3816 matches found
Exim: Heap-based buffer overflow
Background Exim is a message transfer agent MTA designed to be a a highly configurable, drop-in replacement for sendmail. Description It was discovered that Exim incorrectly handled certain string operations. Impact A remote attacker, able to connect to a vulnerable Exim instance, could possibly...
pump: User-assisted execution of arbitrary code
Background BOOTP and DHCP client for automatic IP configuration. Description It was discovered that there was an arbitrary code execution vulnerability in the pump DHCP/BOOTP client. Impact A remote attacker, by enticing a user to connect to a malicious server, could cause the execution of...
KDE KConfig: User-assisted execution of arbitrary code
Background Provides an advanced configuration system. Description A vulnerability was discovered in KDE KConfig’s handling of .desktop and .directory files. Impact An attacker could entice a user to execute a specially crafted .desktop or .directory file possibly resulting in execution of arbitra...
ClamAV: Multiple vulnerabilities
Background ClamAV is a GPL virus scanner. Description Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...
Jython: Arbitrary code execution
Background An implementation of Python written in Java. Description It was found that Jython is vulnerable to arbitrary code execution by sending a serialized function to the deserializer. Impact Remote execution of arbitrary code by enticing a user to execute malicious code. Workaround There is ...
Shadow: Multiple vulnerabilities
Background Shadow is a set of tools to deal with user accounts. Description Multiple vulnerabilities have been discovered in Shadow. Please review the CVE identifiers referenced below for details. Impact A local attacker could possibly cause a Denial of Service condition, gain privileges via...
Mozilla Firefox: Multiple vulnerabilities
Background Mozilla Firefox is a popular open-source web browser from the Mozilla Project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code wi...
Firejail: Multiple vulnerabilities
Background A SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. Description Multiple vulnerabilities have been discovered in Firejail. Please review upstream’s release notes below for...
Git: Arbitrary command execution
Background Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Description A vulnerability in Git causing Git-compatible clients that access case-insensitive or case-normalizing filesystems to...
OpenSSL: Multiple vulnerabilities
Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security as well as a general purpose cryptography library. Description Multiple vulnerabilities have been found in OpenSSL. Please review the CVE identifiers referenced below for details. Impac...
Adobe Flash Player: Multiple vulnerabilities
Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...
cups-filters: Multiple vulnerabilities
Background cups-filters is an OpenPrinting CUPS Filters. Description Multiple vulnerabilities have been discovered in cups-filters. Please review the CVE identifiers referenced below for more details about the vulnerabilities. Impact A remote attackers could possibly execute arbitrary code...
Tinyproxy: Denial of service
Background Tinyproxy is a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems. Description A vulnerability has been discovered in the way how Tinyproxy works with headers. Impact A remote attacker could send a specially crafted request with too many headers, possibly resulting in a...
GnuTLS: Multiple vulnerabilities
Background GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers and Lucky Thirteen research paper referenced below for details. Impact A remote attacker could sent a...
Quagga: Multiple vulnerabilities
Background Quagga is a free routing daemon replacing Zebra supporting RIP, OSPF and BGP. Description Multiple vulnerabilities have been discovered in Quagga. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to cause arbitrary code execution or a...
Puppet: Multiple vulnerabilities
Background Puppet is a system configuration management tool written in Ruby. Description Multiple vulnerabilities have been discovered in Puppet. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of t...
Linux-PAM: Multiple vulnerabilities
Background Linux-PAM Pluggable Authentication Modules is an architecture allowing the separation of the development of privilege granting software from the development of secure and appropriate authentication schemes. Description Multiple vulnerabilities have been discovered in Linux-PAM. Please...
Chromium: Multiple vulnerabilities
Background Chromium is an open source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web site usi...
Chromium: Multiple vulnerabilities
Background Chromium is an open source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web site usi...
OpenSSL: Multiple vulnerabilities
Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been found in OpenSSL: Timing differences for decryption are exposed by CBC...
GnuPG: User-assisted execution of arbitrary code
Background The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of cryptographic software. The GPGSM utility in GnuPG is responsible for processing X.509 certificates, signatures and encryption as well as S/MIME messages. Description The GPGSM utility in GnuPG contains a...
Adobe Reader: Multiple vulnerabilities
Background Adobe Reader formerly Adobe Acrobat Reader is a closed-source PDF reader. Description Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Impact A remote attacker might entic...
xine-lib: User-assisted execution of arbitrary code
Background xine-lib is the core library package for the xine media player, and other players such as Amarok, Codeine/Dragon Player and Kaffeine. Description Multiple vulnerabilities have been reported in xine-lib. Please review the CVE identifiers referenced below for details. Impact A remote...
sudo: Privilege escalation
Background sudo allows a system administrator to give users the ability to run commands as other users. Description Multiple vulnerabilities have been discovered in sudo: Glenn Waller and neonsignal reported that sudo does not properly handle access control of the "sudoedit" pseudo-command...
Clam AntiVirus: Multiple vulnerabilities
Background Clam AntiVirus short: ClamAV is an anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description Multiple vulnerabilities have been found in ClamAV: The vendor reported a Divide-by-zero error in the PE "Portable Executable"; Windows .exe file handli...
BIND: Denial of service
Background ISC BIND is the Internet Systems Consortium implementation of the Domain Name System DNS protocol. Description Matthias Urlichs reported that the dnsdbfindrdataset function fails when the prerequisite section of the dynamic update message contains a record of type "ANY" and where at...
ntp: Certificate validation error
Background ntp contains the client and daemon implementations for the Network Time Protocol. Description It has been reported that ntp incorrectly checks the return value of the EVPVerifyFinal, a vulnerability related to CVE-2008-5077 GLSA 200902-02. Impact A remote attacker could exploit this...
BIND: Incorrect signature verification
Background ISC BIND is the Internet Systems Consortium implementation of the Domain Name System DNS protocol. Description BIND does not properly check the return value from the OpenSSL functions to verify DSA CVE-2009-0025 and RSA CVE-2009-0265 certificates. Impact A remote attacker could bypass...
Epiphany: Untrusted search path
Background Epiphany is a GNOME webbrowser based on the Mozilla rendering engine Gecko. Description James Vega reported an untrusted search path vulnerability in the Python interface. Impact A local attacker could entice a user to run Epiphany from a directory containing a specially crafted python...
GnuTLS: Certificate validation error
Background GnuTLS is an open-source implementation of TLS 1.0 and SSL 3.0. Description Martin von Gagern reported that the gnutlsx509verifycertificate function in lib/x509/verify.c trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate. Impact A...
OpenOffice.org: Multiple vulnerabilities
Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description Two heap-based buffer overflows when processing WMF files CVE-2008-2237 and EMF files...
CUPS: Multiple vulnerabilities
Background CUPS is the Common Unix Printing System. Description Several buffer overflows were found in: The readrle16 function in imagetops CVE-2008-3639, found by regenrecht, reported via ZDI The WriteProlog function in texttops CVE-2008-3640, found by regenrecht, reported via ZDI The...
ClamAV: Multiple Denials of Service
Background Clam AntiVirus is a free anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description Hanno boeck reported an error in libclamav/chmunpack.c when processing CHM files CVE-2008-1389. Other unspecified vulnerabilities were also reported, including a...
Postfix: Local privilege escalation vulnerability
Background Postfix is Wietse Venema's mailer that attempts to be fast, easy to administer, and secure, as an alternative to the widely-used Sendmail program. Description Sebastian Krahmer of SuSE has found that Postfix allows to deliver mail to root-owned symlinks in an insecure manner under...
Apache: Denial of service
Background The Apache HTTP server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in Apache: Dustin Kirkland reported that the modssl module can leak memory when the client reports support for a compression algorithm CVE-2008-1678...
Vobcopy: Insecure temporary file creation
Background Vobcopy is a tool for decrypting and copying DVD .vob files to a hard disk. Description Joey Hess reported that vobcopy appends data to the file "/tmp/vobcopy.bla" in an insecure manner. Impact A local attacker could exploit this vulnerability to conduct symlink attacks and append data...
OpenOffice.org: User-assisted arbitrary code execution
Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to...
MySQL: Denial of service
Background MySQL is a popular multi-threaded, multi-user SQL server. Description Joe Gallo and Artem Russakovskii reported an error in the convertsearchmodetoinnobase function in hainnodb.cc in the InnoDB engine that is leading to a failed assertion when handling CONTAINS operations. Impact A...
MLDonkey: Privilege escalation
Background MLDonkey is a peer-to-peer filesharing client that connects to several different peer-to-peer networks, including Overnet and BitTorrent. Description The Gentoo MLDonkey ebuild adds a user to the system named "p2p" so that the MLDonkey service can run under a user with low privileges...
X.Org X server: Composite local privilege escalation
Background The X Window System is a graphical windowing system based on a client/server model. Description Aaron Plattner discovered a buffer overflow in the compNewPixmap function when copying data from a large pixel depth pixmap into a smaller pixel depth pixmap. Impact A local attacker could...
Xvid: Array indexing vulnerabilities
Background Xvid is a popular open source video codec licensed under the GPL. Description Trixter Jack discovered an array indexing error in the getintrablock function in the file src/bitstream/mbcoding.c. The getinterblockh263 and getinterblockmpeg functions in the same file were also reported as...
Blackdown Java: Applet privilege escalation
Background Blackdown provides implementations of the Java Development Kit JDK and the Java Runtime Environment JRE. Description Chris Evans has discovered multiple buffer overflows in the Sun JDK and the Sun JRE possibly related to various AWT and font layout functions. Tom Hawtin has discovered ...
CUPS: Denial of service
Background CUPS provides a portable printing layer for UNIX-based operating systems. Description CUPS does not properly handle partially-negotiated SSL connections. Upon receiving a partially-negotiated SSL connection, CUPS no longer accepts further incoming connections, as the initial connection...
Mozilla Network Security Service: Remote execution of arbitrary code
Background The Mozilla Network Security Service is a library implementing security features like SSL v2/v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME and X.509 certificates. Description iDefense has reported two potential buffer overflow vulnerabilities found by researcher "regenrecht" in the...
UFO2000: Multiple vulnerabilities
Background UFO2000 is a multi-player, turn-based tactical simulation. Description Five vulnerabilities were found: a buffer overflow in recvaddunit; a problem with improperly trusting user-supplied string information in decodestringmap; several issues with array manipulation via various commands...
OpenOffice.org: EMF/WMF file handling vulnerabilities
Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description John Heasman of NGSSoftware has discovered integer overflows in the EMRPOLYPOLYGON and...
MadWifi: Kernel driver buffer overflow
Background MadWifi Multiband Atheros Driver for Wireless Fidelity provides a Linux kernel device driver for Atheros-based Wireless LAN devices. Description Laurent Butti, Jerome Raznieski and Julien Tinnes reported a buffer overflow in the encodeie and the giwscancb functions from...
fvwm: fvwm-menu-directory fvwm command injection
Background fvwm is a highly configurable virtual window manager for X11 desktops. fvwm-menu-directory allows fvwm users to browse directories from within fvwm. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that fvwm-menu-directory does not sufficiently sanitise...
libapreq2: Denial of Service vulnerability
Background libapreq is a shared library with associated modules for manipulating client request data via the Apache API. Description A vulnerability has been reported in the apreqparseheaders and apreqparseurlencoded functions of Apache2::Request. Impact A remote attacker could possibly exploit t...
Sendmail: Race condition in the handling of asynchronous signals
Background Sendmail is a popular mail transfer agent MTA. Description ISS discovered that Sendmail is vulnerable to a race condition in the handling of asynchronous signals. Impact An attacker could exploit this via certain crafted timing conditions. Workaround There is no known workaround at thi...