3816 matches found
SQUASHFS: Multiple vulnerabilities
Background Squashfs is a compressed read-only filesystem for Linux. Squashfs is intended for general read-only filesystem use, for archival use i.e. in cases where a .tar.gz file may be used, and in constrained block device/memory systems e.g. embedded systems where low overhead is needed...
GNU Wget: Multiple vulnerabilities
Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description Multiple vulnerabilities have been discovered in Wget. Please review the CVE identifier and bug reports referenced for details. Impact A remote...
MySQL and MariaDB: Multiple vulnerabilities
Background MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Description Multiple vulnerabilities have been discovered in MySQL and MariaDB. Please review the CVE identifiers referenced below for details. Impact A remote attacker coul...
Cacti: Multiple vulnerabilities
Background Cacti is a complete frontend to rrdtool. Description Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, or remote...
Wireshark: Multiple vulnerabilities
Background Wireshark is a network protocol analyzer formerly known as ethereal. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact Remote attackers could cause Denial of Service and local attackers could...
Libreswan: Multiple Vulnerabilities
Background Libreswan is a free software implementation of the most widely supported and standarized VPN protocol based on “IPsec” and the Internet Key Exchange “IKE”. Description The pluto IKE daemon in Libreswan, when built with NSS, allows remote attackers to cause a Denial of Service assertion...
Roundcube: Multiple Vulnerabilities
Background Free and open source webmail software for the masses, written in PHP. Description Remote authenticated users with certain permissions can read arbitrary files or possibly execute arbitrary code via .. in the skin parameter to index.php. Additionally, a cross-site scripting XSS...
WebKitGTK+: Multiple vulnerabilities
Background WebKitGTK+ is a full-featured port of the WebKit rendering engine. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Impact A remote attack can use multiple vectors to execute arbitrary code or cause...
libgadu: Multiple vulnerabilities
Background libgadu is a library that implements the client side of the Gadu-Gadu protocol. Description libgadu contains multiple vulnerabilities: X.509 certificates are not properly validated CVE-2013-4488 A integer overflow error could lead to a buffer overflow CVE-2013-6487 Malformed responses...
MIT Kerberos 5: User-assisted execution of arbitrary code
Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. Description Multiple vulnerabilities have been discovered in MIT Kerberos 5. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary code wit...
PowerDNS Recursor: Multiple vulnerabilities
Background PowerDNS Recursor is a high-end, high-performance resolving name server Description Multiple vulnerabilities have been discovered in PowerDNS Recursor. Please review the CVE identifiers and PowerDNS blog post referenced below for details. Impact A remote attacker may be able to send...
stunnel: Information disclosure
Background The stunnel program is designed to work as an SSL encryption wrapper between a client and a local or remote server. Description stunnel does not properly update the state of the pseudo-random generator after fork-threading which causes subsequent children with the same process ID to us...
Pango: Multiple vulnerabilities
Background Pango is an internationalized text layout and rendering library Description Multiple vulnerabilities have been discovered in Pango. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could entice a user to load specially crafted text usi...
libTIFF: Multiple vulnerabilities
Background libTIFF provides support for reading and manipulating TIFF Tagged Image File Format images. Description Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a...
Poppler: Multiple vulnerabilities
Background Poppler is a cross-platform PDF rendering library originally based on Xpdf. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF...
libxslt: Denial of service
Background libxslt is the XSLT C library developed for the GNOME project. XSLT is an XML language to define transformations for XML. Description Multiple vulnerabilities have been found in libxslt: Multiple errors exist in pattern.c and functions.c CVE-2012-2870, CVE-2012-6139. A double-free erro...
Monkey HTTP Daemon: Multiple vulnerabilities
Background Monkey HTTP Daemon is a lightweight and powerful web server for GNU/Linux. Description Multiple vulnerabilities have been discovered in Monkey HTTP Daemon. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted request,...
Tor: Multiple vulnerabilities
Background Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service. Description Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details. Impact A remote attacker could cause a...
SQLAlchemy: SQL injection
Background SQLAlchemy is a Python SQL toolkit and Object Relational Mapper. Description SQLAlchemy does not properly sanitize input passed from the “limit” and “offset” keywords to the select function before using it in an SQL query. Impact A remote attacker could exploit this vulnerability to...
file: Denial of service
Background file is a utility that guesses a file format by scanning binary data for patterns. Description Multiple out-of-bounds read errors and invalid pointer dereference errors have been found in cdf.c. Impact A remote attacker could entice a user to open a specially crafted Composite Document...
mount-cifs: Multiple vulnerabilites
Background mount-cifs is the cifs filesystem mount helper split from Samba. Description Multiple vulnerabilities have been discovered in mount-cifs. Please review the CVE identifiers referenced below for details. Impact The vulnerabilities allow local users to cause a denial of service mtab...
Postfix: Multiple vulnerabilities
Background Postfix is Wietse Venema’s mailer that attempts to be fast, easy to administer, and secure, as an alternative to the widely-used Sendmail program. Description A vulnerability have been discovered in Postfix. Please review the CVE identifier referenced below for details. Impact An...
virtualenv: Insecure temporary file usage
Background virtualenv is a virtual Python environment builder. Description The virtualenv.py script in virtualenv does not handle temporary files securely. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application...
Puppet: Multiple vulnerabilities
Background Puppet is a system configuration management tool written in Ruby. Description Multiple vulnerabilities have been discovered in Puppet. Please review the CVE identifiers referenced below for details. Impact A local attacker could gain elevated privileges, or access and modify arbitrary...
MIT Kerberos 5 Applications: Multiple vulnerabilities
Background A suite of applications that implement the Kerberos 5 network protocol from MIT. Description Multiple vulnerabilities have been discovered in MIT Kerberos 5 Applications: An error in the FTP daemon prevents it from dropping its initial effective group identifier CVE-2011-1526. A bounda...
FreeType: Multiple vulnerabilities
Background FreeType is a high-quality and portable font engine. Description Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted font, possibly resulting ...
Firewall Builder: Privilege escalation
Background Firewall Builder is a GUI for easy management of multiple firewall platforms. Description Two vulnerabilities in Firewall Builder allow the iptables and fwbinstall scripts to use temporary files insecurely. Impact A local attacker could possibly overwrite arbitrary files with the...
Chromium, V8: Multiple vulnerabilities
Background Chromium is an open source web browser project. V8 is Google's open source JavaScript engine. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact A context-dependent...
Wireshark: Multiple vulnerabilities
Background Wireshark is a versatile network protocol analyzer. Description Multiple vulnerabilities were found in the Daintree SNA file parser, the SMB, SMB2, IPMI, and DOCSIS dissectors. For further information please consult the CVE entries referenced below. Impact A remote attacker could cause...
Adobe Reader: User-assisted execution of arbitrary code
Background Adobe Reader is a PDF reader released by Adobe. Description Multiple vulnerabilities have been reported in Adobe Reader: Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in the JBIG2 filter CVE-2009-0198. Mark Dowd of the IBM Internet Security Systems X-Force and...
Asterisk: Multiple vulnerabilities
Background Asterisk is an open source telephony engine and toolkit. Description Multiple vulnerabilities have been discovered in the IAX2 channel driver when performing the 3-way handshake CVE-2008-1897, when handling a large number of POKE requests CVE-2008-3263, when handling authentication...
Ventrilo: Denial of service
Background Ventrilo is a Voice over IP group communication server. Description Luigi Auriemma reported a NULL pointer dereference in Ventrilo when processing packets with an invalid version number followed by another packet. Impact A remote attacker could send specially crafted packets to the...
Gnumeric: Untrusted search path
Background The Gnumeric spreadsheet is a versatile application developed as part of the GNOME Office project. Description James Vega reported an untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric. Impact A local attacker could entice a user to run Gnumeric...
GLib: Execution of arbitrary code
Background The GLib is a library of C routines that is used by a multitude of programs. Description Diego E. Petteno reported multiple integer overflows in glib/gbase64.c when converting a long string from or to a base64 representation. Impact A remote attacker could entice a user or automated...
Mozilla products: Multiple vulnerabilities
Background Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla...
libpng: Execution of arbitrary code
Background libpng is a free ANSI C library used to process and manipulate PNG images. Description Tavis Ormandy of the Google Security Team discovered that libpng does not handle zero-length unknown chunks in PNG files correctly, which might lead to memory corruption in applications that call...
UnZip: User-assisted execution of arbitrary code
Background Info-ZIP's UnZip is a tool to list and extract files inside PKZIP compressed files. Description Tavis Ormandy of the Google Security Team discovered that the NEEDBITS macro in the inflatedynamic function in the file inflate.c can be invoked using invalid buffers, which can lead to a...
SDL_image: Two buffer overflow vulnerabilities
Background SDLimage is an image file library that loads images as SDL surfaces, and supports various formats like BMP, GIF, JPEG, LBM, PCX, PNG, PNM, TGA, TIFF, XCF, XPM, and XV. Description The LWZReadByte function in file IMGgif.c and the IMGLoadLBMRW function in file IMGlbm.c each contain a...
ImageMagick: Multiple vulnerabilities
Background ImageMagick is a collection of tools and libraries for manipulating various image formats. Description regenrecht reported multiple infinite loops in functions ReadDCMImage and ReadXCFImage CVE-2007-4985, multiple integer overflows when handling certain types of images CVE-2007-4986,...
Lighttpd: Buffer overflow
Background Lighttpd is a lightweight HTTP web server. Description Mattias Bengtsson and Philip Olausson have discovered a buffer overflow vulnerability in the function fcgienvadd in the file modfastcgi.c when processing overly long HTTP headers. Impact A remote attacker could send a specially...
Qt: Multiple format string vulnerabilities
Background Qt is a cross-platform GUI framework, which is used e.g. by KDE. Description Tim Brown of Portcullis Computer Security Ltd and Dirk Mueller of KDE reported multiple format string errors in qWarning calls in files qtextedit.cpp, qdatatable.cpp, qsqldatabase.cpp, qsqlindex.cpp,...
GD: Multiple vulnerabilities
Background GD is a graphic library for fast image creation. Description Xavier Roche discovered an infinite loop in the gdPngReadData function when processing a truncated PNG file CVE-2007-2756. An integer overflow has been discovered in the gdImageCreateTrueColor function CVE-2007-3472. An error...
OpenAFS: Privilege escalation
Background OpenAFS is a distributed network filesystem. Description Benjamin Bennett discovered that the OpenAFS client contains a design flaw where cache managers do not use authenticated server connections when performing actions not requested by a user. Impact If setuid is enabled on the clien...
Mozilla Thunderbird: Multiple vulnerabilities
Background Mozilla Thunderbird is a popular open-source email client from the Mozilla Project. Description Georgi Guninski reported a possible integer overflow in the code handling text/enhanced or text/richtext MIME emails. Additionally, various researchers reported errors in the JavaScript engi...
Apache JK Tomcat Connector: Remote execution of arbitrary code
Background The Apache HTTP server is a very widely used web server. modjk provides the JK module for connecting Tomcat and Apache using the ajp13 protocol. Description ZDI reported an unsafe memory copy in modjk that was discovered by an anonymous researcher in the mapuritoworker function of...
ClamAV: Denial of service
Background ClamAV is a GPL virus scanner. Description An anonymous researcher discovered a file descriptor leak error in the processing of CAB archives and a lack of validation of the "id" parameter string used to create local files when parsing MIME headers. Impact A remote attacker can send...
thttpd: Unauthenticated remote file access
Background thttpd is a webserver designed to be simple, small, and fast. Description thttpd is vulnerable to an underlying change made to the start-stop-daemon command in the current stable Gentoo baselayout package version 1.12.6. In the new version, the start-stop-daemon command performs a "chd...
Apache mod_tcl: Format string vulnerability
Background Apache modtcl is a TCL interpreting module for the Apache 2.x web server. Description Sparfell discovered format string errors in calls to the setvar function in tclcmds.c and tclcore.c. Impact A remote attacker could exploit the vulnerability to execute arbitrary code with the rights ...
X.org and some X.org libraries: Local privilege escalations
Background X.org is an implementation of the X Window System. Description Several X.org libraries and X.org itself contain system calls to setuid functions, without checking their result. Impact Local users could deliberately exceed their assigned resource limits and elevate their privileges afte...
FreeType: Multiple integer overflows
Background FreeType is a portable font engine. Description Multiple integer overflows exist in a variety of files bdf/bdflib.c, sfnt/ttcmap.c, cff/cffgload.c, base/ftmac.c. Impact A remote attacker could exploit these buffer overflows by enticing a user to load a specially crafted font, which cou...