4336 matches found
nfs security update
CentOS Errata and Security Advisory CESA-2008:0486 An updated nfs-utils package that fixes a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The nfs-utils package provides a daemon...
Moderate: Red Hat Security Advisory: nfs-utils security update
An updated nfs-utils package that fixes a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The nfs-utils package provides a daemon for the kernel NFS server and related tools. A fla...
nfs-utils security update
1.0.9-35z - Added the warning.patch to fix some warning which were flaged by rpmdiff during the errata phasea Errata 2008:0486 1.0.9-34z - Re-enabled tcp wrappers. bz440119...
RHEL 4 / 5 : bluez-libs and bluez-utils (RHSA-2008:0581)
Updated bluez-libs and bluez-utils packages that fix a security flaw are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The bluez-libs package contains libraries for use in Bluetooth...
Moderate: Red Hat Security Advisory: bluez-libs and bluez-utils security update
Updated bluez-libs and bluez-utils packages that fix a security flaw are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The bluez-libs package contains libraries for use in Bluetooth...
bluez-libs and bluez-utils security update
bluez-libs: 3.7-1.1 - Fix CVE-2008-2374 Resolves: 452880 bluez-utils: 3.7-2.2 - Add explicit versioned Requires and BuildRequires for new bluez-libs 3.7-2.1 - Fix CVE-2008-2374 452715 SDP payload processing vulnerability...
[SECURITY] Fedora 7 Update: net-snmp-5.4-18.fc7
SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the...
GLSA-200804-09 : am-utils: Insecure temporary file creation
The remote host is affected by the vulnerability described in GLSA-200804-09 am-utils: Insecure temporary file creation Tavis Ormandy discovered that, when creating temporary files, the 'expn' utility does not check whether the file already exists. Impact : A local attacker could exploit the...
[ GLSA 200804-09 ] am-utils: Insecure temporary file creation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200804-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...
am-utils symbolic links security vulnerability
expn utility unsafe temporary files creation...
am-utils: Insecure temporary file creation
Background am-utils is a collection of utilities for use with the Berkeley Automounter. Description Tavis Ormandy discovered that, when creating temporary files, the 'expn' utility does not check whether the file already exists. Impact A local attacker could exploit the vulnerability via a symlin...
Fedora 8 : centerim-4.22.4-1.fc8 (2008-2867)
This update fixes the CVE-2008-1467 security issue by disabling the 'actions' configuration altogether. Furthermore the default web browser is no longer configurable in CenterIM. The links get open in the default web browser configured, using xdg-utils. This release adds support for new versions ...
Fedora 7 : centerim-4.22.4-1.fc7.1 (2008-2869)
This update fixes the CVE-2008-1467 security issue by disabling the 'actions' configuration altogether. Furthermore the default web browser is no longer configurable in CenterIM. The links get open in the default web browser configured, using xdg-utils. There won't be any update for centericq. Al...
openSUSE 10 Security Update : libcdio (libcdio-5061)
Long file names in ISO file systems with Joliet extension could cause a buffer overflow in libcdio CVE-2007-6613. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libcdio-5061. The text...
CVE-2008-1078
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expnPID temporary file. NOTE: this is the same issue as CVE-2003-0308.1...
CVE-2008-1078
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expnPID temporary file. NOTE: this is the same issue as CVE-2003-0308.1...
CVE-2008-1078
CVE-2008-1078 affects the expn component of am-utils (and related net-fs usage) on Gentoo, rPath Linux, and other distros. The issue is an insecure temporary-file handling in expn that allows a local user to perform a symlink attack on expn[PID], enabling overwriting of arbitrary files. This vuln...
rPSA-2008-0088-1 am-utils
rPath Security Advisory: 2008-0088-1 Published: 2008-02-28 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Local Non-deterministic Unauthorized Access Updated Versions: am-utils=conary.rpath.com@rpl:1/6.0.9-11.4-1 rPath Issue Tracking System:...
openSUSE 10 Security Update : xdg-utils (xdg-utils-4983)
xdg-open and xdg-email didn't properly check their arguments. Therefore e.g. URLs passed to those programs could contain shell code that got executed CVE-2008-0386. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Code injection
Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to 1 xdg-open or 2 xdg-email...