3816 matches found
PostgreSQL: Multiple Vulnerabilities
Background PostgreSQL is an open source object-relational database management system. Description Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaroun...
libjxl: Denial of Service
Background libjxl is the JPEG XL image format reference implementation. Description libjxl contains an unecessary assertion in jxl::LowMemoryRenderPipeline::Init. Impact An attacker can cause a denial of service of the libjxl process via a crafted input file. Workaround There is no known workarou...
Shadow: TOCTOU Race
Background Shadow contains utilities to deal with user accounts Description A TOCTOU race condition was discovered in shadow. A local attacker with write privileges in a directory removed or copied by usermod/userdel could potentially exploit this flaw when the administrator invokes...
Cacti: Remote code execution
Background Cacti is a complete frontend to rrdtool. Description The sideid parameter in datadebug.php does not properly verify input allowing SQL injection. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition...
Qt GUI: Buffer overflow
Background The GUI module and platform plugins for the Qt5 framework. Description It was discovered that Qt GUI’s XBM parser did not properly handle X BitMap files. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time. Resolution Al...
PostgreSQL: Multiple vulnerabilities
Background PostgreSQL is an open source object-relational database management system. Description Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaroun...
Zsh: Privilege escalation
Background A shell designed for interactive use, although it is also a powerful scripting language. Description It was discovered that Zsh was insecure dropping privileges when unsetting PRIVILEGED option. Impact An attacker could escalate privileges. Workaround There is no known workaround at th...
Xen: Multiple vulnerabilities
Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the referenced CVE identifiers for details. Impact A local attacker could potentially gain privileges on the host system or cause a Denial of Service condition. Workaround...
Vim, gVim: Remote execution of arbitrary code
Background Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim. Description Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details. Impact A remote attacker...
vzctl: Security bypass
Background vzctl is a set of control tools for the OpenVZ server virtualization solution. Description It was discovered that vzctl determined the virtual environment VE layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory. This allows local simfs container CT ro...
libgcrypt: Multiple vulnerabilities
Background libgcrypt is a general purpose cryptographic library derived out of GnuPG. Description Multiple vulnerabilities have been discovered in libgcrypt. Please review the CVE identifiers referenced below for details. Impact Side-channel attacks can leak private key information. A separate...
libXfont: Multiple vulnerabilities
Background libXfont is an X11 font rasterisation library. Description Multiple vulnerabilities have been discovered in libXfont. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code or cause a Denial of Service condition...
Xen: Denial of service
Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact A local user could possibly cause a Denial of Service condition. Workaround There is no known workaround at this time...
Varnish: Multiple vulnerabilities
Background Varnish is a web application accelerator. Description Multiple vulnerabilities have been discovered in Varnish. Please review the CVE identifiers referenced below for details. Impact A remote attacker could cause a Denial of Service condition via a specially crafted GET request...
mod_wsgi: Privilege escalation
Background modwsgi is an Apache2 module for running Python WSGI applications. Description Two vulnerabilities have been found in modwsgi: Error codes returned by setuid are not properly handled CVE-2014-0240 A memory leak exists via the “Content-Type” header CVE-2014-0242 Impact A local attacker...
QtGui: Denial of service
Background QtGui is the GUI module and platform plugins for the Qt5 framework. Description A NULL pointer dereference has been found in QtGui. Impact A remote attacker could send a specially crafted GIF image, possibly resulting in a Denial of Service condition. Workaround There is no known...
Net-SNMP: Denial of service
Background Net-SNMP bundles software for generating and retrieving SNMP data. Description Multiple vulnerabilities have been discovered in Net-SNMP. Please review the CVE identifiers referenced below for details. Impact A remote attacker could create a Denial of Service condition. Workaround Ther...
KDE Libraries: Multiple vulnerabilities
Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like operating systems. KDE Libraries contains libraries needed by all KDE applications. Description Multiple vulnerabilities have been discovered in KDE Libraries. Please review the CVE identifiers referenced below...
FreeRADIUS: Arbitrary code execution
Background FreeRADIUS is an open source RADIUS authentication server. Description Large passwords can trigger a stack-based buffer overflow in FreeRADIUS’s rlmpap module when authenticating against an LDAP server. Impact An authenticated user could set a specially crafted long password, possibly...
KDirStat: Arbitrary command execution
Background KDirStat is a graphical disk usage utility for KDE. Description Missing escape of executable shell command in KDirStat can be used to insert malicious shell commands. Impact A local attacker could possibly execute arbitrary shell command with the privileges of the process. Workaround...
KVIrc: Multiple vulnerabilities
Background KVIrc is a free portable IRC client based on Qt. Description Multiple vulnerabilities have been discovered in KVIrc. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, cause ...
cpio: Arbitrary code execution
Background GNU cpio copies files into or out of a cpio or tar archive. Description Cpio contains a heap-based buffer overflow in the rmtread function in lib/rtapelib.c. Impact A remote server could sending more data than was requested, related to archive filenames that contain a : colon character...
Open DC Hub: Arbitrary code execution
Background Open DC Hub is the hub software for the Direct Connect file sharing network. Description A stack-based buffer overflow flaw has been discovered in the way Open DC Hub sanitized content of a user’s MyINFO message. Impact A remote authenticated user may be able to execute arbitrary code ...
FileZilla: Multiple vulnerabilities
Background FileZilla is an open source FTP client. Description Multiple vulnerabilities have been discovered in FileZilla. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to connect to a malicious server, resulting in possible arbitrary...
mod_rpaf: Denial of service
Background modrpaf is a reverse proxy add forward module for backend Apache servers. Description An error has been found in the way modrpaf handles X-Forwarded-For headers. Please review the CVE identifier referenced below for details. Impact A remote attacker could send a specially crafted HTTP...
libxml2: User-assisted execution of arbitrary code
Background libxml2 is the XML C parser and toolkit developed for the Gnome project. Description The "xmlXPtrEvalXPtrPart" function in xpointer.c contains an off-by-one error. Impact A remote attacker could entice a user or automated system to open a specially crafted XML document with an...
logrotate: Multiple vulnerabilities
Background logrotate rotates, compresses, and mails system logs. Description Multiple vulnerabilities have been discovered in logrotate. Please review the CVE identifiers referenced below for details. Impact A local attacker could use this flaw to truncate arbitrary system file, to change file...
gdk-pixbuf: Denial of service
Background gdk-pixbuf is an image loading library for GTK+. Description Two vulnerabilities have been found in gdk-pixbuf: The "gdkpixbufgifimageload" function in io-gif.c fails to properly handle certain return values from subroutines CVE-2011-2485. The "readbitmapfiledata" function in io-xbm.c...
Pidgin: Multiple vulnerabilities
Background Pidgin is an GTK Instant Messenger client. Description Multiple vulnerabilities have been discovered in Pidgin. Please review the CVE identifiers referenced below for details. Impact These vulnerabilities allow for arbitrary file retrieval, Denial of Service and arbitrary code executio...
PowerDNS: Denial of service
Background The PowerDNS nameserver is an authoritative-only nameserver which uses a flexible backend architecture. Description A vulnerability has been found in PowerDNS which could cause a packet loop of DNS responses. Impact A remote attacker could send specially crafted DNS response packets,...
vsftpd: Denial of service
Background vsftpd is a very secure FTP daemon written with speed, size and security in mind. Description A Denial of Service vulnerability was discovered in vsftpd. Please review the CVE identifier referenced below for details. Impact A remote authenticated attacker could cause a Denial of Servic...
lighttpd: Denial of service
Background lighttpd is a lightweight high-performance web server. Description Li Ming reported that lighttpd does not properly process packets that are sent overly slow. Impact A remote attacker might send specially crafted packets to a server running lighttpd, possibly resulting in a Denial of...
nano: Multiple vulnerabilities
Background nano is a GNU GPL'd Pico clone with more functionality. Description Multiple race condition vulnerabilities have been discovered in nano. For further information please consult the CVE entries referenced below. Impact Under certain conditions, a local, user-assisted attacker could...
Adobe Reader: Multiple vulnerabilities
Background Adobe Reader formerly Adobe Acrobat Reader is a closed-source PDF reader. Description Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletin referenced below. Impact A remote attacker might entice...
ModPlug: User-assisted execution of arbitrary code
Background ModPlug is a library for playing MOD-like music. Description Two vulnerabilities have been reported in ModPlug: dummy reported an integer overflow in the CSoundFile::ReadMed function when processing a MED file with a crafted song comment or song name, which triggers a heap-based buffer...
OptiPNG: User-assisted execution of arbitrary code
Background OptiPNG is a PNG optimizer that recompresses image files to a smaller size, without losing any information. Description Roy Tam reported a use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c leading to a memory corruption when reading a GIF...
Samba: Data disclosure
Background Samba is a suite of SMB and CIFS client/server programs. Description Samba does not properly check memory boundaries when handling trans, rans2, and nttrans requests. Impact A remote attacker could send specially crafted requests to a Samba daemon, leading to the disclosure of arbitrar...
OpenSSL: Certificate validation error
Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description The Google Security Team reported that several functions incorrectly check the result after calling the...
Net-SNMP: Denial of service
Background Net-SNMP is a collection of tools for generating and retrieving SNMP data. Description Oscar Mira-Sanchez reported an integer overflow in the netsnmpcreatesubtreecache function in agent/snmpagent.c when processing GETBULK requests. Impact A remote attacker could send a specially crafte...
cbrPager: User-assisted execution of arbitrary code
Background cbrPager is a comic book pager. Description Mamoru Tasaka discovered that filenames of the image archives are not properly sanitized before being passed to decompression utilities like unrar and unzip, which use the system libc library call. Impact A remote attacker could entice a user...
PHP Toolkit: Data disclosure and Denial of service
Background PHP Toolkit is a utility to manage parallel installations of PHP within Gentoo. It is executed by the PHP ebuilds at setup. Description Toni Arnold, David Sveningsson, Michal Bartoszkiewicz, and Joseph reported that php-select does not quote parameters passed to the "tr" command, which...
Website META Language: Insecure temporary file usage
Background Website META Language is a free and extensible Webdesigner's off-line HTML generation toolkit for Unix. Description Temporary files are handled insecurely in the files wmlbackend/p1ipp/ipp.src, wmlcontrib/wmg.cgi, and wmlbackend/p3eperl/eperlsys.c, allowing users to overwrite or delete...
MPlayer: Multiple buffer overflows
Background MPlayer is a media player incuding support for a wide range of audio and video formats. Description The following errors have been discovered in MPlayer: Felipe Manzano and Anibal Sacco Core Security Technologies reported an array indexing error in the file libmpdemux/demuxmov.c when...
Portage: Information disclosure
Background Portage is the default Gentoo package management system. Description Mike Frysinger reported that the "etc-update" utility uses temporary files with the standard umask, which results in the files being world-readable when merging configuration files in a default setup. Impact A local...
IRC Services: Denial of service
Background IRC Services is a system of services to be used with Internet Relay Chat networks. Description loverboy reported that the "defaultencrypt" function in file encrypt.c does not properly handle overly long passwords. Impact A remote attacker could provide an overly long password to the...
The Sleuth Kit: Integer underflow
Background The Sleuth Kit is a collection of file system and media management forensic analysis tools. Description Jean-Sebastien Guay-Leroux reported an integer underflow in the fileprintf function of the "file" utility which is bundled with The Sleuth Kit CVE-2007-1536, GLSA 200703-26. Note tha...
Bugzilla: Multiple vulnerabilities
Background Bugzilla is a web application designed to help with managing software development. Description Masahiro Yamada found that from the 2.17.1 version, Bugzilla does not properly sanitize the content of the "buildid" parameter when filing bugs CVE-2007-4543. The next two vulnerabilities onl...
ClamAV: Multiple Denials of Service
Background ClamAV is a GPL virus scanner. Description Several vulnerabilities were discovered in ClamAV by various researchers: Victor Stinner INL discovered that the OLE2 parser may enter in an infinite loop CVE-2007-2650. A boundary error was also reported by an anonymous researcher in the file...
MPlayer: Two buffer overflows
Background MPlayer is a media player incuding support for a wide range of audio and video formats. Description A buffer overflow has been reported in the DMOVideoDecoderOpen function in file loader/dmo/DMOVideoDecoder.c. Another buffer overflow has been reported in the DSVideoDecoderOpen function...
Lighttpd: Two Denials of Service
Background Lighttpd is a lightweight HTTP web server. Description Robert Jakabosky discovered an infinite loop triggered by a connection abort when Lighttpd processes carriage return and line feed sequences. Marcus Rueckert discovered a NULL pointer dereference when a server running Lighttpd trie...