rPSA-2007-0021-1 bind bind-utils

rPath Security Advisory: 2007-0021-1 Published: 2007-01-25 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Remote Deterministic Denial of Service Updated Versions: bind=/conary.rpath.com@rpl:devel//1/9.3.4-0.1-1 bind-utils=/conary.rpath.com@rpl:devel//1/9.3.4-0.1-1 Reference...

CVE-2006-6899

CVE-2006-6899 affects bluez-utils (BlueZ HID daemon: hidd) prior to version with a vulnerability in Bluetooth HID endpoints (HID PSMs) allowing a remote attacker to inject mouse/keyboard events when acting as a server. Affected component is the hidd daemon used for HID over Bluetooth; root cause ...

CVE-2006-6899

hidd in BlueZ bluez-utils before 2.25 allows remote attackers to obtain control of the 1 Mouse and 2 Keyboard Human Interface Device HID via a certain configuration of two HID PSM endpoints, operating as a server, aka HidAttack...

Mandrake Linux Security Advisory : kernel (MDKSA-2006:123)

A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The kernel did not clear sockaddrin.sinzero before returning IPv4 socket names for the getsockopt function, which could allow a local user to obtain portions of potentially sensitive memory if getsockopt is called...

Mandrake Linux Security Advisory : gd (MDKSA-2006:112)

The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw GD library aka libgd 2.0.33 allows remote attackers to cause a denial of service CPU consumption via malformed GIF data that causes an infinite loop. gd-2.0.15 in Corporate 3.0 is not affected by this...

DEBIAN-CVE-2006-1174

useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...

Open redirect

useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...

CVE-2006-1174

useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...

CVE-2006-1174

useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...

CVE-2006-1174

useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...

CVE-2006-1174

CVE-2006-1174 affects the shadow-utils package, specifically the useradd tool. The issue arises when creating a new user mailbox: the open function is not given the correct arguments, causing the mailbox to be created with unpredictable permissions. As a result, a local attacker could potentially...

CVE-2006-1174

useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...

MDKSA-2006:090 : shadow-utils

A potential security problem was found in the useradd tool when it creates a new user's mailbox due to a missing argument to the open call, resulting in the first permissions of the file being some random garbage found on the stack, which could possibly be held open for reading or writing before...

security flaw

ActionForm in Apache Software Foundation ASF Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to...

[SECURITY] [DSA 956-1] New lsh-utils packages fix local vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 956-1 [email protected] http://www.debian.org/security/ Martin Schulze January 26th, 2006 http://www.debian.org/security/faq -...

nfs-server NFS rpc.mountd buffer overflow

realpath function buffer overflow. Kernel-level nfs-utils package is not vulnerable...

DSA-950-1 cupsys - buffer overflow

Bulletin has no description...

Ubuntu 4.10 : nfs-utils vulnerability (USN-36-1)

SGI discovered a remote Denial of Service vulnerability in the NFS statd server. statd did not ignore the 'SIGPIPE' signal which caused it to shutdown if a misconfigured or malicious peer terminated the TCP connection prematurely. Note that Tenable Network Security has extracted the preceding...

Mandrake Linux Security Advisory : ffmpeg (MDKSA-2005:231)

Simon Kilvington discovered a vulnerability in FFmpeg libavcodec, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a user's system. The vulnerability is caused due to a boundary error in the 'avcodecdefaultgetbuffer' function of 'utils.c' i...

Mandrake Linux Security Advisory : printer-filters-utils (MDKSA-2005:239)

'newbug' discovered a local root vulnerability in the mtink binary, which has a buffer overflow in its handling of the HOME environment variable, allowing the possibility for a local user to gain root privileges. Mandriva encourages all users to upgrade immediately. The updated packages have been...