Gentoo Security Advisory GLSA 200404-09 (heimdal)

The remote host is missing updates announced in advisory GLSA 200404-09. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200410-19 (glibc)

The remote host is missing updates announced in advisory GLSA 200410-19. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Newsbeuter: User-assisted execution of arbitrary code

Background Newsbeuter is a RSS/Atom feed reader for the text console. Description J.H.M. Dassen reported that the open-in-browser command does not properly escape shell metacharacters in the URL before passing it to system. Impact A remote attacker could entice a user to open a feed with speciall...

Linux Audit: Buffer overflow

Background Linux Audit is a set of userspace utilities for storing and processing auditing records. Description A stack-based buffer overflow has been reported in the auditlogusercommand function in the file lib/auditlogging.c when processing overly long arguments. Impact A local attacker could...

Fedora 8 : librapi-0.11-1.fc8 / librra-0.11-1.fc8 / libsynce-0.11-2.fc8 / odccm-0.11-1.fc8 / etc (2008-0680)

The remote Fedora host is missing one or more security updates : librra-0.11-1.fc8 : - Wed Jan 9 2008 Andreas Bierfert - 0.11-1 - version upgrade - Fri Dec 21 2007 Andreas Bierfert - 0.10.0-2 - rework BR - Wed May 9 2007 Aurelien Bompard 0.10.0-1 - version 0.10.0 synce-serial-0.11-1.fc8 : - Wed J...

[SECURITY] Fedora 8 Update: synce-sync-engine-0.11-6.fc8

Synce synchronization engine for use with libopensync...

PT-2007-6496 · Microsoft · Activesync

Name of the Vulnerable Software and Affected Versions: Microsoft ActiveSync version 4.1 Description: The issue concerns the use of weak encryption, specifically XOR obfuscation with a fixed key, when sending the user's PIN/Password over the USB connection from the host to the device. This might...

HP-UX Security Patch : PHKL_27648

VxFS cumulative,I/O Throttling/sync daemon %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26375; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

HP-UX Security Patch : PHKL_27070

VxFS cumulative,I/O Throttling/sync daemon %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26367; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

GCALDaemon Remote DoS

Secure Network - Security Research Advisory Vuln name: GCALDaemon Remote DoS Systems affected: GCALDaemon 1.0-beta13 all platforms Systems not affected: - Severity: Low Local/Remote: Remote Vendor URL: http://gcaldaemon.sourceforge.net/ Authors: Luca "ikki" Carettoni -...

Security fix for the ALT Linux 8 package qt4 version 4.3.1-alt1

Aug. 9, 2007 Sergey V Turchin 4.3.1-alt1 - new version - sync patches with qt-copy fixes CVE-2007-3388...

Linux Kernel 2.6.x - add_to_page_cache_lru() Local Denial of Service

Linux Kernel 2.6.x - addtopagecachelru Local Denial of Service source: https://www.securityfocus.com/bid/31201/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause the kernel to crash, denying service to legitimate users. This issue...

VLC media player: Format string vulnerability

Background VLC media player is a multimedia player for various audio and video formats. Description Kevin Finisterre has discovered that when handling media locations, various functions throughout VLC media player make improper use of format strings. Impact An attacker could entice a user to open...

RHEL 4 : ntp (RHSA-2006:0393)

Updated ntp packages that fix several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to synchronize a computer's time with a reference time source. The NTP daemon ntpd, when run with the...

Moderate: Red Hat Security Advisory: Red Hat Directory Server 7.1 security update

An updated redhat-ds package containing a number of fixes is now available as Red Hat Directory Server 7.1 Service Pack 2. This update has been rated as having a moderate security impact by the Red Hat Security Response Team. Red Hat Directory Server is an LDAPv3 compliant server. For the latest...

os-x/ppc sync() reboot() 32 bytes

No description provided by source. / MacOSX/PowerPC Shellcode for: sync, reboot 32 bytes hophet at gmail.com http://www.nlabs.com.br/hophet/ / include stdio.h include string.h char shellcode = "\x7c\x63\x1a\x79" "\x39\x40\x01\x06" "\x38\x0a\xff\x1e" "\x44\xff\xff\x02" "\x60\x60\x60\x60"...

os-x/ppc sync, reboot 32 bytes

os-x/ppc sync, reboot 32 bytes. Shellcode exploit for osxppc platform / MacOSX/PowerPC Shellcode for: sync, reboot 32 bytes hophet at gmail.com http://www.nlabs.com.br/hophet/ / include include char shellcode = "\x7c\x63\x1a\x79" "\x39\x40\x01\x06" "\x38\x0a\xff\x1e" "\x44\xff\xff\x02"...

CVE-2005-4771

The CVE-2005-4771 entry concerns the Trust Digital Trusted Mobility Suite’s Trusted Mobility Agent PC Policy. A cancel button at the domain-authentication prompt bypasses policy checks, allowing local users to sync a handheld (PDA) device despite a policy setting that sync is unauthorized. The av...

netkit-telnetd: Buffer overflow

Background netkit-telnetd provides standard Linux telnet client and server. Description A buffer overflow has been identified in the slcaddreply function of netkit-telnetd client, where a large number of SLC commands can overflow a fixed size buffer. Impact Successful explotation would require a...

GnuPG: OpenPGP protocol attack

Background GnuPG is complete and free replacement for PGP, a tool for secure communication and data storage. Description A flaw has been identified in an integrity checking mechanism of the OpenPGP protocol. Impact An automated system using GnuPG that allows an attacker to repeatedly discover the...