Debian Security Advisory DSA 788-1 (kismet)

The remote host is missing an update to kismet announced via advisory DSA 788-1. Several security related problems have been discovered in kismet, a wireless 802.11b monitoring tool. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-2626 Insecure handlin...

openSUSE 10 Security Update : kernel (kernel-4752)

This kernel update fixes the following security problems : ++ CVE-2007-3104: The sysfsreaddir function in the Linux kernel 2.6 allows local users to cause a denial of service kernel OOPS by dereferencing a NULL pointer to an inode in a dentry. ++ CVE-2007-4997: A 2 byte buffer underflow in the...

SuSE 10 Security Update : Java 1.4.2 (ZYPP Patch Number 2426)

The SUN Java packages have been upgraded to 1.4.2 update 13 to fix various security problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid29471;...

SuSE 10 Security Update : ImageMagick (ZYPP Patch Number 2048)

Several security problems have been fixed in ImageMagick : - Several heap buffer overflow were found in the Sun Bitmap decoder of ImageMagick by an audit by the Google Security Team. This problem could be exploited by an attacker to execute code. CVE-2006-3744 - Multiple buffer overflows were fou...

SuSE 10 Security Update : madwifi (ZYPP Patch Number 3897)

The madwifi driver and userland packages were updated to 0.9.3.1. Please note that while the RPM version still says '0.9.3', the content is the 0.9.3.1 version. This updates fixes following security problems : - The 802.11 network stack in net80211/ieee80211input.c in MadWifi before 0.9.3.1 allow...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 2399)

This kernel update fixes the following security problems : - A bug within the UDF filesystem that caused machine hangs when truncating files on the filesystem was fixed. 186226. CVE-2006-4145 - A potential crash when receiving IPX packets was fixed. This problem is thought not to be exploitable...

SuSE 10 Security Update : gzip (ZYPP Patch Number 2085)

This update fixes several security problems that can be exploited to compromise the system in conjunction with other programs while processing malformated archive files. CVE-2006-4334 / CVE-2006-4335 / CVE-2006-4336 / CVE-2006-4337 / CVE-2006-4338 %NASLMINLEVEL 70300 C Tenable Network Security,...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 1896)

This kernel update fixes the following security problems : - A race condition allows local users to gain root privileges by changing the file mode of /proc/self/ files in a way that causes those files for instance /proc/self/environ to become setuid root. 192688. CVE-2006-3626 - A stack-based...

openSUSE 10 Security Update : kernel (kernel-4749)

This kernel update fixes the following security problems : ++ CVE-2007-5500: A buggy condition in the ptrace attach logic can be used by local attackers to hang the machine. ++ CVE-2007-5501: The tcpsacktagwritequeue function in net/ipv4/tcpinput.c allows remote attackers to cause a denial of...

openSUSE 10 Security Update : kernel (kernel-4641)

This kernel update fixes the following security problems : ++ CVE-2006-6058: A local denial of service when mounting MINIX filesystems was fixed. ++ CVE-2007-4997: A 2 byte buffer underflow in the ieee80211 stack was fixed, which might be used by attackers in WLAN reach to crash the machine. and...

openSUSE 10 Security Update : kernel (kernel-2635)

This kernel update fixes the following security problems : - CVE-2006-2936: The ftdisio driver allowed local users to cause a denial of service memory consumption by writing more data to the serial port than the hardware can handle, which causes the data to be queued. This requires this driver to...

openSUSE 10 Security Update : opera (opera-3903)

This versionupdate of Opera to 9.22 fixes numerous defects including some security problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update opera-3903. The text description of this plugin is ...

liberoit-xss.txt

The Italian ISP Libero.it not check the HTTP POST Parameter "pQuery" on search query and displays the content of this variable without modification within the html form area. Security problems on Libero's 155.it allows attackers to conduct XSS attacks for the following URL:...

SUSE-SA:2006:060: clamav

The remote host is missing the patch for the advisory SUSE-SA:2006:060 clamav. Two security problems have been found and fixed in the anti virus scan engine 'clamav', which could be used by remote attackers sending prepared E-Mails containing special crafted infected files to potentially execute...

SUSE-SA:2006:052: php4,php5

The remote host is missing the patch for the advisory SUSE-SA:2006:052 php4,php5. Various security problems have been fixed in the PHP script language engine and its modules, versions 4 and 5. The PHP4 updated packages were released on September 12, the PHP5 update packages were released on...

Debian DSA-944-1 : mantis - several vulnerabilities

Several security related problems have been discovered in Mantis, a web-based bug tracking system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4238 Missing input sanitising allows remote attackers to inject arbitrary web script or HTML. -...

CVE-2006-4831

Unspecified vulnerability in IP over DNS is now easy iodine before 0.3.2 has unknown impact and attack vectors, related to "potential security problems."...

CVE-2006-4831

Unspecified vulnerability in IP over DNS is now easy iodine before 0.3.2 has unknown impact and attack vectors, related to "potential security problems."...

PHP 4.4.4 and PHP 5.1.5 Released

PHP 4.4.4 and PHP 5.1.5 Released 17-Aug-2006 The PHP development team would like to announce the immediate availability of PHP 5.1.5 and 4.4.4. These two releases address a series of security problems that were discovered since the release of PHP 5.1.4 and 4.4.3. The new releases include the...

Fedora Core 5 : xorg-x11-server-1.0.1-9 (2006-172)

Coverity scanned the X.Org source code for problems and reported their findings to the X.Org development team. Upon analysis, Alan Coopersmith, a member of the X.Org development team, noticed a couple of serious security issues in the findings. In particular, the Xorg server can be exploited for...