80 matches found
DEBIAN-CVE-2007-4074
The default configuration of Centre for Speech Technology Research CSTR Festival 1.95 beta aka 2.0 beta on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allows local and remote attackers to execute...
[SECURITY] [DSA 1115-1] New GnuPG2 packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1115-1 [email protected] http://www.debian.org/security/ Martin Schulze July 21st, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1069-1] New Linux kernel 2.4.18 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1069-1 [email protected] http://www.debian.org/security/ Martin Schulze, Dann Frazier May 20th, 2006 http://www.debian.org/security/faq -...
[VulnWatch] Mysql CREATE FUNCTION libc arbitrary code execution.
Mysql CREATE FUNCTION libc arbitrary code execution. Author: Stefano Di Paola Vulnerable: Mysql = 4.0.23, 4.1.10 Type of Vulnerability: Local/Remote - input validation Tested On : Mandrake 10.1 /Debian Sarge Vendor Status: Notified on March 2005 -- Description If an authenticated user has INSERT...
[SECURITY] [DSA 654-1] New enscript packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 654-1 [email protected] http://www.debian.org/security/ Martin Schulze January 21st, 2005 http://www.debian.org/security/faq -...
Open Security Group Advisory #6
List, In May, Open Security Group started a media player security audit to drive out defects in popular media player code with the hope of helping secure our networks, machines and users from malicious attackers. As the second stage of this project, I released an advisory on August 8th, 2004,...
[SECURITY] [DSA 524-1] New rlpr packages fix multiple vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 524-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 19th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA-336-2] Factual correction for DSA-336-1
-------------------------------------------------------------------------- Debian Security Advisory DSA 336-2 [email protected] http://www.debian.org/security/ Matt Zimmerman June 29th, 2003 http://www.debian.org/security/faq -...
@(#)Mordred Labs advisory - Integer overflow in PHP array_pad() function
//@ Mordred Security Labs advisory Release date: April 1, 2003 Name: Integer overflow in PHP arraypad function Versions affected: all versions Risk: average Author: Sir Mordred [email protected] I. Description: PHP is a widely-used general-purpose scripting language that is especially suited for...
@(#)Mordred Labs advisory - Integer overflow in PHP str_repeat() function
//@ Mordred Security Labs advisory Release date: April 1, 2003 Name: Integer overflow in PHP strrepeat function Versions affected: all versions Risk: average Author: Sir Mordred [email protected] I. Description: PHP is a widely-used general-purpose scripting language that is especially suited fo...
[SECURITY] [DSA 242-1] New kdebase packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 242-1 [email protected] http://www.debian.org/security/ Martin Schulze January 24th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 236-1] New kdelibs packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 236-1 [email protected] http://www.debian.org/security/ Martin Schulze January 22nd, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 226-1] New xpdf-i packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 226-1 [email protected] http://www.debian.org/security/ Martin Schulze January 10th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 222-1] New xpdf packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 222-1 [email protected] http://www.debian.org/security/ Martin Schulze January 6th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 222-1] New xpdf packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 222-1 [email protected] http://www.debian.org/security/ Martin Schulze January 6th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 195-1] New Apache-Perl packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 195-1 [email protected] http://www.debian.org/security/ Martin Schulze November 13th, 2002 http://www.debian.org/security/faq -...
NetBSD 1.x - TalkD User Validation
NetBSD 1.x - TalkD User Validation source: https://www.securityfocus.com/bid/4419/info talkd is a client-server application shipped with many Unix and Linux variants that is used for communication between users locally or remotely. talkd does not perform adequate validation of users making talk...
Moderate: Red Hat Security Advisory: : : : Vulnerability in zlib library
Update 20 Mar 2002: Added kernel packages for Red Hat Linux 6.2 on sparc64. Updated VNC packages as the previous fix caused another denial of service vulnerability; thanks to Const Kaplinsky for reporting this Update 14 Mar 2002: Updated kernel packages for Red Hat Linux 6.2 and 7.0 which were...
FreeBSD-SA-00:56.lprng
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:56 Security Advisory FreeBSD, Inc. Topic: LPRng contains potential root compromise Category: ports Module: LPRng Announced: 2000-10-13 Credits: Chris Evans Affects: Ports...
Microsoft Windows Server 20009598MENT 3.5.xEnterprise Server 4.0Terminal Server 4.0Workstation 4.0 Microsoft DoS Device Name - Denial of Service
Microsoft Windows Server 20009598MENT 3.5.xEnterprise Server 4.0Terminal Server 4.0Workstation 4.0 Microsoft DoS Device Name - Denial of Service Windows 2000 Advanced Server/2000 Datacenter Server/2000 Professional/2000 Server/95/98/ME/NT 3.5.x/NT Enterprise Server 4.0/NT Terminal Server 4.0/NT...