Design/Logic Flaw

Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...

CVE-2008-5396

Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...

Linux each version of the local root password cracking method-vulnerability warning-the black bar safety net

This time the old met was asked and the various linux versions of the local root password cracking method, I here own and on the network to collect some information, we want to see this article and just used to give the art a little help: A RedHat/CentOS/Fedora system password cracking 1. In the...

Fedora 9 : php-Smarty-2.6.20-2.fc9 (2008-9420)

Sun Nov 2 2008 Christopher Stone 2.6.20-2 - Add security patch bz 469648 - Add RHL dist tag conditional for Requires - Mon Oct 13 2008 Christopher Stone 2.6.20-1 - Upstream sync Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

Fedora 8 : php-Smarty-2.6.20-2.fc8 (2008-9401)

Sun Nov 2 2008 Christopher Stone 2.6.20-2 - Add security patch bz 469648 - Add RHL dist tag conditional for Requires - Mon Oct 13 2008 Christopher Stone 2.6.20-1 - Upstream sync Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

Gentoo Security Advisory GLSA 200404-09 (heimdal)

The remote host is missing updates announced in advisory GLSA 200404-09. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200410-19 (glibc)

The remote host is missing updates announced in advisory GLSA 200410-19. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Newsbeuter: User-assisted execution of arbitrary code

Background Newsbeuter is a RSS/Atom feed reader for the text console. Description J.H.M. Dassen reported that the open-in-browser command does not properly escape shell metacharacters in the URL before passing it to system. Impact A remote attacker could entice a user to open a feed with speciall...

Linux Audit: Buffer overflow

Background Linux Audit is a set of userspace utilities for storing and processing auditing records. Description A stack-based buffer overflow has been reported in the auditlogusercommand function in the file lib/auditlogging.c when processing overly long arguments. Impact A local attacker could...

Fedora 8 : librapi-0.11-1.fc8 / librra-0.11-1.fc8 / libsynce-0.11-2.fc8 / odccm-0.11-1.fc8 / etc (2008-0680)

The remote Fedora host is missing one or more security updates : librra-0.11-1.fc8 : - Wed Jan 9 2008 Andreas Bierfert - 0.11-1 - version upgrade - Fri Dec 21 2007 Andreas Bierfert - 0.10.0-2 - rework BR - Wed May 9 2007 Aurelien Bompard 0.10.0-1 - version 0.10.0 synce-serial-0.11-1.fc8 : - Wed J...

[SECURITY] Fedora 8 Update: synce-sync-engine-0.11-6.fc8

Synce synchronization engine for use with libopensync...

PT-2007-6496 · Microsoft · Activesync

Name of the Vulnerable Software and Affected Versions: Microsoft ActiveSync version 4.1 Description: The issue concerns the use of weak encryption, specifically XOR obfuscation with a fixed key, when sending the user's PIN/Password over the USB connection from the host to the device. This might...

HP-UX Security Patch : PHKL_27648

VxFS cumulative,I/O Throttling/sync daemon %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26375; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

HP-UX Security Patch : PHKL_27070

VxFS cumulative,I/O Throttling/sync daemon %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26367; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

GCALDaemon Remote DoS

Secure Network - Security Research Advisory Vuln name: GCALDaemon Remote DoS Systems affected: GCALDaemon 1.0-beta13 all platforms Systems not affected: - Severity: Low Local/Remote: Remote Vendor URL: http://gcaldaemon.sourceforge.net/ Authors: Luca "ikki" Carettoni -...

Security fix for the ALT Linux 8 package qt4 version 4.3.1-alt1

Aug. 9, 2007 Sergey V Turchin 4.3.1-alt1 - new version - sync patches with qt-copy fixes CVE-2007-3388...

Linux Kernel 2.6.x - add_to_page_cache_lru() Local Denial of Service

Linux Kernel 2.6.x - addtopagecachelru Local Denial of Service source: https://www.securityfocus.com/bid/31201/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause the kernel to crash, denying service to legitimate users. This issue...

VLC media player: Format string vulnerability

Background VLC media player is a multimedia player for various audio and video formats. Description Kevin Finisterre has discovered that when handling media locations, various functions throughout VLC media player make improper use of format strings. Impact An attacker could entice a user to open...

RHEL 4 : ntp (RHSA-2006:0393)

Updated ntp packages that fix several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to synchronize a computer's time with a reference time source. The NTP daemon ntpd, when run with the...

Moderate: Red Hat Security Advisory: Red Hat Directory Server 7.1 security update

An updated redhat-ds package containing a number of fixes is now available as Red Hat Directory Server 7.1 Service Pack 2. This update has been rated as having a moderate security impact by the Red Hat Security Response Team. Red Hat Directory Server is an LDAPv3 compliant server. For the latest...