6828 matches found
RHEL 2.1 / 3 : gnome-vfs (RHSA-2004:373)
Updated GNOME VFS packages that remove potential extfs-related vulnerabilities are now available. GNOME VFS is the GNOME virtual file system. It provides a modular architecture and ships with several modules that implement support for file systems, HTTP, FTP, and others. The extfs backends make i...
Mandrake Linux Security Advisory : sendmail (MDKSA-2003:042-1)
Michal Zalweski discovered a vulnerability in sendmail versions earlier than 8.12.9 in the address parser, which performs insufficient bounds checking in certain conditions due to a char to int conversion. This vulnerability makes it poissible for an attacker to take control of sendmail and is...
Mandrake Linux Security Advisory : gnupg (MDKSA-2001:053-1)
A format string vulnerability exists in gnupg 1.0.5 and previous versions which is fixed in 1.0.6. This vulnerability can be used to invoke shell commands with privileges of the currently logged-in user. Update : The /usr/bin/gpg executable was installed setuid root and setgid root. While being...
Mandrake Linux Security Advisory : file (MDKSA-2003:030-1)
A memory allocation problem in file was found by Jeff Johnson, and a stack overflow corruption problem was found by David Endler. These problems have been corrected in file version 3.41 and likely affect all previous version. These problems pose a security threat as they can be used to execute...
Mandrake Linux Security Advisory : mozilla (MDKSA-2004:021)
A number of vulnerabilities were discovered in Mozilla 1.4 : A malicious website could gain access to a user's authentication credentials to a proxy server. Script.prototype.freeze/thaw could allow an attacker to run arbitrary code on your computer. A vulnerability was also discovered in the NSS...
Mandrake Linux Security Advisory : ethereal (MDKSA-2004:024)
A number of serious issues have been discovered in versions of Ethereal prior to 0.10.2. Stefan Esser discovered thirteen buffer overflows in the NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP dissectors. Jonathan Heusser discovered that a carefully-crafted RADIUS packet could cause Etherea...
Fedora Core 2 : kernel-2.6.6-1.427 (2004-137)
An updated kernel is available that brings the kernel to the 2.6.7-rc3 base level. This new kernel provides a significant number of bug fixes and improvements for USB, the keyboard/mouse subsystem and the VM. This kernel also fixes the high profile bugs about not working on VIA C3 processors 1206...
Solaris 9 (sparc) : 113475-03
SunOS 5.9: usr/lib/security crypt Patch. Date this patch was last updated by Sun : May/13/04 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...
Solaris 8 (x86) : 111625-05
SunOS 5.8x86: /usr/sbin/inetd patch. Date this patch was last updated by Sun : Feb/13/04 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...
Solaris 2.6 (x86) : 106248-49
OpenWindows 3.6x86: Xsun patch. Date this patch was last updated by Sun : Nov/06/03 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if !...
Solaris 2.6 (sparc) : 105407-01
SunOS 5.6: /usr/bin/volrmmount patch. Date this patch was last updated by Sun : Oct/22/97 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...
Solaris 8 (x86) : 110958-02
SunOS 5.8x86: /usr/bin/mailx patch. Date this patch was last updated by Sun : Nov/06/01 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
RHEL 2.1 : ghostscript (RHSA-2002:123)
Updated packages are available for GNU Ghostscript, which fix a vulnerability found during PostScript interpretation. Ghostscript is a program for displaying PostScript files or printing them to non-PostScript printers. An untrusted PostScript file can cause ghostscript to execute arbitrary...
RHEL 2.1 : kernel (RHSA-2002:263)
The kernel in Red Hat Linux Advanced Server 2.1 is vulnerable to a local denial of service attack. Updated packages are available which address this vulnerability. Updated 28 August 2003 Added CVE-2003-0461 to the list of security issues that were fixed by this advisory there are no changes to th...
RHEL 2.1 : file (RHSA-2003:087)
Updated file packages are available to close a buffer overflow vulnerability. Updated 12 March 2003 Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise Linux WS The file command is used to identify a particular file according to the type of data contained by the file. The file...
RHEL 2.1 : lynx (RHSA-2003:030)
Updated Lynx packages fix an error in the way Lynx parses its command line arguments which can lead to faked headers being sent to a Web server. Lynx is a character-cell Web browser, suitable for running on terminals such as the VT100. Lynx constructs its HTTP queries from the command line or...
RHEL 3 : kdepim (RHSA-2004:005)
Updated kdepim packages are now available that fix a local buffer overflow vulnerability. The K Desktop Environment KDE is a graphical desktop for the X Window System. The KDE Personal Information Management kdepim suite helps you to organize your mail, tasks, appointments, and contacts. The KDE...
RHEL 2.1 : kernel (RHSA-2003:408)
Updated kernel packages that address various security vulnerabilities, fix a number of bugs, and update various drivers are now available. The Linux kernel handles the basic functions of the operating system. The execve system call in Linux 2.4.x records the file descriptor of the executable...
RHEL 2.1 : vnc (RHSA-2003:068)
Updated VNC packages are available to fix a weak cookie vulnerability. VNC is a tool for providing a remote graphical user interface. The VNC server acts as an X server, but the script for starting it generates an MIT X cookie which is used for X authentication without using a strong enough rando...
RHEL 2.1 : gaim (RHSA-2002:122)
"Updated gaim packages are now available for Red Hat Linux Advanced Server. These updates fix a buffer overflow in the Jabber plug-in module. Gaim is an instant messaging client based on the published TOC protocol from AOL. Versions of gaim prior to 0.58 contain a buffer overflow in the Jabber...