openSUSE Security Update : cyrus-sasl (cyrus-sasl-880)

This update of cyrus-sasl improves the output of function saslencode64 by appending a 0 for string termination. The impact depends on the application that uses saslencode64. CVE-2009-0688 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

Multiple .NET Null Byte Injection Vulnerabilities

======================================================================== = Multiple .NET Null Byte Injection Vulnerabilities = = Vendor Website: = http://www.microsoft.com = = Affected Version: = .NET FrameWork v1.1 SP1 = .NET FrameWork v2.0.50727 = = Vendor Notified - October, 2006 = Public...

Mandrake Linux Security Advisory : utempter (MDKSA-2004:031-1)

Steve Grubb discovered two potential issues in the utempter program : 1 If the path to the device contained /../ or /./ or //, the program was not exiting as it should. It would be possible to use something like /dev/../tmp/tty0, and then if /tmp/tty0 were deleted and symlinked to another importa...

MDKSA-2004:031 - Updated utempter packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: utempter Advisory ID: MDKSA-2004:031 Date: April 19th, 2004 Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1, Multi Network Firewall 8.2 Problem Description: Steve Grubb discovered two...