. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web site using Konqueror,...
cabextract: Multiple vulnerabilities
Background cabextract is free software for extracting Microsoft cabinet files. Description Multiple vulnerabilities have been discovered in cabextract. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially-crafted archive ...
Gentoo Security Advisory GLSA 201206-31 (pam)
The remote host is missing updates announced in advisory GLSA 201206-31. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
NX Server Free Edition, NX Node: Privilege escalation
Background NX Server Free Edition is a remote display technology by No Machine. NX Node provides the shared components for NX Server. Description NX Server Free Edition and NX Node use nxconfigure.sh, a setuid script containing an unspecified vulnerability. Impact A local attacker could gain...
Firewall Builder: Privilege escalation
Background Firewall Builder is a GUI for easy management of multiple firewall platforms. Description Two vulnerabilities in Firewall Builder allow the iptables and fwbinstall scripts to use temporary files insecurely. Impact A local attacker could possibly overwrite arbitrary files with the...
TinTin++: Multiple vulnerabilities
Background TinTin++ is a free MUD gaming client. Description Multiple vulnerabilities have been discovered in TinTin++. Please review the CVE identifiers referenced below for details. Impact Remote unauthenticated attackers may be able to execute arbitrary code with the privileges of the TinTin++...
Evince: Multiple vulnerabilities
Background Evince is a document viewer for multiple document formats, including PostScript. Description Multiple vulnerabilities have been discovered in Evince. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to load a DVI file with a...
OpenTTD: Multiple vulnerabilities
Background OpenTTD is a clone of Transport Tycoon Deluxe. Description Multiple vulnerabilities have been discovered in OpenTTD. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary code with the privileges of the OpenTTD process or cause...
Prewikka: password disclosure
Background Prewikka is a graphical front-end analysis console for the Prelude Hybrid IDS Framework. Description The permissions of the prewikka.conf file are set world readable. Impact A local attacker could obtain the SQL database password used by Prewikka. Workaround There is no known workaroun...