3816 matches found
Linux Audit: Buffer overflow
Background Linux Audit is a set of userspace utilities for storing and processing auditing records. Description A stack-based buffer overflow has been reported in the auditlogusercommand function in the file lib/auditlogging.c when processing overly long arguments. Impact A local attacker could...
Opera: Multiple vulnerabilities
Background Opera is a fast web browser that is available free of charge. Description Mozilla discovered that Opera does not handle input to file form fields properly, allowing scripts to manipulate the file path CVE-2008-1080. Max Leonov found out that image comments might be treated as scripts,...
util-linux: Local privilege escalation
Background util-linux is a suite of Linux programs including mount and umount, programs used to mount and unmount filesystems. Description Ludwig Nussel discovered that the checkspecialmountprog and checkspecialumountprog functions call setuid and setgid in the wrong order and do not check the...
SSH Communications Security's Secure Shell Server: SFTP privilege escalation
Background The SSH Secure Shell Server from SSH Communications Security www.ssh.com is a commercial SSH implementation available free for non-commercial use. Description The SSH Secure Shell Server contains a format string vulnerability in the SFTP code that handles file transfers scp2 and sftp2...
Sun JDK/JRE: Execution of arbitrary code
Background The Sun Java Development Kit JDK and the Sun Java Runtime Environment JRE provide the Sun Java platform. Description A anonymous researcher discovered that an error in the handling of a GIF image with a zero width field block leads to a memory corruption flaw. Impact An attacker could...
PHP: Format string and XSS vulnerabilities
Background PHP is a general-purpose scripting language widely used to develop web-based applications. It can run on a web server with the modphp module or the CGI version and also stand-alone in a CLI. Description Stefan Esser of the Hardened PHP project has reported a few vulnerabilities found i...
GnuPG: OpenPGP protocol attack
Background GnuPG is complete and free replacement for PGP, a tool for secure communication and data storage. Description A flaw has been identified in an integrity checking mechanism of the OpenPGP protocol. Impact An automated system using GnuPG that allows an attacker to repeatedly discover the...
glibc: Information leak with LD_DEBUG
Background The GNU C library defines various Unix-like "system calls" and other basic facilities needed for a standard POSIX-like application to operate. Description Silvio Cesare discovered a potential information leak in glibc. It allows LDDEBUG on SUID binaries where it should not be allowed...
Cairo: Multiple Vulnerabilities
Background Cairo is a 2D vector graphics library with cross-device output support. Description Multiple vulnerabilities have been discovered in Cairo. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There ...
sudo: Multiple Vulnerabilities
Background sudo allows a system administrator to give users the ability to run commands as other users. Description Multiple vulnerabilities have been discovered in sudo. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for detail...
sudo: Root Privilege Escalation
Background sudo allows a system administrator to give users the ability to run commands as other users. Description The sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrar...
Cairo: Buffer Overflow Vulnerability
Background Cairo is a 2D vector graphics library with cross-device output support. Description An attacker with the ability to provide input to Cairo's image-compositor can cause a buffer overwrite. Impact Malicious input to Cairo's image-compositor can result in denial of service of the...
Unbound: Multiple Vulnerabilities
Background Unbound is a validating, recursive, and caching DNS resolver. Description Multiple vulnerabilities have been discovered in Unbound. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...
Mozilla Firefox: Multiple Vulnerabilities
Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
GStreamer, GStreamer Plugins: Multiple Vulnerabilities
Background GStreamer is an open source multimedia framework. Description Multiple vulnerabilities have been found in GStreamer and its plugins. Please review the CVE and GStreamer-SA identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
Exim: Multiple vulnerabilities
Background Exim is a message transfer agent MTA designed to be a a highly configurable, drop-in replacement for sendmail. Description Multiple vulnerabilities have been discovered in Exim. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by connecting to t...
OpenDMARC: Heap-based buffer overflow
Background OpenDMARC is an open source DMARC implementation. Description It was found that OpenDMARC did not properly handle DMARC aggregate reports. Impact A remote attacker, by sending a specially crafted DMARC aggregate report, could possibly cause a Denial of Service condition and depending o...
Mozilla Network Security Service (NSS): Information disclosure
Background The Mozilla Network Security Service NSS is a library implementing security features like SSL v.2/v.3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME and X.509 certificates. Description NSS was found to not always perform constant-time operations when working with DSA key material. Impa...
Pure-FTPd: Multiple vulnerabilities
Background Pure-FTPd is a fast, production-quality and standards-compliant FTP server. Description Multiple vulnerabilities have been discovered in Pure-FTPd. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly cause a Denial of Service conditio...
Kpathsea: User-assisted execution of arbitrary code
Background Kpathsea is a library to do path searching. It is used by TeX Live and others TeX related software. Description It was discovered that the mpost program from the shellescapecommands list is capable of executing arbitrary external programs during the conversion of .tex files. The...
TNEF: Multiple vulnerabilities
Background TNEF is a program for unpacking MIME attachments of type “application/ms-tnef”. Description Multiple vulnerabilities have been discovered in TNEF. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to process a specially crafted...
libpng: Remote execution of arbitrary code
Background libpng is a standard library used to process PNG Portable Network Graphics images. It is used by several programs, including web browsers and potentially server processes. Description A null pointer dereference was discovered in libpng in the pngpushsavebuffer function. In order to be...
Botan: Multiple vulnerabilities
Background Botan Japanese for peony is a cryptography library written in C++11. Description Multiple vulnerabilities have been discovered in Botan. Please review the CVE identifiers referenced below for details. Impact A remote attacker might obtain ECDSA secret keys via a timing side-channel...
XStream: Remote execution of arbitrary code
Background XStream is a simple library to serialize objects to XML and back again. Description It was found that XStream would deserialize arbitrary user-supplied XML content, thus representing objects of any type. Impact A remote attacker could pass a specially crafted XML document to XStream,...
Pygments: Arbitrary code execution
Background Pygments is a generic syntax highlighter suitable for use in code hosting, forums, wikis or other applications that need to prettify source code. Description A vulnerability in FontManager’s getnixfontpath function allows shell metacharacters to be passed in a font name. Impact A remot...
nghttp2: Heap-use-after-free
Background Nghttp2 is an implementation of HTTP/2 and its header compression algorithm HPACK in C. Description A heap-use-after-free vulnerability has been discovered in nghttp2. Please review the CVE identifier referenced below for details. Impact The impact of the vulnerability is still unknown...
imlib2: Multiple vulnerabilities
Background imlib2 is an advanced replacement for image manipulation libraries such as libXpm. It is utilized by numerous programs, including gkrellm and several window managers, to display images. Description Multiple vulnerabilities have been discovered in imlib2. Please review the CVE identifie...
QEMU: Multiple vulnerabilities
Background QEMU is a generic and open source machine emulator and virtualizer. Description Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact Local users within a guest QEMU environment can execute arbitrary code within th...
Squid: Multiple vulnerabilities
Background Squid is a full-featured Web proxy cache designed to run on Unix systems. It supports proxying and caching of HTTP, FTP, and other URLs, as well as SSL support, cache hierarchies, transparent caching, access control lists and many other features. Description Multiple vulnerabilities ha...
policycoreutils: Privilege escalation
Background policycoreutils is a collection of SELinux policy utilities. Description The seunshare utility is owned by root with 4755 permissions which can be exploited by a setuid system call. Impact A local attacker may be able to gain escalated privileges. Workaround There is no known workaroun...
Nagios: Multiple vulnerabilities
Background Nagios is an open source host, service and network monitoring program. Description Multiple vulnerabilities have been discovered in Nagios. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to execute arbitrary code, cause a Denial of...
PostgreSQL: Multiple vulnerabilities
Background PostgreSQL is an open source object-relational database management system. Description Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact A remote authenticated attacker may be able to create a Denial of...
GnuTLS: Multiple vulnerabilities
Background GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. Impact A remote attacker could utilize multiple vectors to spoof arbitrary...
CUPS: Arbitrary file read/write
Background CUPS, the Common Unix Printing System, is a full-featured print server. Description Members of the lpadmin group have admin access to the web interface, where they can edit the config file and set some “dangerous” directives like the logfilenames, which enable them to read or write fil...
Zabbix: Shell command injection
Background Zabbix is software for monitoring applications, networks, and servers. Description If a flexible user parameter is configured in Zabbix agent, including a newline in the parameters will execute newline section as a separate command even if UnsafeUserParameters are disabled. Impact A...
MPlayer: Multiple vulnerabilities
Background MPlayer is a media player including support for a wide range of audio and video formats. Description Multiple vulnerabilities have been discovered in MPlayer and the bundled FFmpeg. Please review the CVE identifiers and FFmpeg GLSA referenced below for details. Impact A remote attacker...
Libav: Multiple vulnerabilities
Background Libav is a complete solution to record, convert and stream audio and video. Description Multiple vulnerabilities have been discovered in Libav. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted media...
Expat: Multiple vulnerabilities
Background Expat is a set of XML parsing libraries. Description Multiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted XML file in an application linked agains...
MediaWiki: Multiple vulnerabilities
Background The MediaWiki wiki web application as used on wikipedia.org. Description Multiple vulnerabilities have been discovered in mediawiki. Please review the CVE identifiers referenced below for details. Impact MediaWiki allows remote attackers to bypass authentication, to perform imports fro...
Apache mod_authnz_external: SQL injection
Background modauthnzexternal is a tool for creating custom authentication backends for HTTP basic authentication. Description mysql/mysql-auth.pl in modauthnzexternal does not properly sanitize input before using it in an SQL query. Impact A remote attacker could exploit this vulnerability to...
Asterisk: Multiple vulnerabilities
Background Asterisk is an open source telephony engine and toolkit. Description Multiple vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers referenced below for details. Impact An unauthenticated remote attacker may execute code with the privileges of the Asterisk...
Pidgin: Multiple vulnerabilities
Background Pidgin is a client for a variety of instant messaging protocols. Description Multiple vulnerabilities were found in Pidgin: Yuriy Kaminskiy reported that the OSCAR protocol implementation in Pidgin misinterprets the ICQWebMessage message type as the ICQSMS message type, triggering an...
Nagios: Execution of arbitrary code
Background Nagios is an open source host, service and network monitoring program. Description Multiple vulnerabilities have been reported in Nagios: Paul reported that statuswml.cgi does not properly sanitize shell metacharacters in the 1 ping and 2 traceroute parameters CVE-2009-2288. Nagios doe...
Adobe Reader: User-assisted execution of arbitrary code
Background Adobe Reader formerly Adobe Acrobat Reader is a closed-source PDF reader. Description Multiple vulnerabilities have been discovered in Adobe Reader: Alin Rad Pop of Secunia Research reported a heap-based buffer overflow when processing PDF files containing a malformed JBIG2 symbol...
Opera: Multiple vulnerabilities
Background Opera is a fast web browser that is available free of charge. Description Multiple vulnerabilities were discovered in Opera: Vitaly McLain reported a heap-based buffer overflow when processing host names in file:// URLs CVE-2008-5178. Alexios Fakos reported a vulnerability in the HTML...
git: Multiple vulnerabilties
Background GIT - the stupid content tracker, the revision control system used by the Linux kernel team. Description Multiple vulnerabilities have been reported in gitweb that is part of the git package: Shell metacharacters related to gitsearch are not properly sanitized CVE-2008-5516. Shell...
Adobe Reader: User-assisted execution of arbitrary code
Background Adobe Reader formerly Adobe Acrobat Reader is a closed-source PDF reader. Description An unspecified vulnerability can be triggered by a malformed PDF document, as demonstrated by 2008-HI2.pdf CVE-2008-2549. Peter Vreugdenhil, Dyon Balding, Will Dormann, Damian Frizza, and Greg MacManu...
eGroupWare: Multiple vulnerabilities
Background eGroupWare is a suite of web-based group applications including calendar, address book, messenger and email. Description A vulnerability has been reported in FCKEditor due to the way that file uploads are handled in the file editor/filemanager/upload/php/upload.php when a filename has...
PowerDNS Recursor: DNS Cache Poisoning
Background The PowerDNS Recursor is an advanced recursing nameserver. Description Amit Klein of Trusteer reported that insufficient randomness is used to calculate the TRXID values and the UDP source port numbers CVE-2008-1637. Thomas Biege of SUSE pointed out that a prior fix to resolve this iss...
KOffice, KWord, KPDF, KDE Graphics Libraries: Stack-based buffer overflow
Background KOffice is an integrated office suite for KDE. KWord is the KOffice word processor. KPDF is a KDE-based PDF viewer included in the kdegraphics package. Description KPDF includes code from xpdf that is vulnerable to an integer overflow in the StreamPredictor::StreamPredictor function...