SuSE9 Security Update : unace (YOU Patch Number 10239)

This update fixes several buffer overflows while extracting, testing, or listing an archive file CVE-2005-0160 as well as a buffer overflow while handling long command-line options. CVE-2005-0161 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell,...

SuSE9 Security Update : libtiff (YOU Patch Number 12702)

The following bugs have been fixed : - Specially crafted tiff files could cause a heap-based buffer overflow in the thunder-decoder. CVE-2011-1167 - Directories with a large number of files could cause an integer overflow in the tiffdump tool. CVE-2010-4665 %NASLMINLEVEL 70300 C Tenable Network...

SuSE9 Security Update : Tomcat (YOU Patch Number 12687)

Apache Tomcat Local bypass of security manger file permissions. CVE-2010-3718 - Apache Tomcat Manager XSS vulnerability. CVE-2011-0013 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...

SuSE9 Security Update : clamav (YOU Patch Number 12662)

clamav was updated to version 0.96.4 which fixes problems when scanning pdf files CVE-2010-3434 and also contains numerous other bug fixes. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

SuSE9 Security Update : Perl (YOU Patch Number 12628)

perl Safe.pm module was affected by two problems where attackers could break out of such a safed execution CVE-2010-1447, CVE-2010-1168. This update fixes this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

SuSE9 Security Update : XFree86 (YOU Patch Number 12612)

X clients could cause a memory corruption in the X Render extension which crashes the X server CVE-2010-1166. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

SuSE9 Security Update : squid (YOU Patch Number 12597)

The following vulnerabilities have been fixed in squid : - DoS via special crafted auth header. CVE-2009-2855 - DoS via invalid DoS header. CVE-2010-0308 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

SuSE9 Security Update : pango (YOU Patch Number 12575)

A long glyph string can trigger a heap-based buffer overflow in pango. CVE-2009-1194 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid44591; scriptversion"1.10";...

SuSE9 Security Update : gzip (YOU Patch Number 12573)

The following bug has been fixed : - Specially crafted gzip archives could trigger integer overflows. Attackers could exploit that to crash gzip or potentially execute arbitrary code. CVE-2010-0001 Only 64bit architectures are affected by this flaw. %NASLMINLEVEL 70300 C Tenable Network Security,...

SuSE9 Security Update : freeradius (YOU Patch Number 12507)

This update of freeradius fixes a remote denial-of-service bug in function raddecode which can be triggered by zero-length Tunnel-Password attributes to make radiusd crash. CVE-2009-3111 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

SuSE9 Security Update : ethereal (YOU Patch Number 12323)

This update fixes problems that could crash wireshark when processing compressed data CVE-2008-3933 and Q.931 packets. CVE-2008-4685 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

SuSE9 Security Update : libgsf (YOU Patch Number 11342)

Specially crafted OLE documents enabled attackers to use a heap buffer overlow for executing code. CVE-2006-4514 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

SuSE9 Security Update : dhcp-server (YOU Patch Number 11373)

A bug was fixed were a LDAP server with malicious data providing information to the DHCP server could crash and potentially execute code as the DHCP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

SuSE9 Security Update : ruby (YOU Patch Number 11442)

The ruby package was updated to fix a denial of service problem in its CGI module when parsing multipart MIME messages. CVE-2006-6303 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; i...

SuSE9 Security Update : libxml2 (YOU Patch Number 12032)

libxml2 contained a DoS condition in xmlCurrentChar's UTF-8 processing. CVE-2007-6284 has been assigned to this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

SuSE9 Security Update : OpenLDAP 2 (YOU Patch Number 12222)

This update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams, which triggers an assertion error. CVE-2008-2952 Additionally a bug was fixed in ldapfreeconnection which...

SuSE9 Security Update : PHP4 (YOU Patch Number 11666)

This update fixes multiple bugs in PHP : - Predictable generaton of an initialization vector IV in the mcrypt extension - Additional cookie attributes could be injected via a session ID. - Specially crafted files could cause integer overflows in gd and leverage them to at least crash gd based...

SuSE9 Security Update : ethereal (YOU Patch Number 12424)

Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities : - crash while loading a Tektronix .rf5 file. CVE-2009-1269 - crash in Check Point High-Availability Protocol CPHAP dissector. CVE-2009-1268 - LDAP dissector could crash on Windows. CVE-2009-1267 - PROFINET format string bug...

SuSE9 Security Update : vsftpd (YOU Patch Number 12192)

This update of vsftpd fixes a memory leak that can occur during authentication. CVE-2008-2375 Additionally non-security bugs for SLES10 were fixed. There were some issues with simultaneous FTP PUT of the same file name that lead to a corrupted file on the server. %NASLMINLEVEL 70300 C Tenable...

SuSE9 Security Update : Python (YOU Patch Number 12046)

Specially crafted images could trigger an integer overflow in the imageop module. CVE-2007-4965 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41186;...