3816 matches found
Dovecot: Denial of service
Background Dovecot is an open source IMAP and POP3 email server. Description Dovecot does not properly close connections, allowing a resource exhaustion for incomplete SSL/TLS handshakes. Impact A remote attacker could possibly cause a Denial of Service condition. Workaround There is no known...
KDirStat: Arbitrary command execution
Background KDirStat is a graphical disk usage utility for KDE. Description Missing escape of executable shell command in KDirStat can be used to insert malicious shell commands. Impact A local attacker could possibly execute arbitrary shell command with the privileges of the process. Workaround...
libXfont: Multiple vulnerabilities
Background libXfont is an X11 font rasterisation library. Description Multiple vulnerabilities have been discovered in libXfont. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could use a specially crafted file to gain privileges, cause a Denia...
lib3ds: User-assisted execution of arbitrary code
Background lib3ds is a library for managing 3D-Studio Release 3 and 4 .3DS files. Description An array index error has been discovered in lib3ds. Impact A remote attacker could entice a user to open a specially crafted 3DS file using an application linked against lib3ds, possibly resulting in...
libSRTP: Denial of service
Background libSRTP is an Open-source implementation of the Secure Real-time Transport Protocol. Description A flaw was found in how the cryptopolicysetfromprofileforrtp function applies cryptographic profiles to an srtppolicy in libSRTP. Impact A remote attacker could exploit this vulnerability t...
file: Denial of service
Background file is a utility that guesses a file format by scanning binary data for patterns. Description A flaw was found in the way the file utility determines the type of a file. Impact A remote attacker could entice a user to open a specially crafted file, possibly resulting in a Denial of...
LibYAML: Arbitrary code execution
Background LibYAML is a YAML 1.1 parser and emitter written in C. Description A heap-based buffer overflow flaw was found in the way libyaml parsed YAML tags. Impact A remote attacker could provide a specially-crafted YAML document which when parsed by LibYAML, would cause the application to cras...
KVIrc: Multiple vulnerabilities
Background KVIrc is a free portable IRC client based on Qt. Description Multiple vulnerabilities have been discovered in KVIrc. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, cause ...
FreeType: Multiple vulnerabilities
Background FreeType is a high-quality and portable font engine. Description Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could entice a user to open a specially crafted font, possibly...
Open DC Hub: Arbitrary code execution
Background Open DC Hub is the hub software for the Direct Connect file sharing network. Description A stack-based buffer overflow flaw has been discovered in the way Open DC Hub sanitized content of a user’s MyINFO message. Impact A remote authenticated user may be able to execute arbitrary code ...
GNU Automake: Multiple vulnerabilities
Background GNU Automake is a tool for automatically generating Makefile.in files compliant with the GNU Coding Standards. Description Multiple vulnerabilities have been discovered in GNU Automake. Please review the CVE identifiers referenced below for details. Impact A local attacker could execut...
Dropbear: Multiple vulnerabilities
Background Dropbear is an SSH server and client designed with a small memory footprint. Description Multiple vulnerabilities have been discovered in Dropbear. Please review the CVE identifier and Gentoo bug referenced below for details. Impact A remote attacker could send a specially crafted...
DokuWiki: Multiple vulnerabilities
Background DokuWiki is a simple to use Wiki aimed at a small company’s documentation needs. Description Multiple vulnerabilities have been discovered in DokuWiki. Please review the CVE identifiers referenced below for details. Impact The vulnerabilities might allow an attacker to disclose local...
mod_rpaf: Denial of service
Background modrpaf is a reverse proxy add forward module for backend Apache servers. Description An error has been found in the way modrpaf handles X-Forwarded-For headers. Please review the CVE identifier referenced below for details. Impact A remote attacker could send a specially crafted HTTP...
logrotate: Multiple vulnerabilities
Background logrotate rotates, compresses, and mails system logs. Description Multiple vulnerabilities have been discovered in logrotate. Please review the CVE identifiers referenced below for details. Impact A local attacker could use this flaw to truncate arbitrary system file, to change file...
gdk-pixbuf: Denial of service
Background gdk-pixbuf is an image loading library for GTK+. Description Two vulnerabilities have been found in gdk-pixbuf: The "gdkpixbufgifimageload" function in io-gif.c fails to properly handle certain return values from subroutines CVE-2011-2485. The "readbitmapfiledata" function in io-xbm.c...
Pidgin: Multiple vulnerabilities
Background Pidgin is an GTK Instant Messenger client. Description Multiple vulnerabilities have been discovered in Pidgin. Please review the CVE identifiers referenced below for details. Impact These vulnerabilities allow for arbitrary file retrieval, Denial of Service and arbitrary code executio...
PowerDNS: Denial of service
Background The PowerDNS nameserver is an authoritative-only nameserver which uses a flexible backend architecture. Description A vulnerability has been found in PowerDNS which could cause a packet loop of DNS responses. Impact A remote attacker could send specially crafted DNS response packets,...
vsftpd: Denial of service
Background vsftpd is a very secure FTP daemon written with speed, size and security in mind. Description A Denial of Service vulnerability was discovered in vsftpd. Please review the CVE identifier referenced below for details. Impact A remote authenticated attacker could cause a Denial of Servic...
Fetchmail: Multiple vulnerabilities
Background Fetchmail is a remote mail retrieval and forwarding utility. Description Multiple vulnerabilities have been reported in Fetchmail: The sdump function might trigger a heap-based buffer overflow during the escaping of non-printable characters with the high bit set from an X.509 certifica...
sudo: Privilege escalation
Background sudo allows a system administrator to give users the ability to run commands as other users. Description The command matching functionality does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH...
UW IMAP toolkit: Multiple vulnerabilities
Background The UW IMAP toolkit is a daemon for the IMAP and POP3 network mail protocols. The c-client library provides an API for IMAP, POP3 and other protocols. Description Multiple vulnerabilities were found in the UW IMAP toolkit: Aron Andersson and Jan Sahlin of Bitsec reported boundary error...
Apache Portable Runtime, APR Utility Library: Execution of arbitrary code
Background The Apache Portable Runtime aka APR provides a set of APIs for creating platform-independent applications. The Apache Portable Runtime Utility Library aka APR-Util provides an interface to functionality such as XML parsing, string matching and databases connections. Description Matt...
ModPlug: User-assisted execution of arbitrary code
Background ModPlug is a library for playing MOD-like music. Description Two vulnerabilities have been reported in ModPlug: dummy reported an integer overflow in the CSoundFile::ReadMed function when processing a MED file with a crafted song comment or song name, which triggers a heap-based buffer...
Cscope: User-assisted execution of arbitrary code
Background Cscope is a developer's tool for browsing source code. Description James Peach of Apple discovered a stack-based buffer overflow in cscope's handling of long file system paths CVE-2009-0148. Multiple stack-based buffer overflows were reported in the putstring function when processing a...
LittleCMS: Multiple vulnerabilities
Background LittleCMS, or short lcms, is a color management system for working with ICC profiles. It is used by many applications including GIMP and Firefox. Description RedHat reported a null-pointer dereference flaw while processing monochrome ICC profiles CVE-2009-0793. Chris Evans of Google...
TMSNC: Execution of arbitrary code
Background TMSNC is a Textbased client for the MSN instant messaging protocol. Description Nico Golde reported a stack-based buffer overflow when processing a MSN packet with a UBX command containing a large UBX payload length field. Impact A remote attacker could send a specially crafted message...
OptiPNG: User-assisted execution of arbitrary code
Background OptiPNG is a PNG optimizer that recompresses image files to a smaller size, without losing any information. Description Roy Tam reported a use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c leading to a memory corruption when reading a GIF...
Net-SNMP: Denial of service
Background Net-SNMP is a collection of tools for generating and retrieving SNMP data. Description Oscar Mira-Sanchez reported an integer overflow in the netsnmpcreatesubtreecache function in agent/snmpagent.c when processing GETBULK requests. Impact A remote attacker could send a specially crafte...
MPlayer: Multiple vulnerabilities
Background MPlayer is a media player including support for a wide range of audio and video formats. Description Multiple vulnerabilities have been reported in MPlayer: A stack-based buffer overflow was found in the strreadpacket function in libavformat/psxstr.c when processing crafted STR files...
JasPer: User-assisted execution of arbitrary code
Background The JasPer Project is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 jpeg2k standard. Description Marc Espie and Christian Weisgerber have discovered multiple vulnerabilities in JasPer: Multiple integer...
ClamAV: Multiple Denials of Service
Background Clam AntiVirus is a free anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description Damian Put has discovered an out-of-bounds memory access while processing Petite files CVE-2008-2713, CVE-2008-3215. Also, please note that the 0.93 ClamAV branch...
PHP Toolkit: Data disclosure and Denial of service
Background PHP Toolkit is a utility to manage parallel installations of PHP within Gentoo. It is executed by the PHP ebuilds at setup. Description Toni Arnold, David Sveningsson, Michal Bartoszkiewicz, and Joseph reported that php-select does not quote parameters passed to the "tr" command, which...
CUPS: Multiple vulnerabilities
Background CUPS provides a portable printing layer for UNIX-based operating systems. Description Multiple vulnerabilities have been reported in CUPS: regenrecht VeriSign iDefense discovered that the cgiCompileSearch function used in several CGI scripts in CUPS' administration interface does not...
Website META Language: Insecure temporary file usage
Background Website META Language is a free and extensible Webdesigner's off-line HTML generation toolkit for Unix. Description Temporary files are handled insecurely in the files wmlbackend/p1ipp/ipp.src, wmlcontrib/wmg.cgi, and wmlbackend/p3eperl/eperlsys.c, allowing users to overwrite or delete...
Python: PCRE Integer overflow
Background Python is an interpreted, interactive, object-oriented programming language. Description Python 2.3 includes a copy of PCRE which is vulnerable to an integer overflow vulnerability, leading to a buffer overflow. Impact An attacker could exploit the vulnerability by tricking a vulnerabl...
Portage: Information disclosure
Background Portage is the default Gentoo package management system. Description Mike Frysinger reported that the "etc-update" utility uses temporary files with the standard umask, which results in the files being world-readable when merging configuration files in a default setup. Impact A local...
IRC Services: Denial of service
Background IRC Services is a system of services to be used with Internet Relay Chat networks. Description loverboy reported that the "defaultencrypt" function in file encrypt.c does not properly handle overly long passwords. Impact A remote attacker could provide an overly long password to the...
Mozilla Thunderbird: Multiple vulnerabilities
Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been reported in Mozilla Thunderbird's HTML browser engine CVE-2007-5339 and JavaScript engine CVE-2007-5340 that can be exploited to cause a memory corruption...
Bugzilla: Multiple vulnerabilities
Background Bugzilla is a web application designed to help with managing software development. Description Masahiro Yamada found that from the 2.17.1 version, Bugzilla does not properly sanitize the content of the "buildid" parameter when filing bugs CVE-2007-4543. The next two vulnerabilities onl...
ClamAV: Multiple vulnerabilities
Background Clam AntiVirus is an open source GPL anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description Nikolaos Rangos discovered a vulnerability in ClamAV which exists because the recipient address extracted from email messages is not properly sanitize...
ClamAV: Multiple Denials of Service
Background ClamAV is a GPL virus scanner. Description Several vulnerabilities were discovered in ClamAV by various researchers: Victor Stinner INL discovered that the OLE2 parser may enter in an infinite loop CVE-2007-2650. A boundary error was also reported by an anonymous researcher in the file...
FreeType: Buffer overflow
Background FreeType is a True Type Font rendering library. Description Victor Stinner discovered a heap-based buffer overflow in the function GetVMetrics in src/truetype/ttgload.c when processing TTF files with a negative npoints attribute. Impact A remote attacker could entice a user to open a...
OpenPBS: Multiple vulnerabilities
Background OpenPBS is the original version of the Portable Batch System. It is a flexible batch queueing system developed for NASA in the early to mid-1990s. Description SUSE reported vulnerabilities due to unspecified errors in OpenPBS. Impact By unspecified attack vectors an attacker might be...
LTSP: Authentication bypass in included LibVNCServer code
Background The Linux Terminal Server Project adds thin-client support to Linux servers. Description The LTSP server includes vulnerable LibVNCServer code, which fails to properly validate protocol types effectively letting users decide what protocol to use, such as "Type 1 - None" GLSA-200608-05...
Samba: Multiple vulnerabilities
Background Samba is a suite of SMB and CIFS client/server programs for UNIX. Description A format string vulnerability exists in the VFS module when handling AFS file systems and an infinite loop has been discovered when handling file rename operations. Impact A user with permission to write to a...
KSirc: Denial of Service vulnerability
Background KSirc is the default KDE IRC client. Description KSirc fails to check the size of an incoming PRIVMSG string sent from an IRC server during the connection process. Impact A malicious IRC server could send a long PRIVMSG string to the KSirc client causing an assertion failure and the...
Cacti: Command execution and SQL injection
Background Cacti is a web-based network graphing and reporting tool. Description rgod discovered that the Cacti cmd.php and copycactiuser.php scripts do not properly control access to the command shell, and are remotely accessible by unauthenticated users. This allows SQL injection via cmd.php an...
Ingo H3: Folder name shell command injection
Background Ingo H3 is a generic frontend for editing Sieve, procmail, maildrop and IMAP filter rules. Description Ingo H3 fails to properly escape shell metacharacters in procmail rules. Impact A remote authenticated attacker could craft a malicious rule which could lead to the execution of...
ImageMagick: PALM and DCM buffer overflows
Background ImageMagick is a software suite to create, edit, and compose bitmap images, that can also read, write, and convert images in many other formats. Description M. Joonas Pihlaja has reported that a boundary error exists within the ReadDCMImage function of coders/dcm.c, causing the imprope...