3816 matches found
Cyrus-SASL: Buffer overflow and SASL_PATH vulnerabilities
Background Cyrus-SASL is an implementation of the Simple Authentication and Security Layer. Description Cyrus-SASL contains a remote buffer overflow in the digestmda5.c file. Additionally, under certain conditions it is possible for a local user to exploit a vulnerability in the way the SASLPATH...
NetKit-telnetd: buffer overflows in telnet and telnetd
Background NetKit-telnetd is a standard Linux telnet client and server from the NetKit utilities. Description A possible buffer overflow exists in the parsing of option strings by the telnet daemon, where proper bounds checking is not applied when writing to a buffer. Additionaly, another possibl...
Apache: Buffer overflow in mod_ssl
Background Apache is the most popular Web server on the Internet. modssl provides Secure Sockets Layer encryption and authentication to Apache 1.3. Apache 2 contains the functionality of modssl. Description A bug in the function sslutiluuencodebinary in sslutil.c may lead to a remote buffer...
Netatalk: Multiple Vulnerabilities including root remote code execution
Background Netatalk is a kernel level implementation of the AppleTalk Protocol Suite, which allows Unix hosts to act as file, print, and time servers for Apple computers. It includes several script utilities, including etc2ps.sh. Description Multiple vulnerabilities have been discovered in...
c-ares: Multiple Vulnerabilities
Background c-ares is a C library for asynchronous DNS requests including name resolves. Description Multiple vulnerabilities have been discovered in c-ares. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...
libvpx: Multiple Vulnerabilities
Background libvpx is the VP8 codec SDK used to encode and decode video streams, typically within a WebM format media file. Description Multiple vulnerabilities have been discovered in libvpx. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...
Spice Server: Multiple Vulnerabilities
Background Provides a complete open source solution for remote access to virtual machines in a seamless way so you can play videos, record audio, share USB devices and share folders without complications. Description Multiple vulnerabilities have been discovered in Spice Server, please review the...
Nextcloud: Multiple Vulnerabilities
Background Nextcloud is a personal cloud that runs on your own server. Description Multiple vulnerabilities have been discovered in Nextcloud. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...
stunnel: Improper certificate validation
Background The stunnel program is designed to work as an SSL/TLS encryption wrapper between a client and a local or remote server. Description It was discovered that stunnel did not correctly verified the client certificate when options “redirect” and “verifyChain” are used. Impact A remote...
OpenSSL: Denial of service
Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1/v1.1/v1.2/v1.3 as well as a general purpose cryptography library. Description A null pointer dereference flaw was found in OpenSSL. Impact A remote attacker, able to...
Blueman: Local privilege escalation
Background Blueman is a simple and intuitive GTK+ Bluetooth Manager. Description Where Polkit is not used and the default permissions have been changed on a specific rule file, control of a local DHCP daemon may be possible. Impact A local attacker may be able to achieve root privilege escalation...
Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities
Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Thunderbird. Please review the CVE...
Nextcloud Desktop Sync client: Multiple vulnerabilities
Background Nextcloud Desktop Sync client can synchronize one or more directories to Nextcloud server. Description Multiple vulnerabilities have been discovered in Nextcloud Desktop Sync client. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...
Samba: Multiple vulnerabilities
Background Samba is a suite of SMB and CIFS client/server programs. Description Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
ledger: Multiple vulnerabilities
Background Ledger is a powerful, double-entry accounting system that is accessed from the UNIX command-line. Description Multiple vulnerabilities have been discovered in ledger. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to process...
chkrootkit: Local privilege escalation
Background chkrootkit is a tool to locally check for signs of a rootkit. Description When /tmp is mounted without the noexec option chkrootkit will execute files in /tmp with root privileges. Impact A local attacker could possibly execute arbitrary code with root privileges. Workaround Users shou...
OCaml: Buffer overflow and information disclosure
Background OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. Description It was discovered that OCaml was vulnerable to a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be...
GNU C Library: Multiple vulnerabilities
Background The GNU C library is the standard C library used by Gentoo Linux systems. Description Multiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could possibly execute arbitrary...
SQUASHFS: Multiple vulnerabilities
Background Squashfs is a compressed read-only filesystem for Linux. Squashfs is intended for general read-only filesystem use, for archival use i.e. in cases where a .tar.gz file may be used, and in constrained block device/memory systems e.g. embedded systems where low overhead is needed...
libXpm: Remote execution of arbitrary code
Background The X PixMap image format is an extension of the monochrome X BitMap format specified in the X protocol, and is commonly used in traditional X applications. Description An integer overflow was discovered in libXpm’s src/CrDatFrI.c file. On 64 bit systems, this allows an overflow to occ...
ADOdb: Multiple vulnerabilities
Background ADOdb is an abstraction library for PHP creating a common API for a wide range of database backends. Description Multiple vulnerabilities have been discovered in ADOdb. Please review the CVE identifiers referenced below for details. Impact A remote attacker, through the use of SQL...
7-Zip: Multiple vulnerabilities
Background 7-Zip is an open-source file archiver, an application used primarily to compress files. 7-Zip uses its own 7z archive format, but can read and write several other archive formats. Description Multiple vulnerabilities have been discovered in 7-Zip. Please review the CVE identifiers...
musl: Integer overflow
Background musl is a “libc”, an implementation of the standard library functionality described in the ISO C and POSIX standards, plus common extensions, intended for use on Linux-based systems. Description A vulnerability was discovered in musl’s tretnfarunparallel function buffer overflow logic,...
libvirt: Directory traversal
Background libvirt is a C toolkit for manipulating virtual machines. Description Normally, only privileged users can coerce libvirt into creating or opening existing files using the virStorageVol APIs; and such users already have full privilege to create any domain XML. But in the case of...
Xalan-Java: Arbitrary code execution
Background Xalan-Java is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. Description The TransformerFactory in Apache Xalan-Java does not properly restrict access to certain properties when FEATURESECUREPROCESSING is enabled. This can also be exploit...
Facter: Privilege escalation
Background Facter is a cross-platform Ruby library for retrieving facts from operating systems. Description Facter includes the current working directory in the search path. Impact A local attacker may be able to gain escalated privileges. Workaround There is no known workaround at this time...
OpenOffice, LibreOffice: Multiple vulnerabilities
Background OpenOffice is the open source version of StarOffice, a full office productivity suite. LibreOffice is a fork of OpenOffice. Description Multiple vulnerabilities have been discovered in OpenOffice and Libreoffice. Please review the CVE identifiers referenced below for details. Impact A...
ClamAV: Multiple vulnerabilities
Background Clam AntiVirus ClamAV is an anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a...
libTIFF: Multiple vulnerabilities
Background libTIFF provides support for reading and manipulating TIFF Tagged Image File Format images. Description Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a...
Chromium, V8: Multiple vulnerabilities
Background Chromium is an open source web browser project. V8 is Google’s open source JavaScript engine. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact A context-dependent...
Tor: Multiple vulnerabilities
Background Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service. Description Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details. Impact A remote unauthenticated attack...
GnuTLS: Multiple vulnerabilities
Background GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. Impact An attacker could perform man-in-the-middle attacks to spoof arbitra...
libxml2: Denial of service
Background libxml2 is a library to manipulate XML files. Description The following vulnerabilities were reported after a test with the Codenomicon XML fuzzing framework: Two use-after-free vulnerabilities are possible when parsing a XML file with Notation or Enumeration attribute types...
FreeType 1: User-assisted execution of arbitrary code
Background FreeType is a True Type Font rendering library. Description Multiple issues found in FreeType 2 were also discovered in FreeType 1. For details on these issues, please review the Gentoo Linux Security Advisories and CVE identifiers referenced below. Impact A remote attacker could entic...
OpenSSL: Multiple vulnerabilities
Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been reported in OpenSSL: Marsh Ray of PhoneFactor and Martin Rex of SAP...
VLC: Multiple vulnerabilities
Background VLC is a cross-platform media player and streaming server. Description g reported the following vulnerabilities: An integer overflow leading to a heap-based buffer overflow in the Open function in modules/demux/tta.c CVE-2008-3732. A signedness error leading to a stack-based buffer...
Openfire: Denial of service
Background Openfire formerly Wildfire is a Java implementation of a complete Jabber server. Description Openfire's connection manager in the file ConnectionManagerImpl.java cannot handle clients that fail to read messages, and has no limit on their session's send buffer. Impact Remote authenticat...
Adobe Acrobat Reader: Multiple vulnerabilities
Background Adobe Acrobat Reader is a PDF reader released by Adobe. Description Multiple vulnerabilities have been discovered in Adobe Acrobat Reader, including: A file disclosure when using file:// in PDF documents CVE-2007-1199 Multiple buffer overflows in unspecified Javascript methods...
PostgreSQL: Multiple vulnerabilities
Background PostgreSQL is an open source object-relational database management system. Description If using the "expression indexes" feature, PostgreSQL executes index functions as the superuser during VACUUM and ANALYZE instead of the table owner, and allows SET ROLE and SET SESSION AUTHORIZATION...
Mozilla Firefox, SeaMonkey: Multiple vulnerabilities
Background Mozilla Firefox is a cross-platform web browser from Mozilla. SeaMonkey is a free, cross-platform Internet suite. Description Jesse Ruderman and Petko D. Petkov reported that the jar protocol handler in Mozilla Firefox and Seamonkey does not properly check MIME types CVE-2007-5947...
AWStats: Remote execution of arbitrary code
Background AWStats is an advanced log file analyzer and statistics generator. Description Hendrik Weimer has found that if updating the statistics via the web frontend is enabled, it is possible to inject arbitrary code via a pipe character in the "migrate" parameter. Additionally, r0t has...
KDE: Local Denial of service
Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. DCOP is KDE's simple IPC/RPC mechanism. Description Sebastian Krahmer discovered that it is possible to stall the dcopserver of other users. Impact An attacker could exploit this to cause a...
libsndfile: Multiple Vulnerabilities
Background libsndfile is a C library for reading and writing files containing sampled sound. Description Multiple vulnerabilities have been discovered in libsndfile. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
libarchive: Multiple Vulnerabilities
Background libarchive is a library for manipulating different streaming archive formats, including certain tar variants, several cpio formats, and both BSD and GNU ar variants. Description Multiple vulnerabilities have been discovered in libarchive. Please review the CVE identifiers referenced...
Pillow: Multiple vulnerabilities
Background Python Imaging Library fork Description Multiple vulnerabilities have been discovered in Pillow. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...
libxml2: Multiple vulnerabilities
Background libxml2 is the XML eXtended Markup Language C parser and toolkit initially developed for the Gnome project. Description Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...
Redis: Multiple vulnerabilities
Background Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache and message broker. Description Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CV...
Mozilla Thunderbird: Multiple vulnerabilities
Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...
Icinga: Root privilege escalation
Background Icinga is an open source computer system and network monitoring application. It was originally created as a fork of the Nagios system monitoring application in 2009. Description It was discovered that Icinga’s installed files have insecure permissions, possibly allowing root privilege...
BlueZ: Security bypass
Background Set of tools to manage Bluetooth devices for Linux. Description It was discovered that the HID and HOGP profiles implementations in BlueZ did not specifically require bonding between the device and the host. Impact A remote attacker with adjacent access could impersonate an existing HI...