70 matches found
EUVD-2001-1067
Malware in sbrugna...
EUVD-2004-0418
Malware in sbrugna...
EUVD-2002-1493
Malware in sbrugna...
EUVD-2013-2138
Malware in sbrugna...
SUSE-SU-2025:20042-1 Security update for selinux-policy
This update for selinux-policy fixes the following issues: Update to version 20230523+git25.ad22dd7f: Backport wtmpdb label change to have the same wtmpdb label as in SL Micro 6.1 bsc1229132 Add authrwwtmpdbloginrecords to domains using authmanageloginrecords Add authrwwtmpdbloginrecords to modul...
OPENSUSE-SU-2024:11519-1 xdm-1.1.12-16.3 on GA media
These are all security issues fixed in the xdm-1.1.12-16.3 package on the GA media of openSUSE Tumbleweed...
PT-2024-12147 · Easyxdm · Easyxdm
Name of the Vulnerable Software and Affected Versions: easyXDM version 2.5 Description: The issue allows for cross-site scripting XSS attacks via the xdm e parameter. This means an attacker could potentially inject malicious scripts into a website, affecting users who visit the site...
Mageia: Security Advisory (MGASA-2017-0330)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : xdm -- remote denial of service (d905b219-c1ca-11e9-8c46-0c9d925bbbc0)
nvd.nist.gov reports X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain implementations of the crypt API function that can return NULL, allows remote attackers to cause a denial of service NULL pointer dereference and crash by attempting to log int...
Updated x11-server packages fix security vulnerabilities
Eric Sesterhenn discovered that the X.Org X server incorrectly compared MIT cookies. An attacker could possibly use this issue to perform a timing attack and recover the MIT cookie CVE-2017-2624. It was discovered that the X.Org X server incorrectly handled endianness conversion of certain X...
SUSE SLES11 Security Update : xorg-x11-libXdmcp (SUSE-SU-2017:1868-1)
This update for xorg-x11-libXdmcp fixes the following issues : - CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making the session keys predictable bsc1025046 Note that Tenable Network Security has extracted the preceding description block directl...
X.org Privilege Escalation / Use-After-Free / Weak Entropy Vulnerabilities
Exploit for windows platform in category local exploits Multiple Vulnerabilities in X.org ================================= Overview -------- Vendor: X.org/Freedesktop.org Vendor URL: https://www.x.org/wiki/ Credit: X41 D-Sec GmbH, Eric Sesterhenn Advisory-URL:...
Updated libxpm packages fix security vulnerability
An out of boundary write has been found in libXpm before 3.5.12 which can be exploited by an attacker through maliciously crafted XPM files. To trigger the vulnerability, a program must explicitly request to also parse XPM extensions while reading files. The motif toolkit and xdm are two among so...
XFree86 X11R6 3.3 XDM Session Cookie Guessing Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2985/info xdm is the X Display Manager, a component of the XFree86 package. xdm manages the display of X sessions both locally and remotely. An xdm server compiled without WrapHelp.c is vulnerable to a brute force X cooki...
openSUSE Security Update : xdm (openSUSE-SU-2013:1117-1)
xdm was updated on crypt NULL pointer crashes : - Starting with glibc 2.17 eglibc 2.17, crypt fails with EINVAL w/ NULL return if the salt violates specifications. Additionally, on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords passed to crypt fail with EPERM w/ NULL return. If using...
Null pointer dereference
X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain implementations of the crypt API function that can return NULL, allows remote attackers to cause a denial of service NULL pointer dereference and crash by attempting to log into an account whose...
CVE-2013-2179
X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain implementations of the crypt API function that can return NULL, allows remote attackers to cause a denial of service NULL pointer dereference and crash by attempting to log into an account whose...
CVE-2013-2179
CVE-2013-2179 affects X.Org xdm 1.1.10 and 1.1.11 (and possibly other versions). The vulnerability arises when performing authentication using certain implementations of the crypt() API that can return NULL, enabling remote attackers to trigger a denial of service via a NULL pointer dereference (...
CVE-2013-2179
X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain implementations of the crypt API function that can return NULL, allows remote attackers to cause a denial of service NULL pointer dereference and crash by attempting to log into an account whose...
CVE-2013-2179
X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain implementations of the crypt API function that can return NULL, allows remote attackers to cause a denial of service NULL pointer dereference and crash by attempting to log into an account whose...