Apache Httpd < 2.2.10 : Timeout detection flaw (mod_proxy_http)

An information disclosure flaw was found in modproxyhttp in version 2.2.9 only, on Unix platforms. Under certain timeout conditions, the server could return a response intended for another user. Only those configurations which trigger the use of proxy worker pools are affected. There was no...

Sudo &lt;= 1.6.9p18 (Defaults setenv) Local Privilege Escalation Exploit

No description provided by source. !/bin/sh Sudo = 1.6.9p18 local r00t exploit by Kingcope/2008/www.com-winner.com Most lame exploit EVER! Needs a special configuration in the sudoers file: --- "Defaults setenv" so environ vars are preserved : --- May also need the current users password to be...

Mandrake Linux Security Advisory : openvpn (MDKSA-2006:069)

A vulnerability in OpenVPN 2.0 through 2.0.5 allows a malicious server to execute arbitrary code on the client by using setenv with the LDPRELOAD environment variable. Updated packages have been patched to correct this issue by removing setenv support. %NASLMINLEVEL 70300 C Tenable Network...

RHEL 3 : glibc (RHSA-2005:256)

Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The GNU libc packages known as glibc contain the standard C libraries used by applications. It was discovered that the use of LDDEBUG...

Low: Red Hat Security Advisory: glibc security update

Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The GNU libc packages known as glibc contain the standard C libraries used by applications. Flaws in the catchsegv and glibcbug scrip...