New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk

Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution RCE. The vulnerability, tracked as CVE-2024-6409 CVSS score: 7.0, is distinct from CVE-2024-6387 aka RegreSSHion and relates to a case of code execution in the...

glibc syslog() Heap-Based Buffer Overflow Exploit

Qualys discovered a heap-based buffer overflow in the GNU C Library's vsysloginternal function, which is called by both syslog and vsyslog. This vulnerability was introduced in glibc 2.37 in August 2022. CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog...

[SECURITY] [DSA 3607-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3607-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 28, 2016 https://www.debian.org/security/faq -...

Slackware Advisory SSA:2003-266-01 New OpenSSH packages

The remote host is missing an update as announced via advisory SSA:2003-266-01. OpenVAS Vulnerability Test $Id: esoftslkssa200326601.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Mandriva Update for postgresql MDVSA-2012:092 (postgresql)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Linux Security Advisory : postgresql (MDVSA-2012:092)

Multiple vulnerabilities has been discovered and corrected in postgresql : Fix incorrect password transformation in contrib/pgcrypto's DES crypt function Solar Designer. If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much...

Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit

No description provided by source. / $Id: raptorchown.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorchown.c - syschown missing DAC controls on Linux Copyright c 2004 Marco Ivaldi [email protected] Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of file...

Debian Security Advisory DSA 151-1 (xinetd)

The remote host is missing an update to xinetd announced via advisory DSA 151-1. OpenVAS Vulnerability Test $Id: deb1511.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 151-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-383)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SA19330] Linux Kernel Buffer Overflow Vulnerabilities

TITLE: Linux Kernel Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA19330 VERIFY ADVISORY: http://secunia.com/advisories/19330/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote OPERATING SYSTEM: Linux Kernel 2.6.x http://secunia.com/product/2719/ DESCRIPTION: Two...

Slackware 9.1 / current : Kernel security update (SSA:2004-049-01)

New kernels are available for Slackware 9.1 and -current to fix a bounds-checking problem in the kernel's mremap call which could be used by a local attacker to gain root privileges. Please note that this is not the same issue as CAN-2003-0985 which was fixed in early January. The kernels in...