3816 matches found
phpWebSite: Arbitrary PHP execution and path disclosure
Background phpWebSite provides a complete web site content management system. Description NST discovered that, when submitting an announcement, uploaded files aren't correctly checked for malicious code. They also found out that phpWebSite is vulnerable to a path disclosure. Impact A remote...
Squid: Multiple vulnerabilities
Background Squid is a full-featured Web proxy cache designed to run on Unix systems. It supports proxying and caching of HTTP, FTP, and other URLs, as well as SSL support, cache hierarchies, transparent caching, access control lists and many other features. Description Squid contains a...
TWiki: Arbitrary command execution
Background TWiki is a Web-based groupware tool based around the concept of wiki pages that can be edited by anybody with a Web browser. Description The TWiki search function, which uses a shell command executed via the Perl backtick operator, does not properly escape shell metacharacters in the...
X.Org, XFree86: libXpm vulnerabilities
Background libXpm is a pixmap manipulation library for the X Window System, included in both X.Org and XFree86. Description Several issues were discovered in libXpm, including integer overflows, out-of-bounds memory accesses, insecure path traversal and an endless loop. Impact An attacker could...
Gallery: Cross-site scripting vulnerability
Background Gallery is a web application written in PHP which is used to organize and publish photo albums. It allows multiple users to build and maintain their own albums. It also supports the mirroring of images on other servers. Description Jim Paris has discovered a cross-site scripting...
MIT krb5: Insecure temporary file use in send-pr.sh
Background MIT krb5 is the free implementation of the Kerberos network authentication protocol written by the Massachusetts Institute of Technology. Description The send-pr.sh script creates temporary files in world-writeable directories with predictable names. Impact A local attacker could creat...
OpenOffice.org: Temporary files disclosure
Background OpenOffice.org is an office productivity suite, including word processing, spreadsheets, presentations, drawings, data charting, formula editing, and file conversion facilities. Description On start-up, OpenOffice.org 1.1.2 creates a temporary directory with insecure permissions. When ...
phpMyAdmin: Vulnerability in MIME-based transformation system
Background phpMyAdmin is a popular web-based MySQL administration tool written in PHP. It allows users to browse and administer a MySQL database from a web-browser. Transformations are a phpMyAdmin feature allowing plug-ins to rewrite the contents of any column seen in phpMyAdmin's Browsing mode,...
Webmin, Usermin: Multiple vulnerabilities in Usermin
Background Webmin and Usermin are web-based system administration consoles. Webmin allows an administrator to easily configure servers and other features. Usermin allows users to configure their own accounts, execute commands, and read e-mail. The Usermin functionality, including webmail, is also...
MySQL: Insecure temporary file creation in mysqlhotcopy
Background MySQL is a popular open-source multi-threaded, multi-user SQL database server. Description Jeroen van Wolffelaar discovered that the MySQL database hot copy utility mysqlhotcopy.sh, when using the scp method, uses temporary files with predictable names. A malicious local user with writ...
rsync: Directory traversal in rsync daemon
Background rsync is a utility that provides fast incremental file transfers. It is used to efficiently synchronize files between hosts and is used by emerge to fetch Gentoo's Portage tree. rsyncd is the rsync daemon, which listens to connections from rsync clients. Description When rsyncd is used...
Pound format string vulnerability
Background Pound is a reverse proxy, load balancer and HTTPS front-end. It allows to distribute the load on several web servers and offers a SSL wrapper for web servers that do not support SSL directly. Description A format string flaw in the processing of syslog messages was discovered and...
ClamAV RAR Archive Remote Denial Of Service Vulnerability
Background From http://www.clamav.net/ : "Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for...
Roundcube: Multiple Vulnerabilities
Background Free and open source webmail software for the masses, written in PHP. Description Multiple vulnerabilities have been discovered in Roundcube. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround Ther...
HashiCorp Consul: Multiple Vulnerabilities
Background HashiCorp Consul is a tool for service discovery, monitoring and configuration. Description Multiple vulnerabilities have been discovered in HashiCorp Consul. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
ExifTool: Multiple vulnerabilities
Background ExifTool is a platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files. Description Multiple vulnerabilities have been discovered in ExifTool. Please review the CVE identifiers referenced below for...
BusyBox: Multiple Vulnerabilities
Background BusyBox is set of tools for embedded systems and is a replacement for GNU Coreutils. Description Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
Mozilla Firefox: Multiple Vulnerabilities
Background Mozilla Firefox is a popular open-source web browser from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
GNU Aspell: Heap Buffer Overflow
Background GNU Aspell is a popular spell-checker. Dictionaries are available for many languages. Description Multiple vulnerabilities have been discovered in GNU Aspell. Please review the CVE identifiers referenced below for details. Impact GNU Aspell has a heap-based buffer overflow in...
OpenJDK: Multiple Vulnerabilities
Background OpenJDK is an open source implementation of the Java programming language. Description Multiple vulnerabilities have been discovered in OpenJDK. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...
KTextEditor: Arbitrary Local Code Execution
Background Framework providing a full text editor component for KDE. Description A vulnerability has been discovered in KTextEditor. Please review the CVE identifiers referenced below for details. Impact KTextEditor executes binaries without user interaction in a few cases, e.g. KTextEditor will...
FAAD2: Multiple Vulnerabilities
Background FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder. Description Multiple vulnerabilities have been discovered in FAAD2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
Eclipse Mosquitto: Multiple Vulnerabilities
Background Eclipse Mosquitto is an open source MQTT v3 broker. Description Multiple vulnerabilities have been discovered in Eclipse Mosquitto. Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no kno...
GMP: Buffer Overflow Vulnerability
Background The GNU Multiple Precision Arithmetic Library is a library forarbitrary-precision arithmetic on different types of numbers. Description There is an integer overflow leading to a buffer overflow when processing untrusted input via GMP's mpzinpraw function. Impact Untrusted input can cau...
Mozilla Thunderbird: Multiple Vulnerabilities
Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...
ISC DHCP: Multiple Vulnerabilities
Background ISC DHCP is ISC's reference implementation of all aspects of the Dynamic Host Configuration Protocol. Description Multiple vulnerabilities have been discovered in ISC DHCP. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifie...
AtomicParsley: Multiple Vulnerabilities
Background AtomicParsley is a command line program for manipulating iTunes-style metadata in MPEG4 files. Description Multiple vulnerabilities have been discovered in AtomicParsley. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers...
ClamAV: Denial of service
Background ClamAV is a GPL virus scanner. Description A vulnerability has been discovered in ClamAV. Please review the CVE identifier referenced below for details. Impact A remote attacker could cause ClamAV to scan a specially crafted file, possibly resulting a Denial of Service condition...
X.Org X Server: Privilege escalation
Background The X Window System is a graphical windowing system based on a client/server model. Description It was discovered that X.Org X Server did not sufficiently check the length of the XInput extension’s ChangeFeedbackControl request. Impact An authorized attacker could possibly escalate...
X.Org X11 library: Multiple vulnerabilities
Background X.Org is an implementation of the X Window System. The X.Org X11 library provides the X11 protocol library files. Description Multiple vulnerabilities have been discovered in X.org X11 library. Please review the CVE identifiers referenced below for details. Impact Please review the...
GDK-PixBuf: Remote code execution
Background GDK-PixBuf is an image loading library for GTK+. Description Several integer overflows were discovered in GDK-PixBuf’s gifgetlzw function. Impact A remote attacker, by enticing a user to process a specially crafted image file, could execute arbitrary code or cause a Denial of Service...
mailx: Multiple vulnerabilities
Background A utility program for sending and receiving mail, also known as a Mail User Agent program. Description Multiple vulnerabilities have been discovered in mailx. Please review the CVE identifiers referenced below for details. Impact A remote attacker could execute arbitrary commands...
MiniUPnPc: Arbitrary code execution
Background The client library, enabling applications to access the services provided by an UPnP “Internet Gateway Device” present on the network. Description An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. Impact A remote attacker, by...
OptiPNG: Multiple vulnerabilities
Background OptiPNG is a PNG optimizer that re-compresses image files to a smaller size, without losing any information. Description Multiple vulnerabilities have been discovered in OptiPNG. Please review the referenced CVE identifiers for details. Impact A remote attacker could entice a user to...
ImageWorsener: Multiple vulnerabilities
Background ImageWorsener is a cross-platform command-line utility and library for image scaling and other image processing. Description Multiple vulnerabilities have been discovered in ImageWorsener. Please review the CVE identifiers referenced below for details. Impact A remote attacker could...
Graphviz: Multiple vulnerabilities
Background Graphviz is an open source graph visualization software. Description Multiple vulnerabilities in Graphviz were discovered. Please review the CVE identifiers referenced below for details. Impact A remote attacker, able to control input matched against a regular expression or by enticing...
RTMPDump: Multiple vulnerabilities
Background RTMPDump is an RTMP client intended to stream audio or video flash content Description Multiple vulnerabilities have been discovered in RTMPDump. The following is a list of vulnerabilities fixed: Additional decode input size checks Ignore zero-length packets Potential integer overflow ...
Xdg-Utils: Command injection
Background Xdg-Utils is a set of tools allowing all applications to easily integrate with the Free Desktop configuration. Description An eval injection vulnerability was discovered in Xdg-Utils. Impact A context-dependent attacker could execute arbitrary code via the URL argument to xdg-open...
Zabbix: Multiple vulnerabilities
Background Zabbix is software for monitoring applications, networks, and servers. Description Multiple vulnerabilities have been discovered in Zabbix. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges...
Pixman: Buffer overflow
Background Pixman is a pixel manipulation library. Description In pixman-general, careless computations done with the ‘destbuffer’ pointer may overflow, failing the buffer upper limit check. Impact A remote attacker could possibly cause a Denial of Service condition, or execute arbitrary code wit...
libksba: Multiple vulnerabilities
Background Libksba is a X.509 and CMS PKCS7 library. Description libksba is vulnerable to two integer overflows and a Denial of Service vulnerability. Please read the references for additional details. Impact Remote attackers could cause Denial of Service or unspecified other vectors through...
hivex: User-assisted execution of arbitrary code
Background hivex is a library for reading and writing Windows Registry ‘hive’ binary files. Description Manipulating a short or truncated hive file may trigger an out-of-bounds read or write in hivex. Impact A context-dependent attacker could cause an application linked against hivex to pass a...
Icecast: Multiple Vulnerabilities
Background Icecast is an open source alternative to SHOUTcast that supports MP3, OGG Vorbis/Theora and AAC streaming. Description Two vulnerabilities have been discovered in Icecast: Icecast does not properly handle shared file descriptors CVE-2014-9018 Supplementary group privileges are not...
FreeRDP: User-assisted execution of arbitrary code
Background FreeRDP is a free implementation of the remote desktop protocol. Description FreeRDP does not properly validate user-supplied input, which could lead to an integer overflow in the xfPointerNew function. Impact A remote attacker could execute arbitrary code with the privileges of the...
Openswan: Denial of service
Background Openswan is an implementation of IPsec for Linux. Description A NULL pointer dereference has been found in Openswan. Impact A remote attacker could create a Denial of Service condition. Workaround There is no known workaround at this time. Resolution Gentoo has discontinued support for...
GNU Wget: Arbitrary code execution
Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description An absolute path traversal vulnerability has been found in GNU Wget. Impact A remote FTP server is able to write to arbitrary files, and consequently...
TigerVNC: User-assisted execution of arbitrary code
Background TigerVNC is a high-performance VNC server/client. Description Two boundary errors in TigerVNC could lead to a heap-based buffer overflow. Impact A remote attacker could entice a user to connect to a malicious VNC server using TigerVNC, possibly resulting in execution of arbitrary code...
file: Denial of service
Background file is a utility that guesses a file format by scanning binary data for patterns. Description BEGIN regular expression in the awk script detector in magic/Magdir/commands uses multiple wildcards with unlimited repetitions. Impact A context-dependent attacker could entice a user to ope...
TCPTrack: Arbitrary code execution
Background TCPTrack is a simple libpcap based program for live TCP connection monitoring. Description A heap-based buffer overflow vulnerability exists in TCPTrack’s parsing of command line arguments. This is only a vulnerability in limited scenarios in which TCPTrack is “configured as a handler...
GNU Midnight Commander: User-assisted execution of arbitrary code
Background GNU Midnight Commander is a text based file manager. Description GNU Midnight Commander does not properly sanitize environment variables. Impact A remote attacker could entice a user to open a specially crafted archive file using GNU Midnight Commander, possibly resulting in execution ...