31 matches found
EUVD-2002-0732
Malware in sbrugna...
EUVD-2001-0438
Malware in sbrugna...
EUVD-2001-1016
Malware in sbrugna...
OPENSUSE-SU-2024:11388-1 slrn-1.0.3-3.13 on GA media
These are all security issues fixed in the slrn-1.0.3-3.13 package on the GA media of openSUSE Tumbleweed...
openSUSE Security Update : slrn (openSUSE-2017-459) (POODLE)
This update for slrn contains one security improvement : - CVE-2014-3566: Disable SSLv3 to prevent POODLE attack boo1031023 The version 1.0.3 also contains a number of display and message processing improvements. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
Mandrake Linux Security Advisory : slrn (MDKSA-2001:028)
A buffer overflow exists in versions of the slrn news reader prior to 0.9.6.3pl4 as reported by Bill Nottingham. This problem exists in the wrapping/unwrapping functions and a long header in a message might overflow a buffer which could result in execution of arbitrary code encoded in the message...
Debian Security Advisory DSA 040-1 (slrn)
The remote host is missing an update to slrn announced via advisory DSA 040-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 040-1 (slrn)
The remote host is missing an update to slrn announced via advisory DSA 040-1. OpenVAS Vulnerability Test $Id: deb0401.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 040-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 078-1 (slrn)
The remote host is missing an update to slrn announced via advisory DSA 078-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 078-1 (slrn)
The remote host is missing an update to slrn announced via advisory DSA 078-1. OpenVAS Vulnerability Test $Id: deb0781.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 078-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian DSA-078-1 : slrn - remote command invocation
Byrial Jensen found a nasty problem in slrn a threaded news reader. The notice on slrn-announce describes it as follows : When trying to decode binaries, the built-in code executes any shell scripts the article might contain, apparently assuming they would be some kind of self-extracting archive...
Debian DSA-040-1 : slrn - buffer overflow
Bill Nottingham reported a problem in the wrapping/unwrapping functions of the slrn newsreader. A long header in a message might overflow a buffer, which could result in executing arbitrary code encoded in the message. The default configuration does not have wrapping enable, but it can easily be...
DEBIAN-CVE-2002-0740
Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d SPOOLDIR argument...
CVE-2002-0740
Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d SPOOLDIR argument...
CVE-2002-0740
Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d SPOOLDIR argument...
CVE-2002-0740
CVE-2002-0740 describes a buffer overflow in the slrnpull component of the SLRN package when installed with setuid/setgid, allowing a local attacker to gain privileges via a long -d (SPOOLDIR) argument. The issue is triggered by an input length that overflows internal buffers, resulting in privil...
CVE-2002-0740
Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d SPOOLDIR argument...
CVE-2002-0740
Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d SPOOLDIR argument...
CVE-2001-1035
The CVE-2001-1035 issue affects slrn up to version 0.9 and earlier, where the binary decoding feature would execute shell scripts embedded in news posts. Exploitation could allow remote attackers to run commands on the affected host. Public references in Debian’s DSA-078-1 (slrn) describe this as...
CVE-2001-1035
Binary decoding feature of slrn 0.9 and earlier allows remote attackers to execute commands via shell scripts that are inserted into a news post...